Deploy to your team — overview
This section is for IT admins rolling out InPolicy’s AI governance to employees who are using AI assistants (Claude Desktop, Claude Code, Cursor, Windsurf, etc.).
What you’re setting up
Section titled “What you’re setting up”Three pieces, configured once per employee machine:
- An InPolicy API key: identifies your tenant to InPolicy. One key per IT deployment is fine.
- The InPolicy MCP server: a small npm-distributed helper that each AI assistant talks to. Zero-config after install.
- A company system prompt: a short instruction block you configure in your AI assistant that tells the model to consult InPolicy before responding.
Together, these three pieces make the AI assistant aware of your company’s policies on every conversation turn, without any action from the employee.
How it works in practice
Section titled “How it works in practice”An employee opens Claude Desktop and types:
“Draft a reply to our Acme account exec. They’re asking for our Q3 roadmap. They’ve mentioned they’re also talking to CompetitorCo.”
With InPolicy installed:
- The system prompt tells Claude: “For any message that involves drafting communications or decisions, call the InPolicy
record_turntool first.” - Claude calls
record_turn. InPolicy returns the currently-applicable policies, e.g. “Do not share unpublished roadmap details with third parties” and “Flag any discussion involving a named competitor.” - Claude sees those policies in its system prompt and adjusts its response: maybe redacting specific dates, adding a caveat about needing account-exec review, or declining entirely and explaining why.
- Optionally, Claude also calls
check_outputon its draft before showing it to the employee. If the output would violate a policy, Claude rewrites it or warns the employee.
The employee sees an AI that follows your policies, without having to know what the policies are.
Coverage caveat
Section titled “Coverage caveat”This approach depends on the model choosing to call InPolicy’s tools on every relevant turn. With a good system prompt, compliance is high but not guaranteed. The model may skip the check on quick/casual questions where it doesn’t see a policy concern.
That’s usually fine. Most AI-surfaced risk is in the drafts and decisions, not in “what’s the capital of France.” For scenarios where you need guaranteed coverage, see building custom agents instead.
Pick your path
Section titled “Pick your path”| Tool | Popular among | Setup guide |
|---|---|---|
| Claude Desktop | General-purpose knowledge workers | Claude Desktop setup |
| Claude Code | Engineers | Claude Code setup |
| Cursor | Engineers | Cursor setup |
| Windsurf / other MCP clients | Varied | Follow Claude Desktop setup; config locations differ but shape is identical |
After you pick a tool, review:
- System prompt template: the instruction block you’ll paste into the tool’s custom-instructions field to steer the model toward using InPolicy.
- What employees will see: so you know what to tell them.
Before you start
Section titled “Before you start”- Sign in at
app.inpolicy.aias a tenant admin. - Go to Settings → API Keys.
- Click Create API key, give it a name like “MCP for employee devices,” and copy the plaintext key immediately. It’s shown only once.
You’ll paste this key into each employee’s MCP config. The same key works across machines and tools. It identifies your tenant, not an individual user.