Skip to main content

Agent-native

Drive the whole governance loop from your agent.

OntoRamp is built to be read by agents. Over MCP, one agent can run the entire closed loop — discover where governance is thin, submit an assessment, project the impact, evaluate a decision, pull the findings, and write the decision back into the governed record.

The full front door is 15 MCP tools across 4 plugins. This page walks the loop tool by tool with real request payloads and tier-honest response shapes.

Browse the MCP servers → · Per-client connect docs →

The loop, walked

Six tools, one closed loop.

Every call is a JSON-RPC tools/call over HTTP. The tool name selects the behaviour; arguments are grounded in the public OpenAPI schema. Provisioning a key is a one-time web step, off the loop.

JSON-RPC envelope

{
  "jsonrpc": "2.0",
  "method": "tools/call",
  "params": { "name": "<tool>", "arguments": { /* see each step */ } },
  "id": 1
}
01 · Discoverget_maturity_gap
Freegovernance-evaluator

Bootstrap call — returns client-safe aggregates (counts and coverage) that surface governance gaps. It reports gap counts, never corpus content.

Request — tools/call params

{
  "name": "get_maturity_gap",
  "arguments": {
    "domain": "data_governance",
    "include_top_entities": true
  }
}

Response

{
  "domain": "data_governance",
  "total_entities": 204,
  "total_chunks": 32792,
  "coverage_by_type": [
    { "type": "control", "count": 61 },
    { "type": "policy", "count": 38 }
  ],
  "gap_count": 12
}

Client-safe aggregates only (the documented MaturityGapAggregate shape) — counts and coverage, no titles, snippets or provenance.

02 · Intakesubmit_assessment
Developer+decision-intelligence

Submit the full assessment questionnaire programmatically. Tenant-isolated — the tenant is derived from your API key; there is no tenant_id input. Distinct from the free request_assessment lead intake.

Request — tools/call params

{
  "name": "submit_assessment",
  "arguments": {
    "full_name": "Ada Lovelace",
    "work_email": "ada@example.com",
    "company_name": "Example Corp",
    "role_title": "Chief Architect",
    "industry_vertical": "financial_services",
    "organization_size": "1001-5000",
    "challenge_description": "We need to assess governance maturity across our data and integration estate ahead of an audit.",
    "has_architecture_docs": "yes",
    "assessment_track": "ega"
  }
}

Response

{
  "success": true,
  "id": "a3f1c9e2-7b40-4d2a-9e51-0c8f2d6b1a44"
}

Illustrative. industry_vertical, organization_size, has_architecture_docs (yes | no | not_sure) and assessment_track (ega | ar) are closed enums; challenge_description is 20–5000 chars.

03 · Computerun_projection
Orgprojection-engine

Read + write. Runs a governance projection over your tenant corpus. Debounced (~60s) and skips domains under the 20-chunk floor — results settle on their own schedule rather than returning immediately.

Request — tools/call params

{
  "name": "run_projection",
  "arguments": {
    "domain": "data_governance",
    "dry_run": false
  }
}

Response

{
  "status": "accepted",
  "run_id": "b7d40e15-2c9a-4f88-bb1e-9a7c0d3e5f21",
  "note": "Projection queued; domains under the 20-chunk floor are skipped."
}

Illustrative — openapi documents only the generic MCP envelope for run_projection. Poll get_decision_packets with the run_id once the projection settles.

03 · Computeevaluate_decision
Free (fair-use)decision-intelligence

A heuristic check of a proposed decision against the authority context you supply. Returns PASS, WARN or BLOCK with plain-language remediation — it reasons over the context you pass, not a stored model.

Request — tools/call params

{
  "name": "evaluate_decision",
  "arguments": {
    "decision_text": "Adopt VendorX as the system of record for customer PII.",
    "decision_type": "vendor_selection",
    "authority_claimed": "Data Governance Council"
  }
}

Response

{
  "verdict": "WARN",
  "decision_type": "vendor_selection",
  "remediation": "Attach the accountable data owner and the retention policy reference before this vendor selection proceeds."
}

Illustrative. decision_text is 10–3000 chars; decision_type is a closed 9-value enum (architecture_change, vendor_selection, budget_commitment, policy_change, system_integration, personnel_decision, initiative_approval, data_access, other).

04 · Deliverget_decision_packets
Orgprojection-engine

Retrieve domain-level findings from a projection — each with a recommendation, rationale and evidence. Filter by run_id, domain or recommendation.

Request — tools/call params

{
  "name": "get_decision_packets",
  "arguments": {
    "run_id": "b7d40e15-2c9a-4f88-bb1e-9a7c0d3e5f21",
    "recommendation": "CONDITIONAL_APPROVE",
    "limit": 10
  }
}

Response

{
  "run_id": "b7d40e15-2c9a-4f88-bb1e-9a7c0d3e5f21",
  "packets": [
    {
      "domain": "data_governance",
      "recommendation": "CONDITIONAL_APPROVE",
      "rationale": "Coverage meets the control floor; two policy gaps remain.",
      "evidence_count": 7
    }
  ]
}

Illustrative — evidence is summarised by count, not dumped. recommendation is one of APPROVE, CONDITIONAL_APPROVE, REJECT, DEFER; limit is 1–50.

05 · Write backlog_decision
Developer+decision-intelligence

Write a consequential decision to your governed decision record. Handle-passing — it stores no provenance back-reference, and it is not a separately purchasable SKU.

Request — tools/call params

{
  "name": "log_decision",
  "arguments": {
    "decision_text": "Proceed with VendorX under a conditional approval pending the retention policy update.",
    "decision_type": "vendor_selection",
    "authority_claimed": "Data Governance Council",
    "context": "Two policy gaps tracked; owner assigned."
  }
}

Response

{
  "logged": true,
  "decision_id": "c1e83b07-5d4f-49a2-8c10-2f6e7a9b4d33",
  "decision_type": "vendor_selection"
}

Illustrative. decision_text is 10–3000 chars; context up to 5000. The loop closes here: the decision is now part of the governed record an agent can read back next cycle.

A human never touched this loop. The decision logged in step 05 is part of the record the agent reads back in step 01 next cycle.

Connect

Point your agent runtime at the gateway.

One streamable-HTTP endpoint exposes the full front door. Authenticate with a bearer token in the request header — never an API key in the URL.

Authorization: Bearer YOUR_API_KEY

mcp client config

{
  "mcpServers": {
    "ontoramp": {
      "url": "https://mcp.ontoramp.com/mcp",
      "headers": {
        "Authorization": "Bearer YOUR_API_KEY"
      }
    }
  }
}

Per-client setup (Cursor, VS Code, Gemini, AgentCore and more) lives in the connect docs →

What each tier unlocks

Tiers gate tools, not throttles.

Freeget_maturity_gap, evaluate_decision (fair-use) and request_assessment — a generous monthly allowance, with no metered per-operation billing.
Developer+Adds read + write decision intelligence: submit_assessment (tenant-isolated) and log_decision.
OrgAdds the projection engine: run_projection and get_decision_packets over your own corpus.

Provisioning is a one-time web step. See plans and get a key →