CI MCP Server
Provides tools for managing SAP Cloud Integration (CPI) artifacts, including integration content (iFlows, value mappings, script collections), message processing logs, message stores, log files, security content (keystores, certificates, credentials, access policies), and partner directory entries, via OData APIs.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@CI MCP Serverlist deployed integration flows"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
CI MCP Server
An MCP (Model Context Protocol) server for SAP Cloud Integration (CPI), powered by odata-mcp-proxy. It exposes CPI OData APIs as MCP tools, allowing AI assistants like Claude to manage your integration landscape through natural language.
The entire server is defined through a single JSON config file -- no custom code required.
How It Works
This project uses the odata-mcp-proxy npm package, which maps OData/REST services to MCP tools based on a configuration file. You provide a config describing your APIs and entity sets, and the proxy generates the corresponding MCP tools automatically.
AI Assistant (Claude, Cursor, etc.)
|
| MCP Protocol (HTTP or stdio)
v
odata-mcp-proxy
|
| REST + OAuth2 (via BTP Destination Service)
v
SAP Cloud Integration OData APIThink of it like the SAP Application Router -- a ready-made runtime you configure, not code you write.
Exposed CPI APIs
The config file (ci-api-config.json) exposes the SAP Cloud Integration OData API, organized into the following categories:
Integration Content
Tool | Operations | Description |
| list, get, create, update, delete | Logical containers that group iFlows, value mappings, and other design-time artifacts |
| list, get, create, update, delete | iFlow design-time definitions (editable integration logic before deployment) |
| list, get | Deployed integration artifacts (deployment status, version, and errors) |
| list, get, create, update, delete | Lookup tables that translate codes/identifiers between sender and receiver systems |
| list, get, create, update, delete | Graphical structure-to-structure transformations between message formats |
| list, get, create, update, delete | Reusable Groovy or JavaScript libraries shared across iFlows |
| list, get, create, update, delete | Tenant-level labels for categorizing and filtering integration packages |
| list, get | Track whether an iFlow deployment is queued, running, or finished |
Message Processing Logs
Tool | Operations | Description |
| list, get | Execution history for iFlows, used to debug failed messages or monitor processing |
| list | ID mapping entries for exactly-once processing (source-to-target ID mappings) |
| list | Duplicate-check records ensuring a message is processed only once |
Message Stores
Tool | Operations | Description |
| list, get, delete | Key-value records persisted by iFlows for cross-message data sharing |
| list, get | Runtime variables persisted between iFlow executions (timestamps, counters, delta tokens) |
| list, get | Auto-incrementing counters for generating unique sequence numbers |
| list, get | Full messages persisted via the Persist step for later retrieval or retry |
| list, get | Messaging broker instances provisioned on the tenant |
| list | Individual JMS message queues with depth, capacity, and consumer status |
Log Files
Tool | Operations | Description |
| list, get | Tenant-level runtime logs (HTTP, default trace, audit) for troubleshooting |
| list, get | Compressed historical log bundles available for download |
Security Content
Tool | Operations | Description |
| list, get, delete | SSL/TLS certificates, key pairs, and trusted CA certificates |
| list, get | Full X.509 certificate chains for verifying trust paths |
| list, get | Public/private key pairs for SFTP adapter connectivity |
| list, get, create, update, delete | Stored username/password pairs for basic-auth connections |
| list, get, create, update, delete | Client ID/secret pairs and token endpoints for OAuth2 connections |
| list, get, create, update, delete | Encrypted key-value entries for sensitive configuration values |
| list, get, create, update, delete | Rules mapping inbound client certificates to CPI user roles |
| list, get, create, update, delete | Fine-grained authorization rules for integration artifacts |
Partner Directory
Tool | Operations | Description |
| list, get, create, update, delete | Trading partner entries driving dynamic iFlow routing |
| list, get, create, update, delete | Partner-specific text configuration values (endpoints, format codes) |
| list, get, create, update, delete | Partner-specific file-based configuration (XSLT, certificates, mappings) |
| list, get, create, update, delete | Additional partner identifiers (DUNS, GLN) mapping to a primary partner |
| list, get, create, update, delete | Users permitted to send messages on behalf of a specific partner |
All _list tools support OData query parameters: $filter, $select, $expand, $orderby, $top, $skip.
Prerequisites
Node.js 18+ (20+ recommended)
SAP BTP account with a Cloud Foundry environment
SAP Cloud Integration tenant (part of SAP Integration Suite)
BTP Destination configured for the CPI OData API with OAuth2 authentication
Cloud Foundry CLI (
cf) and MBT Build Tool (mbt) for deployment
Project Structure
ci-mcp-server/
├── package.json # Start script + odata-mcp-proxy dependency
├── ci-api-config.json # API configuration (defines all MCP tools)
├── mta.yaml # BTP Cloud Foundry deployment descriptor
├── xs-security.json # XSUAA OAuth2 configuration
├── default-env.json # Local dev credentials (gitignored)
└── LICENSEGetting Started
1. Install dependencies
npm install2. Configure BTP destination
Create a BTP Destination pointing to the CPI OData API:
Destination | URL |
|
|
The destination should use OAuth2 client credentials authentication with the CPI service key credentials.
3. Local development
Create a default-env.json with your BTP service bindings (XSUAA, Destination, Connectivity) to run locally:
npm startThis runs odata-mcp-proxy --config ci-api-config.json.
4. Deploy to BTP
npm run build:btp # Build MTA archive
npm run deploy:btp # Deploy to Cloud FoundryThe MTA deployment provisions three service instances:
Destination (lite) -- resolves the CPI API endpoint and manages OAuth2 tokens
Connectivity (lite) -- enables secure backend connectivity
XSUAA (application) -- handles OAuth2 authentication with role-based access control
Security
The XSUAA configuration (xs-security.json) defines three role templates:
Role | Scopes | Description |
| read | Read-only access to CPI data |
| read, write | Read and modify CPI data |
| read, write, admin | Full administrative access |
OAuth2 redirect URIs are pre-configured for Claude.ai, Cursor, Microsoft Teams, and local development.
License
MIT
This server cannot be installed
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/lemaiwo/ci-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server