> ## Documentation Index
> Fetch the complete documentation index at: https://support.affinity.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Affinity MCP: Security & data handling

> How Affinity MCP protects your data and credentials — permissions, read-only options, statelessness, and admin controls.

<Note>
  **Reference** — security and data handling for Affinity MCP.
</Note>

Affinity MCP is built on the same authentication, permissioning, and data-handling controls as the Affinity API. The MCP layer doesn't add new ways to read or change data — every request goes through the Affinity API as the authenticated user. For certifications, data residency, and incident response, see the [Affinity Trust Center](https://trust.affinity.co/).

## The server is stateless

The hosted MCP server doesn't store your data. Every tool call is proxied to the Affinity API in real time.

* No CRM records, notes, emails, or meeting content are persisted by the MCP server.
* Credentials (OAuth tokens and API keys) are not retained beyond what's needed to authenticate the in-flight request.

## Affinity doesn't see your prompts

Your conversation with your AI tool stays between you and your AI provider. The MCP server only receives the **structured tool calls** your AI client decides to make — for example, `search_companies(query: "fintech")` — not the natural-language prompts you typed. Your prompts and the AI's responses are governed by your AI provider's own data-handling policy.

## Every call runs with your permissions

Tool calls execute as the authenticating user. List access, role permissions, and field-level visibility all apply.

* You can't read, create, or update anything through MCP that you couldn't do directly in Affinity.
* There is no MCP-only privilege escalation.
* Permission changes (removing a user from a list, changing a role) take effect on the next tool call.

## Limiting a connection to read-only

MCP can create and update records, so you may want some connections to be read-only. Two options:

* **At OAuth consent:** when you first authorize, uncheck the write scope to grant read-only access. All create, update, and delete calls are then blocked for that connection.
* **In the AI client:** some clients (for example, Claude) let you block individual tools — turn off the write and delete tools to keep a connection read-only.

## Admin controls

* **Enable or disable MCP per client.** MCP is available by default for Claude, ChatGPT, and Notion. An admin can turn any client on or off for the org under **Settings → Affinity MCP**.
* **Gate by role (Enterprise).** Control which roles may set up MCP under **Settings → Users & Permissions → Roles → Manage MCP Agents**.
* **Manage API keys.** Create, rotate, or revoke API keys under **Settings → Manage Apps**. Revoked keys stop working immediately.

<Warning>
  A connection gives the AI tool the same data visibility as the user who authorized it. If a user can see restricted lists or sensitive opportunities, so can their AI client. Grant MCP access carefully — especially for senior users with broad access.
</Warning>

## Hosted vs local

The **hosted** server (`https://mcp.affinity.co/mcp`) supports OAuth (with the read-only option) or an API key. The **local** server runs on your own machine over STDIO and uses an **API key stored in a local config file** — treat that file like a password and keep it off shared machines.

For the developer-level detail, see [Security at developer.affinity.co](https://developer.affinity.co/pages/mcp/security).
