Model Context Protocol (MCP) Server
Learn how to install and use Opal's MCP server.
Opal offers an Model Context Protocol (MCP) server to allow your AI agents to interact with Opal, on top of Opal's REST API.
The MCP server is a standardized way for AI systems to interact with external tools and services. The opal-mcp package provides a fully-featured MCP server implementation that allows AI assistants like Claude, GitHub Copilot, and other LLM-based tools to securely interact with Opal. With this MCP server, AI assistants can:
- Retrieve information about users, groups, resources, and access policies
- Create and manage access requests
- Automate identity and access management workflows
For example, you can ask an AI assistant connected to this MCP server:
"Show me all users in the Engineering group."
"Create an access request for the Production database."
"Review the recent access changes for our AWS resources."
"Get information about which users have access to the financial reporting resources."
The AI assistant will use the appropriate SDK functions through the MCP server to retrieve or modify data in your Opal environment, making it easy to manage access control through natural language conversations.
Demo
The MCP server provides access to various Opal operations as tools. For example, in this demo, the groups-get-groups tool maps to the getGroups operation.
By default, you must approve each tool the MCP server attempts to call.
Requirements
The MCP server runs on your local machine, translating AI requests to Opal API calls.
To set up the MCP server, you'll need:
- Opal Admin permissions
- An Opal API key
If you'd like your server to create or modify any objects, set the API key scope to full access.
Installation
See the README in GitHub for installation steps and example usage.
Updated 2 days ago