Last November, Anthropic released its own Model Context Protocol (MCP) with the goal of standardizing the way LLMs access external data. This was great news, as we believe LLMs are only as useful as the data they have access to! We made sure that we at least shared some common ideas with the big fishes out there.
However, streamlining access to external data reminded us of the reason why we started What About You. We released Eunomia a few weeks ago to help developers around the world easily tackle the challenge of implementing DAG in their LLM-based applications, and we thought the release of Anthropic’s MCP was both a threat and an opportunity for pursuing our goal.
Today we are launching the integration of Eunomia with MCP, as we hope this will dramatically improve the ability to govern unstructured data flowing through an MCP server into any enterprise’s LLM-powered application.
Real Case Scenario
Let’s assume a legal firm specializing in M&A and PE deals just asked its AI team to implement an LLM-powered chatbot that could access files in their filesystem, such as clients’ docs, extract information, and summarize them, in order to help the firm employees access that information faster and with ease. The AI team just happened to have read Anthropic's MCP announcement this past weekend and they found out there is an already-built filesystem server, which enables streamlined integration for their application—they’re juggling in joy!
However, a few days later, the management comes back to the AI team and asks for a fix to the application; everything works fine but they don’t want their associates to access the names of the buying company, nor the selling company until the deal is publicly announced. Certain clients’ information should be kept accessible only by the partner who brokered the deal. Confidentiality is key at the firm. The AI team now needs an urgent fix to their awesome MCP integration and they are fearing they should start everything from scratch and build a custom solution.
But here comes the What About You team to save those devs’ hours and headaches.
From now on you can easily implement Eunomia’s Orchestras with MCP servers. For this specific case you can easily combine Financial Data Redaction and RBAC to remove specific financial data regarding the M&A deal, based on the role of the employee prompting the chatbot, in a few minutes.
Understanding the Current Architecture
Before diving into the solution, we need to understand the current architecture a bit better. The developers directly connected the MCP server—which works with the file system—to their client RAG (Retrieval-Augmented Generation) system. The current architecture is illustrated in the picture below:
While the architecture was straightforward to develop thanks to the MCP framework, it lacks the ability to distinguish between different users. Whether an associate or a partner is asking a question, the system treats them the same way because it makes no distinction based on who is asking.
A naive solution might involve creating two different chatbots with separate sources of knowledge tailored for each user group. However, this approach increases complexity and isn't scalable.
Fortunately, there's the Eunomia MCP Server. It combines the ease of integrating any MCP server in a plug-and-play manner with the ability to enforce data governance. With Eunomia and the Eunomia MCP Server, it's possible to solve this problem—and many others—by imposing granular data governance policies for LLM solutions.
In the following sections, we'll explore how to integrate the Eunomia MCP Server into the current architecture and how to define the required policies.
Diving into the Technical Aspects
To integrate Eunomia within the MCP framework, we need to incorporate the newly released MCP Eunomia server into the existing architecture.
Integration Steps
-
Connect Eunomia MCP Server to Existing Servers
Link the Eunomia MCP server with the company's current server(s). For simplicity, we consider only the file system server in this scenario. -
Connect Eunomia MCP Server to the Client
Ensure that the Eunomia MCP server communicates properly with the existing client. During this connection, define the necessary data access policies.
Below is a recap schema of the desired architecture after integration:
Step 1: Connect Eunomia MCP Server to Existing Servers
Installing Eunomia MCP Server
Begin by installing the Eunomia MCP server through repository cloning.
git clone https://github.com/whataboutyou-ai/eunomia-MCP-server.git
The server primarily consists of two files:
server.py: The main Eunomia MCP server script.config.py: The configuration file.
Key Configuration Focus: config.py
Within config.py, two major configuration sections are crucial:
MCP_SERVERSORCHESTRA
For this integration step, our focus is on MCP_SERVERS, as we need it to connect the Eunomia MCP server to the existing file system server.
Configuring MCP_SERVERS
To integrate, copy the command used to instantiate the file system server (as provided by its developer) into the MCP_SERVERS structure within config.py. This tells the Eunomia MCP server how to communicate with and connect to the file system server.
During this phase, the Eunomia MCP server acts as a client to all connected servers. Once started, it will automatically and seamlessly copy all Tools, Prompts, and Resources from each connected server.
Example Configuration for MCP_SERVERS
Below is an example snippet for the MCP_SERVERS variable configured to integrate with the File System Server:
MCP_SERVERS: dict = {
"filesystem": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"--mount", "type=bind,src=/Users/username/Desktop,dst=/projects/Desktop",
"--mount", "type=bind,src=/path/to/other/allowed/dir,dst=/projects/other/allowed/dir,ro",
"--mount", "type=bind,src=/path/to/file.txt,dst=/projects/path/to/file.txt",
"mcp/filesystem",
"/projects",
]
}
}
}Note: For more details on how to instantiate the file system server, refer to its documentation.
While this example focused on integrating the File System MCP server, the Eunomia MCP server supports integration with various other servers. You can find a comprehensive list of available servers in the Official List.
Step 2: Define Policies and Instantiate Eunomia MCP Server
To connect the client with the Eunomia MCP server, treat it like connecting to any other server. Replace the servers dictionary currently used by the single Eunomia MCP server endpoint with the combined configuration. This works seamlessly because all current servers used by the client are already connected to the Eunomia server.
Defining Policies and Updating Server Configuration
First, update the server configuration by substituting the existing server dictionary with the new one that includes all connected servers. For example:
CLIENT_PARAMS = {
"mcpServers": {
"eunomia": {
"command": "uv",
"args": [
"--directory",
"/path/to/server/eunomia-MCP-server",
"run",
"orchestra_server"
]
}
}
}Defining Data Governance Policies
For this example, we will focus on two instruments:
- Financial Data Redaction
- Role-Based Access Control (RBAC)
Recap of Requirements
- Partners: Should view all information in clear text. No policy restrictions needed.
- Associates: Must not see information about the buying and acquired companies. We'll use the Financial Data Redaction instrument to define policies on:
Parties.BUYING_COMPANYParties.ACQUIRED_COMPANY
Policy Definition
The following policy configuration enforces these requirements:
Orchestra(
instruments=[
RbacInstrument(
role="associate",
instruments=[
FinancialsInstrument(
entities=[
"Parties.BUYING_COMPANY",
"Parties.ACQUIRED_COMPANY",
],
edit_mode="replace",
)
]
),
]
)Conclusions
We have successfully integrated the Eunomia MCP server into the architecture presented in our example in an easy and quick manner, ultimately making the company happy with the outcome. This integration not only streamlined access to external data but also enforced robust data governance policies, ensuring that sensitive financial data is appropriately redacted based on user roles.