Connect Herd Security to ChatGPT: Monitor Training and Completion
Learn how to connect Herd Security to ChatGPT using a managed MCP server. This step-by-step guide covers dynamic tool generation, rate limit handling, and security compliance workflows.
If you need to connect Herd Security to ChatGPT to automate compliance monitoring, track training enrollments, or audit user security statuses, you need a Model Context Protocol (MCP) server. This server acts as the translation layer between ChatGPT's tool calls and Herd Security's REST APIs. If your team uses Claude, check out our guide on connecting Herd Security to Claude, or explore our broader architectural overview on connecting Herd Security to AI Agents.
Giving a Large Language Model (LLM) read and write access to a security compliance platform is a serious engineering challenge. You have to handle OAuth token lifecycles, map complex enrollment state schemas to MCP tool definitions, and deal with strict vendor API rate limits. Every time the upstream API changes an endpoint or deprecates a field, you have to update your server code, redeploy, and test the integration.
This guide breaks down exactly how to use Truto to generate a secure, managed MCP server for Herd Security, connect it natively to ChatGPT, and execute complex security compliance workflows using natural language.
The Engineering Reality of the Herd Security API
A custom MCP server is a self-hosted integration layer. While the open MCP standard provides a predictable way for models to discover tools, the reality of implementing it against specific vendor APIs is painful. You aren't just integrating "an API" - you are integrating Herd Security's specific data models, error formats, and behavioral quirks.
If you decide to build a custom MCP server for Herd Security, you own the entire API lifecycle. Here are the specific integration challenges that break standard CRUD assumptions when working with this platform:
Enrollment State Machines
Security training in Herd Security does not rely on simple boolean flags. An enrollment record moves through a complex state machine (e.g., assigned, notified, in-progress, completed, expired, failed). When an LLM asks "Who hasn't finished their training?" it cannot just query a completed=false parameter. The MCP server tools must expose the exact enrollment_id, training_id, and status fields so the LLM can iterate over the data and filter out terminal states versus active states. If your schema definitions lack this context, the LLM will hallucinate compliance statuses.
Hierarchical Tag Taxonomy
Herd Security categorizes trainings using tags. To determine which users are required to take the "Q3 Phishing Defense" training, you cannot query the training directly by a friendly name. You must first resolve the tag ID using the tags endpoints, then fetch the trainings associated with that tag, and finally cross-reference those IDs against the user enrollment endpoints. Exposing this correctly to an LLM requires explicit query parameters and cursor definitions, or the model will get lost in a loop of failed queries.
Rate Limits and 429 Errors
Security and compliance tools enforce strict rate limits to prevent data scraping and abuse. It is critical to understand that Truto does not retry, throttle, or apply backoff on rate limit errors. When the Herd Security API returns an HTTP 429 Too Many Requests, Truto passes that error directly to the caller.
Truto normalizes the upstream rate limit information into standardized headers (ratelimit-limit, ratelimit-remaining, ratelimit-reset) following the IETF specification. The caller - whether that is a custom AI agent framework or ChatGPT itself - is entirely responsible for reading these headers and executing its own exponential backoff strategy. Do not build an architecture assuming the integration layer will magically absorb 429 errors.
flowchart TD
A["ChatGPT Client"] -->|"JSON-RPC (tools/call)"| B["Truto MCP Router"]
B -->|"Dynamic Tool Execution"| C["Herd Security API"]
C -.->|"HTTP 429 Too Many Requests"| B
B -.->|"Passes 429 Error & Headers"| A
A -->|"Client-Side Backoff"| ACreating the Managed MCP Server
Instead of building a Node.js or Python MCP server from scratch, you can use Truto to dynamically generate one. Truto derives tool definitions dynamically from documentation and API schemas. A tool only appears in the MCP server if it has a corresponding documentation entry, acting as a quality gate to ensure only well-documented endpoints are exposed to the LLM.
Each MCP server is scoped to a single integrated account. The server URL contains a cryptographic token that encodes which account to use, what tools to expose, and optionally when the server expires.
You can create this server in two ways.
Method 1: Via the Truto UI
- Navigate to the Integrated Accounts page in your Truto dashboard and select your connected Herd Security instance.
- Click the MCP Servers tab.
- Click Create MCP Server.
- Select your desired configuration. You can filter by allowed methods (e.g.,
readonly) or specific tags. - Copy the generated MCP server URL. Keep this secure; it contains the hashed authentication token.
Method 2: Via the Truto API
For platform teams generating MCP servers programmatically, you can hit the Truto REST API. The API validates that the integration has tools available, generates a secure token stored in edge KV storage, and returns a ready-to-use JSON-RPC URL.
Request:
curl -X POST https://api.truto.one/integrated-account/{integrated_account_id}/mcp \
-H "Authorization: Bearer YOUR_TRUTO_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "Herd Security Compliance Agent",
"config": {
"methods": ["read"],
"require_api_token_auth": false
}
}'Response:
{
"id": "abc-123",
"name": "Herd Security Compliance Agent",
"config": { "methods": ["read"] },
"expires_at": null,
"url": "https://api.truto.one/mcp/a1b2c3d4e5f6..."
}Connecting Herd Security to ChatGPT
Once you have your Truto MCP URL, you can connect it to your LLM environment. Here are the two primary methods.
Method A: Via the ChatGPT UI
If you are using ChatGPT Enterprise, Pro, Plus, Business, or Education, you can add custom connectors natively.
- Open ChatGPT and navigate to Settings -> Apps -> Advanced settings.
- Enable Developer mode (MCP support is currently gated behind this flag).
- Under MCP servers / Custom connectors, click to add a new server.
- Name: Enter a descriptive name (e.g., "Herd Security").
- Server URL: Paste the
urlreturned from Truto. - Click Save.
ChatGPT will immediately perform an MCP handshake, calling the initialize and tools/list JSON-RPC methods to discover the available Herd Security operations.
Method B: Via Manual Config File
If you are building a custom agent using LangChain, LangGraph, or testing locally with an MCP inspector, you can connect via a Server-Sent Events (SSE) transport using the official MCP CLI.
Create an mcp-config.json file:
{
"mcpServers": {
"herd_security": {
"command": "npx",
"args": [
"-y",
"@modelcontextprotocol/server-sse",
"--url",
"https://api.truto.one/mcp/a1b2c3d4e5f6..."
]
}
}
}Hero Tools for Herd Security
When the LLM connects, it receives a flattened list of tools derived directly from the Herd Security API schemas. Here are the highest-leverage tools available for this integration.
list_all_herd_security_users
Retrieves the complete directory of users synced into Herd Security. This is the foundation for any compliance audit, allowing the LLM to verify if new hires are active in the system.
"Fetch a list of all active users in our Herd Security organization and format their names and emails into a markdown table."
list_all_herd_security_tags
Returns all tags used to categorize and assign training campaigns. Because training assignments are often group-based, the LLM must call this tool to find the corresponding tag_id for a given campaign name (e.g., "Q3 Compliance").
"What tags are currently active in our Herd Security account? Return the tag IDs alongside their descriptions."
list_all_herd_security_tag_trainings
Lists all specific training modules associated with a tag. Once the LLM knows the tag_id, it uses this tool to map the tag to the actual training_id values required for compliance verification.
"Look up all the specific trainings associated with tag ID 'tg_889922' and summarize the training descriptions."
list_all_herd_security_enrollments
Returns the master list of all training enrollments and their current completion statuses. This tool outputs massive amounts of data (enrollment_id, user_id, training_id, status), so the LLM must be prompted to handle pagination cursors carefully if dealing with thousands of employees.
"Get the latest training enrollments. Filter the results in your context window to show only the users who have a status of 'expired'."
get_single_herd_security_user_by_id
Fetches the granular details for a specific user. Useful when the LLM has identified a non-compliant user via the enrollments list and needs to pull their manager's email or department details for escalation.
"Pull the full user profile for user ID 'usr_555444' and tell me their current department."
get_single_herd_security_enrollment_by_id
Retrieves the exact timeline and metadata for a specific enrollment, including assignment dates, completion dates, and scores. This is critical for generating evidence for SOC 2 or ISO 27001 audits.
"Check the details for enrollment ID 'enr_999888' and confirm the exact date and time the training was marked as completed."
To view the complete schema definitions and the full inventory of available endpoints, visit the Herd Security integration page.
Workflows in Action
Exposing individual tools is only half the battle. The real value of an MCP server is enabling the LLM to chain these tools together into autonomous workflows.
1. The Automated Compliance Audit
IT Admins spend hours cross-referencing CSVs to figure out who hasn't taken their mandatory security training. ChatGPT can do this in seconds.
"Identify all active users who have not completed the '2026 Annual Security Awareness' training. Provide a list of their email addresses."
Execution Steps:
list_all_herd_security_tags: The LLM searches for the tag matching "2026 Annual Security Awareness" to extract thetag_id.list_all_herd_security_tag_trainings: Using thetag_id, it identifies the specifictraining_idvalues associated with this campaign.list_all_herd_security_enrollments: The LLM pulls the enrollment records, filtering internally for the identifiedtraining_idand isolating records where the status is not "completed".list_all_herd_security_users: The LLM correlates the non-compliantuser_idvalues against the user directory to extract their email addresses, formatting the final output for the user.
sequenceDiagram
participant Admin as IT Admin
participant LLM as ChatGPT
participant MCP as Truto MCP
participant API as Herd Security
Admin->>LLM: "Who hasn't finished annual training?"
LLM->>MCP: Call list_all_herd_security_tags
MCP->>API: GET /tags
API-->>MCP: Returns tags
MCP-->>LLM: JSON tags array
LLM->>MCP: Call list_all_herd_security_enrollments
MCP->>API: GET /enrollments
API-->>MCP: Returns enrollments
MCP-->>LLM: JSON enrollments array
LLM-->>Admin: Markdown list of non-compliant emails2. Targeted User Triage
When a SecOps Manager receives an alert about a potentially compromised account, they need to know if the user recently failed phishing training.
"Check if j.doe@example.com is enrolled in any Phishing Defense training, and verify their current completion status and dates."
Execution Steps:
list_all_herd_security_users: The LLM searches the directory to map the email address to a specificuser_id.list_all_herd_security_enrollments: The LLM queries the enrollments specifically for thatuser_id.list_all_herd_security_tag_trainings: The LLM checks which of the user's activetraining_idrecords correspond to the Phishing Defense modules.get_single_herd_security_enrollment_by_id: The LLM fetches the deep metadata for that specific enrollment to return the exact completion date or failure status to the SecOps Manager.
Security and Access Control
Giving an LLM access to employee compliance data requires strict governance. Truto MCP servers enforce security at the infrastructure layer through several configuration flags:
- Method Filtering: You can restrict the MCP server to only perform specific operations. By setting
config.methods: ["read"], you guarantee the LLM can only query data (GET/LIST) and cannot accidentally mutate user records or enrollments. - Tag Filtering: Integration resources can be scoped by functional area. By passing
config.tags, you restrict the server to only expose tools related to specific subsets of the API. - Extra Authentication (
require_api_token_auth): By default, the cryptographically hashed URL acts as a bearer token. If you set this flag totrue, the connecting client must also pass a valid Truto API token in the Authorization header. This ensures that even if the MCP URL leaks in a log file, it cannot be used without valid API credentials. - Automatic Expiry (
expires_at): You can generate ephemeral servers by passing an ISO datetime. Edge KV storage will automatically drop the token at the expiration time, and a scheduled background alarm will cleanly purge the metadata from the database, leaving no stale credentials behind.
Strategic Architecture for Security Automation
Connecting Herd Security to ChatGPT transforms compliance tracking from a manual, spreadsheet-heavy chore into a conversational interface. But the value is highly dependent on the resilience of the integration layer.
By leveraging a managed MCP server, you offload the boilerplate of JSON schema generation, edge token validation, and API authentication. Your engineering team can focus on orchestrating complex agentic workflows, while the integration layer handles the real-time translation between the LLM and the Herd Security API. Remember to implement robust client-side backoff logic for 429 rate limits, heavily utilize method filtering to enforce read-only boundaries, and keep your agents strictly scoped.
FAQ
- Does Truto automatically retry Herd Security API requests when a rate limit is hit?
- No. Truto does not retry, throttle, or absorb HTTP 429 Too Many Requests errors. It normalizes the upstream rate limit headers per the IETF specification and passes the error directly to the caller. Your LLM framework or custom agent must implement its own exponential backoff.
- Can I limit ChatGPT to only read data from Herd Security?
- Yes. When generating the MCP server via the Truto UI or API, you can set method filters (e.g., config.methods: ["read"]). This strictly limits the tools to GET and LIST operations, preventing the LLM from mutating data.
- How are MCP tools generated for the Herd Security API?
- Tools are generated dynamically based on integration documentation and resource definitions. If an endpoint is documented in the integration configuration, Truto automatically builds the JSON schema and exposes it as a JSON-RPC tool via the MCP server.
- What happens if my MCP server URL leaks?
- To prevent unauthorized access, you can create the MCP server with the require_api_token_auth flag enabled. This requires the caller to provide a valid Truto API token in addition to the URL. You can also set an expires_at timestamp for ephemeral access.