> ## Documentation Index
> Fetch the complete documentation index at: https://developer.affinity.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Security

> How the Affinity MCP Server protects your data and credentials

The Affinity MCP Server is built on the same authentication, permissioning, and data-handling
controls as the Affinity API. The MCP layer doesn't add new ways to read or modify data; every
request goes through the Affinity API as the authenticated user.

For Affinity's broader security and compliance posture (certifications, data residency,
incident response, and more), see the [Affinity Trust Center](https://trust.affinity.co/).

## Authentication uses industry-standard protocols

Connections to the hosted MCP server are authenticated using:

* **OAuth 2.0**: Each end user authorizes Affinity once in their browser and receives an access
  token scoped to their account. Affinity admins can revoke access for any AI client under
  **Settings → Affinity MCP** (or per role on Enterprise plans), and end users can disconnect
  from their AI client at any time.
* **API key**: A long-lived Affinity API key passed as a `Bearer` token in the `Authorization`
  header. API keys can be rotated or revoked at any time under **Settings → Manage Apps**.

See [Authentication](/pages/mcp/authentication) for details and management instructions.

## The MCP server does not store sensitive data or secrets

The hosted MCP server is stateless. Every tool call is proxied to the Affinity API in real time:

* No CRM records, notes, emails, meeting content, or other Affinity data are persisted by the
  MCP server.
* Credentials (API keys and OAuth tokens) are not retained by the MCP server beyond what is
  required to authenticate the in-flight request.

**Affinity does not see your prompts.** The conversation between you and your AI assistant stays
between you and the AI provider. The MCP server only receives the structured tool calls your AI
client decides to make (for example, `search_companies(query: "fintech")`), not the
natural-language prompts you typed. Your prompts and the AI's responses are governed by your AI
provider's own data-handling policies.

## API permissions are fully enforced

Every MCP tool call executes with the permissions of the authenticating user, the same
permissions that apply when they use the Affinity CRM directly:

* List access controls, role permissions, and field-level visibility all apply.
* Users cannot read records they don't have access to in the CRM, and cannot create or update
  records they wouldn't be able to update in the CRM.
* OAuth users can additionally restrict the connection to **read-only** at consent time by
  unchecking the write scope, which prevents the AI client from making any changes through MCP.

There is no MCP-only privilege escalation. If a user is removed from a list or has their role
changed in Affinity, those changes take effect on the next MCP tool call.
