MCP security for Exact Online: why safety comes first
When you connect business data from Exact Online to an AI assistant, security is your first concern — and rightly so. You don't want sensitive financial data, customer information or stock figures to be freely accessible. At Ledger Botje, MCP security is therefore not an afterthought but the foundation of the architecture.
In this article, we explain how the security of the MCP connection with Exact Online works, which protocols are used and how your data stays protected. Whether you are an IT manager or a decision maker considering AI implementation — after this article you will know exactly where you stand.
OAuth 2.1 with PKCE: no password sharing
Ledger Botje's MCP connection uses OAuth 2.1 with PKCE (Proof Key for Code Exchange) for authentication. This is the most modern and secure method for API authorisation. What does this mean in practice?
- You never share your password with Ledger Botje or your AI assistant. Authorisation takes place via a secure login screen from Exact Online itself.
- PKCE prevents interception of authorisation codes. Even if someone intercepts the code, it cannot be exploited without the corresponding code verifier.
- Tokens expire automatically. Access tokens have a limited lifespan and are automatically refreshed, so old tokens cannot be misused.
Read more about how MCP works in our introduction to MCP.
HTTPS/TLS and EU data storage
All communication between your AI assistant, Ledger Botje and Exact Online runs over HTTPS with TLS encryption. This means your data is fully encrypted in transit and cannot be read by third parties.
Ledger Botje's servers are located in the European Union, which means your data stays within the EU. This is important for GDPR compliance and for businesses that have requirements about the geographical location of their data processing.
Session management and token revocation
Each MCP session is linked to a specific user and administration. You can revoke your authorisation at any time via your Exact Online settings — Ledger Botje then immediately loses all access to your data. There is no residual data, no cache and no stored copy of your business information.
Additionally, sessions are automatically terminated after a period of inactivity. This prevents a forgotten session from providing prolonged access to your administration.
Data minimisation and compliance
Ledger Botje applies the principle of data minimisation: only the data needed to answer your question is retrieved. If you ask for the stock level of one item, not all items are fetched.
This aligns with GDPR requirements and with guidelines for responsible AI use. You retain full control over who has access, which data is queried and when access is revoked.
Have more questions about security? Check the FAQ for answers to the most common security questions. Ready to start securely? Follow the MCP setup guide and view the plans.