Skip to main content

MCP Server Overview

The Model Context Protocol (MCP) is the canonical machine interface Metatate uses to expose governance decisions. On top of that canonical layer, Metatate now ships a Snowflake Intelligence adapter layer so Snowflake agents can call the same logic through scalar custom-tool signatures.

Metatate ships a fully managed MCP server inside the Snowflake Native App. It exposes your governance policies, column classifications, compliance metadata, and authorization logic as structured tools that machine consumers can call before they read, write, or export data.

Why MCP for Data Governance?

AI agents that interact with Snowflake data need guardrails. Without governance awareness, an agent might:

  • Query PII columns it should not access
  • Export data to a jurisdiction that violates retention policy
  • Join tables across sensitivity boundaries without authorization

Metatate's MCP server solves this by giving agents a governance-aware toolkit they can call inline, before executing any data operation.

Architecture

┌──────────────────────────────────────────────────────────────┐
│  Snowflake Account                                           │
│                                                              │
│  ┌────────────────────────────────────────────────────────┐  │
│  │  METATATE_APP (Native App)                             │  │
│  │                                                        │  │
│  │  ┌──────────────┐    ┌──────────────────────────────┐  │  │
│  │  │  MCP Server   │───▶│  Governance Tables            │  │  │
│  │  │  core.        │    │                              │  │  │
│  │  │  metatate_mcp │    │  ├─ governed_tables          │  │  │
│  │  └──────▲────────┘    │  ├─ governed_columns         │  │  │
│  │         │             │  ├─ usage_rules              │  │  │
│  │         │             │  ├─ compliance_metadata       │  │  │
│  │         │             │  ├─ retention_policies        │  │  │
│  │         │             │  └─ lineage_edges            │  │  │
│  │         │             └──────────────────────────────┘  │  │
│  └─────────┼──────────────────────────────────────────────┘  │
│            │                                                  │
│  ┌─────────┴─────────────────────────────┐                   │
│  │  Consumer Layers                       │                   │
│  │                                        │                   │
│  │  Snowflake Intelligence agent wrappers │                   │
│  │  MCP server / machine integrations     │                   │
│  └────────────────────────────────────────┘                   │
└──────────────────────────────────────────────────────────────┘

The canonical MCP tools read from the governance tables that Metatate materializes when you deploy policies. Snowflake Intelligence uses core.agent_* wrappers that forward into those canonical tools. No data leaves Snowflake at any point.

The 6 Tools

Metatate's MCP server exposes six tools organized into three categories:

Discovery

ToolTypePurpose
discover-contextFunctionSearch governed tables by database, schema, sensitivity, compliance framework, PII presence, or domain
get-decision-contextFunctionGet full governance context for a specific table: policies, compliance, retention, lineage, and business metadata
inspect-data-meaningFunctionGet column-level detail: data types, sensitivity, PII flags, masking configuration, and applied policies

Authorization

ToolTypePurpose
authorize-useProcedureRequest an authorization decision for a specific data operation (read, export, share, transform) with full context

Validation

ToolTypePurpose
validate-query-contextProcedureAnalyze a SQL query for governance compliance before execution: check table access, column sensitivity, masking, and policy violations
explain-whyProcedureRetrieve the full audit trail for a previous authorization decision, including policy evidence and evaluation trace

Response Envelope

Every tool returns a consistent JSON envelope:

{
  "status": "success",
  "data": { ... },
  "errors": []
}

On failure, status becomes "error" and the errors array contains diagnostic messages. The data field will be null or an empty object.

Canonical MCP Endpoint

The MCP server is accessible at:

https://<account>.snowflakecomputing.com/api/v2/databases/METATATE_APP/schemas/CORE/mcp-servers/METATATE_MCP

Replace <account> with your Snowflake account identifier (e.g., xy12345.us-east-1).

This endpoint remains the canonical machine API for Metatate. Snowflake Intelligence does not wire directly to the raw VARIANT signatures in the agent builder UI; it uses the core.agent_* wrappers documented in the Snowflake Intelligence guide.

Next Steps