What is an MCP Resource?

1 min read Updated

An MCP resource is a read-only data source exposed by an MCP server that provides context to AI agents — such as files, database records, API responses, or configuration — without triggering side effects.

WHY IT MATTERS

While MCP tools are actions (they do things), MCP resources are data (they provide information). Resources give agents context without executing operations — reading a file, viewing a database schema, checking a configuration value.

Resources can be static (a fixed configuration file) or dynamic (current system state, live metrics). They support URI-based addressing and can include metadata about content type and freshness.

Even read-only data can be sensitive. Source code, environment variables, credentials files, customer data — all might be exposed as MCP resources. Access controls on resource reads are just as important as controls on tool calls.

See mcp resource working in your own stack — route your MCP servers through PolicyLayer and every tool call is checked against policy before it runs.

GOVERN YOUR MCP SERVERS →

Enforced before the call runs. Nothing to install.

HOW POLICYLAYER USES THIS

PolicyLayer can enforce access controls on MCP resource reads. YAML policies can restrict which resources an agent is permitted to access — for example, allowing reads from config:// URIs but denying access to secrets:// URIs. This prevents agents from accessing sensitive data exposed by the server.

FREQUENTLY ASKED QUESTIONS

How are resources different from tools?
Resources are read-only data that provide context. Tools are executable actions that can have side effects. An agent reads resources for information and calls tools to take action. PolicyLayer can enforce policies on both.
Can resources update in real-time?
Yes. MCP supports resource subscriptions where the server notifies the client when a resource changes. This enables agents to react to real-time data updates.
Why control access to read-only resources?
Read-only does not mean safe. Resources may expose sensitive configuration, credentials, private data, or proprietary code. PolicyLayer policies can restrict resource access by URI pattern, preventing data exfiltration.

FURTHER READING

Take your agents live. Without losing control.

Route your MCP traffic through PolicyLayer. Every tool call is checked against your policy before it runs: allow, deny, or require approval. Per-identity grants. Full audit log. Live in minutes.

Instant setup, no code required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.