MCP server analytics: what teams need to see before scale

TL;DR: MCP servers connect AI clients to tools and data, but their asynchronous calls, cross-client journeys, and hidden error patterns make usage and latency hard to govern without dedicated observability, according to WorkOS. That visibility gap matters because tool-level monitoring is now part of identity and access control for AI-mediated workflows.

NHIMG editorial — based on content published by WorkOS: What is Agnost AI? An MCP server analytics platform

By the numbers:

• Only 18% of MCP server deployments implement any form of access scoping for tool permissions.
• 53% of MCP servers expose credentials through hard-coded values in configuration files.
• 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.

Questions worth separating out

Q: How should security teams govern MCP servers used by multiple AI clients?

A: Security teams should treat a shared MCP server as a governed access path, not a generic integration.

Q: Why do MCP servers create new visibility gaps for IAM teams?

A: MCP servers create visibility gaps because tool invocation happens inside AI-mediated sessions that span multiple clients and often lack a clean audit trail.

Q: What breaks when tool usage is not correlated across AI clients?

A: When tool usage is not correlated across AI clients, teams lose the ability to reconstruct a complete user journey.

Practitioner guidance

• Map each MCP server to an explicit access owner Assign a human or platform owner to every MCP server and document which AI clients may invoke it, which tools are in scope, and which environments are approved for use.
• Review tool permissions against observed usage Compare approved tool scope with actual invocation patterns, especially when a single server serves Claude Desktop, VS Code, and API clients.
• Treat error spikes as access-scope signals Investigate repeated failures, unusual latency bands, and client-specific error clusters as potential indicators of brittle authorization paths or over-broad tool exposure.

What's in the full article

WorkOS's full article covers the operational detail this post intentionally leaves for the source:

• The exact one-line Python integration pattern for wrapping an MCP server without changing existing server logic.
• The dashboard fields used to track invocations, latency percentiles, success rates, and user stories across clients.
• The client-distribution and error-capture views that help teams diagnose which AI application or session path is causing friction.
• The onboarding flow for connecting an organisation ID to hosted analytics and configuring alerts.

👉 Read WorkOS's analysis of Agnost AI for MCP server observability →

MCP server analytics: what teams need to see before scale?

Explore further

View Full Forum →  |  NHI Foundation Course →