MCP Server (@auris/mcp)
@auris/mcp v0.1.0@auris/mcp is the official Model Context Protocol server for Auris IAM. It exposes 49 tools across nine domains — users, roles, organizations, applications, sessions, audit logs, webhooks, fine-grained authorization, and tenant configuration — so that any MCP-compatible AI agent can manage your identity layer through natural language.
The server communicates over stdio and is compatible with Claude Desktop, Cursor, Windsurf, and any other MCP client that supports the stdio transport. It authenticates to the Auris API using the OAuth2 client_credentials grant (M2M), so no user session is required. Token refresh is handled automatically.
Installation
Run with npx without a global install:
npx @auris/mcpOr install globally:
npm install -g @auris/mcpNode.js 20.9.0 or later is required.
Prerequisites
Before connecting an AI client to the MCP server you need an M2M application registered in Auris:
- Open the Auris Console and navigate to Applications.
- Create a new application of type M2M.
- Copy the Client ID and Client Secret.
- Ensure the application has the permissions needed for the tools you intend to use. Granting the
admin:allpermission gives the server access to every tool; you can scope it down to specific permissions if you want a narrower surface area.
Environment Variables
The server reads configuration exclusively from environment variables. No config file is used.
Required:
| Variable | Description |
|---|---|
AURIS_DOMAIN | Base URL of your Auris instance, e.g. https://auris.altovar.net. Also accepted as AURIS_URL. |
AURIS_CLIENT_ID | Client ID of the M2M application. |
AURIS_CLIENT_SECRET | Client secret of the M2M application. |
Optional:
| Variable | Default | Description |
|---|---|---|
AURIS_TENANT | default | Tenant identifier sent as the x-tenant header on every API request. Set this to your actual tenant ID when running in a multi-tenant deployment. |
AURIS_MCP_ALLOWED_TOOLS | (all tools) | Comma-separated list of tool names or glob patterns to enable. When set, only the listed tools are registered. See Access Control below. |
AURIS_MCP_REQUIRE_ACL | 0 | Set to 1 to fail closed: if the per-application tool allowlist cannot be fetched from the API at startup, the server exits instead of starting with all tools enabled. |
AURIS_DOMAIN and AURIS_URL are aliases for the same setting. If both are present, AURIS_DOMAIN takes precedence.
Claude Desktop Configuration
Add the following block to your claude_desktop_config.json (usually at ~/Library/Application Support/Claude/claude_desktop_config.json on macOS or %APPDATA%\Claude\claude_desktop_config.json on Windows):
{
"mcpServers": {
"auris-iam": {
"command": "npx",
"args": ["@auris/mcp"],
"env": {
"AURIS_DOMAIN": "https://auris.altovar.net",
"AURIS_CLIENT_ID": "<your-m2m-client-id>",
"AURIS_CLIENT_SECRET": "<your-m2m-client-secret>",
"AURIS_TENANT": "<your-tenant-id>"
}
}
}
}Restart Claude Desktop after saving. The server will appear as auris-iam in the tool list.
Cursor Configuration
Add the MCP server under mcpServers in your Cursor settings (~/.cursor/mcp.json or the project-level .cursor/mcp.json):
{
"mcpServers": {
"auris-iam": {
"command": "npx",
"args": ["@auris/mcp"],
"env": {
"AURIS_DOMAIN": "https://auris.altovar.net",
"AURIS_CLIENT_ID": "<your-m2m-client-id>",
"AURIS_CLIENT_SECRET": "<your-m2m-client-secret>",
"AURIS_TENANT": "<your-tenant-id>"
}
}
}
}Tool Groups
The server registers 49 tools organized into nine groups. Each group maps to a distinct area of the Auris API.
| Group | Tool count | What it covers |
|---|---|---|
| Users | 7 | Create, read, update, delete users; assign and remove roles |
| Roles | 5 | Create and delete roles; list roles with member counts; check permissions |
| Organizations | 7 | Create and manage organizations; add and remove members with per-org roles |
| Applications | 5 | Manage OAuth2 / M2M applications; update redirect URIs and allowed origins |
| Sessions | 3 | List active sessions; revoke individual or all sessions for a user |
| Audit Logs | 3 | Query audit log entries and authentication events with rich filtering |
| Webhooks | 5 | Create, update, delete, and test webhook endpoints |
| Fine-Grained Authorization | 9 | Zanzibar-style check/expand/list; write and delete relationship tuples; manage FGA models |
| Tenant | 5 | Read and update tenant config, branding, security defaults, and OIDC discovery |
Users
| Tool | Description |
|---|---|
auris_list_users | Paginated, searchable user list. Supports filtering by role, status, and sort order. |
auris_get_user | Fetch a single user by their Keycloak UUID. |
auris_create_user | Create a user with email, password, name, and enabled state. |
auris_update_user | Update any field on an existing user. |
auris_delete_user | Soft-delete a user. |
auris_assign_roles_to_user | Assign one or more role IDs to a user. |
auris_remove_roles_from_user | Remove one or more role IDs from a user. |
Roles
| Tool | Description |
|---|---|
auris_list_roles | List all roles in the tenant, including the count of users assigned to each. |
auris_create_role | Create a role with name, description, and display color. |
auris_get_role | Get a role by ID along with its full permission set. |
auris_delete_role | Delete a role by ID. |
auris_check_permission | Check whether the M2M caller holds specific permissions. Supports requireAll (AND) semantics and scoping by applicationId. |
Organizations
| Tool | Description |
|---|---|
auris_list_organizations | Paginated, searchable organization list. |
auris_get_organization | Get an organization by ID. |
auris_create_organization | Create an organization with name, slug, and optional description. |
auris_delete_organization | Delete an organization. |
auris_list_org_members | List all members of an organization. |
auris_add_org_member | Add a user to an organization with a role: OWNER, ADMIN, MEMBER, or VIEWER. |
auris_remove_org_member | Remove a user from an organization. |
Applications
| Tool | Description |
|---|---|
auris_list_applications | List OAuth2 applications. Filterable by type: WEB, MOBILE, API, or M2M. |
auris_get_application | Get an application including its credentials, redirect URIs, and settings. |
auris_create_application | Create a new OAuth2 application. |
auris_update_application | Update an application’s name, redirect URIs, or allowed origins. |
auris_delete_application | Delete an application. |
Sessions
| Tool | Description |
|---|---|
auris_list_sessions | List active sessions across the tenant. Filterable by userId. |
auris_revoke_session | Revoke a specific session by session ID. |
auris_revoke_all_user_sessions | Revoke every active session for a given user (force sign-out everywhere). |
Audit Logs
| Tool | Description |
|---|---|
auris_list_audit_logs | Query audit log entries. Supports filtering by userId, action type, resource, severity level, date range, and full-text search. |
auris_get_audit_log | Get a single audit log entry including the before/after diff and request metadata. |
auris_list_events | List Keycloak authentication events (LOGIN, LOGIN_ERROR, REGISTER, LOGOUT, etc.). |
Webhooks
| Tool | Description |
|---|---|
auris_list_webhooks | List all webhooks configured for the tenant. |
auris_create_webhook | Create a webhook endpoint with a URL, event subscriptions, and active/inactive state. |
auris_update_webhook | Update an existing webhook. |
auris_delete_webhook | Delete a webhook. |
auris_test_webhook | Send a test event payload to the webhook URL and return the HTTP response. |
Fine-Grained Authorization
The FGA tools implement a Zanzibar-style relationship model compatible with the OpenFGA schema format. See the Fine-Grained Authorization guide for background.
| Tool | Description |
|---|---|
auris_fga_check | Check whether a subject has a given relation to an object. Supports an optional explain tree for debugging. |
auris_fga_list_objects | List all objects for which a subject holds a given relation. |
auris_fga_expand | Expand a relation on an object to discover all subjects that hold it. |
auris_fga_write_tuples | Bulk-write relationship tuples to grant permissions. |
auris_fga_delete_tuples | Bulk-delete relationship tuples to revoke permissions. |
auris_fga_list_models | List all FGA authorization model definitions for the tenant. |
auris_fga_get_model | Get a model by ID, including its DSL source and compiled JSON schema. |
auris_fga_create_model | Create a new authorization model from OpenFGA-compatible DSL text. |
auris_fga_list_tuples | List relationship tuples with multi-field filtering (subject, object, relation). |
Tenant
| Tool | Description |
|---|---|
auris_get_tenant | Get full tenant configuration including branding settings and enabled feature flags. |
auris_update_tenant | PATCH tenant settings: companyName, brandingPrimaryColor, brandingLogoUrl, brandingFaviconUrl. |
auris_list_tenant_members | Paginated list of all tenant members with optional search. |
auris_get_security_defaults | Read password policy, two-factor settings, and session timeout policies. |
auris_get_oidc_discovery | Fetch the /.well-known/openid-configuration document for the tenant. |
Access Control
By default, all 49 tools are registered and available to the AI agent. You can restrict which tools are visible using one of two mechanisms, evaluated in this order:
1. Deploy-time environment variable (AURIS_MCP_ALLOWED_TOOLS)
Set a comma-separated list of tool names or glob patterns:
# Only user and FGA tools
AURIS_MCP_ALLOWED_TOOLS="auris_list_users,auris_get_user,auris_fga_*"
# All tools in a group
AURIS_MCP_ALLOWED_TOOLS="auris_fga_*,auris_list_audit_logs"
# Every tool (no filtering — equivalent to leaving it unset)
AURIS_MCP_ALLOWED_TOOLS="auris_*"2. Per-application DB allowlist
If AURIS_MCP_ALLOWED_TOOLS is not set, the server fetches the mcpAllowedTools field from the M2M application record (GET /api/applications/self) at startup. You can configure this list in the Auris Console under Applications → [your M2M app] → MCP Settings.
If neither is configured, all tools are registered.
Tools not in the allowlist are silently dropped before the MCP server starts — they will not appear in the client’s tool list at all.
Set AURIS_MCP_REQUIRE_ACL=1 in production deployments if you want the server to fail closed when the DB allowlist cannot be fetched (for example, if the API is temporarily unreachable at startup). Without this flag, the server defaults to registering all tools if the allowlist fetch fails.
Authentication Details
The server uses the OAuth2 client_credentials grant. At startup — and transparently before each API call when the token is within 60 seconds of expiry — it posts to POST /api/auth/token with grant_type=client_credentials. The resulting Bearer token and x-tenant header are attached to every downstream request.
No user interaction or browser redirect is involved. The M2M application must exist in the same tenant you set in AURIS_TENANT.
Required Permissions
The M2M application needs permissions that match the tools you expose. The simplest option is to grant admin:all and restrict surface area through the tool allowlist. For a minimal read-only setup, the following permissions are sufficient:
| Permission | Grants access to |
|---|---|
read:users | auris_list_users, auris_get_user |
read:roles | auris_list_roles, auris_get_role |
read:organizations | auris_list_organizations, auris_get_organization, auris_list_org_members |
read:applications | auris_list_applications, auris_get_application |
read:sessions | auris_list_sessions |
read:logs | auris_list_audit_logs, auris_get_audit_log, auris_list_events |
read:webhooks | auris_list_webhooks |
read:fga | auris_fga_check, auris_fga_list_objects, auris_fga_expand, auris_fga_list_tuples, auris_fga_list_models, auris_fga_get_model |
read:tenant | auris_get_tenant, auris_list_tenant_members, auris_get_security_defaults, auris_get_oidc_discovery |
write:users | auris_create_user, auris_update_user, auris_delete_user, auris_assign_roles_to_user, auris_remove_roles_from_user |
write:roles | auris_create_role, auris_delete_role |
write:organizations | auris_create_organization, auris_delete_organization, auris_add_org_member, auris_remove_org_member |
write:sessions | auris_revoke_session, auris_revoke_all_user_sessions |
write:webhooks | auris_create_webhook, auris_update_webhook, auris_delete_webhook, auris_test_webhook |
write:fga | auris_fga_write_tuples, auris_fga_delete_tuples, auris_fga_create_model |
write:tenant | auris_update_tenant |
admin:all | All of the above |
Related Pages
- M2M Authentication — How to create and configure M2M applications
- Fine-Grained Authorization — Background on the Zanzibar-style FGA model
- Audit Logs — Log format and available action types
- CLI Tool — Terminal-based management for scripting and CI/CD pipelines
- REST API Reference — Complete HTTP API for custom integrations