Anypoint MCP Server

38 tools. 24 can modify or destroy data without limits.

4 destructive tools with no built-in limits. Policy required.

Last updated:

24 can modify or destroy data
14 read-only
38 tools total

Community server · catalogue entry verified 03/07/2026

How to control Anypoint MCP Server ↓

What Anypoint MCP Server exposes to your agents

Read (14) Write / Execute (20) Destructive / Financial (4)
Critical Risk

The most dangerous Anypoint MCP Server tools

24 of Anypoint MCP Server's 38 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Anypoint MCP Server

PolicyLayer is an MCP gateway — it sits between your AI agents and Anypoint MCP Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "api_manager_remove_policy": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "api_manager_apply_outbound_policy": {
    "limits": [
      {
        "counter": "api_manager_apply_outbound_policy_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "api_manager_list_policy_templates": {
    "limits": [
      {
        "counter": "api_manager_list_policy_templates_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Anypoint MCP Server — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON ANYPOINT →

Instant setup, no code required.

All 38 Anypoint MCP Server tools

WRITE 14 tools
Write api_manager_apply_outbound_policy Apply an outbound policy to an API Manager API instance. Call api_manager_list_apis first to obtain the apiId. Write api_manager_apply_policy Apply a policy to an API Manager API instance. Call api_manager_list_apis first to obtain the apiId. Write api_manager_create_api_instance Create an API Manager API instance. Requires ANYPOINT_MCP_ADVANCED_TOOLS=true. Write api_manager_update_policy Update the configuration of an applied policy on an API Manager API instance. Call api_manager_list_apis first Write api_policy_apply Apply an inbound API-level policy to an API Manager API instance. Write api_policy_apply_outbound Apply an outbound policy to one or more upstreams for an API Manager API instance. Write api_policy_update Update an applied API-level policy configuration. Write design_center_edit_file Atomically edit one or more files in a Design Center project branch (acquires lock → saves files → releases lo Write design_center_publish_to_exchange Publish an API Designer project branch to Anypoint Exchange. Call design_center_get_project first to confirm t Write exchange_create_contract Request access to an Exchange API by creating an application contract. Call exchange_list_assets to find the a Write reports_generate Generate an Anypoint operational report on demand (no caching). Three report types are available: • runtime_fl Write runtime_create_deployment Create a new Runtime Manager deployment. Requires ANYPOINT_MCP_ADVANCED_TOOLS=true. Body follows the AMC Appli Write runtime_update_deployment Patch a Runtime Manager deployment configuration. Requires ANYPOINT_MCP_ADVANCED_TOOLS=true. Write secrets_upsert_secret Create or update a secret in a Secrets Manager secret group. The secret value is accepted as input but is NEVE
READ 14 tools
Read api_manager_list_policy_templates List available policy templates for an organization. Requires ANYPOINT_MCP_ADVANCED_TOOLS=true. Use this to fi Read api_policy_list List policies applied to an API Manager API instance. Read api_policy_list_templates List available API Manager policy templates for an organization. Read design_center_get_project Get a single API Designer project including its branches and the file tree of the specified branch in one call Read design_center_read_file Read the content of a file from a Design Center project branch. Call design_center_get_project first to browse Read exchange_get_asset Get full details for an Exchange asset version including portal pages and resources in one call. Call exchange Read metrics_list_types List all Anypoint Observability metric types with names and available attributes inline. Use the returned metr Read metrics_search Run an AMQL metrics query against Anypoint Observability. Returns a Chart.js visualization of the time series Read monitoring_get_api_analytics Get analytics metrics for an API Manager API instance — request count, response time, and error count over a t Read monitoring_get_app_overview Get monitoring metrics for a deployed application — CPU, memory, message count, and error count over a time wi Read runtime_get_deployment Get full configuration for one Runtime Manager deployment — properties, environment variables, specs, and targ Read runtime_get_logs Fetch logs for a Runtime Manager deployment. Call runtime_list_deployments first to obtain the deploymentId. Read secrets_list_secrets List secrets in a secret group. Returns name, type, and expiry metadata ONLY — secret values are NEVER returne Read secrets_list_stores List Secrets Manager secret groups (stores) in an environment. Returns metadata only — no secret values are ev

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Anypoint MCP Server

Can an AI agent delete data through the Anypoint MCP Server MCP server? +

Yes. The Anypoint MCP Server server exposes 4 destructive tools including api_manager_remove_policy, api_policy_delete, exchange_delete_asset. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Anypoint MCP Server? +

The Anypoint MCP Server server has 14 write tools including api_manager_apply_outbound_policy, api_manager_apply_policy, api_manager_create_api_instance. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Anypoint MCP Server.

How many tools does the Anypoint MCP Server MCP server expose? +

38 tools across 4 categories: Destructive, Execute, Read, Write. 14 are read-only. 24 can modify, create, or delete data.

How do I enforce a policy on Anypoint MCP Server? +

Register the Anypoint MCP Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Anypoint MCP Server tool call.

Deterministic rules across all 38 Anypoint MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

38 Anypoint MCP Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.