Installation

Connecting to SigilAI Cloud MCP Server

This guide provides essential instructions for connecting your AI applications and development tools to the SigilAI cloud-hosted Model Context Protocol (MCP) server. SigilAI manages the server infrastructure, allowing you to focus on integrating its powerful security scanning capabilities into your workflows.

Prerequisites for Client Integration

Before you can connect to the SigilAI Cloud MCP Server, ensure you have:

  1. SigilAI Account & Subscription:

    • An active SigilAI account with a subscription plan that includes MCP server access (e.g., Free Tier for evaluation, Pro, or Enterprise).

    • You can sign up or manage your subscription at SigilAI's official website.

  2. API Credentials:

    • API Key: You will need an API key to authenticate your client's requests to the MCP server. This key is typically found in your SigilAI account dashboard under "API Access" or "Developer Settings."

    • MCP Server Endpoint URL: The specific URL for connecting to the SigilAI MCP server (e.g., https://mcp.sigilai.io/sse). This will also be provided in your account dashboard or developer documentation.

  3. Client Environment:

    • An environment capable of making HTTPS requests and handling Server-Sent Events (SSE) if you are building a custom MCP client.

    • Alternatively, if SigilAI provides a client library (e.g., for Python, Node.js), ensure your environment can install and run that library (e.g., Node.js 16+ for a Node.js client library).

Steps to Connect and Verify

1. Obtain Your API Credentials

  • Log in to your SigilAI account dashboard at www.sigilai.io.

  • Navigate to the API access or developer section.

  • Generate or retrieve your API key. Treat this key like a password; keep it confidential.

  • Note down the MCP Server Endpoint URL provided (e.g., https://mcp.sigilai.io/sse).

2. Client-Side Setup

How you set up your client depends on whether you are using a SigilAI-provided client library or building a custom MCP client.

Option A: Using a SigilAI Client Library (Recommended)

If SigilAI offers client libraries (e.g., sigilai-mcp-client for Node.js or Python), this is the easiest way to integrate.

  • Installation (Example for Node.js):

    npm install sigilai-mcp-client
# or
yarn add sigilai-mcp-client

  • Initialization (Example for Node.js):

    const { SigilAIMCPClient } = require('sigilai-mcp-client'); // Or import

const client = new SigilAIMCPClient({
  endpoint: 'https://mcp.sigilai.io/sse', // Replace with your specific endpoint if different
  apiKey: 'YOUR_SIGILAI_API_KEY'
});

async function connectAndTest() {
  try {
    await client.connect();
    console.log('Successfully connected to SigilAI MCP Server!');
    
    // Optional: Perform a simple test call if available
    // This assumes a basic 'ping' or 'test' tool is exposed by the server.
    // The actual tool name and parameters might differ.
    const testResult = await client.callTool('ping_server', {}); // Or a similar diagnostic tool
    console.log('Test tool result:', testResult);
    
  } catch (error) {
    console.error('Failed to connect or test:', error);
  } finally {
    if (client && client.isConnected()) { // Check if client exists and has isConnected method
        await client.disconnect();
    }
  }
}

connectAndTest();

    (Replace YOUR_SIGILAI_API_KEY with your actual key. The ping_server tool is hypothetical; refer to the API Reference for actual diagnostic tools.)

Option B: Building a Custom MCP Client

If you are implementing your own MCP client:

  • Ensure your client can establish an HTTPS connection to the SigilAI MCP Server Endpoint URL (e.g., https://mcp.sigilai.io/sse).

  • The primary transport is Server-Sent Events (SSE). Your client must be able to handle SSE streams.

  • Authentication is typically done via an API key included in request headers (e.g., Authorization: Bearer YOUR_API_KEY or a custom header like X-SigilAI-API-Key: YOUR_API_KEY). Refer to the API Reference for the exact authentication method.

  • Your client will need to construct MCP messages (as JSON) for tool_call and parse incoming MCP messages (e.g., tool_result, server_info, error).

3. Verify Connectivity

Regardless of the client setup method, the first step after configuration is to verify that your client can successfully connect to the SigilAI Cloud MCP Server and authenticate.

  • Using Client Library: The connect() method in the client library should succeed. Many libraries will perform an initial handshake or authentication check.

  • Custom Client:

    • Establish an SSE connection to the endpoint.

    • Send an initial MCP message, perhaps a request for server information or a call to a simple diagnostic tool if available.

    • A successful connection will typically involve the server sending back a server_info message or acknowledging the connection.

    • An authentication failure will usually result in an HTTP error (e.g., 401 Unauthorized, 403 Forbidden) or an MCP error message.

    Example curl for basic SSE connection test:

    # This curl command attempts to establish an SSE connection.
# You'll need to include your API key in the headers as specified by SigilAI.
curl -N -H "Accept:text/event-stream" \
     -H "Authorization: Bearer YOUR_SIGILAI_API_KEY" \
     "https://mcp.sigilai.io/sse"

    (This command just opens the stream; a more sophisticated client is needed to send MCP messages and interpret events.)

Important Considerations for Client Integration

  • API Key Security:

    • Never embed API keys directly in client-side code (e.g., frontend JavaScript).

    • Store API keys securely, for example, as environment variables on your backend server that acts as the MCP client, or using a secrets management service.

  • Error Handling: Implement robust error handling in your client to manage network issues, authentication failures, MCP error messages, and tool-specific errors.

  • Rate Limiting: Be aware of the rate limits associated with your SigilAI subscription tier. Implement retry mechanisms with exponential backoff if your client encounters rate limit errors (e.g., HTTP 429 Too Many Requests).

  • Logging: Implement client-side logging to help diagnose connection or tool invocation issues.

  • Asynchronous Operations: MCP tool calls are often asynchronous. Design your client application to handle responses that may take some time, especially for complex scans.

By following these steps, you can successfully connect your applications to the SigilAI Cloud MCP Server and start leveraging its security scanning tools. For detailed information on tool parameters, response formats, and specific authentication headers, please refer to the API Reference.

PreviousFAQ

Last updated