clue2app-user-mcp
OfficialClick on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@clue2app-user-mcplist all users"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
clue2app-user-mcp
MCP server exposing coordinator's user/membership/role admin operations as
tools for LLM callers (agents, Claude Desktop, etc.). Every tool is a thin
passthrough to coordinator's /api/users/* endpoints — RBAC is enforced
entirely by coordinator using the caller's bearer token; this service does
not validate or interpret tokens itself.
Tool catalog
Group | Tool | Coordinator endpoint |
users |
|
|
users |
|
|
users |
|
|
users |
|
|
users |
|
|
memberships |
|
|
roles |
|
|
roles |
|
|
Related MCP server: Meraki MCP Server
Local dev (stdio transport)
cd clue2app-user-mcp
python -m venv .venv && source .venv/bin/activate
pip install -e .
export COORDINATOR_URL=http://localhost:8081 # or your coordinator base URL
export COORDINATOR_TOKEN=<a coordinator-issued bearer token>
user-mcp # defaults to --transport=stdio
# or: python -m user_mcp.server --transport=stdioPoint an MCP-capable client (Claude Desktop, mcp dev, etc.) at the
user-mcp command with those two env vars set. stdio has no per-request
auth header, so the token is read once from COORDINATOR_TOKEN at startup
and reused for every tool call in that session.
Quick smoke test
python -c "
import sys; sys.path.insert(0, 'src')
from user_mcp import server
print([t for t in dir(server) if not t.startswith('_')][:5])
"Hosted deploy (SSE transport)
The Knative/kpack deployment runs the SSE transport, which reads the bearer
token per-request from the inbound Authorization: Bearer <token> header —
each caller supplies their own token, so a single instance safely serves
many callers at different privilege levels.
python -m user_mcp.server --transport=sse --port=$PORTThis is exactly what Procfile runs. Paketo's Python buildpack detects
pyproject.toml directly (no requirements.txt needed, no Dockerfile
needed) and uses python -m so we don't depend on where the buildpack
places console-script shims in the launch image.
Env vars
Var | Required | Notes |
| yes | e.g. |
| stdio only | ignored by the SSE transport |
| no | Knative-injected; defaults to 8080 |
No secrets are baked into this service — every tool call carries its own token, and the service holds nothing longer than the lifetime of a single request.
Endpoints
GET /sse— MCP session endpoint (SSE transport)POST /messages— MCP message endpoint (SSE transport)GET /health—200 {"status": "ok"}, no coordinator round-trip. Wire bothreadinessProbeandlivenessProbeto this path — a coordinator outage must not cascade into MCP pod restarts.
Layout
src/user_mcp/
├── server.py # FastMCP init, CLI dispatch, /health, transport wiring
├── coord_client.py # httpx.AsyncClient wrapper, bearer passthrough
├── auth.py # bearer_from_context() using a contextvar
└── tools/
├── users.py # list/get/disable/enable/resolve_duplicates
├── memberships.py # list_user_memberships
└── roles.py # grant/revoke_roleMaintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/clue2solve/clue2app-user-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server