IT Glue MCP server for MSPs — documents, flexible assets, semantic vector search, RBAC, and BYOK
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"io-github-selic-mcp-itglue": {
"command": "<see-readme>",
"args": []
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
IT Glue MCP server for MSPs — documents, flexible assets, semantic vector search, RBAC, and BYOK
No automated test available for this server. Check the GitHub README for setup instructions.
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
No package registry to scan.
This server is missing a description. Tools and install config are also missing.If you've used it, help the community.
Add informationBe the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in security
Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.
Model Context Protocol for WinDBG
Security scanner for GitHub repos, Agent Skills, Plugins, and MCP servers. 18 scanners. Zero dependencies.
MCP server for Atomic Red Team
MCP Security Weekly
Get CVE alerts and security updates for io.github.selic/mcp-itglue and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
An MCP (Model Context Protocol) server for the IT Glue API, built for MSPs that want AI assistants to read — and safely write — their documentation.
You need an IT Glue API key (IT Glue → Account → Settings → API Keys). Non-US accounts set ITGLUE_REGION to eu or au.
Claude Desktop (claude_desktop_config.json) or Claude Code (.mcp.json):
{
"mcpServers": {
"itglue": {
"command": "npx",
"args": ["-y", "mcp-itglue"],
"env": { "ITGLUE_API_KEY": "ITG.xxxx" }
}
}
}
Claude Code one-liner:
claude mcp add itglue --env ITGLUE_API_KEY=ITG.xxxx -- npx -y mcp-itglue
Claude Desktop users can instead grab mcp-itglue.mcpb from the latest release — open it with Claude Desktop and fill in the API key when prompted.
stdio always runs with the full tool surface — it is a local, single-user transport using your own key.
The container image defaults to the HTTP transport (for shared deployments):
docker run --rm -p 3000:3000 \
-e ITGLUE_API_KEY=ITG.xxxx \
ghcr.io/selic/mcp-itglue
For local stdio use under Docker:
{
"mcpServers": {
"itglue": {
"command": "docker",
"args": ["run", "-i", "--rm", "-e", "ITGLUE_API_KEY", "ghcr.io/selic/mcp-itglue", "--transport", "stdio"],
"env": { "ITGLUE_API_KEY": "ITG.xxxx" }
}
}
}
git clone https://github.com/selic/mcp-itglue.git && cd mcp-itglue
npm install && npm run build
ITGLUE_API_KEY=ITG.xxxx node dist/index.js
ITGLUE_API_KEY=ITG.xxxx \
MCP_TOKENS_VIEWER="alice:$(openssl rand -hex 32)" \
MCP_TOKENS_EDITOR="automation:$(openssl rand -hex 32)" \
MCP_TOKENS_ADMIN="ops:$(openssl rand -hex 32)" \
npx -y mcp-itglue --transport http --port 3000
Or with Docker:
docker run --rm -p 3000:3000 \
-e ITGLUE_API_KEY -e MCP_TOKENS_VIEWER -e MCP_TOKENS_EDITOR -e MCP_TOKENS_ADMIN \
ghcr.io/selic/mcp-itglue
Endpoints:
| Route | Purpose |
|---|---|
POST/GET/DELETE /mcp | MCP streamable-http endpoint |
GET /health | Liveness probe |
POST /webhook/itglue | IT Glue webhook → incremental index update |
POST /index/refresh | Manual index refresh (shared secret or admin token) |
Sessions are held in memory — run a single instance (or add sticky sessions) behind your load balancer.
Three env vars hold comma-separated label:token lists:
MCP_TOKENS_VIEWER="alice:tokA,bob:tokB" # read-only tools
MCP_TOKENS_EDITOR="hatz:tokC" # + create/update/publish, delete section
MCP_TOKENS_ADMIN="ops:tokD" # + delete documents / flexible assets
Clients authenticate with Authorization: Bearer <token>. The label appears in the audit log ([rbac] session … for alice (viewer)) and lets you revo