MCP Setup Guide
Connect Claude Desktop to Lucairn in 2 minutes
Get your API keys
You need two keys: your DSA API key (from Lucairn) and your Anthropic API key (from console.anthropic.com). If you don't have a DSA key yet, sign up at /account/signup.
Open Claude Desktop settings
In Claude Desktop, go to Settings → Developer → Edit Config. This opens your claude_desktop_config.json file.
Add the MCP server
Paste the configuration below into your claude_desktop_config.json file. Replace the placeholder values with your actual keys.
Restart Claude Desktop
Close and reopen Claude Desktop. You should see "lucairn" in the MCP servers list. Every message you send now routes through Lucairn's privacy pipeline.
{
"mcpServers": {
"lucairn": {
"command": "npx",
"args": ["-y", "@lucairn/mcp-server"],
"env": {
"DSA_GATEWAY_URL": "https://gateway.lucairn.eu",
"DSA_API_KEY": "<your DSA API key>",
"ANTHROPIC_API_KEY": "<your Anthropic API key>"
}
}
}
}How it works
Every message is scanned for PII (names, emails, addresses, medical terms) before it reaches the LLM.
Detected PII is replaced with safe placeholders. The LLM never sees real personal data.
Developer-tier responses contain placeholders so your code never receives raw PII. Pro and Enterprise tiers can enable automatic re-linking back to the original values.
A Lucairn Certificate is generated for each request — cryptographic proof of what was sanitized.
Capability matrix
Claude Desktop uses MCP over stdio (request/response), so streaming is not a separate concern at the client boundary. The Lucairn pipeline still has real gaps around multimodal and tool-call payloads — read the table before relying on it for sensitive workflows.
| Capability | Works today | Notes |
|---|---|---|
| Text messages via dsa_messages / dsa_analyze | ✓ | Full PII sanitisation on every tool call, signed Lucairn Certificate per request. |
| System prompts | ✓ | Sanitised end-to-end alongside the user content. |
| Multi-turn conversations | ✓ | Each tool call is a fresh request through the pipeline; one certificate per call. |
| Streaming responses | ! | Not applicable: MCP stdio is request/response. Claude Desktop renders the full reply once the tool call returns. No SSE involved. |
| Anthropic tool-calls / function calling inside the prompt | ✕ Roadmap | Tool definitions and tool-call arguments forwarded to Anthropic are not sanitised today. Keep PII out of any tools you pass through dsa_messages until per-call DLP for tools ships. |
| Image / file / audio attachments | ✕ Roadmap | The MCP server only forwards text content. Multimodal inputs have no Lucairn pipeline coverage. |
| Anthropic prompt caching | ✕ Roadmap | Each request is processed independently so the per-call evidence stays valid. No cache reuse across requests. |
Text messages via dsa_messages / dsa_analyze
✓Full PII sanitisation on every tool call, signed Lucairn Certificate per request.
System prompts
✓Sanitised end-to-end alongside the user content.
Multi-turn conversations
✓Each tool call is a fresh request through the pipeline; one certificate per call.
Streaming responses
!Not applicable: MCP stdio is request/response. Claude Desktop renders the full reply once the tool call returns. No SSE involved.
Anthropic tool-calls / function calling inside the prompt
✕ RoadmapTool definitions and tool-call arguments forwarded to Anthropic are not sanitised today. Keep PII out of any tools you pass through dsa_messages until per-call DLP for tools ships.
Image / file / audio attachments
✕ RoadmapThe MCP server only forwards text content. Multimodal inputs have no Lucairn pipeline coverage.
Anthropic prompt caching
✕ RoadmapEach request is processed independently so the per-call evidence stays valid. No cache reuse across requests.
Tool-call DLP and multimodal sanitisation are tracked on the roadmap. Subscribe to the changelog for ship dates. Read the changelog.
Find Lucairn on
Lucairn ships through the standard MCP registries and language-package indexes. Install from any of them:
Want to see this in action?
Book a working session — we'll walk through your use case together.