invoiceninja-mcp-server
Provides tools for interacting with Invoice Ninja v5 (self-hosted) API, enabling management of invoices, clients, payments, and other resources through CRUD operations, bulk actions, and reports.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@invoiceninja-mcp-serverlist my recent invoices"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
@nightsquawktech/invoiceninja-mcp-server
MCP server for Invoice Ninja v5 (self-hosted). Exposes all 379 API endpoints through 3 consolidated tools backed by a generated endpoint catalog, rather than one tool per endpoint.
Why a catalog, not 379 tools
Invoice Ninja's REST API has ~379 operations across ~31 resources (full CRUD + bulk +
actions + 27 reports). One MCP tool per endpoint would be unusable: huge context cost
and poor tool selection. Instead, every endpoint is described by a JSON spec file under
src/catalog/endpoints/, and three generic tools read that catalog:
Tool | Purpose |
| Discover endpoints (slug, method, path, category, mutating flag, one-line summary). |
| Full spec for one endpoint: method, path, path/query params, request-body fields (types, required, enums, descriptions), and |
| Validate against the catalog, then execute. Mutating endpoints (POST/PUT/DELETE) require |
Expected flow: discover → describe → call.
Related MCP server: Finizi B4B MCP Server
The endpoint catalog
src/catalog/endpoints/<slug>.json: one spec per endpoint, generated from the OpenAPI spec (openapi/api-docs.yaml@ invoiceninja v5-stable). Carries method, path, name, category,mutating, description,whenToUse, path/query/header parameters, and request-body fields.src/catalog/index.json: aggregate discovery index (slug, method, path, category, mutating, summary) plus counts.
Regenerate after a spec bump:
curl -sL https://raw.githubusercontent.com/invoiceninja/invoiceninja/v5-stable/openapi/api-docs.yaml -o spec/api-docs.yaml
npm run generate # parse spec -> src/catalog/endpoints/*.json
npm run catalog # rebuild src/catalog/index.json
npm run buildThe whenToUse field (when-to-reach-for-this guidance) is filled by an enrichment pass
(scripts/apply-enrichment.mjs) and surfaced by describe_endpoint / list_endpoints.
Setup
npm install
npm run buildEnvironment (self-hosted)
Variable | Required | Description |
| Yes | Instance URL, no trailing slash, no |
| Yes | API token (Settings → Account Management → Integrations → API Tokens). Sent as |
| No | Request timeout, default 30000 |
MCP client configuration
{
"mcpServers": {
"invoiceninja": {
"command": "npx",
"args": ["-y", "@nightsquawktech/invoiceninja-mcp-server"],
"env": {
"INVOICENINJA_BASE_URL": "https://your-instance.example.com",
"INVOICENINJA_API_TOKEN": "<token>"
}
}
}
}Write safety
call_endpoint runs read-only GET endpoints freely. Any mutating endpoint requires
authorization_confirmed: true and a non-empty authorization_note; without both,
the call is refused before any HTTP request is made. Before a mutating call executes,
the client writes a JSON backup (request payload, authorization note, and best-effort
prior record for PUT/DELETE by id) under the system temp dir. The catalog flags every
endpoint's mutating status, and as defense-in-depth any {action} route (email,
mark_paid, archive, delete, clone, and similar) is treated as mutating even though
some are GETs, so state-changing action endpoints can never run unguarded.
Smoke test (read-only)
scripts/smoke-test.mjs sweeps every non-mutating endpoint against a live instance:
186 of 379, including the 36 POST-but-read-only reports/charts/preview/templates/search
(sent with an empty body so no side effect fires). It calls collection/report endpoints
first, harvests sample ids, then exercises by-id endpoints, reporting PASS/FAIL/SKIP each.
The 193 mutating endpoints (incl. the 6 state-changing action_* GETs) are excluded and
the header says so, so a green run is never mistaken for full-API coverage.
INVOICENINJA_BASE_URL=... INVOICENINJA_API_TOKEN=... npm run build && npm run smokeLayout
src/
index.ts stdio MCP entry point
server/invoiceninja-mcp-server.ts singleton McpServer
catalog/
endpoint-spec.ts catalog types + loader (traversal-guarded)
index.json generated discovery index
endpoints/<slug>.json 379 generated endpoint specs
clients/invoiceninja-client.ts generic HTTP caller (X-Api-Token, backups)
tools/
list-endpoints.ts describe-endpoint.ts call-endpoint.ts
helpers/ types/
scripts/
generate-catalog.mjs parse OpenAPI spec -> endpoint files
assemble-catalog.mjs endpoint files -> index.json
apply-enrichment.mjs write whenToUse from the enrichment pass
smoke-test.mjs read-only live sweepSee SCOPING.md for the API inventory and design rationale.
License
Licensed under the GNU AGPL v3.0. Free for personal and open-source use.
Organizations that cannot comply with the AGPL can purchase a commercial license. See COMMERCIAL.md or contact hello@nightsquawk.tech.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/NightSquawk/invoiceninja-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server