anthropic-admin-mcp

The MCP server Anthropic hasn't shipped yet — full coverage of the Anthropic Admin API and the Usage & Cost API, properly typed, properly tooled, and properly safety-scoped.

Manage your Anthropic organization from any MCP-compatible client (Claude Desktop, Cursor, Windsurf, ChatGPT, etc.) using natural language:

• "What did my organization spend last week, grouped by workspace?"

• "Which API key burned through the most Opus tokens yesterday?"

• "Show me Pre-Mortem's usage day-by-day for the last 14 days."

• "Invite contractor@example.com as a developer to the Sandbox workspace."

• "Deactivate the API key named 'old-laptop'."

10 read tools, 10 write tools, audit logging, optional workspace scoping, read-only mode, role-escalation guard.

Why this exists

Anthropic ships an excellent Admin API with ~22 endpoints across organization management, workspaces, members, API keys, usage reporting, and cost reporting. Existing MCP wrappers from third parties cover a tiny slice of it through commercial integration platforms. This server is native, free, open-source, and complete — installable in two minutes against your own Admin key.

Install

pip install git+https://github.com/Trushtonfactory/anthropic-admin-mcp.git

Or for local development:

git clone https://github.com/Trushtonfactory/anthropic-admin-mcp.git
cd anthropic-admin-mcp
python3 -m venv .venv
source .venv/bin/activate
pip install -e .

Configure

1. Get an Admin API key at console.anthropic.com → Settings → Admin Keys. Requires an Organization plan (Team / Pro+ / Enterprise) and the admin role. Individual accounts cannot create Admin keys.

2. Copy .env.example to .env and fill in your key:

   cp .env.example .env
   # edit .env: ANTHROPIC_ADMIN_KEY=sk-ant-admin-...

3. Wire it into your MCP client. For Claude Desktop, add to ~/Library/Application Support/Claude/claude_desktop_config.json:

   {
     "mcpServers": {
       "anthropic-admin": {
         "command": "anthropic-admin-mcp",
         "env": {
           "ANTHROPIC_ADMIN_KEY": "sk-ant-admin-..."
         }
       }
     }
   }

   See examples/claude_desktop_config.json for more options (read-only mode, workspace scoping).

Tools

Read (10)

Write (10) — all require confirm=True

Running

# Full mode (read + write), stdio transport
anthropic-admin-mcp

# Read-only — recommended for first-time setup
anthropic-admin-mcp --read-only

# Streamable HTTP (for remote MCP clients)
anthropic-admin-mcp --http --port 8000

# Restrict writes to specific workspaces (set in .env or shell)
ALLOWED_WORKSPACES=wrkspc_abc,wrkspc_xyz anthropic-admin-mcp

Safety

See SECURITY.md for the full threat model and design notes. The short version:

• Reads are open. Anything the Admin API exposes with your key, this server exposes.

• Writes are guarded. Every mutation requires confirm=True, gets audit-logged to JSONL, and respects optional workspace scoping.

• Role escalation is blocked client-side even though the API itself blocks it server-side — clearer error messages for Claude.

• No credential exfiltration paths. The Admin API never returns key values, and this server never logs the Admin key itself.

Status

v0.1.0 — read + write tool surface complete. Pagination, error messages, and audit logging tested manually. No usage limits implemented yet. Pydantic response models are minimal (tools return raw dicts).

Issues and PRs welcome.

License

MIT — see LICENSE.