bexio-mcp
OfficialThis server provides comprehensive access to the bexio Swiss business software API, enabling full management of contacts, sales documents, purchasing, accounting, banking, projects, time tracking, payroll, and more.
Contact Management: Create, update, delete, search, and bulk-manage contacts (companies and persons), contact relations, groups, sectors, and additional addresses.
Sales Documents: Full lifecycle management for quotes, orders, deliveries, and invoices — create, issue, accept/cancel, send via email, copy, convert (e.g., quote to order/invoice), and generate PDFs. Manage line items (custom, article, text, subtotal, discount, pagebreak, subposition), comments, and document settings.
Invoice Payments & Reminders: Record payments on invoices, and create/send payment reminders with PDF generation.
Purchasing: Manage supplier bills, expenses, and purchase orders including status changes, duplication, and outgoing payments (IBAN, QR, manual, cash discount).
Accounting: Access and manage chart of accounts, account groups, business/calendar years, VAT periods, taxes, accounting journal, currencies, exchange rates, and manual accounting entries (with file attachments).
Banking: Read configured bank accounts and manage outgoing bank payments.
Items & Stock: Create, update, delete, and search products/services; read stock locations and areas.
Projects & Time Tracking: Create, update, archive, and search projects; manage planning milestones and work packages; track time entries by project, user, or service.
Files: Upload, download, preview, search, update, and delete files; check where files are attached within bexio.
Payroll: Manage employees and absences; download paystub PDFs.
Master Data: Manage lookup tables — salutations, titles, countries, languages, units, payment types, business activities, and communication types.
Notes & Tasks: Create, read, update, delete, and search notes and tasks/todos linked to contacts or projects.
Users & Permissions: List regular users, manage fictional users, and check permissions.
Company Profile: Read company profile information.
Configuration: Supports OAuth2 and personal access tokens, read-only mode, tool group filtering, language settings, rate limit retries, and streamable HTTP transport for server-side deployment.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@bexio-mcplist my recent contacts"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
bexio-mcp
MCP server and typed TypeScript client for the bexio API — the Swiss business software for contacts, quotes, orders, invoicing, purchasing, accounting, banking, projects, time tracking and payroll.
Complete: covers all 310 documented operations of the bexio API through 35 well-described MCP tools (enforced by a coverage test against the official OpenAPI spec).
Reusable: the typed API client is a standalone entry point (
bexio-mcp/client) with zero MCP dependencies — use it in any Node.js project.Safe: opt-in read-only mode, destructive-action annotations, tool-group filtering, and API errors mapped to actionable messages (expired token, missing scope, rate limit) instead of crashes.
Robust: automatic retry on rate limits (honouring
RateLimit-Reset), retries for transient GET failures, request timeouts, typed error hierarchy.
Quick start
1. Choose an authentication method
Option A — Personal Access Token (simplest, personal use): create a PAT at developer.bexio.com/pat. PATs have full access to your company data and expire after six months. Set it as BEXIO_API_TOKEN.
Option B — App workflow (OAuth 2.0 Authorization Code Flow, for apps and scoped access):
Create an app at developer.bexio.com and add
http://127.0.0.1:33771/callbackto its Allowed redirect URLs.Reveal the Client ID and Client Secret under "App Details".
Authorize once — a browser opens for the bexio consent screen:
BEXIO_CLIENT_ID=… BEXIO_CLIENT_SECRET=… npx bexio-mcp loginRequested scopes are derived from the enabled tool groups (write scopes are dropped in
--read-onlymode); override with--scopes. Tokens land in~/.bexio-mcp/tokens.json— treat that file like a password.Start the server with the same
BEXIO_CLIENT_ID/BEXIO_CLIENT_SECRETenv (noBEXIO_API_TOKEN): it uses the stored tokens and auto-refreshes them, persisting the rotated refresh token on every refresh. Withoffline_accessthe session stays valid as long as it refreshes at least once a year.
bexio-mcp whoami prints the authenticated user; bexio-mcp logout deletes the stored tokens (and also revokes them at the identity provider when the app credentials are set).
2. Add the server to your MCP host
Claude Code
claude mcp add bexio --env BEXIO_API_TOKEN=<your-token> -- npx -y bexio-mcpClaude Desktop / any MCP host (claude_desktop_config.json or equivalent):
{
"mcpServers": {
"bexio": {
"command": "npx",
"args": ["-y", "bexio-mcp"],
"env": {
"BEXIO_API_TOKEN": "<your-token>"
}
}
}
}That's it — ask your model to "list open bexio invoices", "create a quote for Muster AG", or "how many hours were tracked on project X this month?".
Using something else? There are copy-paste quick-starts for Cursor, VS Code, Windsurf, Gemini CLI, Codex CLI, Pi, Agno, OpenAI Agents SDK, Pydantic AI, LangChain/LangGraph, n8n, the Claude Agent SDK and more in docs/integrations.
Related MCP server: mcp-server-smallinvoice
Configuration
Environment variable | CLI flag | Description |
|
| Static token (PAT or OAuth access token). Wins over the app workflow. |
|
| OAuth app client id (app workflow). |
|
| OAuth app client secret (app workflow). |
|
| Scopes for |
|
| Loopback redirect URI (default |
|
| OAuth token file (default |
|
|
|
|
| Comma-separated groups to enable (default: all). See groups below. |
|
|
|
|
|
|
|
| API host override (default |
|
| Per-request timeout in milliseconds (default 30000). |
bexio-mcp --list-tools prints the tools that would be registered; --help shows usage.
Read-only mode
BEXIO_API_TOKEN=… BEXIO_READ_ONLY=true npx bexio-mcpWrite actions return an explanatory error without touching the API; tools that only write are hidden entirely. Recommended when you want analysis/reporting but no mutations.
Tool groups
contacts, sales, purchase, accounting, banking, items, projects, files, payroll, misc
BEXIO_TOOL_GROUPS=contacts,sales,items npx bexio-mcpTools
Tools are grouped per resource with an action argument; each tool's description documents every action and its required arguments.
Group | Tools |
contacts |
|
sales |
|
purchase |
|
accounting |
|
banking |
|
items |
|
projects |
|
files |
|
payroll |
|
misc |
|
Highlights:
Full document lifecycle: create → issue → send/mark-as-sent → payments/reminders → PDF, for quotes, orders, deliveries and invoices — including converting quotes to orders/invoices and orders to deliveries/invoices.
All seven position types (item, custom, text, subtotal, discount, pagebreak, sub-position) on quotes, orders and invoices via one generic
bexio_document_positionstool.PDF and file downloads accept a
save_pathargument so large documents go to disk instead of the context window.Legacy search endpoints take
search_criteria:[{ "field": "name_1", "value": "Muster", "criteria": "like" }], combined with AND.
Server-side & Docker
bexio-mcp serve-http runs the server on the streamable HTTP transport — no GUI, configuration only, with automatic token refresh. Two auth modes, combinable:
Multi-user (pass-through): don't configure any server credentials. Every client sends its own
Authorization: Bearer <bexio PAT or OAuth access token>header; each MCP session acts as that user against bexio, and nothing is stored server-side. Sessions without a token are rejected with 401.Shared identity (single-tenant): configure
BEXIO_API_TOKENor the app credentials — then sessions without their own bearer use the server's identity. This grants unauthenticated, full access to that bexio account to anyone who can reach the port. On non-loopback binds (including Docker) it therefore stays off until you explicitly setBEXIO_HTTP_SHARED_IDENTITY=true; publish the port to loopback or a private network only (-p 127.0.0.1:8722:8722).
Headless OAuth (no browser anywhere): obtain a refresh token once — either run bexio-mcp login on a workstation and copy ~/.bexio-mcp/tokens.json into the container volume, or seed via BEXIO_REFRESH_TOKEN. The server refreshes it on first use and persists the rotated tokens to BEXIO_TOKEN_STORE; a stale seed left in the environment is ignored once the store holds fresher tokens.
docker build -t bexio-mcp . # or: docker pull ghcr.io/mydata-ag/bexio-mcp:latest
# Multi-user: clients authenticate themselves per request
docker run -p 8722:8722 bexio-mcp
# Single-tenant with app workflow + automatic refresh, tokens survive restarts.
# Note the explicit shared-identity opt-in and the loopback-only publish.
docker run -p 127.0.0.1:8722:8722 -v bexio-tokens:/data \
-e BEXIO_CLIENT_ID=… -e BEXIO_CLIENT_SECRET=… -e BEXIO_REFRESH_TOKEN=… \
-e BEXIO_HTTP_SHARED_IDENTITY=true \
bexio-mcpConnect any MCP client to http://host:8722/mcp (e.g. Agno: MCPTools(transport="streamable-http", url="http://host:8722/mcp"), with the bearer header for multi-user mode). GET /healthz serves Docker health checks.
Security notes: terminate TLS in a reverse proxy — bearer tokens must not cross networks in plain HTTP; the server binds 127.0.0.1 by default outside Docker; idle sessions are closed after 30 minutes and concurrent sessions are capped (503 past the limit); loopback binds validate the Host header against loopback values (DNS-rebinding protection) — behind a proxy, list your public hostname(s) in BEXIO_HTTP_ALLOWED_HOSTS; a bind-mounted /data must be writable by uid 1000 (prefer the named volume); env-passed secrets are visible via docker inspect — use your orchestrator's secret mechanism where available.
Environment variable | CLI flag | Description |
|
| Bind address (default |
|
| Port (default |
|
| Endpoint path (default |
|
| Opt-in: anonymous sessions may use the server identity on non-loopback binds (unauthenticated account access — see above). |
|
| Max concurrent MCP sessions (default 64). |
|
| Accepted |
|
| Headless bootstrap: seed the token store from a refresh token. |
Using the client without MCP
The typed client is dependency-free (uses global fetch) and importable on its own:
import { BexioClient } from 'bexio-mcp/client';
const bexio = new BexioClient({
token: process.env.BEXIO_API_TOKEN!, // string or async () => string
language: 'de',
});The OAuth building blocks are exported too — BexioOAuth (authorization URL with PKCE, code exchange, refresh with rotation) and OAuthTokenProvider (auto-refreshing token source) from bexio-mcp/client, plus FileTokenStore and runLoginFlow from bexio-mcp:
import { BexioClient, BexioOAuth, OAuthTokenProvider } from 'bexio-mcp/client';
import { FileTokenStore } from 'bexio-mcp';
const oauth = new BexioOAuth({ clientId, clientSecret });
const provider = new OAuthTokenProvider(oauth, new FileTokenStore());
const bexio = new BexioClient({ token: provider.accessTokenProvider() });
// Typed resource APIs mirroring the bexio docs
const contacts = await bexio.contacts.search([{ field: 'name_1', value: 'Muster' }]);
const invoice = await bexio.invoices.createInvoice({ contact_id: contacts[0]!.id, positions: [/* … */] });
await bexio.invoices.issueInvoice(invoice.id);
// Escape hatch for anything else
const me = await bexio.http.get('/3.0/users/me');Errors are typed: BexioApiError (with status, errorCode, body, plus isAuthError/isPermissionError/isNotFound/isRateLimit), BexioRateLimitError, BexioNetworkError, BexioConfigError.
Embedding the server in your own process:
import { BexioClient, createBexioMcpServer } from 'bexio-mcp';
import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
const server = createBexioMcpServer({
client: new BexioClient({ token: myToken }),
groups: ['contacts', 'sales'],
readOnly: true,
});
await server.connect(new StdioServerTransport());Development
npm install
npm run typecheck # tsc --noEmit
npm test # vitest (includes the API coverage gate)
npm run build # tsup → dist/ (ESM + CJS + d.ts)With just: just check runs the full gate, just docker-build builds the image.
Releasing
Releases are tag-driven: pushing vX.Y.Z triggers the release workflow, which verifies the tag against package.json, runs the full gate, pushes the multi-arch Docker image to ghcr.io/mydata-ag/bexio-mcp (latest, X.Y, X.Y.Z), creates the GitHub release with generated notes, and publishes to npm when the NPM_TOKEN secret is configured.
just bump minor # bump package.json + src/version.ts, commit "Release vX.Y.Z"
git push # let CI pass on main
just tag # tag vX.Y.Z (verifies clean tree, main, pushed, version sync) and push itSee docs/ARCHITECTURE.md for the layering and module conventions. The API surface is pinned in tests/fixtures/operations.json (extracted from the official docs); tests/coverage.test.ts fails when bexio documents operations this package does not cover.
Notes & limitations
The bexio API rate limit is per company; heavy parallel use of tools can hit 429s — the client waits and retries automatically.
bexio deletes are permanent (no trash). Destructive tool actions are annotated and blocked in read-only mode, but be deliberate.
Credit notes and a handful of business processes are not exposed by the bexio API itself (see their FAQ).
This is an unofficial project; not affiliated with bexio AG.
License
MIT
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/mydata-ag/bexio-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server