roadrecon_mcp_server

ROADrecon MCP Server exposes ROADRecon Azure AD data and security analysis tools to MCP-compatible clients like Claude Desktop. The server reads from a running ROADRecon instance and exposes resource endpoints (e.g., users, groups, applications, service principals, devices) as ROADrecon:// URIs, and it provides a suite of analysis tools and pre-built prompts to help you assess identity and access security. After starting the server, you can connect via your MCP client by choosing the running server option and install it. Once connected, Claude can query data through the resources (for example, roadrecon://users) and invoke tools such as find_privileged_users or analyze_mfa_status to perform security analyses. Use the provided prompts like analyze_security_posture or comprehensive_security_review to run structured analyses across the environment.

Prerequisites:

• Python 3.8+
• A running ROADRecon instance with its web GUI accessible

Install and run:

1. Clone this repository
2. Install dependencies:

   pip install -r requirements.txt
   

3. Ensure ROADRecon is running (default GUI URL: http://localhost:5000)
4. Start the MCP server:

   python roadrecon_mcp_server.py
   

Optional: To point the MCP server at a different ROADRecon URL, set the environment variable ROADRECON_URL before launching:

ROADRECON_URL=http://localhost:8080 python roadrecon_mcp_server.py

Once running, use your MCP client to connect to the server named roadrecon_mcp_server and begin issuing queries and tool invocations.

Notes and tips:

• The server exposes ROADRecon data via roadrecon:// URIs (e.g., roadrecon://users, roadrecon://groups).
• If ROADRECON_URL is not set, the server defaults to http://localhost:5000. Adjust as needed for remote ROADRecon instances.
• Ensure network access between the MCP server and ROADRecon, especially when using non-default ports.
• Common issues: module not found errors from requirements.txt—verify Python version and use a virtual environment if needed.
• You can customize analysis by using the available prompts such as analyze_security_posture, analyze_identity_security, and investigate_application_risks for structured evaluations.