Connect to AI Tool
Wire up SanctumAI to your AI editor via MCP (Model Context Protocol).
Start the Daemon
sanctum daemon start✅ Daemon started
RPC: localhost:7600
Web dashboard: http://localhost:7700Configure Your Editor
Cursor
Create or edit .cursor/mcp.json in your project root:
{
"mcpServers": {
"sanctum": {
"command": "sanctum",
"args": ["mcp", "serve"]
}
}
}Restart Cursor. You should see “sanctum” in Settings → MCP.
Claude Desktop
Edit ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"sanctum": {
"command": "sanctum",
"args": ["mcp", "serve"]
}
}
}Restart Claude Desktop. The 🔌 icon should show Sanctum connected.
Claude Code
Claude Code discovers MCP servers automatically. Add to your project’s .mcp.json:
{
"mcpServers": {
"sanctum": {
"command": "sanctum",
"args": ["mcp", "serve"]
}
}
}Windsurf
Edit ~/.windsurf/mcp.json:
{
"mcpServers": {
"sanctum": {
"command": "sanctum",
"args": ["mcp", "serve"]
}
}
}Restart Windsurf.
VS Code
For VS Code with Continue or Copilot MCP support, add to .vscode/mcp.json:
{
"mcpServers": {
"sanctum": {
"command": "sanctum",
"args": ["mcp", "serve"]
}
}
}Test the Connection
Ask your AI assistant:
“Use Sanctum to get my OpenAI API key and make a test request”
The agent will:
- Authenticate with its Ed25519 keypair
- Request
openai/api_keythrough MCP - Receive a time-limited lease (expires per your policy)
- Use the key for the API call
Verify in the Audit Log
sanctum audit log --last 5Every MCP access is recorded with the agent identity, resource accessed, and result.
Web Dashboard: Open
http://localhost:7700for real-time lease monitoring, policy simulation, and visual audit log.
You’re Done! 🎉
You now have a working SanctumAI vault with policy-controlled access for your AI editor. Next steps:
- Concepts — Understand vaults, policies, and CRP in depth
- CLI Reference — Full command documentation
- SDK Guides — Integrate Sanctum into your own applications
- Guides — Advanced integration recipes