Safeguard.sh Documentation Center

Search Connectors

Attach external MCP servers as live tools Griffin can call during a search conversation.

Search Connectors

Search connectors let Griffin AI reach outside your Safeguard data during a conversation by calling tools on external MCP (Model Context Protocol) servers you've connected. This is different from the Connectors catalog, which pulls one-time (or scheduled) compliance evidence from 394 cloud, identity, HR, and other systems into the compliance pipeline. A search connector isn't an evidence pull — it's a live tool source Griffin can invoke mid-conversation, the same way it would call any other tool.

You manage search connectors from the connector dialog in the search interface, which has two tabs: Browse Directory and Custom MCP.

Browse Directory

The Browse Directory tab (the default when you open the dialog) shows a searchable grid of MCP servers from Safeguard's connector directory. Type in the search box to filter by name, description, or category — for example, typing "slack" filters the grid down to Slack-related entries.

Each entry shows a badge for its auth kindOAuth, API key, Basic, or Public (no credentials needed) — and a Featured badge for curated entries. Entries that already have a ready-to-use MCP endpoint are sorted to the top of the grid.

Clicking Connect on an entry opens a small panel with up to three ways to connect, offered together so you can pick whichever fits:

MethodWhat it does
MCP server (recommended)If the entry already has a known MCP endpoint, its URL is pre-filled and marked Ready. Optionally add an access token to send as a bearer credential. Submitting connects immediately; if you leave the token blank, Safeguard also attempts a background OAuth handshake with the server — this succeeds for servers that support OAuth-based MCP auth, and otherwise just adds the connector for you to authorize later from its detail page.
OAuth 2.0Signs in with the provider's own OAuth app. This requires an admin to have already configured that provider's OAuth client in Safeguard — if it isn't configured, connecting fails with "OAuth needs a one-time admin setup for this provider."
Personal access tokenPaste a token. If the entry has a known MCP URL, the token is sent to it as a Bearer credential; otherwise it's stored as that entry's api_key credential.

For example, connecting a GitHub-style entry that ships a known MCP endpoint: choose MCP server, leave the access token blank, and click Connect via MCP — Safeguard registers the connector against the pre-filled URL and kicks off OAuth in a new tab for you to approve.

If an OAuth popup or tab is closed or blocked before it completes, or the authorization is denied on the provider's side, the connection attempt fails (or the connector is left needing authorization) — reopen the dialog and retry, or authorize from the connector's detail page.

Registering a custom MCP server

If the MCP server you want isn't in the directory, use the Custom MCP tab to register it directly by URL.

FieldRequiredNotes
NameYesA label for the connector, up to 80 characters.
Server URLYesThe Streamable-HTTP or SSE endpoint of your MCP server; must be a full http:// or https:// URL.
Authorization headerNoSent as the Authorization header on every request to your server, up to 2000 characters — for example a bearer token your server expects.

Submit the form to register the connector. There's no separate "test connection" step shown in the dialog — submitting registers the server so Griffin can start calling its tools.

For example, to register a self-hosted MCP server that expects a bearer token:

  • Name: Internal Docs MCP
  • Server URL: https://mcp.example.com/sse
  • Authorization header: Bearer sk-live-…

Managing connections and tool permissions

Once a connector is connected, open it from the connectors list to review what it can do. Its tools are grouped into three categories — Interactive tools, Read-only tools, and Write/delete tools — based on what each tool does.

Each tool (and each category as a whole) has a permission:

PermissionEffect
Always allowGriffin can call the tool without prompting you.
Needs approval (default)Griffin asks you to confirm before each call.
DenyThe tool is never callable.

Setting a category's permission applies it to every tool currently in that category; you can still override an individual tool's permission afterward. A connector's tools can also fail to load — for example if a stored credential has expired — in which case the detail page shows "Could not load tools" instead of the tool list; use Refresh tools from the connector's menu after fixing the credential.

A connected connector's detail page has a Disconnect button (marks it disconnected but keeps it in your list). Once disconnected, its menu also shows a Remove option that deletes it entirely — removal is only available after disconnecting.

Credential storage

Any token you paste for a directory entry's MCP server or Personal access token method, and any authorization header you set for a custom MCP server, are encrypted at rest server-side (Fernet encryption) before storage. Safeguard does not display stored credentials back to you after they're saved — a connected entry only shows as connected, not the credential value itself.

Common errors

The OAuth popup or tab closes but the connector never shows as connected. The popup was closed manually, blocked by the browser, or the provider denied access before completing the handshake. Retry from Browse Directory (or from the connector's detail page if it was already added), and check that popups aren't blocked for the Safeguard app.

Connecting with OAuth 2.0 fails with "OAuth needs a one-time admin setup for this provider." That provider's OAuth client hasn't been configured in Safeguard yet — this is a one-time step an admin has to do before anyone can sign in with OAuth for that entry. Use the MCP server or Personal access token method in the meantime if either is available for that entry.

Submitting a custom MCP server fails validation. The URL field requires a full http:// or https:// URL — a bare hostname or path won't pass. Check the URL is complete and reachable, and that the name and authorization header are within their length limits.

A connector connects but "Could not load tools" shows on its detail page. The stored credential is usually expired or was revoked on the provider's side. For an OAuth or MCP-OAuth connector, click Connect again on its detail page to re-authorize; for a connector added with a personal access token, remove it and re-add it with a fresh token from Browse Directory or Custom MCP. Then use Refresh tools from the connector's menu to confirm it's fixed.

  • Connectors — the 394-integration catalog that feeds compliance evidence into Safeguard, distinct from search connectors.
  • Griffin AI — the assistant that calls search connectors' tools during a conversation.
  • MCP Integrations — connect an external AI assistant to Safeguard's own MCP server (the reverse direction from search connectors, which connect Griffin out to other servers).

On this page