The airflow-mcp-server is a Model Context Protocol server that provides comprehensive control over Apache Airflow instances via its API. It operates in either read-only (safe) mode or read-write (unsafe) mode.
Capabilities include:
DAG Management: List, create, update, delete, parse, and monitor DAGs and DAG runs
Task Management: Control task instances, view dependencies, update states, and retrieve logs
Resource Management: Create and manage connections, pools, variables, XCom entries
User Administration: Handle users, roles, and permissions
Dataset Operations: Manage datasets and related events
System Information: Retrieve health status, configuration, version details, and providers
The server supports JWT authentication and automatically parses the OpenAPI specification from the Airflow instance.
airflow-mcp-server: An MCP Server for controlling Airflow
MCPHub Certification
This MCP server is certified by MCPHub. This certification ensures that airflow-mcp-server follows best practices for Model Context Protocol implementation.
Find on Glama
Overview
A Model Context Protocol server for controlling Airflow via Airflow APIs.
Demo Video
https://github.com/user-attachments/assets/f3e60fff-8680-4dd9-b08e-fa7db655a705
Setup
Usage with Claude Desktop
Stdio Transport (Default)
Airflow 3 Plugin (Streamable HTTP at /mcp)
Install the plugin alongside the server to mount an MCP endpoint directly in the Airflow webserver:
- Airflow auto-loads the plugin via entry point
- Endpoint:
http(s)://<airflow-host>/mcp
- Stateless: every request must include
Authorization: Bearer <access-token>
- Modes (per-request): safe by default, or
?mode=unsafe
to enable write operations
HTTP Transport
Note:
- Set
base_url
to the root Airflow URL (e.g.,http://localhost:8080
).- Do not include
/api/v2
in the base URL. The server will automatically fetch the OpenAPI spec from${base_url}/openapi.json
.- Only JWT token is required for authentication. Cookie and basic auth are no longer supported in Airflow 3.0.
Transport Options
The server supports multiple transport protocols:
Stdio Transport (Default)
Standard input/output transport for direct process communication:
HTTP Transport
Uses Streamable HTTP for better scalability and web compatibility:
Note: SSE transport is deprecated. Use
--http
for new deployments as it provides better bidirectional communication and is the recommended approach by FastMCP.
Operation Modes
The server supports two operation modes:
- Safe Mode (
--safe
): Only allows read-only operations (GET requests). This is useful when you want to prevent any modifications to your Airflow instance. - Unsafe Mode (
--unsafe
): Allows all operations including modifications. This is the default mode.
To start in safe mode:
To explicitly start in unsafe mode (though this is default):
Tool Discovery Modes
The server supports two tool discovery approaches:
- Hierarchical Discovery (default): Tools are organized by categories (DAGs, Tasks, Connections, etc.). Browse categories first, then select specific tools. More manageable for large APIs.
- Static Tools (
--static-tools
): All tools available immediately. Better for programmatic access but can be overwhelming.
To use static tools:
Command Line Options
Considerations
Authentication
- Only JWT authentication is supported in Airflow 3.0. You must provide a valid
AUTH_TOKEN
.
Page Limit
The default is 100 items, but you can change it using maximum_page_limit
option in [api] section in the airflow.cfg
file.
Transport Selection
- Use stdio transport for direct process communication (default)
- Use HTTP transport for web deployments, multiple clients, or when you need better scalability
- Avoid SSE transport as it's deprecated in favor of HTTP transport
Tasks
- Airflow 3 readiness
- Parse OpenAPI Spec
- Safe/Unsafe mode implementation
- Parse proper description with list_tools.
- Airflow config fetch (specifically for page limit)
- HTTP/SSE transport support
- Env variables optional (env variables might not be ideal for airflow plugins)
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
Tools
Related Resources
Related MCP Servers
- AGPL 3.0
- -securityAlicense-qualityAirthings Consumer MCP ServerLast updated -3ISC License
- -securityFlicense-qualityGitHub Repos Manager MCP ServerLast updated -139
- -securityAlicense-qualityAirtable MCP Server by CDataLast updated -MIT License