How Msharti works
Msharti is a managed MCP gateway. It sits between your AI assistant and your business systems, handling authentication, security, routing, and audit logging so you don't have to build any of that yourself.
Request flow
Every time you ask your AI assistant a question that requires business data, the request travels through six layers:
Claude, Copilot, Cursor, or ChatGPT detects that your question requires a tool call. It sends an MCP request over HTTPS to the Msharti gateway endpoint you registered.
The gateway validates your API key. Invalid or expired keys are rejected immediately — no request reaches your data.
Every API key is scoped to exactly one tenant. The gateway loads your connector configuration, credentials, and role permissions. One tenant's key can never access another tenant's data.
The request payload is scanned for prompt injection patterns — attempts by malicious content in your data to hijack the AI's instructions. Flagged requests are blocked and logged.
The gateway forwards the request to the correct connector server — one isolated Docker container per system. The connector decrypts your credentials, calls the external API, and returns results.
Before the response reaches the AI, API keys, passwords, and sensitive identifiers are auto-redacted. Every tool call is written to an immutable audit log. The clean response is returned to the AI, which composes your answer.
Tenants & API keys
Every Msharti account is a tenant. A tenant has its own:
- API keys (one per AI assistant integration, rotatable independently)
- Connector configurations and encrypted credentials
- User seats with role-based access (Admin, Manager, Viewer)
- Audit log — scoped to that tenant only
Tenant isolation is enforced at every layer: the database uses row-level security so queries for Tenant A cannot return Tenant B's data, even if the gateway layer were somehow bypassed.
How many API keys do I need? One per AI assistant integration is the recommended setup. For example: one key for your Claude Desktop configuration, one for your Copilot plugin. This lets you rotate or revoke each independently without affecting the other.
Connect Links
For connectors that use OAuth (Microsoft 365, Salesforce, Google, Meta Ads, Sage, Zoho, and others), Msharti uses a Connect Link flow instead of asking you to register an OAuth app.
How it works:
- You click Connect in the dashboard. Msharti generates a unique, one-time OAuth link for your tenant. No app registration required.
- You log in with the third-party service. A standard consent screen lists what Msharti can access. You accept.
- The OAuth tokens are stored in your tenant. Tokens are encrypted with AES-256-GCM. The encryption key is stored separately from your credentials. Msharti auto-refreshes tokens before they expire — you never need to reconnect unless you revoke access.
Connect Links use delegated permissions — the AI can only access data that the signed-in user has permission to see. It cannot elevate its own permissions.
Dynamic tool discovery
The gateway queries each connector server for its available tools at startup, and refreshes periodically. This means when Msharti adds a new connector or extends an existing one, the new tools appear in your AI assistant automatically — no configuration update required on your end.
Read-only enforcement for databases
SQL connectors (PostgreSQL, MySQL/MSSQL) enforce read-only access at the gateway level, not just at the
database user level. Even if an AI prompt were manipulated to include INSERT, UPDATE,
or DELETE statements, the gateway rejects them before they reach the connector.
Row limit: 500 per query. Query timeout: 30 seconds.