← All tools
MCP Server
Beta

Rote API & MCP Server

Rote exposes compliance analysis via MCP (Model Context Protocol). Connect any MCP-compatible client to run compliance analysis programmatically.

Get access
Available Tools

MCP tool functions

assess_control()

Execute a single compliance control assessment using Rote's analysis engine.

Parameters
control_idstring — Framework control ID (e.g., 'CC1.1', '164.312(a)(1)')
evidence_textstring — Verbatim text from organizational documents
ReturnsStructured JSON with compliance status, reasoning, and risk impact
Example response 
{
  "control_id": "164.312(a)(1)",
  "status": "partial",
  "reasoning": "Access control policy exists but lacks emergency access procedures",
  "confidence": 0.78
}
extract_evidence()

Extract relevant evidence from an uploaded document for a specific control.

Parameters
document_idstring — ID of the document in Rote's database
control_descriptionstring — What evidence to look for
ReturnsVerbatim extracted evidence from the document
Example response 
{
  "evidence": "Section 4.2: All ePHI stored on company servers is encrypted using AES-256...",
  "source": "document-abc-123"
}
search_frameworks()

List or search supported compliance frameworks in the Rote knowledge base.

Parameters
querystring — Search term (e.g., 'HIPAA', 'SOC2', 'NIST')
typestring? — Optional framework type filter
ReturnsJSON list of matching frameworks with IDs and names
Example response 
[
  { "id": "hipaa-security", "name": "HIPAA Security Rule" },
  { "id": "hipaa-privacy", "name": "HIPAA Privacy Rule" }
]
check_baa_compliance()

Execute a clause-by-clause BAA analysis against HIPAA requirements.

Parameters
baa_idstring — ID of the BAA in Rote's database
ReturnsStructured JSON of the BAA analysis results
Example response 
{
  "baa_id": "baa-vendor-xyz",
  "overall_status": "deficient",
  "provisions_assessed": 9,
  "compliant": 5,
  "deficient": 3,
  "missing": 1
}
MCP Resources

Structured data access

Resources provide read access to Rote's compliance data via structured URIs.

compliance://frameworks/{framework_id}

Retrieve detailed specifications and control lists for a compliance framework

compliance://analyses/{analysis_id}

Retrieve formatted results of a completed compliance analysis

compliance://documents/{document_id}

Retrieve metadata and full text of an uploaded compliance document

compliance://controls/{framework_id}/{control_code}

Retrieve detailed specification for a specific control within a framework

Self-Hosted Setup

Run Rote locally via Docker Compose

Clone the platform and start the MCP server on your own infrastructure.

Terminal
# Clone and start the platform
git clone https://github.com/Rote-Compliance/rote-compliance-platform.git
cd rote-compliance-platform
docker-compose up --build

# MCP server available at:
# http://localhost:8000/mcp/sse

# Connect from any MCP client:
claude mcp add rote http://localhost:8000/mcp/sse
Managed Hosting

No Docker. No infrastructure.

Managed MCP hosting is in development. Early access users will be first. Start a free trial to get on the list.

Start a free trial Ask a question first