- Home
- MCP servers
- Asgardeo
Asgardeo
- go
3
GitHub Stars
go
Language
6 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
Installation
Add the following to your MCP client configuration file.
Configuration
View docs{
"mcpServers": {
"asgardeo-asgardeo-mcp-server": {
"command": "<absolute path to the asgardeo-mcp executable, e.g., /Users/<user directory>/<repository path>/asgardeo-mcp-server/asgardeo-mcp>",
"args": [],
"env": {
"BASE_URL": "https://api.asgardeo.io/t/<asgardeo organization>",
"CLIENT_ID": "<client ID>",
"CLIENT_SECRET": "<client secret>"
}
}
}
}The Asgardeo MCP Server lets you manage your Asgardeo organization or WSO2 Identity Server deployment through natural language interfaces. You can perform configuration tasks, create and manage applications, and tailor login flows using MCP-enabled tools, all from a single, extensible server.
How to use
You interact with the Asgardeo MCP Server through an MCP client. Start the server locally, connect your MCP client (such as an editor plugin or desktop assistant), and use the available management actions and API resource tools to configure your organization. Typical workflows include listing applications, creating new applications (SPA, web, mobile, or M2M), retrieving detailed information about specific applications, and updating login flows using natural language prompts.
How to install
Prerequisites: Go 1.18 or newer must be installed on your machine.
Clone the MCP server repository, tidy dependencies, and build the executable.
git clone https://github.com/asgardeo/asgardeo-mcp-server.git
cd asgardeo-mcp-server
go mod tidy
go build -o asgardeo-mcp
Server configuration and startup notes
To connect your MCP client, you need the server executable and credentials for your Asgardeo organization. The client will use a base URL, a client ID, and a client secret to authenticate against the Asgardeo APIs.
Prepare a local MCP client configuration by providing these environment variables to the MCP server workflow.
Environment and connection notes
If you are using WSO2 Identity Server, you will need an additional environment variable named PRODUCT_MODE set to wso2is. You should also set BASE_URL to your WSO2 Identity Server base URL. If you operate in local development or internal networks, you may need to set a CA certificate path to avoid SSL issues by using CERT_PATH.
Examples of client integration
Typical client setups pass the following environment variables to the MCP server:BASE_URL, CLIENT_ID, and CLIENT_SECRET. These values are used by the MCP client to obtain access tokens and call the management APIs.
Troubleshooting
Common issues include invalid credentials or missing scopes on the M2M application, build or dependency problems, and incorrect MCP executable paths. Verify that the BASE_URL, CLIENT_ID, and CLIENT_SECRET are correct, ensure the M2M application has the required scopes, and confirm the MCP executable path has execute permissions.
Security and best practices
Keep client credentials secure. Do not commit BASE_URL, CLIENT_ID, or CLIENT_SECRET to version control. Use per-environment configurations and rotate credentials as part of your security hygiene.
Available tools
list_applications
Lists all applications in your organization
create_single_page_app
Creates a new Single Page Application with a specified name and redirect URL
create_webapp_with_ssr
Creates a new web application with server-side rendering and a redirect URL
create_mobile_app
Creates a new Mobile Application with a redirect URL
create_m2m_app
Creates a new Machine-to-Machine Application with a given name
get_application_by_name
Retrieves application details by its name
get_application_by_client_id
Retrieves application details by its client ID
update_application_basic_info
Updates basic information of an application by ID with optional fields like name and description
update_application_oauth_config
Updates OAuth/OIDC configurations of an application by ID
update_application_claim_config
Updates claim configurations for an application by ID
authorize_api
Authorizes an application to access a specific API resource with a given policy and scopes
list_authorized_api
Lists API resources authorized for an application by app ID
update_login_flow
Updates the login flow of an application based on a natural language prompt
list_api_resources
Lists API resources in your organization
search_api_resources_by_name
Searches for API resources by name
get_api_resource_by_identifier
Gets an API resource by its identifier
create_api_resource
Creates a new API resource with identifier, name, and scopes
create_user
Creates a user in your organization
list_claims
Lists claims in your organization