The Vanta MCP server lets AI assistants like Claude, Cursor, and Perplexity call the Vanta API on your behalf — securely querying controls, remediating failing tests, and acting on your compliance data through the Model Context Protocol. This guide explains how to connect Vanta MCP to your AI tool of choice.Documentation Index
Fetch the complete documentation index at: https://vanta.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Vanta’s remote MCP server is currently in beta and released to all customers.
Find your MCP URL
Vanta hosts a separate MCP server in each region. Find the region for your Vanta instance and use that URL.| Region | MCP URL |
|---|---|
| United States | https://mcp.vanta.com/mcp |
| Europe | https://mcp.eu.vanta.com/mcp |
| Australia | https://mcp.aus.vanta.com/mcp |
The setup steps below use the US URL (
https://mcp.vanta.com/mcp) as an example. If your instance is in the EU or AUS, substitute the matching URL from the table above.Prerequisites
Before connecting, confirm the following:- Vanta role — You must be a Vanta Admin. The MCP server is not currently accessible to non-Admin users. Access for non-Admin users is coming soon.
- Supported AI tool — You need access to at least one of: Claude Code, Cursor, or Perplexity.
- Repository access (Claude Code plugin only) — Your repository must be accessible from Claude Code if you intend to use code fix and pull request features.
Claude Code
You can connect Claude Code to Vanta MCP by adding the server manually or by installing the official Vanta plugin.Manual MCP setup
Authenticate
In Claude Code, run
/mcp and select vanta. A webpage will open in your Vanta app to authorize MCP — click Allow.Manual setup gives you access to all Vanta MCP tools but does not include the plugin’s built-in skills (
/vanta:fix-test, /vanta:list-tests).Claude Code plugin
The Vanta plugin connects Claude Code to Vanta’s MCP server, purpose-built remediation skills, and slash commands — all in one easy-to-install package. It enables you to discover and prioritize failing tests, generate infrastructure-as-code fixes directly in your repository, and open pull requests without leaving your editor.
Once connected, you’ll have access to:
- A remediation skill that combines MCP data with your local repo context to generate targeted IaC fixes.
- Slash commands that streamline common workflows into single actions:
/vanta:fix-test— generate code changes to fix a failing compliance test and open a PR./vanta:list-tests— show prioritized failing tests relevant to your codebase.
Add to Cursor
Cursor connects directly to the Vanta MCP server and has access to all Vanta tools. The Claude Code plugin skills (
/vanta:fix-test, /vanta:list-tests) are Claude Code-specific and are not available in Cursor.Add to Perplexity
What your AI agents can do with Vanta MCP
Once connected, your AI assistant can:- Remediate failing tests — list failing compliance tests, inspect which entities are out of scope, and get the context needed to fix them.
- Manage controls — browse controls and their framework mappings, list associated tests, and access linked evidence documents.
- Assess vendor risk — review vendors, run security assessments, manage risk attributes, and track compliance documentation.
- Track vulnerabilities — surface vulnerable assets and monitor remediation progress.
- Govern policies — list, download, and upload policy documents across your compliance program.
- Analyze compliance gaps — enumerate framework requirements and identify coverage gaps across SOC 2, ISO 27001, and more.
Resources
Vanta MCP plugin
Official Vanta plugin for Claude Code — bundles the hosted MCP server with remediation skills and slash commands.
Vanta MCP server
Open-source, self-hosted MCP server (
@vantasdk/vanta-mcp-server) for running Vanta MCP locally with your own OAuth credentials.Model Context Protocol
Learn more about the open protocol that powers Vanta MCP and other AI tool integrations.