Timekeeper Logo Timekeeper

Delinea Unveils MCP Server to Put Guardrails on AI Agents' Credential Access

September 30, 2025 · 2 min

A new MCP server for controlled credential access

Delinea has released an Model Context Protocol (MCP) server designed to mediate AI-agent access to credentials stored in Delinea Secret Server and the Delinea Platform. The server enforces identity checks and policy rules on every call, aiming to keep long-lived secrets out of agent memory while preserving full auditability.

What the GitHub project provides

The project published as DelineaXPM/delinea-mcp on GitHub is MIT-licensed and exposes a constrained MCP tool surface focused on credential retrieval and account operations. Key features include support for OAuth 2.0 dynamic client registration per the MCP spec, and support for both STDIO and HTTP/SSE transports. The repository also includes Docker artifacts and example configurations for editor and agent integrations to help teams get started.

How the server operates

The MCP server proxies a limited set of tools to Secret Server and, optionally, the Delinea Platform. Supported operations include secret and folder retrieval/search, inbox and access-request helpers, user and session administration, and report execution. Crucially, secrets remain vaulted and are never handed directly to the agent. Configuration separates sensitive values into environment variables (for example, DELINEA_PASSWORD) while non-secrets are kept in config.json. Administrators can scope access using controls such as enabled_tools and allowed object types, configure TLS certificates, and use an optional registration pre-shared key.

Why this matters for enterprises

Enterprises are increasingly wiring AI agents into operational systems via MCP. Recent incidents, such as a rogue MCP package exfiltrating email, highlight the need for registration controls, TLS, least-privilege tool surfaces, and traceable identity context on every call. Delinea positions its server as following a PAM-aligned pattern: ephemeral authentication, policy evaluation, and full audit trails. That approach helps reduce credential sprawl, limits secrets exposure in agent memory, and simplifies revocation and investigation.

Availability

The MIT-licensed MCP server is available now on GitHub. The project documentation and included artifacts describe OAuth2 dynamic client registration, supported transports (STDIO and HTTP/SSE), and scoped operations that integrate with Secret Server and the Delinea Platform.