Monitor MCP server activity
Who can do this? |
Model Context Protocol (MCP) is an open protocol that provides a standardized way to connect AI models with data sources and tools. In the simplest example, this protocol lets agents connect to your systems, such as via API libraries. Any connections to your systems should be secure.
Set up an Atlassian Remote MCP Server
The Atlassian Remote MCP Server is a cloud-hosted gateway that allows tools like AI assistants and developer environments to securely access Jira and Confluence Cloud data. It enables supported clients to perform both read and write operations, such as searching for issues, summarizing pages, or bulk-creating new content, all via natural language commands.
The Atlassian Remote MCP gives you Atlassian-specific control over selecting which sites to make available via the Remote MCP Server. Use Atlassian remote MCP server
As soon as a user authorizes the Remote MCP Server for a site you administer, you will see the Atlassian MCP app listed in your Connected apps for that site. It will appear as Atlassian MCP in your audit logs.
Monitor MCP activity in Guard Detect
As an administrator of Atlassian apps, you may be concerned about MCP servers gaining access to your data. Guard Premium provides some tools out of the box that can help you keep your site secure from unwanted AI requests. The following table contains details of what’s currently covered.
Function | Location | Description | More info |
|---|---|---|---|
For visibility An OAuth app is installed for the first time (Requires Guard Standard) | Atlassian Administration > Security > Audit Log Type MCP in the search field. | Audit logs show when and which user used OAuth to authorize using the Atlassian Remote MCP server (which will automatically install the Atlassian MCP app). Note: If additional users authorize the app, they do not appear in the audit log. | |
For visibility API usage logging (including access from AI agents and MCP apps) (Requires Guard Premium or being an Enterprise customer) | Atlassian Administration > Security > Audit Log Type MCP in the search field. | You can see every API endpoint that the Atlassian MCP app hits. Make sure you have user-created activity enabled for in your audit log settings. In the UI, hover over the AS USER lozenge to identify the user who invoked this log entry. In an activity log export, look for | |
For control Block/allow user-based OAuth connections | Atlassian Administration > Apps > (select a site) > Connected Apps > Settings tab | Prevent users from installing any OAuth apps completely. This is a blanket setting. |
Was this helpful?