vantagate

VantaGate MCP Server provides a human-in-the-loop checkpoint flow for high-risk agent actions. When an agent attempts an action that requires approval, the MCP server creates a checkpoint and returns a dashboard URL where a human reviewer can approve or reject the action. The server exposes tools like create_vantagate_checkpoint to pause the workflow and route a decision request to Slack or Email, and check_vantagate_status to poll for the outcome. After a decision is recorded, the payload is purged and the agent resumes or halts accordingly. This setup enables cryptographic auditing and fast responses suitable for real-time agent control. To integrate with your agent environment, you can either use Claude Desktop with the VantaGate MCP server or leverage the OpenAPI spec to wire in your own tooling for creating checkpoints and polling status.

Prerequisites:

• Node.js >= 20 installed on your machine or deployment environment
• npm (comes with Node.js) available
• Access to a VantaGate account and an API key

Step-by-step installation:

1. Install the MCP server package (via npx as recommended by the README example):

# If using Claude Desktop or a local environment with npx available
npx -y @vantagate/mcp-server

2. Configure environment with your API key (replace YOUR_API_KEY_HERE):

export VANTA_API_KEY=YOUR_API_KEY_HERE

3. Start the MCP server using the provided configuration. If you clone the repository or use a local build, ensure your entry point (src/index.ts or dist/index.js) is compiled and accessible:

# Example for a local dev run (Node.js project build assumed)
npx -y @vantagate/mcp-server

4. Validate the server is reachable at the configured base URL (as per the OpenAPI spec):

GET https://api.vanta-gate.com/v1/checkpoint/health

Note: The exact startup commands may vary slightly depending on how you host the MCP server artifact. Follow the host-specific guidance in your deployment environment.

Tips and common considerations:

• Ensure VANTA_API_KEY is kept secret and not committed to source control. Use a secure environment variable store in your deployment environment.
• When using Claude Desktop, the config example in the README demonstrates how to wire the MCP into Claude's tool list. You can adapt the same approach to other agents or tooling that support MCP-style integration.
• The MCP tools support options like timeout, notify_email, slack_webhook_url, and callback_url for richer approval flows. Configure these as needed to match your security posture.
• The OpenAPI artifact vanta-gate-openapi.json can be imported into various tools (LangChain, Alice, n8n, Zapier) to automate creation and polling of checkpoints.
• If you encounter authentication errors, verify that the API key in the request header matches the project and that you have the correct permissions for the requested actions.