OpenFGA MCP

Integrations

  • Supports containerized deployment using Docker for running the OpenFGA MCP server in isolated environments

  • Allows installation from GitHub source repository as an alternative to package managers

  • Built using the OpenFGA Python SDK and MCP Python SDK, requiring Python 3.10+ for operation

OpenFGA MCP Server

An experimental Model Context Protocol (MCP) server that enables Large Language Models (LLMs) to read, search, and manipulate OpenFGA stores. Unlocks authorization for agentic AI, and fine-grained vibe coding✨ for humans.

Requirements

Features

Tools

Store Management
  • create_store: Creates a new Store. (create-store)
  • list_stores: List all stores. (list-stores)
  • get_store: Get a store details. (get-store)
  • delete_store: Delete a store. (delete-store)
  • get_store_id_by_name: Get the ID of a store by it's name.
Authorization Model Management
Relationship Tuples Management
Relationship Queries
  • check: Check if a user has a relation to an object. (check)
  • list_objects: List objects of a type that a user has a relation to. (list-objects)
  • list_users: List users that have a given relationship with a given object. (list-users)

Resources

Prompts

Usage

We recommend running the server using UVX:

uvx openfga-mcp@latest

Installing via Smithery

To install OpenFGA MCP Server for Claude Desktop automatically via Smithery:

npx -y @smithery/cli install @evansims/openfga-mcp --client claude

Configuration

The server accepts the following arguments:

  • --openfga_url: URL of your OpenFGA server
  • --openfga_store: ID of the OpenFGA store the MCP server will use
  • --openfga_model: ID of the OpenFGA authorization model the MCP server will use

For API token authentication:

  • --openfga_token: API token for use with your OpenFGA server

For Client Credentials authentication:

  • --openfga_client_id: Client ID for use with your OpenFGA server
  • --openfga_client_secret: Client secret for use with your OpenFGA server
  • --openfga_api_issuer: API issuer for use with your OpenFGA server
  • --openfga_api_audience: API audience for use with your OpenFGA server

For example:

uvx openfga-mcp@latest \ --openfga_url="http://127.0.0.1:8080" \ --openfga_store="your-store-id" \ --openfga_model="your-model-id"

Using with Claude Desktop

To configure Claude to use the server, add the following to your Claude config:

{ "mcpServers": { "openfga-mcp": { "command": "uvx", "args": ["openfga-mcp@latest"] } } }
  • You may need to specify the full path to your uvx executable. Use which uvx to find it.
  • You must restart Claude after updating the configuration.

Using with Raycast

Using with Cursor

Using with Windsurf

Development

To setup your development environment, run:

make setup

To run the development server:

make run \ --openfga_url="http://127.0.0.1:8080" \ --openfga_store="your-store-id" \ --openfga_model="your-model-id"

To run the development server with the MCP Inspector:

make dev

License

Apache 2.0

-
security - not tested
A
license - permissive license
-
quality - not tested

hybrid server

The server is able to function both locally and remotely, depending on the configuration or use case.

An experimental Model Context Protocol server that enables Large Language Models to read, search, and manipulate OpenFGA authorization stores, unlocking fine-grained access control for agentic AI and natural language interactions.

  1. Requirements
    1. Features
      1. Tools
      2. Resources
      3. Prompts
    2. Usage
      1. Installing via Smithery
      2. Configuration
      3. Using with Claude Desktop
      4. Using with Raycast
      5. Using with Cursor
      6. Using with Windsurf
    3. Development
      1. License

        Related MCP Servers

        • -
          security
          A
          license
          -
          quality
          A Model Context Protocol server enabling AI agents to access and manipulate ServiceNow data through natural language interactions, allowing users to search for records, update them, and manage scripts.
          Last updated -
          9
          Python
          MIT License
        • -
          security
          A
          license
          -
          quality
          A Model Context Protocol server that enables AI agents to interact with ClickUp workspaces, allowing task creation, management, and workspace organization through natural language commands.
          Last updated -
          203
          MIT License
        • -
          security
          F
          license
          -
          quality
          A Model Context Protocol server that enables role-based context management for AI agents, allowing users to establish specific instructions, maintain partitioned memory, and adapt tone for different agent roles in their system.
          Last updated -
          TypeScript
        • -
          security
          F
          license
          -
          quality
          A Model Context Protocol server that bridges AI assistants like Claude with Wordware's specialized agent capabilities, allowing dynamic loading and access to any Wordware flow through a standardized interface.
          Last updated -
          Python

        View all related MCP servers

        ID: 5n8r5l5ir3