# Audit Data - Akto Atlas ## Overview The **Audit Data** page in **Akto Atlas** shows you all MCP servers your employee's agents interact with and lets you **control how those servers and their capabilities are used**. From here, you can: * See which MCP servers are being accessed * Inspect the tools, resources, and prompts exposed by each server * Approve, block, or conditionally allow access ## Explore Audit Data The main page gives you a server-level view of activity in Akto Atlas. Each row represents an MCP server and the agent that access it.

#### You will see:

Column	What it tells you
MCP Server	The MCP server (domain or endpoint) being accessed
AI Agent	The agent accessing the server (e.g. VSCode, Claude, Cursor)
Last Detected	When the server was first observed in Atlas
Updated	Most recent activity for this server
Access Type	Type of access (e.g. public, private, third-party)
Remarks	Current decision: Approved, Rejected, or Conditionally Allowed
Marked By	Who last updated the decision

## View Server Details Click on any MCP server to view its details, including all tools, resources, and prompts it exposes.

### Capabilities Each MCP server exposes capabilities used by agents. For each capability, you can see:

Field	What it tells you
Type	Whether it's a Tool, Resource, or Prompt
Risk Analysis	Any risk signals like Privileged Access or Malicious
Name	The identifier of the capability
Access Types	Whether the capability is public, private, or third-party
Remarks	Whether it's Approved, Rejected, or Conditionally Allowed
Marked By	Who made the decision

### Access Control Options You can set access decisions at both the server level (via the Action dropdown) and the individual tool level. Use the following options:

#### **Allow** Grant full access to the MCP server or specific tool. The agent can use all capabilities without restrictions. #### **Block** Deny access entirely. The agent cannot interact with this server or tool. #### Setting Conditional Approval If you choose **Conditionally Allow**, you can set clear boundaries for how the component is allowed to operate. The following components can be set: {% tabs %} {% tab title="Time Duration Allowed" %} You define how long the component can remain active. Once the duration expires, Akto automatically blocks it.

{% endtab %} {% tab title="IPs Allowed" %} You control where the component can be used from. You can allow: * All IPs * Specific IPs * An IP range (CIDR)

{% endtab %} {% tab title="Endpoints Allowed" %} You choose which endpoints the component can access.

{% endtab %} {% tab title="Justification" %} You add a mandatory justification so your team understands why you approved the component with conditions.

{% endtab %} {% endtabs %} After configuring everything, click **Approve with Conditions** to enforce the restricted access. ### Action Dropdown From the **Action** dropdown at the top of the server details view, you can make server-level decisions: * [**Allow this server**](#allow) – Grant full access to all capabilities * [**Block this server**](#block) – Deny all access immediately for the particular AI Agent * **Block for all agents** – Block this server across all agents in your organisation * [**Conditionally allow this server**](#setting-conditional-approval) – Grant access with defined restrictions * **Add to MCP registry** – Register the server in your organisation's MCP registry

{% hint style="info" %} To use **Add to MCP registry**, you must first set up an MCP registry integration. * Go to **Settings → Integrations → MCP Registry** to configure one. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://ai-security-docs.akto.io/akto-atlas-agentic-ai-security-for-employee-endpoints/ai-agent-activity/audit-data-akto-atlas.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.