zoho-analytics-mcp-worker
Provides tools for managing Zoho Analytics workspaces, views, tables, columns, and data; supports querying, exporting, and importing data via SQL or APIs; enables workspace administration, sharing, and publishing.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@zoho-analytics-mcp-workerList all tables in the Sales workspace"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
zoho-analytics-mcp-worker
The Zoho Analytics API v2 exposed as a remote MCP server, running as a Cloudflare Worker (Streamable HTTP + SSE). Built on the agents McpAgent.
Its client implements ALL 161 endpoints of the Zoho Analytics v2 API (verified against Zoho's official OpenAPI specs), exposed through 144 tools — discovery & metadata, the Data API, the sync/async/batch Bulk API, modeling (tables, query tables, reports, columns, lookups, formulas, folders, view lifecycle, dependents), workspace administration, sharing & collaboration (groups, admins), user management, publishing & embedding (URLs, slideshows), email schedules, variables, favorites, data-source sync, template export, and AutoML — plus conveniences the raw API lacks: a one-call workspace schema map, an end-to-end SQL-query helper that drives the async export job for you, bounded-concurrency batch reads, bounded job polling, and dry_run previews on destructive operations. The tool definitions live in src/tools.ts and the Zoho Analytics REST client in src/zohoanalytics.ts; both are transport-agnostic, so every build shares an identical tool surface. Set MCP_READONLY=true to register only the ~51 read tools.
This repo ships two deployments from the same code:
Worker | Auth | Use it from | Entry |
| static bearer token | Claude Code, Claude Desktop, programmatic | |
| OAuth 2.1 (single-user passphrase) | Claude.ai web custom connector |
Status: both deployments typecheck, bundle, and pass tests clean (
npm audit= 0 vulnerabilities). Secrets are set viawrangler secret putand are never committed.
Contents
Related MCP server: redash-mcp
Architecture
client bearer worker (src/index.ts)
Claude Code / Desktop / curl ── Authorization: Bearer <MCP_AUTH_TOKEN> ──┐
│
Claude.ai web ── OAuth 2.1 (passphrase) ── oauth worker (src/oauth.ts) ──┤
▼
ZohoAnalyticsMCP (McpAgent, Durable Object)
• registerTools(server, client) ← tools.ts
• ZohoAnalyticsClient ← zohoanalytics.ts
│
mints access tokens from a refresh token (accounts.zoho.*),
then Authorization: Zoho-oauthtoken <access_token>
ZANALYTICS-ORGID: <org id>
▼
Zoho Analytics REST API v2McpAgent+ Durable Object. MCP session state lives in a Cloudflare Durable Object (SQLite-backed, migrationv1). Both workers bind it asMCP_OBJECT→ classZohoAnalyticsMCP.Shared tool layer.
registerTools()andZohoAnalyticsClientare plain TypeScript with no Worker-specific imports, so the bearer worker and the OAuth worker share them.OAuth token management. Zoho access tokens expire hourly, so the client stores the refresh token + client id/secret and mints/caches access tokens itself, with a transparent refresh-and-retry on
401.Lean bundle. Only the
agents/mcpserver path is imported; theai/reactpeer dependencies ofagentsare never reached by the bundle.
Endpoints
Bearer worker (zoho-analytics-mcp):
Method | Path | Auth | Purpose |
|
| none | Health check → |
|
| Bearer | MCP Streamable HTTP (modern clients) |
|
| Bearer | MCP SSE (legacy clients) |
OAuth worker (zoho-analytics-mcp-oauth) — see OAuth worker.
Authentication
Two layers, kept separate:
Connector auth — who may call this MCP server.
Bearer worker is gated by a shared bearer token (
MCP_AUTH_TOKEN): fails closed (no secret → everything 401s), constant-time comparison. Right for programmatic use,mcp-remote, Claude Code/Desktop.OAuth worker implements OAuth 2.1 (PKCE + dynamic client registration) via
@cloudflare/workers-oauth-provider, gated by a single shared passphrase (APP_PASSPHRASE) on the consent screen — the only model Claude.ai web accepts.
Zoho auth — how the server calls Zoho Analytics. The server holds your Zoho refresh token + client id/secret (
ZOHO_*secrets) and mints short-lived access tokens at the matching accounts domain (accounts.zoho.<dc>/oauth/v2/token), sending them asAuthorization: Zoho-oauthtoken <token>along with theZANALYTICS-ORGIDheader. Tokens are cached in memory and refreshed automatically; a401triggers one transparent refresh-and-retry. See Getting Zoho OAuth credentials.
Data centers. Set ZOHO_DC to the data center your Zoho account lives in. Both the API host and the OAuth host are resolved from it:
| API host | Accounts (OAuth) host |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Tools
All tools call an external service (openWorldHint: true). IDs (workspace_id, view_id) come from the discovery tools. Filters use Zoho's criteria syntax — fully-qualified, double-quoted identifiers with single-quoted values, e.g. "Sales"."Region"='East'.
Discovery & metadata (read-only)
Tool | Purpose | Input |
| Health check — confirms the OAuth credentials work; lists accessible orgs; echoes the configured org id + data center | — |
| List the organizations the token can access (find your org id) | — |
| List workspaces (owned + shared); compact id/name by default |
|
| Details of one workspace |
|
| List views (tables, query tables, charts, pivots, dashboards) in a workspace; filter by type/keyword |
|
| Details of one view; includes column metadata by default |
|
| Look up workspace/view + columns by name instead of id |
|
| Schema map — lists views and fetches each table's columns (bounded concurrency) so you can understand a workspace before querying |
|
Read & query
Tool | Purpose | Input | Class |
| The headline tool — run an ad-hoc SQL |
| read-only |
| Synchronously export a table/view's rows (optionally filtered/projected) as parsed rows |
| read-only |
| Start an async export (by SQL or by view) for large results; returns a |
| read-only · not idempotent |
| Check an export job ( |
| read-only |
| Check an import job's status + summary |
| read-only |
Sync vs. async export.
zoho_export_datais synchronous and convenient, but Zoho disallows it for views over 1,000,000 rows, live-connect workspaces, and Dashboard/Query-Table views. For those — and for ad-hoc SQL — usezoho_query_data(waits inline) orzoho_create_export_job+zoho_get_export_job(for results too big to wait on).
Writes (gated by MCP_READONLY)
When MCP_READONLY=true, none of these are registered — they never even appear in tools/list.
Tool | Purpose | Input | Class |
| Add one row to a table |
| write |
| Update rows matching |
| destructive |
| Delete rows matching |
| destructive |
| Bulk-import CSV/JSON text into a table: |
| destructive |
| Create a new workspace (database) |
| write |
| Create a table with a column design (typed columns) |
| write |
| Move a view/table to the trash (restore with |
| destructive |
Safety: the destructive tools (delete row/column/folder/view/workspace, remove share/users, etc.) accept dry_run to preview without changing anything. "Update/delete all rows" requires an explicit update_all_rows/delete_all_rows flag — an empty criteria is rejected. truncateadd imports warn that they replace all data. Write calls are never auto-retried.
Modeling & schema (writes)
Build and reshape data models. Query tables: zoho_get_query_table, zoho_create_query_table, zoho_edit_query_table. Reports: zoho_create_report, zoho_update_report. Columns: zoho_add_column, zoho_rename_column, zoho_delete_column, zoho_hide_columns, zoho_show_columns, zoho_reorder_columns, zoho_add_lookup, zoho_remove_lookup. Formulas: zoho_add_formula_column, zoho_delete_formula_column, zoho_add_aggregate_formula, zoho_delete_aggregate_formula. Folders: zoho_create_folder, zoho_rename_folder, zoho_delete_folder. View lifecycle: zoho_rename_view, zoho_save_as_view, zoho_move_views_to_folder, zoho_sort_data, zoho_create_table_from_data, and trash ops zoho_get_trash · zoho_restore_view · zoho_delete_trash_view. Workspace admin: zoho_rename_workspace, zoho_delete_workspace, zoho_copy_workspace, zoho_copy_views, zoho_regenerate_workspace_secret_key (rotates/invalidates the key). Plus reads zoho_get_workspace_secret_key, zoho_list_folders, zoho_get_view_metadata, zoho_list_dashboards, zoho_list_recent_views, zoho_list_datasources.
Sharing & collaboration
zoho_share_views, zoho_update_shared_views, zoho_remove_share, zoho_get_shared_details, zoho_get_my_permissions. Groups: zoho_list_groups, zoho_create_group, zoho_rename_group, zoho_delete_group, zoho_add_group_members, zoho_remove_group_members. Admins: zoho_get_workspace_admins, zoho_add_workspace_admins, zoho_remove_workspace_admins, zoho_get_org_admins. Permissions are a boolean map (read required; also export, vud, addRow, drillDown, share, …).
User management
Org: zoho_list_users, zoho_add_users, zoho_remove_users, zoho_set_users_status, zoho_change_user_role (USER/VIEWER/ORGADMIN), plus zoho_get_subscription and zoho_get_resources. Workspace: zoho_list_workspace_users, zoho_add_workspace_users, zoho_remove_workspace_users, zoho_change_workspace_user_status, zoho_change_workspace_user_role (USER/WORKSPACEADMIN/custom).
Publishing & embedding
zoho_get_view_url, zoho_get_embed_url, zoho_get_private_url, zoho_create_private_url, zoho_remove_private_url, zoho_make_view_public, zoho_remove_public, zoho_get_publish_config, zoho_update_publish_config. Slideshows: zoho_list_slideshows, zoho_get_slideshow, zoho_create_slideshow, zoho_update_slideshow, zoho_delete_slideshow, zoho_get_slideshow_url.
Variables
zoho_list_variables, zoho_get_variable, zoho_create_variable, zoho_update_variable, zoho_delete_variable.
Dependents, formulas & analysis
Reads: zoho_get_dependents (view/column), zoho_list_formula_columns, zoho_list_aggregate_formulas, zoho_get_aggregate_formula_value, zoho_get_aggregate_formula_dependents, zoho_get_last_import_details, zoho_export_workspace_template (base64 ZIP). Writes: zoho_edit_formula_column, zoho_edit_aggregate_formula, zoho_copy_formulas (cross-workspace/org), zoho_create_similar_views, zoho_auto_analyse (view or column), folder placement (zoho_make_default_folder, zoho_move_folder, zoho_reorder_folder).
Favorites, defaults & data sources
zoho_set_favorite_workspace, zoho_set_favorite_view, zoho_set_default_workspace, zoho_set_workspace_domain_access (white-label), zoho_sync_datasource, zoho_update_datasource_connection, zoho_refetch_view_data.
Email schedules
zoho_list_email_schedules, zoho_create_email_schedule, zoho_update_email_schedule, zoho_delete_email_schedule, zoho_trigger_email_schedule (sends real email; dry_run), zoho_set_email_schedule_status.
AutoML
Reads: zoho_list_automl_analysis (org/workspace), zoho_get_automl_analysis, zoho_list_automl_deployments, zoho_automl_whatif (prediction for one input). Writes: zoho_create_automl_analysis (train models — REGRESSION/CLASSIFICATION/CLUSTERING), zoho_create_automl_deployment, zoho_run_automl_deployment, and deletes for analysis/model/deployment (all with dry_run).
Operational modes
Read-only deploys. Set
MCP_READONLY=truefor a reporting/dashboard connector — only the discovery, query, and read tools are registered.Audit trail. Every state-changing call is logged at the HTTP layer (
[zoho-analytics-mcp] POST /workspaces/.../rows— method + path), and write tools add an action-level audit line with resource names/counts (workspace/table/column names, email counts — never row data or email addresses), visible viawrangler tail.Resilience. Idempotent GETs retry on
429/5xxwithRetry-After-aware backoff; writes never auto-retry; batch reads use bounded concurrency to respect Zoho's per-minute frequency limits.
Zoho Analytics API coverage
The tools map onto these Zoho Analytics v2 endpoints (relative to https://<api-host>/restapi/v2). Operation options ride in the CONFIG query parameter (a URL-encoded JSON object); responses use the {status, summary, data} envelope, except the export/download endpoints which stream raw file bytes.
Tool | Method & path |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The table above lists the core data/metadata endpoints; the rest of the v2 surface is covered too — modeling (/querytables, /reports, /views/{id}/columns, /customformulas, /aggregateformulas, /folders, /views/{id}/saveas, /trash/{id}, /similarviews, /autoanalyse, …), workspace admin (/secretkey, copy/rename/delete, /views/copy, /template/data, favorites/default//wlaccess), sharing (/share, per-view /views/{id}/share updates, /groups, /admins, /orgadmins), user management (/users, /users/role, /subscription, /resources, /workspaces/{id}/users), publishing/embed (/publish, /publish/embed, /publish/privatelink, /publish/public, /slides), email schedules (/emailschedules CRUD + trigger), data sources (/datasources, /datasource/{id}/sync), /variables, and AutoML (/automl/... analysis, models, deployments, what-if) — see the matching tool categories above and the ZohoAnalyticsClient methods in src/zohoanalytics.ts.
Coverage: 161/161 endpoints across Zoho's seven published OpenAPI spec files (data, bulk, metadata, modeling, share, user-management, embed), verified by diffing every spec (method, path) pair against the client. Full API: https://www.zoho.com/analytics/api/v2/introduction.html · specs: https://github.com/zoho/analytics-oas.
Configuration
Set via npx wrangler secret put <NAME> (secrets) or a [vars] block (non-secret). Add -c wrangler.oauth.jsonc to target the OAuth worker.
Name | Worker | Required | Purpose |
| both | ✅ | Zoho OAuth client id |
| both | ✅ | Zoho OAuth client secret (may be per-DC) |
| both | ✅ | Long-lived refresh token ( |
| both | ✅ |
|
| bearer | ✅ | Shared bearer clients send as |
| oauth | ✅ | Passphrase entered on the OAuth consent screen |
| oauth | ✅ | KV namespace storing OAuth grants/registrations |
| both | optional | Data center: |
| bearer | recommended | KV namespace sharing ONE Zoho access token across all sessions (the OAuth worker reuses |
| both | optional | Static access token (expires hourly; testing only — skips refresh) |
| both | optional | Override the API host |
| both | optional | Override the accounts/OAuth host |
| both | optional | Max retries for idempotent calls (default |
| both | optional |
|
| both | optional |
|
| bearer | optional | R2 spill: truncated exports persist fully and return 24h signed |
| bearer | optional | Workers Analytics Engine per-tool usage telemetry |
| bearer | optional | Per-IP flood cap (300 req/min) |
| oauth | optional |
|
Getting Zoho OAuth credentials
One-time setup to produce ZOHO_CLIENT_ID, ZOHO_CLIENT_SECRET, and ZOHO_REFRESH_TOKEN. Do this on the API console of your data center (e.g. api-console.zoho.eu for EU).
Register a client at https://api-console.zoho.com/ → Self Client (simplest for a single-user server) or a Server-based app. Note the Client ID and Client Secret.
Pick scopes. For the full tool surface use
ZohoAnalytics.fullaccess.all, or scope down to:ZohoAnalytics.data.all,ZohoAnalytics.metadata.read,ZohoAnalytics.modeling.all(dropdata.create/update/deleteandmodeling.allfor a read-only connector).Generate a grant token (code) with
access_type=offline(Self Client: "Generate Code"; or run the/oauth/v2/authconsent flow withresponse_type=code&access_type=offline).Exchange the code for a refresh token (once) at your accounts domain:
curl -X POST "https://accounts.zoho.com/oauth/v2/token" \ -d "grant_type=authorization_code" \ -d "client_id=$ZOHO_CLIENT_ID" \ -d "client_secret=$ZOHO_CLIENT_SECRET" \ -d "code=<grant_token>" # → { "access_token": "...", "refresh_token": "...", "expires_in": 3600 }Save the
refresh_token— that'sZOHO_REFRESH_TOKEN. (The server refreshes access tokens from it automatically; the refresh token itself doesn't expire unless revoked.)Find your org id after deploying by calling the
zoho_get_orgs/zoho_whoamitool, and set it asZOHO_ORG_ID.
Deploy
npm install
# Zoho credentials — paste each value at the prompt (do NOT put secrets on the command line):
npx wrangler secret put ZOHO_CLIENT_ID
npx wrangler secret put ZOHO_CLIENT_SECRET
npx wrangler secret put ZOHO_REFRESH_TOKEN
npx wrangler secret put ZOHO_ORG_ID
npx wrangler secret put MCP_AUTH_TOKEN
# Non-secret data center (if not 'com'): add to wrangler.jsonc as "vars": { "ZOHO_DC": "eu" }
npx wrangler deployGenerate a strong MCP_AUTH_TOKEN without a trailing newline (a stray newline breaks the constant-time compare):
MCP_TOKEN=$(openssl rand -hex 32); printf '%s' "$MCP_TOKEN" | npx wrangler secret put MCP_AUTH_TOKEN; echo "MCP_AUTH_TOKEN=$MCP_TOKEN"The first deploy creates the Durable Object (migration v1) and prints your https://zoho-analytics-mcp.<subdomain>.workers.dev URL. For the OAuth worker, see OAuth worker.
Verify
URL="https://zoho-analytics-mcp.<subdomain>.workers.dev"
# 1) Health (no auth) → "zoho-analytics-mcp worker: ok"
curl "$URL/"
# 2) Fail-closed — no token → 401
curl -i -X POST "$URL/mcp"
# 3) MCP initialize (with token) → JSON-RPC result, not 401
curl -X POST "$URL/mcp" \
-H "Authorization: Bearer <MCP_AUTH_TOKEN>" \
-H "Content-Type: application/json" \
-H "Accept: application/json, text/event-stream" \
-d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"curl","version":"0"}}}'Or run the end-to-end smoke test (initialize → tools/list → zoho_whoami, which validates the Zoho credentials live):
MCP_URL="$URL/mcp" MCP_TOKEN="<MCP_AUTH_TOKEN>" npm run smokeTesting
npm run typecheck # tsc --noEmit (strict)
npm test # vitest — OAuth refresh + 401 retry, DC routing, CONFIG/header encoding, envelope errors, raw export, helpers
npm run smoke # live smoke vs a deployed worker (set MCP_URL + MCP_TOKEN)CI (.github/workflows/ci.yml) runs typecheck + tests on every push and PR. The client is fully unit-testable with a mocked fetch (injectable backoffBaseMs keeps retry tests fast); the pure helpers (row parsing, column extraction, view-type mapping) are tested against fixtures.
Connect a client
Claude Code
claude mcp add --transport http --scope user zoho-analytics \
https://zoho-analytics-mcp.<subdomain>.workers.dev/mcp \
--header "Authorization: Bearer <MCP_AUTH_TOKEN>"
claude mcp list # → zoho-analytics: … (HTTP) - ✓ ConnectedClaude Desktop
Claude Desktop speaks stdio, so bridge the remote server with mcp-remote. Add to claude_desktop_config.json (macOS: ~/Library/Application Support/Claude/) and fully restart the app:
{
"mcpServers": {
"zoho-analytics": {
"command": "npx",
"args": [
"mcp-remote",
"https://zoho-analytics-mcp.<subdomain>.workers.dev/mcp",
"--header", "Authorization: Bearer <MCP_AUTH_TOKEN>"
]
}
}
}If a bare
npxdoesn't resolve inside the Desktop app (common when Node is installed via a version manager), use the absolute path fromwhich npx.
Claude Web
The bearer worker can't be added to Claude.ai web (its connector UI requires OAuth, with no field for a static token). Use the zoho-analytics-mcp-oauth deployment instead:
Deploy it and set its secrets — see OAuth worker.
In Claude.ai → Settings → Connectors → Add custom connector, enter the MCP URL:
https://zoho-analytics-mcp-oauth.<subdomain>.workers.dev/mcpClaude.ai discovers OAuth automatically (dynamic client registration) and sends you to the consent screen. Enter your passphrase to authorize.
Programmatic
Any HTTP MCP client works — send Authorization: Bearer <MCP_AUTH_TOKEN> and Accept: application/json, text/event-stream to POST /mcp.
OAuth worker (Claude.ai web)
zoho-analytics-mcp-oauth is the same MCP server fronted by an OAuth 2.1 provider, gated by a single shared passphrase. Routes:
Route | Purpose |
| health check (no auth) |
| passphrase consent screen |
| OAuth endpoints (handled by the provider) |
| MCP transports, OAuth-protected |
Deploy alongside the bearer worker:
# One-time: create the KV namespace the provider needs, then paste its id into wrangler.oauth.jsonc
npx wrangler kv namespace create OAUTH_KV # → { "binding": "OAUTH_KV", "id": "<paste into kv_namespaces>" }
# Secrets (paste at the prompt; -c selects the OAuth worker):
npx wrangler secret put ZOHO_CLIENT_ID -c wrangler.oauth.jsonc
npx wrangler secret put ZOHO_CLIENT_SECRET -c wrangler.oauth.jsonc
npx wrangler secret put ZOHO_REFRESH_TOKEN -c wrangler.oauth.jsonc
npx wrangler secret put ZOHO_ORG_ID -c wrangler.oauth.jsonc
npx wrangler secret put APP_PASSPHRASE -c wrangler.oauth.jsonc
npx wrangler deploy -c wrangler.oauth.jsoncAPP_PASSPHRASE fails closed — if unset, the consent screen rejects every attempt. Then add the connector in Claude.ai per Claude Web.
Caveats
Bring your own OAuth app. You need a registered Zoho client and a refresh token (see Getting Zoho OAuth credentials).
ZOHO_DCmust match the data center your account lives in, or token refresh fails.Ad-hoc SQL is async. Zoho runs ad-hoc SQL through a bulk export job.
zoho_query_datahides this (create → poll → download) but bounds its wait (default 50s, cap 120s; Zoho jobs routinely take 30–90s); for very large result sets it returns ajob_idto poll withzoho_get_export_job.API units & frequency limits. Calls consume daily API units and are subject to per-minute frequency limits (≈100 req/min overall). Batch tools use bounded concurrency, but heavy use can still hit quota errors (
6043/6044/6045).Large tool surface. Full coverage means ~144 tools. That's a lot for one connector — if your client struggles with the count or you only need reporting, deploy with
MCP_READONLY=truefor the ~51 read tools. Advanced/long-tail CONFIG keys on the modeling, sharing, publish, and variable tools are passed through anoptionsobject (documented per tool) rather than enumerated as parameters.OAuth worker: single-user by default, multi-user opt-in. Out of the box the OAuth worker gates on one shared passphrase and acts with one worker-wide Zoho token — fine for a personal connector. Set
ZOHO_MULTI_USER=true(with a server-based Zoho client whose redirect URI is<origin>/zoho/callback) to make the consent screen a real per-user Zoho login: each user's own refresh token is held in the encrypted OAuth grant, access-token and schema caches are namespaced per user, and the server acts as — and is rate-limited per — that user. Multi-user mode ships off and, while it has its own end-to-end consent + isolation tests, has not been exercised against a live multi-tenant org — validate it before relying on it.Spec ambiguities. A number of Zoho endpoints are inconsistent between their OpenAPI specs and their live API docs/SDK. Where they conflict, this client follows the live docs + SDK: email-schedule writes are workspace-scoped with no
/triggersuffix; datasource paths are workspace-scoped and plural; share/remove-share are/workspaces/{id}/sharewith a per-view PUT for updates;makeDefaultFolderis PUT;sortDatauses the CONFIG transport with column IDs. Remaining unverified niche path:get_my_permissions(mypermissionsper OAS vsuserpermissionsper SDK). Verify niche endpoints with a live call.Memory bounds. Sync exports/downloads are refused above ~10MB (use the async CSV export and page it), imports above ~25MB (split the file), and template ZIPs above ~256KB (export fewer views) — Durable Objects have a 128MB memory ceiling and tool results land in an LLM context.
Dependency versions.
agents@^0.14.5+@modelcontextprotocol/sdk@^1.29.0+zod@^4;npm auditis clean.ai/reactare required peers ofagents(npm auto-installs them) but nothing on theagents/mcpserver path imports them, so they never enter the Worker bundle.
Project layout
src/
index.ts Bearer worker entry — routing, bearer gate, McpAgent/Durable Object, clientFromEnv
oauth.ts OAuth worker entry — OAuthProvider + passphrase consent + McpAgent
tools.ts registerTools() — 100+ tool definitions + Zod schemas + helpers (shared)
zohoanalytics.ts ZohoAnalyticsClient — dependency-free REST client (fetch-only): OAuth refresh,
CONFIG-param + envelope handling, DC routing, retry/backoff, mapLimit (shared)
tests/ vitest unit tests (client OAuth/retry/DC/CONFIG, helpers)
vitest.config.ts test config (resolves NodeNext .js specifiers to .ts)
scripts/smoke.mjs smoke test against a deployed worker (npm run smoke); auto-detects CORE/READONLY modes
scripts/live-test.mjs guarded LIVE write-path integration test (MCP_URL + MCP_TOKEN + LIVE_WRITE=1) —
creates a disposable table, exercises rows/SQL/dry-runs, cleans up via trash + purge
.github/workflows/ci.yml CI — typecheck + tests + syntax checks for both scripts on push/PR
.github/workflows/deploy.yml gated manual deploy (typecheck + tests -> wrangler deploy -> live smoke); needs CLOUDFLARE_API_TOKEN secret
wrangler.jsonc bearer worker config (zoho-analytics-mcp)
wrangler.oauth.jsonc OAuth worker config (zoho-analytics-mcp-oauth) — adds OAUTH_KV
package.json deps (SDK ^1.29.0, agents ^0.14.5, zod ^4, workers-oauth-provider, wrangler, vitest)This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/adamcfield/zoho-analytics-mcp-worker'
If you have feedback or need assistance with the MCP directory API, please join our Discord server