NetSuite SuperMCP
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@NetSuite SuperMCPshow me the last 5 invoices"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
NetSuite SuperMCP
NetSuite SuperMCP is a single MCP endpoint for AI clients to operate NetSuite through the NetSuite OAuth account and role you configure.
Includes:
Streamable HTTP MCP endpoint.
Bearer-token protection for MCP clients.
Strict Zod config parsing.
Tool risk metadata and audit logging.
File-backed audit log.
NetSuite REST/RESTlet adapter boundaries.
Read, write, action, audit, capability, and account-permission tools.
Local Setup
bun install
cp .env.example .env
bun run install:clients --list
bun run install:clients --all-detected
bun run typecheck
bun test
bun run smoke
bun run devWindows setup wrapper:
.\setup.ps1 -AllDetectedOr run setup.cmd from Explorer/terminal. The setup wrapper installs dependencies, creates .env
from .env.example when missing, and registers detected MCP clients without changing any client
approval settings.
macOS/Linux setup wrapper:
sh ./setup.sh --all-detectedThe MCP endpoint is available at:
http://127.0.0.1:3025/mcpHealth check:
http://127.0.0.1:3025/healthRelated MCP server: Salesforce-Hosted-Custom-Mcp-Server
Verification
bun run typecheck
bun run lint
bun test
bun run check:restlet-contract
bun run smokebun run smoke starts the server with sandbox-shaped local config, verifies /health,
unauthorized MCP rejection, MCP initialize, and ns_getEnvironment, then shuts the server down.
Deployment details are in docs/deployment.md. Agent client setup details are in docs/client-setup.md.
NetSuite Identity Model
Execution uses the NetSuite OAuth 2.0 Client Credentials / M2M mapping from .env.
Whoever you map in NetSuite is the account and role that performs the work.
SuperMCP does not impose a specific employee, role, or naming convention. It also does not bypass NetSuite authorization; NetSuite allows or denies actions based on the mapped account's permissions.
Tool Safety
Tools return risk metadata and write audit events. Client applications, harness settings, or the
user decide approval. Use ns_checkAccountPermissions to probe the configured account's effective
REST, SuiteQL, record metadata, and optional RESTlet access.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/kaannsaydamm/NetSuite-SuperMCP'
If you have feedback or need assistance with the MCP directory API, please join our Discord server