Skip to main content
Glama

Netskope MCP Server

by johnneerdael

Netskope NPA MCP Server

A comprehensive Model Context Protocol (MCP) server for managing Netskope Private Access (NPA) infrastructure through AI-powered automation.

📚 Complete Documentation

This project includes extensive documentation organized for easy navigation:

👉 Start with the Complete Documentation - Overview and navigation guide

CategoryDescriptionLink
🏗️ ArchitectureServer design and patternsServer Architecture
🛠️ Tools ReferenceComplete tool documentationPublisher Tools, Private App Tools, Policy Tools
🔄 WorkflowsCommon automation patternsCommon Workflows
💼 Real ExamplesComplete use casesReal-World Examples

Tool Overview

The MCP server provides 84 specialized tools across 10 categories:

CategoryToolsPrimary Use Cases
Publishers9 toolsInfrastructure deployment and management
Private Apps15 toolsApplication lifecycle and configuration
Local Brokers7 toolsNetwork connectivity and routing
Policy Management6 toolsAccess control and security rules
SCIM Integration5 toolsIdentity and user management
Upgrade Profiles7 toolsAutomated maintenance scheduling
Steering3 toolsTraffic routing and associations
Alerts2 toolsEvent monitoring and notifications
Search2 toolsResource discovery and querying
Validation2 toolsConfiguration compliance

Real-World Usage Examples

🏢 "Set up complete NPA infrastructure for our new London office"

AI Response: Executes comprehensive deployment workflow

  • ✅ Creates publisher with auto-upgrade profile
  • ✅ Configures local broker for internal routing
  • ✅ Sets up core business applications (CRM, ERP, File Server)
  • ✅ Creates access policies with SCIM group validation
  • ✅ Enables monitoring and discovery for office network
  • ✅ Generates registration token for field deployment

🚨 "URGENT: Security incident - lock down HR/Finance apps immediately"

AI Response: Emergency security response workflow

  • ✅ Identifies all HR/Finance applications automatically
  • ✅ Creates emergency policy group with highest priority
  • ✅ Blocks access for all users except incident response team
  • ✅ Enhances monitoring for security events
  • ✅ Tags applications for incident tracking

📊 "Perform comprehensive compliance audit of our NPA environment"

AI Response: Automated compliance assessment

  • ✅ Audits all publishers for version compliance
  • ✅ Identifies applications without access policies
  • ✅ Validates SCIM group references in policies
  • ✅ Generates compliance score and remediation plan
  • ✅ Creates detailed findings report with priorities

Quick Start

  1. Environment Setup
    export NETSKOPE_BASE_URL="https://your-tenant.goskope.com" export NETSKOPE_TOKEN="your-api-token"
  2. Install and Run
    npm install npm run build npm start
  3. Connect via MCP Client
    { "mcpServers": { "netskope-npa": { "command": "node", "args": ["/path/to/ns-private-access-mcp/build/index.js"], "env": { "NETSKOPE_BASE_URL": "https://your-tenant.goskope.com", "NETSKOPE_TOKEN": "your-api-token" } } } }

Key Features

🤖 AI-Native Design

  • Tools designed for LLM interaction with clear descriptions
  • Automatic parameter validation and transformation
  • Rich error context for troubleshooting

🔄 Workflow Orchestration

  • Tools automatically coordinate with each other
  • Built-in retry logic and error recovery
  • Transactional operations where possible

🛡️ Production Ready

  • Comprehensive input validation using Zod schemas
  • Rate limiting and API quota management
  • Detailed logging and monitoring

🔗 Integration Patterns

  • SCIM integration for identity resolution
  • Search tools for resource discovery
  • Validation tools for compliance checking

Installation Options

NPM Package

npm install @johnneerdael/ns-private-access-mcp

Local Development

git clone https://github.com/johnneerdael/ns-private-access-mcp.git cd ns-private-access-mcp npm install npm run build

Architecture Highlights

Tool Composition

Tools are designed to work together through well-defined interfaces:

// Example: Creating a private app with validation and tagging 1. validateName() -> Check app name compliance 2. searchPublishers() -> Find target publisher 3. createPrivateApp() -> Create the application 4. createPrivateAppTags() -> Add organizational tags 5. updatePublisherAssociation() -> Associate with publishers

Schema-Driven Validation

Every tool uses Zod schemas for type safety and validation:

const createAppSchema = z.object({ app_name: z.string().min(1).max(64), host: z.string().url(), protocols: z.array(protocolSchema), clientless_access: z.boolean() });

Error Resilience

Built-in patterns for handling common issues:

  • Automatic parameter extraction from MCP objects
  • Retry logic with exponential backoff
  • Graceful degradation for partial failures

Credits

  • John Neerdael (Netskope Private Access Product Manager)
  • Mitchell Pompe (Chief Netskope Solutions Engineer for NL)

Getting Help

  • Documentation Issues: Open an issue on GitHub
  • Feature Requests: Create a feature request issue
  • Bug Reports: Use the bug report template
  • Security Issues: See SECURITY.md

This MCP server transforms complex Netskope NPA management into simple, AI-driven conversations.

Install Server
A
security – no known vulnerabilities
F
license - not found
A
quality - confirmed to work

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

Provides tools for managing Netskope infrastructure, policies, and steering configurations via the Model Context Protocol.

  1. Warning
    1. Demonstration
      1. Installation
        1. Option 1: NPM Package
        2. Option 2: Local Development
        3. MCP Configuration
      2. Environment Variables
        1. Required Variables
        2. Configuration Examples
        3. AlertsTools
        4. LocalBrokerTools
        5. PolicyTools
        6. PrivateAppsTools
        7. PublishersTools
        8. UpgradeProfileTools
        9. SteeringTools
        10. ValidationTools

      Related MCP Servers

      • -
        security
        F
        license
        -
        quality
        Provides a scalable, containerized infrastructure for deploying and managing Model Context Protocol servers with monitoring, high availability, and secure configurations.
        Last updated -
      • -
        security
        A
        license
        -
        quality
        A Model Context Protocol server implementation that allows AI models to interact with and manage Spinnaker deployments, pipelines, and applications through a standardized interface.
        Last updated -
        1
        1
        TypeScript
        MIT License
      • -
        security
        A
        license
        -
        quality
        A Model Context Protocol server that provides programmatic access to ONOS SDN controller's network management capabilities, enabling device control, topology management, and analytics through ONOS's REST API.
        Last updated -
        4
        Python
        GPL 3.0
      • -
        security
        A
        license
        -
        quality
        A Model Context Protocol server that provides tools for NPM package management, including dependency searching, updates, conflict resolution, and version management to help AI assistants safely upgrade project dependencies.
        Last updated -
        618
        6
        JavaScript
        MIT License
        • Linux
        • Apple

      View all related MCP servers

      MCP directory API

      We provide all the information about MCP servers via our MCP API.

      curl -X GET 'https://glama.ai/api/mcp/v1/servers/johnneerdael/netskope-mcp'

      If you have feedback or need assistance with the MCP directory API, please join our Discord server