---
title: "AI - Workshop Docs"
description: "AI - Enterprise control plane for Santa. Manage rules, approvals, telemetry, and policies across your macOS fleet."
doc_version: "1"
last_updated: "2026-05-22"
canonical: "https://northpole.security/docs/workshop/ai"
---
# AI

Workshop provides AI-powered features to help you manage and understand your endpoint security environment.

## AI Chat

AI Chat lets you ask natural-language questions about your Workshop data directly from the dashboard. Chat sessions have the same permissions as the logged-in user — the AI assistant can only access data you’re authorized to see.

### Setup

1.  Go to Settings → AI → Chat
2.  Toggle **Enabled**
3.  Select an AI provider (Anthropic, OpenAI, or Google)
4.  Enter your API key for the chosen provider
5.  Optionally select a specific model (defaults are recommended)

### Privacy

### Supported Providers

-   Anthropic
-   OpenAI
-   Google

### What You Can Do

AI Chat can query your Workshop data using the same API methods available through the web interface. Example questions:

> Show me a summary of all rules in Workshop.

> Why is <app name> blocked on <host name>?

> What are the top 10 most executed applications across my fleet?

> Are any of my hosts out of date?

The assistant uses tools to look up data, perform calculations, and query Workshop documentation. By default, the assistant cannot modify your configuration. To enable write access, toggle **Read-Write Mode** in AI Chat settings.

---

## MCP Server

The Model Context Protocol (MCP) is an open protocol that standardizes how applications provide context to large language models (LLMs). Learn more at [modelcontextprotocol.io](https://modelcontextprotocol.io).

Workshop’s MCP server exposes all of the methods available in the Workshop API to MCP-compatible clients such as Claude Desktop, Claude Code, LM Studio, and Gemini CLI.

### Getting Started

#### 1\. Enable the MCP Server

1.  Go to Settings → AI → MCP
2.  Toggle the switch to enable the MCP server

#### 2\. Choose an Authentication Method

**OAuth 2.0 (recommended):** MCP clients that support OAuth will automatically prompt you to log in — no extra setup needed. Just point the client at your Workshop MCP URL and authenticate through the browser.

**API key (alternative):** If your MCP client doesn’t support OAuth, or you prefer key-based auth, generate an API key:

1.  Go to Settings → API Keys
2.  Click “Create API Key”
3.  Copy the key (it starts with `npsws_sk_`)

### Authentication

#### OAuth 2.0

MCP clients that support OAuth 2.0 can authenticate using your organization’s identity provider. This is the recommended approach. OAuth users receive permissions based on their Workshop role assignment. The MCP read-write toggle in settings provides an additional layer of control over write access.

#### API Key

Alternatively, create an API key with the desired permissions and pass it in the `Authorization` header. See Choose an Authentication Method above.

### Integrating with MCP

#### Claude Desktop

1.  **Install Claude Desktop** from [claude.ai](https://claude.ai/download)
2.  Open **Settings** → **Connectors**
3.  Click **Add custom connector**
4.  Enter your Workshop MCP URL: `https://example.workshop.cloud/mcp`
5.  Click **Add** — Claude will open a browser window for OAuth authentication

See the [Claude custom connectors documentation](https://support.claude.com/en/articles/11175166-get-started-with-custom-connectors-using-remote-mcp) for more details.

#### Claude Code

1.  **Install Claude Code** from [claude.ai](https://claude.ai/download)
2.  Run the following command to add the Workshop MCP server:

```
claude mcp add --transport http workshop https://example.workshop.cloud/mcp
```

Claude Code will open a browser window for OAuth authentication when you first connect. See the [Claude Code MCP documentation](https://docs.anthropic.com/en/docs/claude-code/mcp) for more details.

#### LM Studio

1.  **Install LM Studio** from [lmstudio.ai](https://lmstudio.ai)
2.  Open the **Program** tab in the right sidebar
3.  Click **Install** → **Edit mcp.json** and add:

```
{
	"mcpServers": {
		"workshop": {
			"url": "https://example.workshop.cloud/mcp",
			"headers": {
				"Authorization": "npsws_sk_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
			}
		}
	}
}
```

As of March 2026, LM Studio does not support OAuth for remote MCP servers, so an API key is required. See the [LM Studio MCP documentation](https://lmstudio.ai/docs/app/mcp) for more details.

#### Gemini CLI

1.  **Install Gemini CLI** from [github.com/google-gemini/gemini-cli](https://github.com/google-gemini/gemini-cli)
2.  Run the following command to add the Workshop MCP server:

```
gemini mcp add --transport http workshop https://example.workshop.cloud/mcp
```

See the [Gemini CLI MCP documentation](https://geminicli.com/docs/tools/mcp-server/) for more details.

### Example Prompts

> Show me a summary of all rules in Workshop and use terms from the documentation to explain them.

> Why is <app name> blocked on <host name> in Workshop?

> Are any of my Workshop hosts out of date?

> Are my Workshop hosts ready to switch from Monitor Mode to Lockdown Mode?

## Sitemap

- [Home](https://northpole.security/index.md)
- [Workshop](https://northpole.security/workshop.md)
- [Santa](https://northpole.security/santa.md)
- [Features](https://northpole.security/features.md)
- [Cookbook](https://northpole.security/cookbook.md)
- [Docs](https://northpole.security/docs.md)
- [Blog](https://northpole.security/blog.md)
- [Glossary](https://northpole.security/glossary.md)
- [About](https://northpole.security/about.md)
- [Contact](https://northpole.security/contact.md)