NinjaOne MCP
The NinjaOne MCP server lets you manage NinjaOne IT ticketing from any MCP-compatible client using your own OAuth credentials.
Ticket Management
Search tickets – List tickets from a board with pagination and filtering
Get ticket – Retrieve full details of a single ticket by ID
Create ticket – Create new tickets with subject, description, type, status, priority, severity, organization, and assignee
Update ticket – Modify existing tickets (status, priority, severity, assignee, subject)
Add comment – Post public responses or private/internal notes to tickets
Discovery & Lookup
List boards – Return the default board ID
List statuses – Retrieve all available ticket statuses with their IDs
List organizations – Browse NinjaOne client/organization records (paginated)
List technicians – Enumerate app users with their numeric IDs for ticket assignment
Authentication
Get auth URL – Generate a NinjaOne OAuth authorization URL to begin the manual login flow
Exchange code – Trade an OAuth authorization code for a refresh token to enable write operations
Read operations work with client credentials only; write operations require user-context auth (refresh token or session key). The server runs locally over stdio with no third-party service involved.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@NinjaOne MCPSearch for high priority tickets from last week"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
NinjaOne MCP
A local Model Context Protocol server for NinjaOne ticketing. It lets any MCP client (Claude Desktop, Claude Code, and others) search, read, create, update, and comment on NinjaOne tickets.
Runs locally over stdio using your own NinjaOne OAuth credentials. No third-party service sits in the middle.
Tools
Tool | Description |
| List tickets from a board (paginated) |
| Get a single ticket by ID |
| Create a ticket |
| Update a ticket (status, priority, severity, assignee, subject) |
| Add a public response or private note to a ticket |
| List ticket statuses with IDs |
| List organizations (clients) |
| List technicians with their numeric IDs |
| Return the default board ID |
| Manual OAuth flow to obtain a user refresh token |
Related MCP server: jitbit-helpdesk-mcp
Prerequisites
Node.js 18+
A NinjaOne API OAuth client (NinjaOne > Administration > Apps > API):
Client ID and Client Secret
Scopes:
monitoring(reads) andmanagement(ticket writes)For user-context writes (comments authored as you), enable the Authorization Code grant and the
offline_accessscope, and register a redirect URI (http://localhost:3846/for the built-in flow, orhttps://localhostif you useget-refresh-token.js).
Install
git clone https://github.com/cyberkoder/ninjaone-mcp.git
cd ninjaone-mcp
npm installConfiguration
All configuration is via environment variables (see .env.example):
Variable | Required | Notes |
| yes | Your region's host, e.g. |
| yes | OAuth client ID |
| yes | OAuth client secret |
| no | Defaults to |
| for writes | User-context refresh token (preferred). See below. |
| alt | NinjaOne web session cookie value (expires with the browser session) |
| no | Default org ID for |
| no | Port for the one-time interactive login (default |
Reads (search_tickets, get_ticket, list tools) work with just the client ID/secret via client_credentials. Writes require user context (a refresh token or session key). If neither is set, the first write opens a browser once to authenticate you and captures a refresh token for the session.
Getting a refresh token
NINJA_CLIENT_ID=... NINJA_CLIENT_SECRET=... node get-refresh-token.jsFollow the prompts, then set the printed value as NINJA_REFRESH_TOKEN.
MCP client setup
Claude Desktop
Add to claude_desktop_config.json:
{
"mcpServers": {
"ninjaone": {
"command": "node",
"args": ["/absolute/path/to/ninjaone-mcp/index.js"],
"env": {
"NINJA_BASE_URL": "https://app.ninjarmm.com",
"NINJA_CLIENT_ID": "your-client-id",
"NINJA_CLIENT_SECRET": "your-client-secret",
"NINJA_REFRESH_TOKEN": "your-refresh-token"
}
}
}
}Claude Code
claude mcp add ninjaone -- node /absolute/path/to/ninjaone-mcp/index.jsThen set the NINJA_* environment variables for the server (via the config file's env block or your shell).
Known limitations
These reflect how NinjaOne's ticketing API actually behaves, so you know what to expect:
Reads vs. writes need different auth.
client_credentials(client ID + secret) is read-only. Creating, updating, or commenting on tickets requires user context - a refresh token, a session key, or the one-time browser login. With reads-only auth, write tools return an auth error.Authorization Code grant must be enabled. Older NinjaOne OAuth clients only expose the "Refresh Token" grant and return
unauthorized_clientfor the authorization-code flow. Enable Authorization Code (and theoffline_accessscope) on the API client, or the interactive/get-refresh-token.jsflows won't work.Comments must be
multipart/form-data. The/commentendpoint rejectsapplication/jsonwith HTTP 415. This server already posts the correct form encoding - noted so forks don't regress it.Refresh tokens rotate. NinjaOne may issue a new refresh token on use. The server logs the rotated value to stderr, but it only persists for the process lifetime - copy it back into
NINJA_REFRESH_TOKENto keep it across restarts.Session keys are short-lived.
NINJA_SESSION_KEYis a browser-session cookie and expires when that session ends. Prefer a refresh token for anything long-running.update_ticketis read-modify-write. It fetches the ticket first to supply the requiredversionandrequesterUid, so concurrent edits can hit optimistic-locking conflicts. Some status transitions (e.g. directly to a closed state) are restricted by NinjaOne's workflow.Interactive login is local-only. The automatic browser flow needs a localhost redirect and a desktop browser; it won't work in headless/CI environments (use a pre-obtained
NINJA_REFRESH_TOKENthere).No "list boards" API. NinjaOne doesn't expose one; board
1is the default. Uselist_organizationsandlist_techniciansto discover IDs.No built-in rate-limit handling or retries, and the toolset is intentionally scoped to core ticketing (no attachments, custom fields, time entries, or asset/monitoring endpoints yet). PRs welcome.
This is an independent open-source project and is not affiliated with or endorsed by NinjaOne.
License
MIT
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/cyberkoder/ninjaone-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server