Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"gsc": {
"args": [
"mcp-google-gsc"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
MCP server for Google Search Console -- search analytics, URL inspection, and site management via Claude.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y 'mcp-google-gsc' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked mcp-google-gsc against OSV.dev.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in analytics / marketing
DataForSEO API modelcontextprotocol server
MCP server that enables AI agents to perform comprehensive web audits using Google Lighthouse with 13+ tools for performance, accessibility, SEO, and security analysis.
MCP server for Dynatrace Managed to access logs, events, and metrics.
An MCP server that provides [describe what your server does]
MCP Security Weekly
Get CVE alerts and security updates for io.github.mharnett/google-gsc and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
MCP server for Google Search Console -- search analytics, URL inspection, and site management via Claude.
npm install mcp-google-gsc
git clone https://github.com/mharnett/mcp-search-console.git
cd mcp-google-gsc
npm install
npm run build
Security: Never share your .mcp.json file or commit it to git -- it may contain API credentials. Add .mcp.json to your .gitignore.
mcp-gsc supports two authentication modes. Pick whichever fits your setup. Neither requires any file living at a hardcoded machine-local path -- credentials come from environment variables (or a config.json you create).
Which mode to use:
Precedence when both are configured: if a service-account keyfile is explicitly set (GOOGLE_APPLICATION_CREDENTIALS, or credentials_file in config.json), it wins over any OAuth refresh token or stored OAuth credentials. If neither is configured, the server fails loudly at startup with an onboarding message rather than silently guessing -- there is no machine-local default and no silent runtime failover between modes.
Use this if you want to authorize with your own Google login (the account that has Search Console access). Best for personal / interactive use.
http://localhost loopback redirect -- you do not need to pre-register a port.)export GOOGLE_GSC_CLIENT_ID=...apps.googleusercontent.com
export GOOGLE_GSC_CLIENT_SECRET=...
access_type=offline):
node get-refresh-token.cjs
Do not redirect this command's stdout to a shared log -- it prints the refresh token to stdout by design.
export GOOGLE_GSC_REFRESH_TOKEN=...
The server reads GOOGLE_GSC_CLIENT_ID, GOOGLE_GSC_CLIENT_SECRET, and GOOGLE_GSC_REFRESH_TOKEN from the environment at runtime.
Alternatively, run the guided helper npx mcp-gsc-auth, which performs the same PKCE OAuth flow, lets you pick a default Search Console property, and writes the result to a per-user credentials file.
Use this for server / headless / always-on contexts -- it is the recommended path when no human is present to complete or refresh an interactive login.