Protect and Reveal Data with Thales CRDP
MCP server exposing Thales CipherTrust CRDP tools for protecting and revealing sensitive data through RESTful data protection policies with bulk operations and
Why it matters
Securely protect and reveal sensitive data using Thales CipherTrust RestFul Data Protection (CRDP) service. This asset enables both individual and bulk operations with robust versioning and monitoring capabilities.
Outcomes
What it gets done
Protect individual data fragments using CRDP policies.
Perform bulk data protection and revelation operations.
Retrieve CRDP service metrics and check health status.
Integrate with AI assistants for conversational data protection.
Install
Add it to your toolbox
Run in your project directory:
curl -fsSL https://spark.entire.vc/get/vb-thales-cdsp-crdp-mcp-server | bash Capabilities
Tools your agent gets
Protect a single fragment of sensitive data using CRDP protection policies
Protect multiple data items in a single batch operation
Reveal a single fragment of protected data with appropriate authorization
Reveal multiple protected data items in a single batch operation
Retrieve CRDP service metrics
Check the health status of the CRDP service
Check the liveness of the CRDP service
Overview
Thales CDSP CRDP MCP Server
What it does
MCP server that connects to Thales CipherTrust RestFul Data Protection (CRDP) service to protect and reveal sensitive data using protection policies defined in CipherTrust Manager.
How it connects
When you need to integrate Thales CRDP data protection and revelation capabilities into MCP-compatible applications, with support for individual and bulk operations, versioning, and service health monitoring.
Source README
MCP server for secure data protection and revelation through the Thales CipherTrust RestFul Data Protection (CRDP) service, supporting both individual and bulk operations with versioning.
Installation
From Source Code
git clone https://github.com/sanyambassi/thales-cdsp-crdp-mcp-server.git
cd thales-cdsp-crdp-mcp-server
npm install
npm run build
npm start
HTTP Transport
MCP_TRANSPORT=streamable-http npm start
Configuration
AI Assistant Integration
{
"mcpServers": {
"crdp": {
"command": "node",
"args": ["/path/to/your/crdp-mcp-server/dist/crdp-mcp-server.js"],
"env": {
"CRDP_SERVICE_URL": "http://your-crdp-server:8090",
"CRDP_PROBES_URL": "http://your-crdp-server:8080",
"MCP_TRANSPORT": "stdio"
}
}
}
}
Available Tools
| Tool | Description |
|---|---|
protect_data |
Protect a single fragment of sensitive data using CRDP protection policies |
protect_bulk |
Protect multiple data items in a single batch operation |
reveal_data |
Reveal a single fragment of protected data with appropriate authorization |
reveal_bulk |
Reveal multiple protected data items in a single batch operation |
get_metrics |
Retrieve CRDP service metrics |
check_health |
Check the health status of the CRDP service |
check_liveness |
Check the liveness of the CRDP service |
Features
- Data protection using data protection policies defined in Thales CipherTrust Manager
- Data revelation with secure authorization (username/jwt)
- Bulk operations for processing multiple data items in a single batch operation
- Versioning support for external versioned, internal versioned protection policies, and versioning-disabled policies
- Monitoring with health checks and metrics collection
- Support for multiple transports for stdio and HTTP connections
Environment Variables
Optional
CRDP_SERVICE_URL- CRDP service endpoint for protection/revelation operationsCRDP_PROBES_URL- CRDP service endpoint for monitoring operationsMCP_TRANSPORT- Transport type (stdio or streamable-http)MCP_PORT- HTTP port when using streamable-http transport
Usage Examples
Protect my email address john.doe@example.com using email_policy
Reveal protected data abc123def456 for user admin using ssn_policy protection policy
Check the health of my CRDP service
Notes
Requires Node.js v18+, TypeScript, and a running CRDP container registered in CipherTrust Manager. Supports integration with Cursor AI, Google Gemini, and Claude Desktop. Includes n8n workflow templates for conversational AI interfaces. Supports only CRDP running in no-tls mode.
Discussion
Questions & comments · 0
Sign In Sign in to leave a comment.