Automox MCP Server
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| AUTOMOX_ORG_ID | No | Numeric organization ID (recommended, required by most tools) | |
| AUTOMOX_API_KEY | Yes | Automox API key | |
| AUTOMOX_MCP_HOST | No | Bind address for HTTP/SSE | 127.0.0.1 |
| AUTOMOX_MCP_PORT | No | Bind port for HTTP/SSE | 8000 |
| AUTOMOX_MCP_MODULES | No | Comma-separated list of modules to load | |
| AUTOMOX_ACCOUNT_UUID | Yes | Account UUID from Secrets & Keys | |
| AUTOMOX_MCP_API_KEYS | No | Comma-separated MCP endpoint API keys | |
| AUTOMOX_MCP_READ_ONLY | No | Disable all write operations | false |
| AUTOMOX_MCP_TRANSPORT | No | Transport: stdio, http, sse, or streamable-http | stdio |
| AUTOMOX_MCP_LOG_FORMAT | No | Log format: text or json | text |
| AUTOMOX_MCP_TOOL_PREFIX | No | Prefix all tool names to prevent collisions | |
| AUTOMOX_MCP_API_KEY_FILE | No | Path to file containing MCP endpoint API keys | |
| AUTOMOX_MCP_OAUTH_ISSUER | No | OIDC issuer URL for JWT auth | |
| AUTOMOX_MCP_OAUTH_SCOPES | No | Comma-separated required OAuth scopes | |
| AUTOMOX_MCP_TOKEN_BUDGET | No | Max estimated tokens per response before truncation | 4000 |
| AUTOMOX_MCP_ALLOWED_HOSTS | No | Extra allowed Host headers | |
| AUTOMOX_MCP_OAUTH_AUDIENCE | No | Expected JWT audience claim | |
| AUTOMOX_MCP_OAUTH_JWKS_URI | No | JWKS endpoint for JWT key rotation | |
| AUTOMOX_MCP_ALLOWED_ORIGINS | No | Extra allowed Origin headers | |
| AUTOMOX_MCP_OAUTH_SERVER_URL | No | Canonical server URL for RFC 9728 | |
| AUTOMOX_MCP_UPLOAD_MAX_BYTES | No | Max installer size for upload_policy_file | 10737418240 |
| AUTOMOX_MCP_ALLOW_REMOTE_BIND | No | Allow binding to non-loopback addresses | false |
| AUTOMOX_MCP_SANITIZE_RESPONSES | No | Sanitize API data to mitigate prompt injection | true |
| AUTOMOX_MCP_ALLOW_DELETE_DEVICE | No | Opt in to delete_device tool | false |
| AUTOMOX_MCP_UPLOAD_ALLOWED_DIRS | No | Comma-separated absolute directories for upload_policy_file | |
| AUTOMOX_MCP_UPLOAD_TIMEOUT_SECONDS | No | Upload read/write timeout for upload_policy_file | 3600 |
| AUTOMOX_MCP_ALLOW_UPLOAD_POLICY_FILE | No | Opt in to upload_policy_file tool | false |
| AUTOMOX_MCP_DNS_REBINDING_PROTECTION | No | Set to false to disable DNS rebinding protection | true |
| AUTOMOX_MCP_ALLOW_APPLY_REMEDIATION_ACTIONS | No | Opt in to apply_remediation_actions tool | false |
| AUTOMOX_MCP_ALLOW_SPLASHTOP_BULK_INSTALL_UNINSTALL | No | Opt in to splashtop_bulk_install_uninstall tool | false |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {
"listChanged": true
} |
| logging | {} |
| prompts | {
"listChanged": false
} |
| resources | {
"subscribe": false,
"listChanged": false
} |
| extensions | {
"io.modelcontextprotocol/ui": {}
} |
| experimental | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| audit_trail_user_activityA | Retrieve Automox audit trail events performed by a user on a specific date. |
| audit_events_ocsfA | Query OCSF-formatted audit events from the Automox Audit Service v2. Filter by date (required) and event type name. The |
| list_devicesA | List devices with detailed per-device information including hostname, OS, policy status, and patch status. Use this to explore and investigate specific devices, optionally filtered by management/policy status. For aggregate statistics and health metrics, use device_health_metrics instead. |
| device_detailA | Return detailed information and recent activity for a device. Includes a compliance rollup (per-policy status counts: up_to_date / pending / needs_remediation, plus the policies needing remediation — only needs_remediation policies make a device non-compliant). |
| devices_needing_attentionC | Surface Automox devices flagged for immediate action. |
| search_devicesA | Search Automox devices by hostname (including custom name), IP, tag, severity of missing patches, or patch status (only 'missing' is supported). The severity filter is passed upstream to scope the result set (the requested values are echoed in metadata.filters.severity); it narrows the candidate set but does NOT guarantee every returned device currently has an outstanding patch at that severity (live, ~41% of severity=critical results report zero outstanding patches — likely already remediated or reassessed since the index was built). Per-device |
| device_health_metricsA | Aggregate organization-wide device health statistics including managed/unmanaged breakdown, device status breakdown, compliance metrics, and check-in recency analysis. Compliance follows the platform rule: a device is non-compliant only when at least one policy needs remediation — pending work is tracked separately as devices_with_pending_policies. Use this for monitoring dashboards and getting a fleet-wide health overview. |
| get_device_inventoryA | Retrieve detailed device inventory data including hardware, network, security, services, system, and user information. Optionally filter by category. Uses the Console API device-details endpoint. |
| get_device_inventory_categoriesA | List available inventory categories for a device. Categories are dynamic per device. Use this to discover what inventory data is available before requesting specific categories. |
| execute_device_commandC | Issue an immediate command to a device (scan, patch, or reboot). |
| batch_update_devicesA | Apply bulk attribute actions to many devices at once (up to 500). Currently supports tag apply/remove via actions like {'attribute': 'tags', 'action': 'apply', 'value': ['env:prod']}. |
| update_deviceA | Update a single device's mutable attributes: custom_name, server_group_id, exception (policy-enforcement exclusion), tags, and ip_addrs. Fills the single-device gap that batch_update_devices (tags-only, bulk) does not cover — e.g. renaming a device or moving it to a server group. Supply only the fields you want to change; at least one is required. |
| list_saved_searchesB | List saved device searches from the Advanced Device Search API. Returns saved search names, queries, and metadata. |
| advanced_device_searchA | Execute an advanced device search using the Automox Advanced Device Search API's structured query language. Enables complex queries like 'find all Windows devices not seen in 30 days' or 'devices with nginx installed' using field-based filtering. Pass |
| device_search_typeaheadA | Get typeahead suggestions for device search fields. Useful for discovering valid values when building advanced device queries. |
| get_device_metadata_fieldsC | Get available fields for device queries. Returns the field names and types supported by the advanced device search API. |
| get_device_assignmentsA | Get device-to-policy and device-to-group assignments. |
| get_device_by_uuidA | Get the near-raw device payload by UUID (canonical /servers endpoint). Integer policy codes carry a status_label sibling (up_to_date / pending / needs_remediation — only needs_remediation makes a device non-compliant; see the compliance rollup). uptime_minutes is sampled at the device's last full scan, so it can lag the current boot session. |
| get_saved_searchB | Retrieve a single saved device search by ID. Returns the saved search name, description, query, and metadata. |
| get_saved_search_resultsA | Execute a saved device search and retrieve its current device result set. Supports pagination via page + limit. |
| get_cached_search_resultsA | Retrieve cached server-side results for a previously-executed device search, keyed by search execution ID. Distinct from get_saved_search_results which re-executes a saved-search definition. |
| get_search_scopesA | List available device-search scope options. Org-independent metadata describing the scopes (e.g., device, group, org) supported by the Advanced Device Search API. |
| get_searchable_fieldsA | List searchable device fields grouped by scope, with per-field type metadata. Richer than get_device_metadata_fields (a flat field-name array) — use this to construct typed advanced-search queries. |
| list_searches_for_deviceA | List the saved device searches whose result set currently contains a given device (by UUID). Triage primitive: 'which saved searches does this device match?' Optionally filter by saved-search type. |
| run_saved_searchA | Execute a saved device search by UUID and return its device results, with paging (page/size) and an optional |
| create_saved_searchA | Create a new saved device search. Provide a name, a structured query dict carrying a |
| update_saved_searchA | Update an existing saved device search (partial update). Provide at least one of name, query, or description. The query dict uses the Automox Advanced Device Search API query syntax (see |
| delete_saved_searchB | Permanently delete a saved device search by ID. |
| assign_policies_to_saved_searchB | Bulk-assign one or more policies to the result set of a saved device search. Takes the saved-search UUID and a list of policy IDs. |
| refresh_saved_search_cacheA | Force a re-cache of a saved device search's results when they may be stale. Triggers server-side recomputation; returns once queued. |
| policy_health_overviewB | Summarize recent Automox policy activity. |
| policy_execution_timelineB | Review recent executions for a policy. Each execution's |
| policy_run_resultsB | Retrieve per-device results and output for a specific policy execution token. |
| policy_catalogA | List Automox policies with type and status summaries. |
| policy_detailB | Retrieve configuration and recent history for a policy. |
| policy_compliance_statsA | Retrieve per-policy compliance statistics for the organization. |
| patch_approvals_summaryA | Summarize patch approvals awaiting decision. Each approval covers one software package ( |
| preview_policy_device_filtersA | Dry-run: preview which devices a policy's targeting would resolve to, before creating or updating the policy. Read-only — nothing is created or changed. server_groups is REQUIRED when device_filters is provided (the upstream preview cannot evaluate a filter-only target): pass the groups the policy will be assigned to, and the device_filters clauses ({field, op, value}) are applied within that scope. |
| list_devices_for_policiesA | List the devices currently targeted by one or more policies (by policy UUID) — blast-radius assessment before executing or changing a policy. Read-only. |
| decide_patch_approvalB | Approve or reject an Automox patch approval request. |
| delete_policyB | Permanently delete an Automox policy by ID. |
| clone_policyA | Clone an existing Automox policy. By default creates an in-org copy with an optional new name and server group assignments. Pass target_zone_ids to instead clone a patch policy into one or more zones/orgs in a single server-side call (patch policies only; mutually exclusive with name/server_groups). |
| apply_policy_changesC | Create or update Automox policies with automatic format correction. |
| execute_policy_nowB | Execute an Automox policy immediately for remediation (all devices or specific device). |
| policy_runs_v2A | List policy runs with time-range filtering, policy name/type filters, and result status filtering. Uses the Policy History v2 API for richer data than the standard policy execution timeline. Each run's |
| policy_run_countA | Get aggregate policy execution counts. Optionally filter by number of days to look back. |
| policy_runs_by_policyA | Get policy runs grouped by policy for cross-policy comparison. Shows which policies have been running and their aggregate results. |
| policy_history_detailB | Get policy history details by UUID, including run history and status. Each run's |
| policy_runs_for_policyA | Get execution runs for a specific policy by UUID. Optionally filter by number of days and sort order. Each run's |
| policy_execution_countsA | List fleet-wide policy execution counts over a time window: one row per policy with its run count, in a single round-trip. Answers 'which policies ran most last quarter?' without per-policy calls or client-side aggregation. Distinct from policy_run_count (single aggregate) and policy_runs_for_policy (per-run records for one policy). |
| policy_run_detail_v2A | Get detailed per-device results for a specific policy run. Uses UUID-based queries and supports device name filtering. |
| invite_user_to_accountC | Invite a user to the Automox account with optional zone assignments. |
| remove_user_from_accountB | Remove a user from the Automox account by UUID. |
| list_org_api_keysA | List API keys for the Automox organization. Returns key metadata (name, enabled, expiry) only — secrets are never exposed. |
| list_organizationsA | List organizations visible to the API key, with device count, device limit, parent org, and trial end time. Useful for MSP/multi-org navigation, capacity posture, and trial warnings. A |
| list_usersA | List users in the organization with name, email, and RBAC roles. Secrets (e.g. intercom_hmac) are never surfaced. |
| get_userA | Get a single user by numeric ID, including org/server-group membership and RBAC roles. Secrets are never surfaced. |
| get_accountB | Get Automox account detail (id, name, type, timestamps). |
| list_account_rbac_rolesB | List the RBAC roles available in the Automox account. |
| get_account_userA | Get an account-scoped user record by UUID: status, account RBAC role, verification, and 2FA type. two_factor_authentication carries the literal string 'disabled' when 2FA is OFF (do NOT read it as a configured type); a null/absent value is ambiguous (may mean disabled or not-reported) — see metadata.field_notes. |
| list_zones_for_userB | List the zones (organizations) a given user belongs to. |
| list_zonesB | List the zones (organizations) in the Automox account. |
| get_zoneA | Get a single zone (organization) by UUID. The zone access_key is never surfaced. |
| list_zone_usersC | List the users assigned to a given zone (by zone UUID). |
| list_user_api_keysA | List a user's API keys by user ID. Returns key metadata (name, enabled, expiry) only — secrets are never exposed. |
| get_user_api_keyA | Get one user API key by user ID and key ID. Returns metadata only — the secret is never exposed. |
| list_global_api_keysA | List global (account-scoped) API keys. Returns key metadata (name, enabled, expiry) only — secrets are never exposed. |
| create_zoneB | Create a new zone (organization) in the account. The zone access_key is never surfaced. |
| update_userA | Update a user's profile fields (firstname, lastname, email, tfa_type) by user ID. Passwords cannot be set through this tool. |
| create_user_api_keyA | Create an API key for a user. Returns metadata only — the key secret is never surfaced and cannot be retrieved via MCP. |
| update_user_api_keyB | Enable or disable a user API key by user ID and key ID. |
| delete_user_api_keyA | Permanently delete a user API key by user ID and key ID. |
| create_global_api_keyA | Create a global (account-scoped) API key. Returns metadata only — the key secret is never surfaced and cannot be retrieved via MCP. |
| update_global_api_keyA | Enable or disable a global (account-scoped) API key by ID. |
| delete_global_api_keyA | Permanently delete a global (account-scoped) API key by ID. |
| list_server_groupsB | List all Automox server groups with their device counts and assigned policies. refresh_interval is the agent check-in/scan cadence in minutes (live-verified; spec range 240-1440) — see metadata.field_notes. |
| get_server_groupA | Get detailed information about a specific Automox server group. refresh_interval is the agent check-in/scan cadence in minutes (live-verified; spec range 240-1440) — see metadata.field_notes. |
| create_server_groupC | Create a new Automox server group. refresh_interval is the agent check-in/scan cadence in minutes (live-verified; spec range 240-1440). |
| update_server_groupB | Update an existing Automox server group. refresh_interval is the agent check-in/scan cadence in minutes (live-verified; spec range 240-1440). |
| delete_server_groupB | Delete an Automox server group permanently. |
| list_eventsA | List Automox organization events with optional filters by policy, device, user, event name, or date range. For policy/patch events, |
| prepatch_reportA | Retrieve the Automox pre-patch readiness report showing devices with pending patches before the next scheduled patch window. Per-device 'highest_severity' distinguishes 'no_known_cves' (patches carry no associated CVE — benign) from 'unknown' (severity undetermined). 'compliant' follows the platform rule: a device is non-compliant only when a policy needs remediation; pending work alone does not count against it. |
| noncompliant_reportA | Retrieve the Automox non-compliant devices report showing devices that need attention due to policy failures or missing patches. Each failing policy includes 'reason_for_fail' (upstream failure text, may be truncated), 'severity', and 'type' so you can state why a device is non-compliant and prioritize across devices. |
| list_device_packagesA | List software packages on a specific Automox device. Returns package name, version, |
| search_org_packagesA | Search software packages across the Automox organization. Filter by managed status ( |
| list_webhook_event_typesA | List all available Automox webhook event types with descriptions. Use this to see which events can trigger webhook deliveries. |
| list_webhooksB | List all webhook subscriptions for the Automox organization. Supports cursor-based pagination. |
| get_webhookB | Retrieve details for a specific Automox webhook subscription. |
| list_webhook_deliveriesA | List recent delivery attempts (status, latency, error) for a webhook -- delivery troubleshooting. Results are newest-first and cursor-paginated; optional startDate/endDate filters. |
| create_webhookA | Create a new Automox webhook subscription. The response includes a signing secret that is ONLY shown once — save it immediately. Max 5 webhooks per organization. URL must be HTTPS. |
| update_webhookA | Update an existing Automox webhook. Only provided fields are changed (partial update). Can update name, URL, enabled status, or event types. |
| delete_webhookA | Delete an Automox webhook subscription permanently. |
| test_webhookA | Send a test delivery to an Automox webhook endpoint. Returns success status, HTTP status code, and response time. |
| rotate_webhook_secretA | Rotate the signing secret for an Automox webhook. The old secret is immediately invalidated. Save the new secret — it is only shown once. |
| search_worklet_catalogA | Search the Automox community worklet catalog. Returns worklet names, descriptions, categories, OS compatibility, and trust/availability signals ( |
| get_worklet_detailA | Get detailed information for a specific community worklet, including evaluation code, remediation code, and requirements. |
| list_data_extractsB | List data extract jobs for the Automox organization. Returns each job's id, type (e.g. patch-history | api-activity), status, the is_completed readiness boolean, and whether a download link is available (has_download_url). |
| get_data_extractB | Get details for a data extract job. Returns status (per spec enum: queued | running | complete | failed | canceled | expired) and the is_completed boolean (use this for readiness). download_expires_at is the link-expiry timestamp; has_download_url=true means the CSV is currently downloadable. The presigned download URL itself is not returned to the model — retrieve it from the Automox console. |
| create_data_extractB | Request a new data extract for bulk reporting. Returns the extract ID and initial status. |
| list_remediation_action_setsB | List vulnerability remediation action sets for the organization. Shows imported vulnerability data and remediation tracking. |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
| investigate_noncompliant_device | Guided workflow to investigate why a device is non-compliant and remediate it. |
| prepare_patch_tuesday | Guided workflow to assess readiness and prepare for Microsoft Patch Tuesday. |
| audit_policy_execution | Guided workflow to audit a policy's execution history and identify issues. |
| onboard_device_group | Guided workflow to create and configure a new device group with policies. |
| triage_failed_policy_run | Guided workflow to triage and remediate a failed policy execution. |
| review_security_posture | Guided workflow to review and assess the organization's fleet security posture. |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
| Policy Quick Start Templates | Copy-paste templates for creating common policy types |
| Policy Schema Reference | Complete Automox policy schema with required fields, examples, and best practices |
| Policy Schedule Syntax | Detailed guide for Automox policy scheduling syntax and bitmask calculations |
| Server Groups Mapping | List of all Automox server groups with ID to name mappings |
| Webhook Event Types | Complete list of all 39 Automox webhook event types with categories and descriptions. Use this to see which events can trigger webhook deliveries when creating or updating webhook subscriptions. |
| Device Filter Syntax | Reference for Automox device filtering syntax used in search_devices and policy device_filters. Includes field names, operators, and examples. |
| Patch Classification Categories | Mapping of Automox patch classification categories, severity levels, and patch_rule options used in policy configuration. |
| Supported Operating Systems | Matrix of operating systems supported by the Automox agent, including OS families and version details. |
| API Rate Limiting Guide | Rate limiting behavior for the Automox API and the MCP server's built-in rate limiter. Useful for understanding throttling behavior. |
| automox_triage_app | Read-only MCP App UI for the non-compliant triage surface, rendered inline by Apps-capable hosts as the interactive view for get_compliance_snapshot. |
| automox_patch_approval_app | MCP App UI for reviewing and approving/rejecting pending Automox patch approvals inline, the review surface for patch_approvals_summary. |
| automox_policy_blast_radius_app | MCP App UI for reviewing a proposed policy change and its affected-device scope (blast radius) before applying — the review surface for apply_policy_changes (preview mode). |
| automox_remediation_apply_app | MCP App UI for reviewing an action set's remediation solutions and the devices they target before applying patch-now — the review/confirmation surface for the gated apply_remediation_actions. |
| automox_access_certification_app | MCP App UI for reviewing account users, their RBAC roles, and 2FA status and certifying/flagging access inline (read-first; certification writes nothing) — the review surface for list_users. |
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/AutomoxCommunity/automox-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server