Supported tools

Learn what you can do with HighQ MCP Server tools
The HighQ MCP Server provides AI tools a read-only window into HighQ content. AI assistants can use these tools to find, read, and analyse the files, iSheets, and matter data a user already has access to. Administrators can audit and govern activity across the wider instance.
The surface is strictly
read-only
. Tools find information and answer questions; they
never
create, modify, or delete anything. Every response is permission-bounded, so a tool only ever returns content that the requesting user is already allowed to see in HighQ.
However, the real power comes from combining tools. In a single prompt, an AI assistant can search a workspace, open the documents it finds, pull the relevant text, and check who last changed a related record, chaining several tools to answer one question.

How are the tools organised?

The HighQ MCP Server provides two groups of tools:
  • Core content tools
    - Work across the HighQ sites and content a user has access to, with every result permission-bounded. These tools form the everyday experience for matter members and external clients.
  • Audit tools
    - Span the wider HighQ instance and are available to system administrators for oversight and governance.

Core tools

The MCP Server exposes
26 read-only
tools that cover files, iSheets, and matters. These tools enable users to browse folder structures, read and summarise documents, list and filter iSheet records, view record-level change history, look up people and permissions, and search content.
These tools are
not limited
to a single site. Users can work across all HighQ sites they have access to, querying a specific site or searching across multiple sites, and every result is permission-bounded, returning only content the user is already allowed to access.
The 26 tools are grouped into 8 categories. Each category below lists the tools it contains, along with example prompts that show the types of questions an AI assistant can answer.
  1. Site finder & overview
    Find sites and review their high-level details.
    Tools
    • Get site
    • Get site list v2
    Example prompts
    • Show me all the sites I have access to
    • What's the status and description of the Project Atlas site?
    • List the matter sites I own
  2. Folder & document navigation
    Browse the folder hierarchy and see what a site contains.
    Tools
    • Get the folder structure and subfolders for a site or a specific folder
    • Get folder list
    • Get folder path
    • Get folder info
    • Get files list
    Example prompts
    • Show me the folder structure for the Acquisition workspace
    • How many documents are in the Due Diligence folder?
    • What's the full path to the Signed Agreements folder?
    • List all files in the Contracts folder
  3. Document reading & summarisation
    Open documents and work with their content.
    Tools
    • Download file
    • Get file text content (from Solr)
    • Get files list
    • Search for files and folders across HighQ sites
    Example prompts
    • Summarise the master services agreement in this site
    • Pull the text of the latest board minutes and give me the key points
    • Find the share purchase agreement and tell me the governing-law clause
  4. Document links & relationships
    See how documents relate to one another.
    Tools
    • Get document relationships
    • Get all relationship types added to the site
    Example prompts
    • What documents are linked to this contract?
    • Show me the relationship types configured on this site
    • Which files are related to the Q3 disclosure letter?
  5. Matter data & registers (iSheets)
    List and query the structured matter data held in iSheets.
    Tools
    • Get a list of iSheets from a site
    • iSheet advanced search
    • Get iSheet columns
    • Get iSheet details
    • Get an iSheet item by item ID
    • Get a list of iSheet items
    • Get the iSheet record ID from a file
    • Get search parameters
    Example prompts
    • List all the iSheets in the Litigation matter
    • Find every open risk in the Compliance Register iSheet
    • What's recorded in item 42 of the Obligations iSheet?
    • Show me the columns in the Key Dates tracker
  6. Record change history (iSheets)
    Review who changed iSheet records and when.
    Tools
    • Get the iSheet item-level audit history
    • Get the iSheet-level audit history
    Example prompts
    • Who last changed the status on this risk item, and when?
    • Show the change history for the Contract Register iSheet
    • What edits were made to this record over the past month?
  7. People & access lookups
    Look up users and their access across the sites you have permission to see.
    Tools
    • Get user
    • Get all site users
    • Get site user roles
    Example prompts
    • Who has access to the Project Falcon site?
    • What role does this person have on this matter?
    • Look up the contact details for the site owner
  8. Content search
    Search across sites and content.
    Tools
    • Search for files and folders across HighQ sites
    • Get search parameters
    • Get file text content (from Solr)
    • Get favourites list
    Example prompts
    • Search my sites for documents mentioning 'change of control'
    • Find all files with 'NDA' in the title
    • Show me my favourited items
note
The naming and terminology of the tools may change; however, their functionality will remain consistent.

What the core tools can't do?

Core tools are read-only: they observe and report, but do not make changes. Any updates to HighQ content must be performed directly in HighQ.
Currently, the tools cannot:
  • Create content
    - No creation of sites, folders, iSheets, or iSheet records/items.
  • Write to iSheets
    - No editing, updating, or appending of records, columns, or values.
  • Upload or modify documents
    - No uploading new files or versions, and no editing of document content.
  • Delete content
    - No removal of files, folders, records, or sites.
  • Move, copy, or rename content
    - No changes to files, folders, or records.
  • Manage people or permissions
    - No adding or removing users, or changing roles and access.
  • Change configuration
    - No updates to admin settings, site setup, or workflows.
  • Share or notify
    - No issuing of shares, invitations, or notifications.
If a prompt requests any of these actions, the tools do not perform the operation. The required changes must be completed directly in HighQ.

Audit tools (instance / system level)

On top of the read-only site surface, the MCP Server provides four audit tools for administrators who require oversight across the wider HighQ instance. These tools cover sign-in and access activity, site lifecycle events, membership activity, and content activity.
Audit queries perform best when they are kept narrow and bounded, focused on a single activity type, a short time window, and, where relevant, a single site.
  1. Sign-in & access activity
    Sign-in and access events, including 2FA, proxy, and impersonation context.
    Tools
    • Get login and authentication audit list
    Example prompts
    • Show failed sign-in attempts across the instance in the last 7 days
    • List logins that used impersonation yesterday
  2. Workspace lifecycle activity
    Site lifecycle events - creation, archival, and ownership changes.
    Tools
    • Get site management audit list
    Example prompts
    • Which sites were created or archived this month?
    • Show site ownership changes across the instance last quarter
  3. Membership activity
    User additions and removals, with external users flagged.
    Tools
    • Get user management audit list
    Example prompts
    • List users added or removed across the instance this week, flagging external users
    • Show membership changes involving external users in the last 30 days
  4. Content activity
    Uploads, downloads, deletions, and bulk-action patterns.
    Tools
    • Get content management audit list
    Example prompts
    • Show bulk-download activity across the instance in the last 24 hours
    • List all content deletions instance-wide this week
note
Audit tools operate at the instance level and aggregate audit data from all sites within your HighQ instance. Site-level audit API exposure is not supported. Audit tools respect instance boundaries, so audit data from other instances cannot be accessed.

What the audit tools can't do?

Like the core tools, audit tools are read-only reporting tools. They surface activity that has already occurred and do not act on it.
The tools cannot:
  • Take any remediation action
    - No suspending or removing users, revoking access, ending sessions, or changing settings in response to audit findings.
  • Modify or clear the audit trail
    - Audit records cannot be edited or deleted through the tools.
  • Be used by non-administrators
    - Access is limited to system administrators; standard users and site administrators cannot query audit data through the MCP Server.
  • Return site-scoped audit data
    - Audit data is aggregated at the instance level; site-level audit API exposure is not supported.
  • Cross instance boundaries
    - Audit data from other HighQ instances cannot be accessed.

How do tools work together?

Most useful answers come from chaining tools. For example:
  • Find, then read
    - Search for a document by title, then extract its text and summarise it.
  • Navigate, then list
    - Open a site's folder structure, then list the files in a specific folder.
  • Query, then explain
    - Find open items in an iSheet, then review the change history of a specific record.
  • Govern
    - Review instance-wide sign-in activity, then investigate related workspaces or membership changes.

Using the tools across AI Assistants

The same HighQ MCP Server works across MCP-compatible AI assistants, including Claude, ChatGPT, and Microsoft Copilot, as well as custom in-house AI tools.
The underlying capabilities are consistent across assistants; only the way tool names are displayed may vary slightly between them. Regardless of the assistant you're using, the surface remains read-only and permission-bounded, and users can only view content they are already authorised to access in HighQ.

Permissions and access

  • Core site-level tools return only the content that the requesting user is permitted to see in HighQ.
  • Audit tools are restricted to system administrators.
  • Standard users and site administrators cannot query instance-level audit data through the MCP Server.
  • Non-administrators receive an
    insufficient permissions
    error when attempting to query audit data.