asgardeo

MCP server to interact with your Asgardeo organization through LLM tools

Installation

Run this command in your terminal to add the MCP server to Claude Code.

Run in terminal:

Command

claude mcp add --transport stdio asgardeo-asgardeo-mcp-server <absolute path to the asgardeo-mcp executable, e.g., /Users/<user directory>/<repository path>/asgardeo-mcp-server/asgardeo-mcp> \
  --env BASE_URL="https://api.asgardeo.io/t/<asgardeo organization>" \
  --env CLIENT_ID="<client ID>" \
  --env CLIENT_SECRET="<client secret>"

How to use

The Asgardeo MCP Server provides a set of tools to manage your Asgardeo organization or WSO2 Identity Server deployment through natural language prompts and structured tool calls. The server exposes application management capabilities such as listing, creating, updating, and retrieving details for applications; API resource management; and login flow configuration driven by prompts. These tools are designed to be invoked by MCP clients (e.g., Claude Desktop, VS Code MCP integration, Cursor) to perform configuration tasks across your identity platform via the Asgardeo APIs. The included commands like list_applications, create_single_page_app, create_m2m_app, get_application_by_name, and update_login_flow enable end-to-end lifecycle management of your applications and their authentication configurations. The server supports both standard application management APIs and related resources, making it possible to script or chat your desired configuration changes.

To use the MCP server, you typically configure an MCP client with the server executable path and environment credentials (BASE_URL, CLIENT_ID, CLIENT_SECRET). Then you can issue tool calls or natural language prompts that map to the available tools, and the MCP server will translate those prompts into API requests to your Asgardeo or WSO2 Identity Server deployment. This enables you to perform tasks such as listing all applications, creating new applications (including M2M and various web/mobile variants), fetching application details by name or client ID, and updating login flows or OAuth configurations through conversational interactions.

How to install

Prerequisites:

Go installed (for building the MCP server from source)
Git installed
Access to the Asgardeo organization and credentials (for BASE_URL, CLIENT_ID, CLIENT_SECRET)

Installation steps:

Clone the repository:

git clone https://github.com/asgardeo/asgardeo-mcp-server.git

Change to the repository directory:

cd asgardeo-mcp-server

Install dependencies and tidy modules (Go):

go mod tidy

Build the executable:

go build -o asgardeo-mcp

Verify the binary exists:

ls -l asgardeo-mcp

Configure MCP client integrations by providing the required environment variables (BASE_URL, CLIENT_ID, CLIENT_SECRET) as described in the mcp_config example. You can run the server directly or integrate it into your MCP client tooling as demonstrated in the documentation.

Additional notes

Tips and considerations:

If you are using a WSO2 Identity Server backend, set the PRODUCT_MODE environment variable to wso2is and adjust BASE_URL to your WSO2 IS base URL where tenants are hosted (e.g., https://<host>/t/<tenant>). You may also need to configure CA certificates for SSL in environments with internal or self-signed certificates by setting CERT_PATH to the CA certificate file.
The MCP server is labeled experimental; avoid using it in production environments without thorough validation.
Ensure your MCP client is configured with the correct command path to the asgardeo-mcp executable and that the environment variables BASE_URL, CLIENT_ID, and CLIENT_SECRET are kept secure.
For local development or internal networks, consider using proper TLS certificates and validating certificates to prevent SSL errors during API calls.