Working with Saidot APIs
Saidot provides programmatic access to your governance data via two methods: API tokens for direct REST API access, and OAuth 2.1 via Connected Apps for MCP Connector access. This page covers both. You can access the latest REST API documentation here: Saidot API Swagger Documentation. We're continuously rolling out new APIs; please follow our Release notes for the latest updates.
Creating and managing API tokens
API tokens can be created by your organisation’s Admins in the Admin interface. Navigate to the ‘API tokens’ section of the Organisation page to get started. Also Members can add and update their personal API Tokens in Account Settings.
API tokens are created by clicking the ‘Create token’ button. You will be asked to provide the name and expiration time for your token. After providing the needed information, click ‘Create’ button to access the API key. Please note that it is important that you copy your API token and store it in a secure location, as you won’t be able to view it again after closing the step.
The API tokens can be managed and deleted after creation.
Manage API tokens UI
Connected apps
Administrations can review and block approved connected applications in Connected apps. This page also displays all active user grants. Admins can Revoke these user grants centrally.
OAuth apps can be registered in Admin view by giving the App name, client type, Redirect URLs, and the Scope, including identity verification, profile name, email, ability to have offline address and the read and/or write permissions shared.
MCP Connectors - Agentic AI Integration (Preview)
This feature is currently available as a Preview in Demo Accounts. We welcome your feedback as you explore it. Reach out to your Customer Success contact if you would like to explore this feature or have any questions or observations. |
MCP (Model Context Protocol) Connectors let you connect AI coding assistants and automation tools directly to Saidot. Building on the Saidot API, MCP enables agentic access for tools such as Claude Desktop, VS Code (GitHub Copilot), Microsoft Copilot Studio and the Saidot MCP CLI for use in CI/CD and automation pipelines.
Available MCP Servers
Saidot offers three specialised MCP servers depending on what your integration needs. Connect to whichever servers are relevant for your team's workflows.
MCP Server | Endpoint URL | Purpose |
Governance MCP | AI inventory and catalogue management, including reading and managing your AI systems, risks, datasets, and models programmatically. | |
Library MCP | Read access to Saidot's curated AI governance library, including risk cards, model cards, and policy content. | |
Docs MCP | Read access to Saidot's governance documentation and methodology directly from your AI tool. |
After you have added Saidot MCP servers to your Connectors in your AI tool, Members can Authorise the AI tool. Please follow AI tool specific guidelines for Connecting to Saidot. When activating the Connector, the Saidot login window opens up and prompt the member to authorize Saidot. Authorization can be limited to Read-only and also Offline access can be limited.
Authentication: OAuth 2.1 via Connected Apps
MCP connections are secured using OAuth 2.1 scoped token grants through Connected Apps. This gives you least-privilege control over what each integration can access, separate from API tokens, which are used for direct REST API access.
To configure authentication, navigate to OAuth Apps in your Admin settings and create a new Connected App for your MCP integration, selecting the appropriate scopes for the server(s) you are connecting to.
For the latest MCP updates, follow our Release notes.