Before you start
You need Claude Code installed and signed in to your Kiteworks workspace. Every Kiteworks agent is read-only by default — mutating actions live in separate signed bundles and require explicit human approval.
Connect the Compliance Runtime (remote MCP)
In a terminal, add the Kiteworks Compliance Runtime as a remote MCP server. Use the HTTPS URL of your deployment, ending in /mcp:
claude mcp add --transport http kiteworks https://your-host.example.com/mcpClaude Code opens a browser sign-in the first time the server needs authentication, then remembers the connection.
Run an agent
Start Claude Code and ask for one of the published agents — for example the retention sweeper or the CMMC evidence inventory. Every tool call is recorded into the hash-chained audit ledger. See the catalog for the full list of agents.
Security prerequisites (read first)
A remote MCP connector exposes an endpoint that Claude reaches over the network. Before you publish https://your-host.example.com/mcp:
- HTTPS only. Serve the endpoint over TLS — never plain HTTP.
- Authentication required. Every connection must authenticate (OAuth 2.0 / OIDC). There must be no unauthenticated tool access: an anonymous caller reaches zero tools and zero data.
- Tenant-scoped authorization. Each authenticated user sees only their own Kiteworks tenant's data; cross-tenant access is denied server-side.
- Runtime policy enforcement. The Kiteworks Compliance Runtime applies your ABAC, retention, and redaction policy to every tool call.
- Firewall allowlisting is in addition to auth, never instead of it. If you restrict inbound access, that does not replace OAuth and tenant checks.