Iris is a read-only MCP server unifying seven systems — Entra,
Intune, Defender, Exchange/Purview, NinjaOne, SentinelOne, and
UniFi — into one data layer for IT ticket triage. It powers the
@iris
Slack bot and works directly inside Claude. Permission-isolated,
allow-list gated, read-only by design.
Iris runs as a separate Railway service behind the Brightpath proxy. The proxy forwards /iris/* to Iris and strips the prefix — it does no auth itself. Iris owns its own Azure app registration, its own allow-list, and its own bearer tokens. That isolation is the point: scope on Iris doesn't widen anything on the main MCP, and a permissions slip-up on one side stays on that side.
Entra and Intune cover the identity questions in every ticket: who is this user, what device are they using, is it compliant and enrolled, when did they last sign in. The data layer is Microsoft Graph, app-only, read-only.
Defender and SentinelOne surface the security signals: open alerts, vulnerable software, agent health, recent threats. Two systems, one normalized view — useful when a ticket might be a user issue, a malware event, or both.
Exchange message trace answers "did this email actually arrive," and Purview surfaces compliance signals. Message trace is Graph beta/preview and needs separate onboarding — Iris probes it and routes around it until it's enabled on the tenant.
NinjaOne tells you whether the user's machine is actually online and what software's on it. UniFi shows the network it's sitting on — site/WAN-level today via the cloud API; per-client firewall data lands when local controller access is in place.
Iris is an internal system at YourPolicy — not a public product. A read-only MCP server unifying seven IT platforms, deployed on Railway behind Microsoft 365 SSO and an allow-list.