infomaniak-admin-mcp
Provides tools for managing Infomaniak account administration, including web hosting, mail security, DNS, domains, kDrive, kChat, account governance, and more, with two-phase commit for destructive operations.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@infomaniak-admin-mcpaudit example.com hosting and show quota warnings"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
@henrikogard/infomaniak-admin-mcp
Drive your entire Infomaniak account from Claude — agentic, two-phase commit, open-source.
@henrikogard/infomaniak-admin-mcp is Henrik Øgård's admin-focused fork of
Mogacode-ma/infomaniak-mcp-agent.
It exposes a broad Infomaniak administration surface as 169 tools an LLM can
call directly: web hosting, mail security and admin, account governance,
kDrive admin audits, kChat governance, domains, DNS, DNSSEC, FTP/SSH users, AI products,
persistent audit logs, and more. Every destructive operation goes through a
strict two-phase commit, so an agent can never silently delete or mutate
something on your account.
You → Claude: "audit the example.com hosting and tell me which mailboxes are over quota"
Claude → MCP: infomaniak_audit_account → infomaniak_list_mail_hostings → infomaniak_list_mailboxes
Claude → You: 3 mailboxes >85% — paul@ (94%), notify@ (88%), team@ (87%). Want me to add an alert?Table of contents
Tools (169 total) · Admin scope · Limitations · FAQ
Related MCP server: Corben MCP Server
Why this exists
Infomaniak is one of the very few independent, Swiss-owned, open-source-friendly cloud providers in Europe — running its own datacentres in Switzerland, on hydro and wind power, with no parent in the US or China. Its product range is huge (web hosting, mail, kDrive, kChat, DNS, AI cloud, Swiss Backup, …) but its API is split between a documented public surface and a private manager-only one — which means automating real workflows usually requires a browser session, custom scripts, or both.
The upstream project closes that gap by exposing broad Infomaniak operations through a single MCP server. This fork keeps that architecture and pushes it toward admin operations: mail security, spam control, mail administration, account governance, confirmed offboarding helpers, kDrive/domain admin audits, tool discovery, API coverage reporting, and persistent local audit logs.
🎒 Built in the open, in real time, by vibe-coding
This project was built rapidly by an LLM driving a terminal session ("vibe-coding"), with live tests against a real Infomaniak account at every step. It works perfectly on the maintainer's local setup and the full pipeline is green (TypeScript strict, ESLint, Prettier, tests, build, CodeQL, gitleaks).
That said — given how it was built and given that some manager-session-backed routes used here sit outside the public docs (see API-REFERENCE.md) — it is entirely possible that you'll hit (potentially big) bugs depending on your account topology, plan tier, scopes, or Infomaniak's own changes. We are here to fix them as they show up. Please:
Open an issue with the exact tool call, the input, the response, and your environment (Node version, OS, MCP client). Sanitize tokens / cookies / customer names before pasting.
Or, even better, send a PR with a failing test and we will work from there together.
We move fast and ship often. Don't be shy.
⚠️ Status: unofficial
This project is not affiliated with, endorsed by, or sponsored by Infomaniak Network SA. It is a community-driven tool that combines:
The public Infomaniak API (api.infomaniak.com), used with a Bearer token you generate yourself.
Manager-session-backed endpoints (manager.infomaniak.com/proxy/...), required for write operations on web hosting that the public API silently ignores.
For integration notes and current API caveats, read API-REFERENCE.md. Infomaniak may change these endpoints without notice; we do our best to keep up but cannot guarantee long-term compatibility.
Fork status
This repository is a fork with substantial admin-focused additions. The original
Mogacode architecture, MIT license, and attribution are preserved; the new fork
work is attributed separately in LICENSE and NOTICE.
The end-user-focused sibling repo is
infomaniak-mcp; this fork
stays intentionally admin-only.
kMeet scheduling and user-focused kChat conversations are out of scope. kChat is now limited to administrator/team/channel governance tools.
What you can do with it
Once installed, you can ask Claude things like:
"List every domain on my account that expires in less than 60 days, sorted by date."
"Create a new site
staging.example.comon hostingWP1234567, PHP 8.3, root in/sites/staging.""Add a TXT record on
example.comfor the new Postmark DKIM, then verify it resolves.""Block
spam@example.netfrom sending toinfo@example.com, and show me the diff before applying it.""How much disk does the database
myprefix_wp123456use, and which application is wired to it?""Create a mailbox
hello@example.comwith a 16-character random password and forward it to my Gmail.""Create an invitation for contractor@example.com, add them to the Security team, and tag the account for review."
"Grant kSuite, drive, or mailbox access through an invitation, but show me the current snapshot first."
"Replace the aliases and forwarding on info@example.com, then set an auto-reply and rotate DKIM."
"Show me which kDrives I'm an admin on and how full they are."
"Tune the AI, link, office, and preference settings on kDrive 44311."
"Inspect the kChat channels on a team, review moderation and member roles, then update a bot or command with confirmation."
"Audit account users and tell me who has privileged app access before I offboard someone."
"Audit my whole account: any locked product, expiring SSL, broken DNSSEC, ongoing operations?"
"Undo the last DNS change I made through this session."
It will not silently mutate anything destructive: every change goes through a plan + confirmation token round-trip. You stay in control even if the model gets creative.
High-value admin use cases
These are the workflows this MCP is especially good at because they combine admin inventory, safety checks, and confirmed writes.
Block senders and spam campaigns
Tell Claude:
Block spam@example.net from info@example.com.Claude can call infomaniak_block_sender, which reads the mailbox's current
authorized_senders and blocked_senders, returns a diff, and only applies the
block after you confirm with the returned token. If the sender was previously
authorized, the tool removes it from the trusted list while adding it to the
blocked list. The matching unblock and allow-list tools are
infomaniak_unblock_sender, infomaniak_authorize_sender, and
infomaniak_unauthorize_sender.
Harden mailbox security
Ask:
Audit and harden info@example.com against spam, but show me exactly what would change first.Claude can use infomaniak_get_mailbox_security,
infomaniak_audit_mailbox_security, and infomaniak_harden_mailbox_security to
review spam movement, smart filtering, trusted senders, blocked senders, notes,
and mailbox filter state. Writes use the same two-phase confirmation pattern.
Govern account invitations, teams, and tags
Ask:
Create an invitation for contractor@example.com, add them to the Security team, and tag the account for review.Claude can use infomaniak_create_account_invitation,
infomaniak_update_account_invitation,
infomaniak_delete_account_invitation, infomaniak_create_account_team,
infomaniak_update_account_team, infomaniak_delete_account_team,
infomaniak_add_account_team_users, infomaniak_remove_account_team_users,
infomaniak_create_account_tag, infomaniak_update_account_tag, and
infomaniak_delete_account_tag. Each write tool plans first and applies only
after confirmation with a fresh current-state check.
Grant product access through an invitation
Ask:
Show me the current invitation snapshot, then grant drive and mailbox access on invitation 77.Claude can use infomaniak_get_account_invitation_access to inspect the current
invitation, then infomaniak_manage_account_invitation_access to create,
update, invite, or revoke kSuite, drive, mailbox, or kChat access with a
fresh snapshot guard and confirmation token.
Reconfigure mailbox routing
Ask:
Replace the aliases and forwarding on info@example.com, then set an auto-reply and rotate DKIM.Claude can use infomaniak_manage_mailbox_aliases,
infomaniak_manage_mailbox_forwarding,
infomaniak_manage_mailbox_auto_reply,
infomaniak_manage_service_redirections, and infomaniak_rotate_mail_dkim to
adjust mailbox-level and service-level mail routing. These are also two-phase
writes with current-state guards.
Manage mail signatures and templates
Ask:
List mailbox signatures and then update the template before I roll it out.Claude can use infomaniak_get_mail_signatures to inspect mailbox or service
signature templates, then infomaniak_manage_mail_signatures to create,
update, delete, or apply defaults with confirmation.
Review webmail access
Ask:
Show me who can use webmail on this mailbox, then revoke the stale account.Claude can use infomaniak_get_mail_webmail_access to review current user and
team access, then infomaniak_manage_mail_webmail_access to add, update, or
remove access with a fresh state check.
Clean up mail device sessions
Ask:
List the mailbox device sessions and remove the suspicious one.Claude can use infomaniak_get_mail_device_access to inspect device/session
inventory, then infomaniak_manage_mail_device_access to delete a device or
clear a user's mailbox device access with confirmation.
Manage newsletter groups and subscribers
Ask:
List newsletter groups and subscribers for example.com, then clean up the stale ones.Claude can use infomaniak_get_newsletter_admin for read-only inventory and
infomaniak_manage_newsletter_admin for confirmed create, update, delete,
assign, unassign, and forget operations.
Offboard users safely
Ask:
Prepare offboarding for user 7890 on account 123456.Claude can use infomaniak_plan_user_offboarding and
infomaniak_audit_account_access to show app access and pending invitations.
For pending invitations, infomaniak_cancel_user_pending_invitations cancels
only after a confirmation token and a fresh state check.
Audit admin posture
Useful prompts:
Audit account access and highlight privileged users.
Audit kDrive 44311 for risky share links and external users.
Audit example.com for DNSSEC, MX, SPF, DMARC, wildcard records, and low TTLs.These map to infomaniak_audit_account_access,
infomaniak_audit_kdrive_admin, and infomaniak_audit_domain_dns_admin.
Clean up kDrive share links
Ask:
List risky share links on kDrive 44311 and remove anything public with no expiry.
Tighten the share link on file 888 so it has a password and expiry.Claude can use infomaniak_list_drive_share_links and
infomaniak_get_drive_share_link for review, then
infomaniak_update_drive_share_link, infomaniak_remove_drive_share_link, or
infomaniak_invite_drive_share_link. Writes are two-phase and guarded by the
current share-link state.
Manage kDrive file permissions safely
Ask:
Review who can access file 888 on kDrive 44311, then grant team 33 read access.
Invite external@example.com to the same file, but show me the plan first.Claude can use infomaniak_list_drive_file_access_users,
infomaniak_list_drive_file_access_teams, and
infomaniak_list_drive_file_access_invitations to review current file access,
then infomaniak_create_drive_file_access_user,
infomaniak_update_drive_file_access_user,
infomaniak_remove_drive_file_access_user,
infomaniak_create_drive_file_access_team,
infomaniak_update_drive_file_access_team,
infomaniak_remove_drive_file_access_team, or
infomaniak_create_drive_file_access_invitation. Every write uses two-phase
confirmation and refetches the current access list before applying.
Review kDrive activity
Ask:
Show me kDrive 44311 storage, user activity, shared-file activity, and share-link activity this month.
Export share-link activity for kDrive 44311.Claude can call infomaniak_get_drive_statistics for storage size charts and
exports, activity charts and exports, user activity, shared-file activity, and
share-link activity.
Tune kDrive settings
Ask:
Read the current kDrive settings snapshot, then tighten AI, link, office, and preferences policy.Claude can use infomaniak_get_drive_settings to inspect the current policy
snapshot, then infomaniak_manage_drive_settings to update the AI, share-link,
office, or preferences settings with a fresh state check and confirmation.
Manage kDrive users safely
Ask:
Add new@example.com to kDrive 44311 as a user, but show me the plan before applying.
Lock user 7890 on kDrive 44311 until we finish the offboarding review.Claude can use infomaniak_list_drive_users to review current access, then
infomaniak_create_drive_user, infomaniak_update_drive_user,
infomaniak_lock_drive_user, infomaniak_unlock_drive_user,
infomaniak_set_drive_user_manager, or infomaniak_delete_drive_user. Every
write reads the current user/list state first and requires the returned
confirmation token before it mutates kDrive access.
Review what the MCP did
Every MCP tool call is written to an append-only JSONL audit log by default.
Writes include explicit plan, apply_attempt, applied, and failed phases;
read-only successes can be included or disabled. Secrets are redacted, including
API tokens, cookies, passwords, private keys, certificates, and confirmation
tokens.
Ask:
Show me every applied change from today.
Show me failed or destructive MCP actions.
Tail the last 25 audit log entries.Claude can use infomaniak_audit_log_tail and
infomaniak_audit_log_search. The default log path is
./logs/infomaniak-mcp-audit.jsonl.
Why "agentic" and not "wrapper"
Most MCP servers expose one tool per HTTP endpoint and call it a day. This one is built differently:
Guided dialogues — creating a site walks you through "which organization? which hosting? root domain or subdomain? what type? recap?" instead of asking you to know the right tool to call upfront.
Two-phase commit — every destructive operation returns a plan with a single-use confirmation token (60 s TTL). Nothing is mutated until you call back with the token.
Pre-flight checks — the server checks for conflicts (existing FQDN, busy hosting, expired domain) before hitting the API.
Actionable errors — every error tells you what happened, why, and the next step you can take.
Introspection —
infomaniak_tool_catalog,infomaniak_overview,infomaniak_helpandinfomaniak_explaingive the agent context-on-demand instead of forcing it to memorize a tool catalog.Session memory —
infomaniak_historylists every destructive action of the current session, andinfomaniak_undoreverses the ones that are reversible.
See ARCHITECTURE.md for the full design rationale.
Install
Install the public package from npm:
npm install @henrikogard/infomaniak-admin-mcp
npx -y @henrikogard/infomaniak-admin-mcpIf you want to develop from source instead:
git clone https://github.com/henrikogaard/infomaniak-admin-mcp.git
cd infomaniak-admin-mcp
npm ci
npm run build
npm startThe built server entry point is ./dist/server.js.
To produce a shareable MCPB bundle, run npm run bundle:mcpb after building.
Configure Claude Desktop
Add to ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %AppData%\Claude\claude_desktop_config.json (Windows):
{
"mcpServers": {
"infomaniak-admin": {
"command": "npx",
"args": ["-y", "@henrikogard/infomaniak-admin-mcp"],
"env": {
"INFOMANIAK_API_TOKEN": "paste-your-token-here",
"INFOMANIAK_AUTH_MODE": "auto"
}
}
}
}Restart Claude Desktop to pick up the change.
Configure Claude Code
claude mcp add infomaniak \
-e INFOMANIAK_API_TOKEN=paste-your-token-here \
-e INFOMANIAK_AUTH_MODE=auto \
-- npx -y @henrikogard/infomaniak-admin-mcpAuthentication
Two distinct credentials are needed because Infomaniak runs two APIs side-by-side:
API | Auth | Purpose |
| Bearer token | Read-mostly: profile, products, mail, drive, dns, domains, billing |
| SASESSION cookie + CSRF token | Writes on web hosting (sites, databases, applications) |
1. Bearer token (required)
Sign in to your Infomaniak account.
Click "Create a token", give it a long lifetime, copy the value.
Set it in
INFOMANIAK_API_TOKEN.
2. Manager session (auto, recommended)
The manager-private API does not accept Bearer tokens or OAuth (Infomaniak only exposes openid profile email phone scopes to third-party apps; web, mail, etc. are reserved). Instead, we read the SASESSION and MANAGER-XSRF-TOKEN cookies that your local Chrome already has when you are logged into manager.infomaniak.com.
With INFOMANIAK_AUTH_MODE=auto (the default), the MCP reads these cookies on demand using chrome-cookies-secure. Nothing is ever written to disk; cookies live in memory for the duration of one operation.
When the session expires, simply reload manager.infomaniak.com in Chrome — the MCP will pick up the fresh cookies on the next call.
3. Manager session (manual fallback)
For headless environments or troubleshooting:
INFOMANIAK_AUTH_MODE=manual
INFOMANIAK_SASESSION=...
INFOMANIAK_XSRF_TOKEN=...To copy them: open Chrome DevTools on manager.infomaniak.com, Application → Cookies, copy SASESSION and MANAGER-XSRF-TOKEN (URL-encoded — paste as-is, the MCP decodes).
Quick example
A typical first conversation, end-to-end:
You: What's on my account?
Claude: [calls infomaniak_overview]
You have 16 organizations, 311 products: 47 web hostings, 73 domains,
12 mail hostings, 3 kDrives, 2 AI Tools subscriptions.
You: Any domain expiring soon?
Claude: [calls infomaniak_audit_account on each org]
2 domains expire in <30 days: example.com (April 22), demo.org (May 04).
4 SSL certificates were auto-renewed in the last 7 days. No locked products.
You: Create a TXT record on example.com saying "v=spf1 include:spf.example.net ~all".
Claude: [calls infomaniak_dns_create_record → returns plan + token]
Plan: CREATE TXT record on example.com → "v=spf1 include:spf.example.net ~all", TTL 3600.
Confirm with token abc-123 within 60 s.
You: Confirm.
Claude: [calls infomaniak_dns_create_record again with the token]
Done. Record id 84219113. Logged in session history (undoable).Tools
169 tools across the admin surface. Use infomaniak_tool_catalog to browse what the MCP can do by category/risk, infomaniak_help to fuzzy-search by intent, or infomaniak_explain to dump a tool's full JSON schema. For admin-focused examples and scope boundaries, see ADMIN-SCOPE.md.
Introspection (start here)
Tool | Annotation | Purpose |
| read-only | Summary of organizations + products. Best first call. |
| read-only | Browse the MCP toolbox by admin category, risk, capability, and high-value use cases. Best answer to "what can this MCP do for me?" |
| read-only | Suggest tools matching a free-form intent ("create site", "list mailboxes"…). |
| read-only | Returns the full definition (description + schemas) of a specific tool. |
| read-only | Scan an organization for expirations / locked products / ongoing ops. |
| read-only | List destructive actions taken in this session. |
| destructive | Reverse a session action when reversible (two-phase commit). |
Organizations & products
Tool | Annotation | Purpose |
| read-only | Accounts you have technical access to. |
| read-only | Web hostings (classic + Node.js) for one organization. |
| read-only | Domains for one organization, with creation + expiration dates. |
| read-only | Detail of one domain (DNS managed?, DNSSEC, errors). |
Web hosting sites
Tool | Annotation | Purpose |
| read-only | Domain-first lookup. Resolves a public domain (e.g. |
| read-only | Sites on a given web hosting (with applications). |
| destructive | Two-phase: returns a plan + token, second call with token actually creates. |
| destructive | Two-phase delete (full preview of the site to be removed). |
SSL certificates
Tool | Annotation | Purpose |
| read-only | Current cert status ( |
| destructive | Two-phase. Issue or renew a cert. Three |
| destructive | Two-phase. Remove the cert from a site. Undo via |
Databases
Tool | Annotation | Purpose |
| read-only | MariaDB databases attached to a hosting (with disk usage). |
| read-only | Detail of one database. |
| destructive | Two-phase create. |
| destructive | Two-phase delete (plan shows disk usage + linked app). |
| read-only | MariaDB-level user accounts attached to a hosting ( |
| read-only | Detail of a single MariaDB user. |
⚠️ Note: this MCP intentionally does not expose a tool that changes a database user's password through the public API — see
API-REFERENCE.mdfor the operational note that keeps it out of the typed tool surface. Rotate database passwords via direct MariaDBALTER USERover SSH instead.
FTP / SSH users
Tool | Annotation | Purpose |
| read-only | FTP / SSH users on a web hosting. |
| destructive | Two-phase create with |
| destructive | Two-phase revoke (files preserved). |
DNS & DNSSEC
Tool | Annotation | Purpose |
| read-only | Every DNS record on an Infomaniak-managed zone. |
| destructive | Two-phase create record (A, AAAA, CNAME, MX, TXT, SRV, NS, CAA, PTR, SPF). |
| destructive | Two-phase update (current vs proposed diff in the plan). |
| destructive | Two-phase delete record (with full preview before commit). |
| mixed | Unified DNSSEC: |
Tool | Annotation | Purpose |
| read-only | Mail hostings for one organization. |
| read-only | Mailboxes on a given mail hosting. |
| read-only | Unified mailbox read: pass |
| read-only | Mailbox spam/security posture: authorized senders, blocked senders, spam movement, smart filtering folders, and admin note. |
| read-only | Mailbox Sieve filter and script inventory for admin review. |
| read-only | Focused list of advanced Sieve scripts configured on a mailbox. |
| read-only | Review a mailbox for spam/security findings and recommended hardening steps. |
| destructive | Two-phase create with password policy enforcement. |
| destructive | Two-phase delete (also wipes stored mail). |
| destructive | Two-phase add alias to a mailbox. |
| destructive | Two-phase sender block. Adds the sender to |
| destructive | Two-phase sender unblock. Removes the sender from |
| destructive | Two-phase allow-list update. Adds the sender to |
| destructive | Two-phase removal from |
| destructive | Two-phase spam policy update for spam movement, smart filtering, folder targets, and admin note. |
| destructive | Two-phase hardening workflow based on the mailbox security audit. |
| destructive | Two-phase mailbox folder mapping update for archives, drafts, sent, trash, spam, commercials, and social-network folders. |
| destructive | Two-phase purge of all messages currently in the mailbox spam folder. Not undoable. |
| read-only | Server-side mail redirection rules. |
| destructive | Two-phase create rule (forward |
| destructive | Two-phase delete rule. |
| destructive | Two-phase mailbox alias management: list, replace, add, or delete aliases with current-state guards. |
| destructive | Two-phase mailbox forwarding management: list, replace, add, delete, or clear forwarding targets. |
| destructive | Two-phase mailbox auto-reply management for list/create/update/delete/reset flows. |
| destructive | Two-phase service-level redirection management, including confirmation resend and target updates. |
| destructive | Two-phase DKIM rotation / check for a mail hosting. |
| read-only | Mailbox or service signature/template inventory for admin review. |
| destructive | Two-phase signature/template create, update, delete, and defaults management. |
| read-only | Webmail user/team access inventory for a mailbox or account. |
| destructive | Two-phase webmail access add, update, revoke, or invite flows. |
| read-only | Mailbox device/session inventory for admin cleanup. |
| destructive | Two-phase mailbox device/session deletion or cleanup. |
| read-only | Newsletter groups and subscriber inventory for a domain. |
| destructive | Two-phase newsletter group/subscriber create, update, delete, assign, unassign, and forget operations. |
kChat governance
Tool | Annotation | Purpose |
| read-only | All kChat channels in the account. |
| read-only | Public, private, or deleted channels for one team. |
| read-only | One kChat channel snapshot. |
| read-only | Channel members, plus an optional specific member snapshot. |
| read-only | Channel moderation settings. |
| read-only | Groups linked to a team, channel, or user for permission audits. |
| read-only | Bot inventory. |
| read-only | One bot snapshot. |
| read-only | Slash command inventory. |
| read-only | One slash command snapshot. |
| read-only | Role catalog for kChat permission auditing. |
| destructive | Two-phase create, update, patch, move, restore, delete, privacy, scheme, or moderation changes. |
| destructive | Two-phase add/remove/update member roles, scheme roles, or notification props. |
| destructive | Two-phase create, update, enable, disable, or delete bot. |
| destructive | Two-phase create, update, delete, or regenerate a slash command token. |
Identity ("who am I?")
Tool | Annotation | Purpose |
| read-only | Name, email, language, country, timezone, current account, security posture (2FA, devices, last login). |
| read-only | Focused security report — 2FA method + status, recovery email, validated phone, Yubikey, rescue codes, password age, trusted devices with IP/time. |
Account / Org
Tool | Annotation | Purpose |
| read-only | Full org detail: legal entity, billing addresses, VAT, locale, support tier, 2FA-required policy, your role, tags. |
| read-only | Teams (owners + counts) + tags (with products carrying each tag) in a single call. |
| read-only | Users on an organization, with roles and access metadata. |
| read-only | Per-user app access detail for audits and offboarding. |
| read-only | Step-by-step offboarding plan from current account, user, and invitation state. |
| read-only | Cross-user access posture review and privileged app-access detection. |
| destructive | Two-phase cancellation of pending account invitations for one user. |
| read-only | Invitation snapshot for kSuite, drive, mailbox, or kChat access review. |
| destructive | Two-phase grant/update/invite/revoke of invitation-scoped product access. |
| destructive | Two-phase create of an account invitation, guarded by a fresh account snapshot. |
| destructive | Two-phase update of an account invitation, guarded by a fresh invitation snapshot. |
| destructive | Two-phase delete of an account invitation, guarded by a fresh invitation snapshot. |
| destructive | Two-phase create of an account team, guarded by the current team list. |
| destructive | Two-phase update of an account team, guarded by a fresh team snapshot. |
| destructive | Two-phase delete of an account team, guarded by a fresh team snapshot. |
| destructive | Two-phase add of one or more users to an account team, guarded by a fresh team-members snapshot. |
| destructive | Two-phase removal of one or more users from an account team, guarded by a fresh team-members snapshot. |
| destructive | Two-phase create of an account tag, guarded by the current tag list. |
| destructive | Two-phase update of an account tag, guarded by a fresh tag snapshot. |
| destructive | Two-phase delete of an account tag, guarded by a fresh tag snapshot. |
Mail (deep)
Tool | Annotation | Purpose |
| read-only | DNS health diagnostic (MX/SPF/DKIM/DMARC), quotas, admin, parent kSuite link, FQDNs, team access. |
| read-only | Auto-responder, aliases, IMAP/POP3 last login, password age, mailbox size, devices, DKIM, SMTP ban, mail filtering (commercials/social), authorized/blocked senders. |
Domain (deep)
Tool | Annotation | Purpose |
| read-only |
|
kDrive (deep, manager-private)
Tool | Annotation | Purpose |
| read-only | Drive name, total size, used size, maintenance. |
| read-only | Users with access to a kDrive (access audits). |
| read-only | Items in the trash bin with deletion timestamps. |
VPS / Cloud Server
Tool | Annotation | Purpose |
| read-only | List Cloud Server (Jelastic) products of an org. |
| read-only | Datacenter, IPs, CPU/RAM, bandwidth + traffic, disk usage, MySQL/PHP versions, firewall, premium support contacts, migration history. |
Node.js apps (Cloud Server hosting_3)
Tool | Annotation | Purpose |
| read-only | Discover the apps on a Node.js hosting. Returns each app's |
| read-only | Full app config: Node version, listen port, |
| read-only | Live status — |
| read-only | All FQDNs serving the app (primary + auto |
| read-only | Recent jobs (build / restart / …) with per-job log_stream JWT. |
| read-only | Returns a short-lived JWT + SSE endpoint URL to consume the live stdout/stderr stream of the running app. |
| read-only | Screenshot of the live page as a base64 JPEG — visual smoke test without HTTP-probing. |
| destructive | Two-phase. Start / stop / restart / build. |
All Node.js tools are manager-private (the public Bearer API exposes only a state-check for Node.js hostings). They require
INFOMANIAK_AUTH_MODE=auto(Chrome cookies) ormanual(SASESSION + MANAGER-XSRF-TOKEN env vars). SeeAPI-REFERENCE.md.
kDrive
Tool | Annotation | Purpose |
| read-only | All kDrives the account has access to (with quota). |
| read-only | Files / subfolders of a drive root or any folder, paginated. |
| read-only | Share-link inventory for admin exposure review. |
| read-only | Share-link settings for one kDrive file or folder. |
| read-only | User access entries for a kDrive file or folder. |
| read-only | Team access entries for a kDrive file or folder. |
| read-only | Pending file-access invitations for a kDrive file or folder. |
| read-only | kDrive storage, activity, user activity, shared-file activity, and share-link activity charts/exports. |
| read-only | Current kDrive AI, link, office, and preferences policy snapshot. |
| destructive | Two-phase create of a kDrive share link, guarded by current share-link state. |
| destructive | Two-phase update of a kDrive share link, guarded by current share-link state. |
| destructive | Two-phase removal of a kDrive share link, guarded by current share-link state. |
| destructive | Two-phase share-link invitation, guarded by current share-link state. |
| destructive | Two-phase update of kDrive AI, link, office, or preferences settings with a fresh snapshot guard. |
| destructive | Two-phase grant of a file/folder user permission, guarded by the current access list. |
| destructive | Two-phase update of a file/folder user permission, guarded by the current access list. |
| destructive | Two-phase removal of a file/folder user permission, guarded by the current access list. |
| destructive | Two-phase grant of a file/folder team permission, guarded by the current access list. |
| destructive | Two-phase update of a file/folder team permission, guarded by the current access list. |
| destructive | Two-phase removal of a file/folder team permission, guarded by the current access list. |
| destructive | Two-phase invitation to a file or folder, guarded by the current invitation list. |
| destructive | Two-phase create of a kDrive user, guarded by the current drive user list. |
| destructive | Two-phase update of a kDrive user's role/access payload, guarded by the current user snapshot. |
| destructive | Two-phase removal of a kDrive user from the drive, guarded by the current user snapshot. |
| destructive | Two-phase lock of a kDrive user, guarded by the current user snapshot. |
| destructive | Two-phase unlock of a kDrive user, guarded by the current user snapshot. |
| destructive | Two-phase manager-right update for a kDrive user. |
| destructive | Two-phase empty of all kDrive trash items, guarded by the current trash count. Not undoable. |
| destructive | Two-phase restore of one trashed file or folder, guarded by the current trash item details. |
| destructive | Two-phase permanent removal of one trashed file or folder. Not undoable. |
| destructive | Two-phase update of kDrive trash settings, guarded by the current drive settings snapshot. |
URL shortener
Tool | Annotation | Purpose |
| read-only | Short URLs configured on a domain. |
| destructive | Two-phase create. |
| destructive | Two-phase delete. |
Swiss Backup
Tool | Annotation | Purpose |
| read-only | Swiss Backup slots on the account. |
AI Tools
Tool | Annotation | Purpose |
| read-only | AI subscriptions the account owns. |
| read-only | Public catalogue of Swiss-sovereign LLM/STT models. |
Workflows (multi-step)
Tool | Annotation | Purpose |
| destructive | Site + DB + DNS in one orchestrated, plan-then-apply flow. |
| read-only | Cross-zone audit: missing SPF/DMARC, dangling records, …. |
Escape hatch (everything else)
Tool | Annotation | Purpose |
| destructive | Reach any endpoint on |
Limitations
Hard rate limit of 60 req/min on
api.infomaniak.com. The MCP throttles automatically with a token-bucket. You will see brief queueing delays on heavy bursts; this is intentional and protects your token from blacklisting.No
directoryoutside/sites/when creating a site. Required by the manager backend (silently no-ops otherwise — seeAPI-REFERENCE.md).Manager session cookies expire (typically every few hours / when you sign out of Chrome). Re-open manager.infomaniak.com to refresh.
One concurrent operation per hosting — Infomaniak rejects concurrent POSTs on the same hosting with
400 operation_in_progress. The MCP serializes write calls per hosting.WordPress installation is intentionally out of scope. Create the empty site with this MCP, then install WP from the manager's wizard (the
applications/addflow uses an undocumented per-step wizard that is too brittle to automate cleanly today).
FAQ
Is this an official Infomaniak product?
No. It is community-driven, MIT-licensed, and not affiliated with, endorsed by, or sponsored by Infomaniak Network SA. See the disclaimers in NOTICE and API-REFERENCE.md.
Does it work with clients other than Claude?
Yes. It speaks the standard Model Context Protocol over stdio, so it works with any MCP-capable client — Claude Desktop, Claude Code, Cursor, Cline, Continue, Zed AI, and the MCP Inspector for debugging.
Will my Infomaniak token / session ever leave my machine?
No. The server runs locally over stdio. Your Bearer token is read from INFOMANIAK_API_TOKEN (env or .env) and used only to call api.infomaniak.com. The Chrome cookies (SASESSION, MANAGER-XSRF-TOKEN) live in memory for the duration of a single tool call and are never persisted. Logs redact every sensitive value (tokens, cookies, passwords).
Does it support self-hosting / running outside macOS?
Yes — INFOMANIAK_AUTH_MODE=manual lets you paste cookies straight into env vars, which is the path to use on Linux servers, Docker containers, or CI. Auto-extraction from Chrome works on macOS, Windows, and Linux when Chrome is installed locally.
Why does site creation use a manager-private endpoint and not the public API?
Because the public POST /1/products/{id}/web_hostings/{hid}/sites endpoint silently returns a success response without actually creating anything. The manager-private endpoint requires force_fqdn: true, directory: /sites/..., and environment: apache_php — none of which are documented in the public API. Full note in API-REFERENCE.md.
Can it install WordPress automatically?
Not today. The manager's applications/add flow is a multi-step wizard with per-step tokens that is brittle to script. The recommended pattern is: create the empty site with this MCP, then install WordPress (or any other CMS) from the manager wizard or by uploading via FTP/SSH.
Is there a hosted / SaaS version?
No. By design — this server runs against your own credentials on your own machine. There is no hosted SaaS, no hosted proxy, no telemetry.
How do I report a bug or request a tool?
Open an issue in this fork's repository. Include the exact tool call, the input,
the response (sanitized — strip tokens, cookies, customer names), and your
environment (Node version, OS, MCP client, plan tier). PRs with a failing test
are doubly welcome. For upstream-only issues, use the original
Mogacode-ma/infomaniak-mcp-agent
repository.
What about Infomaniak's own AI Tools?
Infomaniak runs a Swiss-sovereign AI cloud hosting Llama, Mixtral, Whisper and other open-weights models. This MCP exposes infomaniak_list_ai_products and infomaniak_list_ai_models so an agent can discover what's available and what models are public on your account; we deliberately do not wrap their inference endpoints (use the OpenAI-compatible API directly for that).
Contributing
Contributions are welcome. Please read CONTRIBUTING.md and follow the CODE_OF_CONDUCT.md. Security issues should be reported privately per SECURITY.md.
License
MIT. This fork preserves the original Mogacode MIT copyright and
adds separate copyright attribution for the admin-focused fork additions. See
NOTICE for upstream attribution and the trademark disclaimer.
This project is not affiliated with Infomaniak Network SA. "Infomaniak", "kDrive", "kChat", "kMeet", "kSuite", "Swiss Backup" are trademarks of Infomaniak Network SA.
This server cannot be installed
Maintenance
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/henrikogaard/infomaniak-admin-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server