Enforce MCP Usage in Claude Code with Managed Settings

JFrog Agent Guard lets you govern which Model Context Protocol (MCP) servers a developer's coding assistant can use. With Claude Code managed settings, you enforce that governance organization-wide: Claude Code runs only the MCP servers you approve in JFrog AI Catalog, routed through the @jfrog/agent-guard proxy, and individual developers can't override the policy.

JFrog AI Catalog generates the managed settings JSON for you. You copy it from the Claude Code card (in the AI Catalog settings) and apply it in the Claude.ai admin console, where it takes effect for every developer in your organization. For setup steps before enforcement, see Get Started with the JFrog MCP Registry and Use the MCP Registry with Agent Guard.

In this topic:

• Prerequisites
• Enforce managed settings in Claude Code
• Frequently Asked Questions

Prerequisites

• JFrog AI Catalog entitlement and MCP Registry enabled.
• JFrog Platform administrator access.
• Administrator permissions in the Claude.ai admin console.
• At least one MCP server allowed in your AI Catalog project.

Enforce Managed Settings in Claude Code

To enforce MCP usage in Claude Code with managed settings:

1. Navigate to JFrog's AI Catalog settings: Select Administration > AI/ML Settings > AI Catalog.

2. Set Enable MCP registry to active.

3. Click Discover MCP servers and allow each MCP server your organization approves. Only servers allowed to developers are available.

4. Return to the AI Catalog Settings page and select the Claude Code card (under Organization-wide Configuration), and copy the generated managed settings JSON. The JSON looks like the following:

   JSON

   {
     "allowedMcpServers": [
       {
         "serverCommand": [
           "npx",
           "--yes",
           "--registry",
           "https://releases.jfrog.io/artifactory/api/npm/coding-agents-npm/",
           "@jfrog/agent-guard"
         ]
       }
     ],
     "enabledPlugins": {
       "jfrog@claude-plugins-official": true
     }
   }

   Where:

   • allowedMcpServers — Restricts Claude Code to the JFrog Agent Guard command. Only the @jfrog/agent-guard proxy is permitted as an MCP server, so any other MCP server a developer adds is blocked.

   • --registry — The npm source for the @jfrog/agent-guard package. The default is the JFrog public source. For a restricted network, replace this value with your internal npm remote repository, https://<JFROG_URL>/artifactory/api/npm/<REPO_NAME>.

   • enabledPlugins — Installs and enables the JFrog plugin jfrog@claude-plugins-official for every developer. When you apply the managed settings, the plugin downloads automatically, so you don't need to deploy it separately.

     
     

     📘

     Note

     When you have multiple JFrog Platform deployments (JPD), add --server <jpd-name> to serverCommand, one entry per JPD, as shown in the example here:

     JSON

     {
       "allowedMcpServers": [
         {
           "serverCommand": [
             "npx",
             "--yes",
             "--registry",
             "https://releases.jfrog.io/artifactory/api/npm/coding-agents-npm/",
             "@JFrog/agent-guard",
             "--server",
             "jfrogml"
           ]
         }
       ],
       "enabledPlugins": {
         "jfrog@claude-plugins-official": true
       }
     }

     IMPORTANT: Make sure you have enabled the MCP Registry for each JPD.

5. In the Claude.ai admin console, navigate to Settings > Organization > Claude Code < Managed Settings.

6. Paste the JSON and save.

After you save the managed settings, Claude Code applies them to every developer in your organization. Developers can use only the MCP servers you allow in AI Catalog; they can't add or enable any other MCP servers.

Frequently Asked Questions

This section provides answers to frequently asked questions.

Related Topics

• Use the MCP Registry with Agent Guard
• Get Started with the JFrog MCP Registry
• Configure Tool Policies
• Claude Code
• Troubleshoot MCP Registry