- Home
- MCP servers
- Kiteworks
Kiteworks
- other
3
GitHub Stars
other
Language
6 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
Installation
Add the following to your MCP client configuration file.
Configuration
View docs{
"mcpServers": {
"kiteworks-mcp": {
"command": "C:\\Path\\To\\kiteworks-mcp.exe",
"args": [
"start",
"https://your.kiteworks.domain"
]
}
}
}The Kiteworks MCP Server lets your LLMs securely interact with Kiteworks to manage files, folders, and user data via OAuth 2.0. It runs locally per user and keeps credentials and tokens in your system’s secure store, while enforcing enterprise-grade security during transfers and operations.
How to use
You connect an MCP client to the Kiteworks MCP Server to perform file and folder operations and to access user information. The server handles authentication through OAuth 2.0, and it enforces security measures like TLS validation and scoped access. By default, file operations use relative paths for safety; you can opt into absolute paths if you explicitly enable it. When you initiate actions, you typically start by authenticating once, then issue commands from your MCP client to upload, download, browse folders, or retrieve metadata against your Kiteworks instance.
Common workflows include uploading a file to a target folder, downloading a file to your local machine, listing the contents of a folder, and fetching current user status. The server keeps credentials out of the LLM’s context and validates the remote Kiteworks TLS certificate to prevent man-in-the-middle attacks. If you use a self-signed certificate, provide the Root CA chain at startup to establish trust.
How to install
Prerequisites vary by platform. You will use a prebuilt MCP binary for your operating system and perform a one-time OAuth setup before starting regular use.
Windows setup and initial OAuth flow (one-time):
C:\Path\To\kiteworks-mcp.exe setup https://your.kiteworks.domain
Claude Code setup (Windows):
claude mcp add --transport stdio kiteworks C:\Path\To\kiteworks-mcp.exe start https://your.kiteworks.domain
MacOS and Linux setup and usage
Download the MacOS binary and run the one-time OAuth flow to authorize the MCP Server with Kiteworks.
MacOS one-time OAuth flow (example):
Path/To/kiteworks-mcp setup https://your.kiteworks.domain
Claude Code setup for Mac/Linux (example):
claude mcp add --transport stdio kiteworks /Path/To/kiteworks-mcp start https://your.kiteworks.domain
Mac/Linux HTTPS/TLS options and absolute-paths behavior are the same as Windows. To enable absolute-paths, use the appropriate flag on the start command.
Starting the MCP server after setup
To start the MCP server for regular use, run the start command against your Kiteworks URL. You can pass optional TLS or path options as needed.
kiteworks-mcp start https://your.kiteworks.domain
Optional flags you may encounter include the CA certificate path and the insecure-absolute-paths mode. For example:
kiteworks-mcp start --ca-cert /path/to/ca_chain.pem https://your.kiteworks.domain
kiteworks-mcp start --insecure-absolute-paths https://your.kiteworks.domain
Configuration notes and security
Security is enforced by keeping credentials out of the LLM context and storing tokens securely on your system. The MCP Server validates the TLS certificate of the Kiteworks server and will abort if validation fails. If your Kiteworks uses a self-signed certificate or unknown CA, supply the Root CA chain with the --ca-cert option.
Absolute paths are blocked by default to reduce risk. If you need to upload or download using absolute paths, enable the option on start. When enabled, absolute-paths grant access to full file system locations, and you should exercise caution.
Sample configuration for Claude Desktop and Claude Code with AWS Bedrock
Claude Desktop can be configured to use the Kiteworks MCP Server via a JSON configuration that points to the local MCP binary and the Kiteworks URL. Use the following example as a basis for your own configuration.
{
"mcpServers": {
"kiteworks": {
"command": "<FOLDER_WITH_MCP_BINARY>/kiteworks-mcp",
"args": [
"start",
"https://your.kiteworks.domain"
]
}
}
}
If you want full file system access, include the --insecure-absolute-paths flag in the args.
{
"mcpServers": {
"kiteworks": {
"command": "<FOLDER_WITH_MCP_BINARY>/kiteworks-mcp",
"args": [
"start",
"--insecure-absolute-paths",
"https://your.kiteworks.domain"
]
}
}
}
For self-signed certificates, add the CA with --ca-cert in the configuration snippet:
{
"mcpServers": {
"kiteworks": {
"command": "<FOLDER_WITH_MCP_BINARY>/kiteworks-mcp",
"args": [
"start",
"--ca-cert",
"path_to_cert/ca_chain.pem",
"https://your.kiteworks.domain"
]
}
}
}
Tools and capabilities you can rely on
The server provides core capabilities to work with Kiteworks data: upload and download files, retrieve file and folder metadata, navigate and manage folder structures, access current user details and authentication status, and perform secure OAuth 2.0 authentication with refresh tokens. It also includes rate limiting to protect the system and cross-platform native binaries for Windows, Linux, and macOS.
Available tools
uploadFile
Uploads a local file to Kiteworks under a specified folder, returning the new file's metadata and ID.
downloadFile
Downloads a Kiteworks-stored file to a local destination, handling success and error cases and returning the file metadata.
listFolder
Lists contents of a Kiteworks folder, including subfolders and file entries.
getUserInfo
Retrieves information about the current authenticated user and their authentication status.
authorizeOAuth
Performs the OAuth 2.0 authorization code flow to obtain access and refresh tokens for Kiteworks.
rateLimitStatus
Provides information about current rate limiting status and limits for the MCP server.