MCP Connectors in Harvey

Overview

Harvey supports two types of connectors: MCP connectors and API-based connectors.

MCP connectors use the Model Context Protocol, an open standard that lets vendors and firms connect external tools directly into Harvey. Once a connector is enabled, you can access capabilities from other systems without leaving Harvey.

API-based connectors are direct integrations Harvey has built to specific platforms via traditional application programming interface endpoints. For more information on API-based connectors, visit our Integrations category for more information.

MCP connectors within Harvey can support a number of use cases, including:

• Directly connecting to document management systems so that searching and updating files is more seamless.
• Integrating with databases to support legal research.
• Pulling in firm-specific servers so that curated resources are leveraged in legal reasoning tasks.

MCP connectors can help you quickly research, draft, and finish legal tasks without needing to swap between systems or interrupt your flow.

Workspace administrators control which connectors are available via Harvey’s admin settings, and no connector is on by default.

For Users

Connecting to a MCP Connector

To use most MCP connectors, you’ll need an account with the provider’s app.

If your administrator has enabled a connector for your workspace, you will see an option to connect to it. When you first sign in, you will need to authenticate with the external tool and grant Harvey access. Harvey stores a secure token on your behalf, and you do not share your password with Harvey. Once connected, the tool's capabilities are available inside Harvey without re-authenticating.

For detailed instructions on how to connect to a MCP Connector, see our Roadmap page: Harvey Connector Library.

Using a MCP Connector

Harvey can only perform actions the connector was built to support. Generally, you will be able to select a connector in Harvey queries across Assistant, Vault, Workflow agents, and the Word Add-In.

MCP Connector Safety and Best Practices

Understand What a Connector Can Do Before Enabling It

Each connector requests specific permissions — some read-only, some with the ability to write, send, delete, or take other actions in external systems on your users' behalf. Some connectors request broad permissions to external platforms (such as cloud storage or email systems). Review the connector's listed capabilities and scopes, and confirm they match the actions your team intends to use before enabling.

Some connectors may also delegate to external services or agents that act without direct user input in Harvey. This means actions may be taken in third-party systems without a confirmation step. Review whether a connector has this capability before enabling it across your workspace.

Data Processed Through Connectors is Outside Harvey's Control

Once data leaves Harvey to reach an external connector, that connector's own policies govern what happens to it, based on your organization's agreements with the provider. This includes where that data is processed and stored — if your organization has data residency requirements, confirm the connector's infrastructure is compliant before enabling. Harvey's security controls cover the authentication flow, credential storage, and audit logging — we cannot control what happens downstream and including the ways your organization’s data may be exposed.

Only Enable Connectors You Trust

For third-party and community connectors, Harvey reviews submissions before approval but cannot continuously monitor the connector's underlying code or infrastructure after deployment. Workspace admins control which connectors are available to users. Admins should consider reviewing data handling terms before enabling connectors.

Additional Resources

To further understand the risk and security factors associated with MCP usage, here are some helpful resources:

• MCP Security Best Practices from the official Model Context Protocol (MCP) team
• A Practical Guide to Model Context Protocol Security from the Coalition on Secure AI

We’re happy to keep an open dialogue and exchange MCP security learnings with customers as this space evolves. Please reach out to the Harvey Trust team through your account manager.

For Workspace Administrators

Enabling and Managing Connectors

Only workspace admins can register, enable, disable, or remove connectors. Users can only see connectors you have turned on.

For detailed instructions on how to enable and manage MCP Connectors, see our Roadmap page: Harvey Connector Library.

Connector Trust Tiers

Harvey classifies MCP connectors based on who built and maintains them.

What to Consider Before Enabling a Connector

Harvey's security controls cover the authentication flow, credential storage, and audit logging. Once data leaves Harvey to reach an external tool, that tool's own policies govern what happens to it based on your organization’s agreements with the provider. Before enabling a connector, it’s important to consider its scopes to understand what actions can be taken, the data the tool can access, and how that tool handles that data. Only enable connectors to organizations and platforms you trust.

MCP Connector Safety and Best Practices

See MCP Connector Safety above for more details on best practices.

Removing a Connector

When you remove a connector, Harvey immediately deletes all stored credentials for every connected user. If an employee leaves or a tool is decommissioned, credentials are wiped at the moment of removal.

Audit Logging

All connector activity is captured in Harvey's audit log: when admins register or remove a connector, when users initiate or complete a connect flow, and when users disconnect. This helps support compliance review and incident response.

For more information about security protocols, read our technical documentation.