Skip to Content
SDKsMCP Server

MCP Server (@auris/mcp)

@auris/mcp v0.1.0

@auris/mcp is the official Model Context Protocol  server for Auris IAM. It exposes 49 tools across nine domains — users, roles, organizations, applications, sessions, audit logs, webhooks, fine-grained authorization, and tenant configuration — so that any MCP-compatible AI agent can manage your identity layer through natural language.

The server communicates over stdio and is compatible with Claude Desktop, Cursor, Windsurf, and any other MCP client that supports the stdio transport. It authenticates to the Auris API using the OAuth2 client_credentials grant (M2M), so no user session is required. Token refresh is handled automatically.


Installation

Run with npx without a global install:

npx @auris/mcp

Or install globally:

npm install -g @auris/mcp

Node.js 20.9.0 or later is required.


Prerequisites

Before connecting an AI client to the MCP server you need an M2M application registered in Auris:

  1. Open the Auris Console and navigate to Applications.
  2. Create a new application of type M2M.
  3. Copy the Client ID and Client Secret.
  4. Ensure the application has the permissions needed for the tools you intend to use. Granting the admin:all permission gives the server access to every tool; you can scope it down to specific permissions if you want a narrower surface area.

Environment Variables

The server reads configuration exclusively from environment variables. No config file is used.

Required:

VariableDescription
AURIS_DOMAINBase URL of your Auris instance, e.g. https://auris.altovar.net. Also accepted as AURIS_URL.
AURIS_CLIENT_IDClient ID of the M2M application.
AURIS_CLIENT_SECRETClient secret of the M2M application.

Optional:

VariableDefaultDescription
AURIS_TENANTdefaultTenant identifier sent as the x-tenant header on every API request. Set this to your actual tenant ID when running in a multi-tenant deployment.
AURIS_MCP_ALLOWED_TOOLS(all tools)Comma-separated list of tool names or glob patterns to enable. When set, only the listed tools are registered. See Access Control below.
AURIS_MCP_REQUIRE_ACL0Set to 1 to fail closed: if the per-application tool allowlist cannot be fetched from the API at startup, the server exits instead of starting with all tools enabled.

AURIS_DOMAIN and AURIS_URL are aliases for the same setting. If both are present, AURIS_DOMAIN takes precedence.


Claude Desktop Configuration

Add the following block to your claude_desktop_config.json (usually at ~/Library/Application Support/Claude/claude_desktop_config.json on macOS or %APPDATA%\Claude\claude_desktop_config.json on Windows):

{ "mcpServers": { "auris-iam": { "command": "npx", "args": ["@auris/mcp"], "env": { "AURIS_DOMAIN": "https://auris.altovar.net", "AURIS_CLIENT_ID": "<your-m2m-client-id>", "AURIS_CLIENT_SECRET": "<your-m2m-client-secret>", "AURIS_TENANT": "<your-tenant-id>" } } } }

Restart Claude Desktop after saving. The server will appear as auris-iam in the tool list.


Cursor Configuration

Add the MCP server under mcpServers in your Cursor settings (~/.cursor/mcp.json or the project-level .cursor/mcp.json):

{ "mcpServers": { "auris-iam": { "command": "npx", "args": ["@auris/mcp"], "env": { "AURIS_DOMAIN": "https://auris.altovar.net", "AURIS_CLIENT_ID": "<your-m2m-client-id>", "AURIS_CLIENT_SECRET": "<your-m2m-client-secret>", "AURIS_TENANT": "<your-tenant-id>" } } } }

Tool Groups

The server registers 49 tools organized into nine groups. Each group maps to a distinct area of the Auris API.

GroupTool countWhat it covers
Users7Create, read, update, delete users; assign and remove roles
Roles5Create and delete roles; list roles with member counts; check permissions
Organizations7Create and manage organizations; add and remove members with per-org roles
Applications5Manage OAuth2 / M2M applications; update redirect URIs and allowed origins
Sessions3List active sessions; revoke individual or all sessions for a user
Audit Logs3Query audit log entries and authentication events with rich filtering
Webhooks5Create, update, delete, and test webhook endpoints
Fine-Grained Authorization9Zanzibar-style check/expand/list; write and delete relationship tuples; manage FGA models
Tenant5Read and update tenant config, branding, security defaults, and OIDC discovery

Users

ToolDescription
auris_list_usersPaginated, searchable user list. Supports filtering by role, status, and sort order.
auris_get_userFetch a single user by their Keycloak UUID.
auris_create_userCreate a user with email, password, name, and enabled state.
auris_update_userUpdate any field on an existing user.
auris_delete_userSoft-delete a user.
auris_assign_roles_to_userAssign one or more role IDs to a user.
auris_remove_roles_from_userRemove one or more role IDs from a user.

Roles

ToolDescription
auris_list_rolesList all roles in the tenant, including the count of users assigned to each.
auris_create_roleCreate a role with name, description, and display color.
auris_get_roleGet a role by ID along with its full permission set.
auris_delete_roleDelete a role by ID.
auris_check_permissionCheck whether the M2M caller holds specific permissions. Supports requireAll (AND) semantics and scoping by applicationId.

Organizations

ToolDescription
auris_list_organizationsPaginated, searchable organization list.
auris_get_organizationGet an organization by ID.
auris_create_organizationCreate an organization with name, slug, and optional description.
auris_delete_organizationDelete an organization.
auris_list_org_membersList all members of an organization.
auris_add_org_memberAdd a user to an organization with a role: OWNER, ADMIN, MEMBER, or VIEWER.
auris_remove_org_memberRemove a user from an organization.

Applications

ToolDescription
auris_list_applicationsList OAuth2 applications. Filterable by type: WEB, MOBILE, API, or M2M.
auris_get_applicationGet an application including its credentials, redirect URIs, and settings.
auris_create_applicationCreate a new OAuth2 application.
auris_update_applicationUpdate an application’s name, redirect URIs, or allowed origins.
auris_delete_applicationDelete an application.

Sessions

ToolDescription
auris_list_sessionsList active sessions across the tenant. Filterable by userId.
auris_revoke_sessionRevoke a specific session by session ID.
auris_revoke_all_user_sessionsRevoke every active session for a given user (force sign-out everywhere).

Audit Logs

ToolDescription
auris_list_audit_logsQuery audit log entries. Supports filtering by userId, action type, resource, severity level, date range, and full-text search.
auris_get_audit_logGet a single audit log entry including the before/after diff and request metadata.
auris_list_eventsList Keycloak authentication events (LOGIN, LOGIN_ERROR, REGISTER, LOGOUT, etc.).

Webhooks

ToolDescription
auris_list_webhooksList all webhooks configured for the tenant.
auris_create_webhookCreate a webhook endpoint with a URL, event subscriptions, and active/inactive state.
auris_update_webhookUpdate an existing webhook.
auris_delete_webhookDelete a webhook.
auris_test_webhookSend a test event payload to the webhook URL and return the HTTP response.

Fine-Grained Authorization

The FGA tools implement a Zanzibar-style relationship model compatible with the OpenFGA schema format. See the Fine-Grained Authorization guide for background.

ToolDescription
auris_fga_checkCheck whether a subject has a given relation to an object. Supports an optional explain tree for debugging.
auris_fga_list_objectsList all objects for which a subject holds a given relation.
auris_fga_expandExpand a relation on an object to discover all subjects that hold it.
auris_fga_write_tuplesBulk-write relationship tuples to grant permissions.
auris_fga_delete_tuplesBulk-delete relationship tuples to revoke permissions.
auris_fga_list_modelsList all FGA authorization model definitions for the tenant.
auris_fga_get_modelGet a model by ID, including its DSL source and compiled JSON schema.
auris_fga_create_modelCreate a new authorization model from OpenFGA-compatible DSL text.
auris_fga_list_tuplesList relationship tuples with multi-field filtering (subject, object, relation).

Tenant

ToolDescription
auris_get_tenantGet full tenant configuration including branding settings and enabled feature flags.
auris_update_tenantPATCH tenant settings: companyName, brandingPrimaryColor, brandingLogoUrl, brandingFaviconUrl.
auris_list_tenant_membersPaginated list of all tenant members with optional search.
auris_get_security_defaultsRead password policy, two-factor settings, and session timeout policies.
auris_get_oidc_discoveryFetch the /.well-known/openid-configuration document for the tenant.

Access Control

By default, all 49 tools are registered and available to the AI agent. You can restrict which tools are visible using one of two mechanisms, evaluated in this order:

1. Deploy-time environment variable (AURIS_MCP_ALLOWED_TOOLS)

Set a comma-separated list of tool names or glob patterns:

# Only user and FGA tools AURIS_MCP_ALLOWED_TOOLS="auris_list_users,auris_get_user,auris_fga_*" # All tools in a group AURIS_MCP_ALLOWED_TOOLS="auris_fga_*,auris_list_audit_logs" # Every tool (no filtering — equivalent to leaving it unset) AURIS_MCP_ALLOWED_TOOLS="auris_*"

2. Per-application DB allowlist

If AURIS_MCP_ALLOWED_TOOLS is not set, the server fetches the mcpAllowedTools field from the M2M application record (GET /api/applications/self) at startup. You can configure this list in the Auris Console under Applications → [your M2M app] → MCP Settings.

If neither is configured, all tools are registered.

Tools not in the allowlist are silently dropped before the MCP server starts — they will not appear in the client’s tool list at all.

Set AURIS_MCP_REQUIRE_ACL=1 in production deployments if you want the server to fail closed when the DB allowlist cannot be fetched (for example, if the API is temporarily unreachable at startup). Without this flag, the server defaults to registering all tools if the allowlist fetch fails.


Authentication Details

The server uses the OAuth2 client_credentials grant. At startup — and transparently before each API call when the token is within 60 seconds of expiry — it posts to POST /api/auth/token with grant_type=client_credentials. The resulting Bearer token and x-tenant header are attached to every downstream request.

No user interaction or browser redirect is involved. The M2M application must exist in the same tenant you set in AURIS_TENANT.


Required Permissions

The M2M application needs permissions that match the tools you expose. The simplest option is to grant admin:all and restrict surface area through the tool allowlist. For a minimal read-only setup, the following permissions are sufficient:

PermissionGrants access to
read:usersauris_list_users, auris_get_user
read:rolesauris_list_roles, auris_get_role
read:organizationsauris_list_organizations, auris_get_organization, auris_list_org_members
read:applicationsauris_list_applications, auris_get_application
read:sessionsauris_list_sessions
read:logsauris_list_audit_logs, auris_get_audit_log, auris_list_events
read:webhooksauris_list_webhooks
read:fgaauris_fga_check, auris_fga_list_objects, auris_fga_expand, auris_fga_list_tuples, auris_fga_list_models, auris_fga_get_model
read:tenantauris_get_tenant, auris_list_tenant_members, auris_get_security_defaults, auris_get_oidc_discovery
write:usersauris_create_user, auris_update_user, auris_delete_user, auris_assign_roles_to_user, auris_remove_roles_from_user
write:rolesauris_create_role, auris_delete_role
write:organizationsauris_create_organization, auris_delete_organization, auris_add_org_member, auris_remove_org_member
write:sessionsauris_revoke_session, auris_revoke_all_user_sessions
write:webhooksauris_create_webhook, auris_update_webhook, auris_delete_webhook, auris_test_webhook
write:fgaauris_fga_write_tuples, auris_fga_delete_tuples, auris_fga_create_model
write:tenantauris_update_tenant
admin:allAll of the above