Python implementation - Best practices and key principles for building MCP integrations. - Developer Guide - Cortex - Cortex - Security Operations

MCP Integration Contributor Guide
Product
Cortex
Creation date
2026-05-20
Last date published
2026-05-20
Category
Developer Guide
Abstract

Best practices and key principles for building MCP integrations.

Your MCP integration's main function should do the following:

  • Create an MCPApiModule Client instance with the vendor’s MCP server URL and authentication details.

  • Route commands to the appropriate handler.

  • Use MCPApiModule for all MCP operations.

  • Handle errors using extract_root_error_message() and return_error().

  • Always close the client connection in a finally block.

Key principles

  • Use hardcode vendor-specific values (server URL, auth type, command prefix, server name) as constants.

  • Extract only user-configurable parameters from demisto.params(), including tokens, credentials, and custom headers.

  • Use BaseException in error handling to catch async exception groups.

  • Mark the main function with # pragma: no cover.

Refer to Packs/GitHubMCP/Integrations/GitHubMCP/GitHubMCP.py for a simple token-based example and Packs/GenericMCP/Integrations/GenericMCP/GenericMCP.py for a multi-auth example.