README.md•2.87 kB
# GAM MCP Server
Google Workspace administration via GAM CLI, ready for Claude Desktop and Model Context Protocol (MCP).
## Prerequisites
- **GAM**: Install and authenticate [GAM](https://github.com/jay0lee/GAM) on your system.
- Run `gam version` to verify installation.
- Run `gam oauth create` to authenticate with Google Workspace.
- **Node.js**: v18 or newer
## Installation
```sh
# Clone or copy this repo
cd gam-mcp-server
npm install
npm run build
```
## Running the Server
```sh
GAM_PATH=/path/to/gam node dist/index.js
```
- Or use the default `gam` in your PATH.
## Claude Desktop Configuration
Add to your `claude_desktop_config.json`:
```json
{
"mcpServers": {
"gam-workspace": {
"command": "node",
"args": ["/absolute/path/to/gam-mcp-server/dist/index.js"],
"env": {
"GAM_PATH": "/path/to/gam"
}
}
}
}
```
## Available Tools
### User Management
- `gam_list_users`: List users (domain, query, maxResults)
- `gam_get_user`: Get user details (email)
- `gam_create_user`: Create user (email, firstName, lastName, password, orgUnit)
- `gam_update_user`: Update user (email, updates)
- `gam_suspend_user` / `gam_unsuspend_user`: (email)
- `gam_move_user_orgunit`: (email, orgUnitPath)
### Group Management
- `gam_list_groups`: List groups (domain, maxResults)
- `gam_get_group`: Get group details (groupEmail)
- `gam_create_group`: Create group (groupEmail, groupName, description)
- `gam_add_group_member` / `gam_remove_group_member`: (groupEmail, memberEmail, role)
### Organizational Units
- `gam_list_orgunits`: List OUs
- `gam_move_user_orgunit`: Move user between OUs
### Domain Management
- `gam_get_domain_info`: Get domain info
## Example MCP Tool Calls
**List users:**
```json
{
"method": "tools/call",
"params": {
"name": "gam_list_users",
"arguments": { "maxResults": 10 }
}
}
```
**Get user:**
```json
{
"method": "tools/call",
"params": {
"name": "gam_get_user",
"arguments": { "email": "user@example.com" }
}
}
```
**Create group:**
```json
{
"method": "tools/call",
"params": {
"name": "gam_create_group",
"arguments": { "groupEmail": "team@example.com", "groupName": "Team" }
}
}
```
## Troubleshooting
- **GAM not found**: Set `GAM_PATH` or add `gam` to your PATH.
- **Authentication errors**: Run `gam oauth create`.
- **Quota/rate limit**: Wait and retry; see Google Admin API quotas.
- **Parameter validation**: All inputs are validated; see error messages for details.
## Security Considerations
- Only whitelisted GAM commands are allowed.
- All parameters are validated and sanitized.
- No arbitrary command execution.
- Logs redact sensitive data.
- Rate limiting and error handling are built-in.
## Extending
Add new tools in `src/tools/` and export them in `src/tools/index.ts`.
---
© 2024 GAM MCP Server Authors