Natural language admin, observability, governance, and compliance — 48 tools exposed via the open Model Context Protocol. Open source on GitHub.
MCP is an open standard created by Anthropic for connecting AI agents to external tools and data sources. It provides a universal interface so that any compatible AI client — Cursor, Claude Desktop, ChatGPT — can discover and invoke tools without custom integration code.
The WebStream Ops MCP Server connects any AI agent to the WebStream admin and metrics APIs. It exposes 48 tools across 9 categories — from real-time session monitoring to full compliance audits — with built-in privacy controls and scope-based access restriction.
Three steps from natural language question to structured result.
You ask a question in natural language via your AI client — Cursor, Claude Desktop, or ChatGPT.
The AI agent discovers the right tool(s) from the MCP server’s 48 registered tools and builds the correct parameters.
The MCP server calls the WebStream Gateway API, applies privacy transforms, and returns structured results to the agent.
Every operation available in the WebStream admin panel is exposed as an MCP tool that any AI agent can discover and invoke.
Real-time session monitoring, node health, infrastructure status, and activity feeds.
User access reports, activity audit logs, security policy posture, usage metering, and session activity.
Workspace and app ranking, peak hour analysis, per-user summaries, and stale resource detection.
Inactive users, orphaned accounts, empty groups, MFA gaps, over-provisioning, and access recertification.
Long-running sessions, after-hours activity, high clipboard events, and multi-session violations.
Create, update, find, disable, delete, import, export, and query entitlements.
Create, update, delete groups and manage membership — add and remove users.
List workspaces, view applications and access rights, grant and revoke group access.
List, inspect, create from templates, clone, compare side-by-side, and resolve effective policies.
Multi-step operations that orchestrate several tools in sequence: Onboard User, Offboard User, Compliance Audit, and Executive Summary.
Just ask. The agent discovers and calls the right tools automatically.
What’s happening right now?
Manage users and access in seconds.
Continuous compliance, not quarterly.
Executive insights on demand.
Two independent controls ensure the AI agent sees only what it should — at the data level and at the tool level.
Control what PII reaches the AI agent. The same query produces different output depending on the mode.
Full data passes through unmodified. For on-prem admin with a trusted, self-hosted LLM.
Usernames replaced with stable HMAC hashes. Emails and display names stripped. Clipboard content redacted.
No per-user data at all. Only counts, averages, and distributions. Maximum privacy.
Control which tools the agent can even discover. Out-of-scope tools are not denied — they are invisible.
| Role | Allowed Scope |
|---|---|
| Read-only reporting | observe.* reports.* usage.* |
| Governance / compliance | + governance.* anomaly.* |
| IT helpdesk | observe.* users.* groups.* workflows.onboard workflows.offboard |
| Full admin | * |
The server uses stdio transport. Your AI client spawns it as a child process — no HTTP, no ports, no firewall changes.
Add to .cursor/mcp.json in your workspace root.
{
"mcpServers": {
"webstream-ops": {
"command": "node",
"args": ["path/to/dist/index.js"]
}
}
}Edit claude_desktop_config.json and add the server.
{
"mcpServers": {
"webstream-ops": {
"command": "node",
"args": ["path/to/dist/index.js"]
}
}
}Settings → Tools & Integrations → Add Server.
Name: webstream-ops
Command: node
Args: path/to/dist/index.jsBuild, configure, and connect in under five minutes. See the Quick Start guide on GitHub for full setup instructions including API key configuration.
The WebStream Ops MCP Server is open source. Explore the code, contribute tools, adapt the privacy model, or build your own workflows.