Skip to main content
You use MCP tools through Cursor or Claude Desktop. You want unknown tools to require human approval before executing — without changing your agent code. This recipe configures the MCP proxy in Enforce mode with approval routing. Source: mcp-proxy-enforcement-loop.ts

Scenario

A release gate orchestrator uses an internal CI/CD MCP server. Unknown tools should require approval. Known risky tools should be blocked in production.

Step 1 — Enable approval guardrail in dashboard

In the Apie dashboard, enable require_approval_unknown_mcp_tools (or your workspace equivalent) for the agent.

Step 2 — Configure Enforce mode

apie.mcp.json
{
  "agentKey": "release-gate-orchestrator",
  "serverName": "internal-cicd",
  "mode": "enforce",
  "approvalTimeoutMs": 600000,
  "environment": "production",
  "upstream": {
    "command": "node",
    "args": ["examples/mcp-upstream-fixture.mjs"]
  }
}
FieldWhy
mode: "enforce"Enforce blocks and approvals
approvalTimeoutMs: 60000010-minute approval window
environment: "production"Tags events for production policies

Step 3 — Point MCP host at proxy

{
  "mcpServers": {
    "internal-cicd": {
      "command": "npx",
      "args": ["@apie/cli", "mcp", "proxy", "--config", "apie.mcp.json"]
    }
  }
}

Step 4 — Trigger an unknown tool

Call an MCP tool your agent hasn’t used before. In Enforce mode:
  1. Proxy evaluates the guardrail
  2. Decision is require_approval
  3. Approval request appears in the dashboard
  4. Agent waits until you approve or reject

What you’ll see

  • Approved: Tool call proceeds, telemetry events in dashboard
  • Rejected: MCP host receives JSON-RPC error -32002
  • Blocked: MCP host receives JSON-RPC error -32001

Validate setup

npx apie doctor --mcp --mcp-config apie.mcp.json

Error codes

CodeMeaning
-32001Guardrail blocked the tool call
-32002Approval denied or timed out
See Errors reference.

Next steps

MCP proxy

Full proxy setup guide.

Human approval

Approval flow details.