All posts
June 18, 20264 min read

Audit logging for MCP servers on Okta

Many teams assume that once an Okta‑issued token is used to call an MCP server, the request is automatically logged somewhere in the identity provider. In reality, Okta only authenticates the caller; it does not provide audit logging of what the caller does once the connection is established. Without a dedicated audit layer, every query, response, or error disappears into the server’s own logs, which are often inaccessible to security teams and lack the context of who initiated the call. When e

Free White Paper

K8s Audit Logging + Single Sign-On (SSO): The Complete Guide

Architecture patterns, implementation strategies, and security best practices. Delivered to your inbox.

Free. No spam. Unsubscribe anytime.
Coleman Nye

Many teams assume that once an Okta‑issued token is used to call an MCP server, the request is automatically logged somewhere in the identity provider. In reality, Okta only authenticates the caller; it does not provide audit logging of what the caller does once the connection is established. Without a dedicated audit layer, every query, response, or error disappears into the server’s own logs, which are often inaccessible to security teams and lack the context of who initiated the call.

When engineers rely on a non‑human identity, such as a service account token issued by Okta, to access an MCP server, they solve the problem of credential distribution. The token proves the caller’s identity and can be scoped to a narrow set of permissions. However, that step alone does not give any visibility into the actual operations performed. The request still travels directly from the client to the MCP endpoint, bypassing any central point that could capture a reliable, tamper‑evident record. Sensitive data may be returned, commands may be executed, and no approval workflow exists to intervene if the operation is risky.

hoop.dev places a Layer 7 gateway directly in the data path between the Okta‑authenticated identity and the MCP server. By routing every request through this gateway, hoop.dev can enforce audit logging, capture the full request and response payload, and associate each entry with the originating identity. The gateway operates at the protocol level, so the client continues to use its normal MCP client libraries without modification. Because hoop.dev holds the credential needed to reach the MCP server, the client never sees the secret, and the gateway can also apply additional guardrails such as inline masking or command‑level approvals if desired.

Audit logging for MCP servers

With hoop.dev in place, each interaction with an MCP server is recorded as a discrete audit event. The event includes the identity extracted from the Okta token, the exact API call made, timestamps, and the response returned by the server. This creates a reliable audit trail that security analysts can query to answer questions like “who accessed which model on what date?” or “what data was returned to a particular service account?” Because the gateway sits on the network edge, the logs are collected centrally, independent of the MCP server’s own logging configuration.

In addition to raw request data, hoop.dev can mask fields that contain personally identifiable information or other sensitive values before they are written to the audit store. This ensures compliance with privacy policies while preserving the forensic usefulness of the logs. The masking policy is defined once at the gateway and applied consistently to every session.

Another benefit is the ability to enforce just‑in‑time (JIT) approvals. If a request matches a high‑risk pattern, such as invoking a model that can generate large outputs or accessing a restricted data source, hoop.dev can pause the request and route it to a designated approver. Only after explicit approval does the gateway forward the request to the MCP server. The entire approval workflow, along with the final execution, is captured in the audit record.

Why the gateway matters more than token‑level controls

Token‑based controls are essential for authentication, but they cannot guarantee accountability. Without a gateway, a compromised token could be used to exfiltrate data without any trace in the organization’s security tooling. By inserting hoop.dev, the organization gains a single point of enforcement where policies are applied consistently, regardless of the client language or library used.

Continue reading? Get the full guide.

K8s Audit Logging + Single Sign-On (SSO): Architecture Patterns & Best Practices

Free. No spam. Unsubscribe anytime.

Furthermore, hoop.dev’s session recording feature captures the full interaction for replay. If an incident occurs, analysts can replay the exact sequence of calls made to the MCP server, see the responses, and understand the impact. This level of detail is impossible to reconstruct from scattered logs on individual servers.

Getting started with hoop.dev and Okta

The first step is to configure Okta (or any OIDC/SAML provider) as the identity source for hoop.dev. This involves registering hoop.dev as a relying party, defining the groups that map to specific MCP access levels, and issuing service‑account tokens for automated workloads. Once the identity provider is linked, you deploy the hoop.dev gateway. The quick‑start guide walks you through a Docker Compose deployment that includes the gateway, an agent that runs near the MCP server, and default policies for audit logging.

After deployment, you register the MCP server as a connection in hoop.dev. The gateway stores the credentials required to reach the MCP endpoint, so the client never handles them directly. When a service account presents its Okta token to hoop.dev, the gateway validates the token, checks the associated policy, and then proxies the request to the MCP server. Every request is automatically logged, and any configured masking or approval steps are applied on the fly.

For detailed instructions on connecting an MCP server, see the getting‑started documentation. You can also explore the broader feature set in the learn section, which covers masking rules, JIT approvals, and SIEM integration.

FAQ

Does hoop.dev replace the MCP server’s own logs?

No. hoop.dev complements existing logs by providing a centralized, identity‑rich audit trail. You can still retain the server’s native logs for operational troubleshooting, but security‑relevant events are captured reliably at the gateway.

Can I use hoop.dev with other identity providers besides Okta?

Yes. hoop.dev supports any OIDC or SAML provider. The same architectural pattern applies: the provider authenticates the caller, and hoop.dev enforces audit logging and other guardrails in the data path.

Is the audit data stored securely?

hoop.dev stores audit events in a protected audit store configured by the operator. The design ensures that logs cannot be altered without detection, and access to the log store is restricted to authorized personnel only.

Implementing effective audit logging for MCP servers does not require a patch to the server itself or a custom SDK. By positioning hoop.dev as the identity‑aware proxy between Okta and the MCP endpoint, you gain comprehensive visibility, enforce policy, and retain the simplicity of existing client workflows.

Ready to see the code? Visit the hoop.dev GitHub repository to explore the open‑source implementation and start building a secure audit pipeline today.

Open source

Save the open-source gateway for agent data access

Hoop is MIT-licensed infrastructure for controlling how AI agents reach production data. Star hoophq/hoop so you can inspect it, deploy it, or share it when your team starts governing agent access.

Star and save the repo →More posts
Ask AI about this topic
ClaudeChatGPTGrokGeminiPerplexityCopilot