Google Search Console MCP Server for SEOs

A Model Context Protocol (MCP) server that connects Google Search Console (GSC) to AI assistants, allowing you to analyze your SEO data through natural language conversations. Works with Claude Desktop, Cursor, Codex CLI, Gemini CLI, Antigravity, and any other MCP-compatible client.

This repository is a local fork of AminForou/mcp-gsc. It stays close to upstream and currently adds:

• Local docs and notes

• CI and Dependabot for the mirror

• Python runtime compatibility of 3.10+ (Python 3.9 is not supported by the current MCP SDK)

Skip setup, get more. A more advanced hosted version — one-click sign-in, added GA4 tools. Works with Claude Desktop, Claude Code, Claude.ai, Codex, Cursor, and any MCP client. Only 100 seats. → Advanced GSC MCP (hosted)

What's New

[0.3.2] — April 2026

• OAuth browser flow fixed for uvx — removed the isatty block that prevented the browser login window from opening when running as an MCP subprocess on macOS. OAuth now works out of the box with uvx, no manual terminal run needed.

• get_capabilities tool added — call this to get a full list of available tools and current auth status in one shot. Useful when your AI assistant isn't sure what tools are available.

• Better auth error messages — all tools now tell you exactly what to do when credentials are missing or expired.

Related MCP server: Google Search Console MCP Server

What Can This Do?

Property Management

• See all your GSC properties in one place

• Get verification details and ownership information

• Add or remove properties from your account

Search Analytics & Reporting

• Discover which queries bring visitors to your site

• Track impressions, clicks, and click-through rates

• Analyze performance trends and compare time periods

• Visualize data with charts created by your AI assistant

URL Inspection & Indexing

• Check if specific pages have indexing problems

• See when Google last crawled your pages

• Inspect multiple URLs at once to identify patterns

Sitemap Management

• View all sitemaps and their status

• Submit new sitemaps

• Check for errors or warnings

Available Tools

Ask your AI assistant to "call get_capabilities" for the full registered tool catalog.

Search Analytics Data Behavior

Google Search Analytics API responses are best treated as official API data with clear coverage limits:

• Search Analytics sorts rows by clicks by default, except when results are grouped by date.

• Requested ranking such as sort_by is applied by this server after rows are returned, so client-side sorting only reorders the retrieved rows.

• Returned rows are the top rows for the request, not a guaranteed complete export of everything visible in the Search Console UI.

• gsc_export_search_analytics_snapshot writes a read-only API snapshot under GSC_EXPORT_DIR when set, otherwise under the GSC config directory's exports/ folder. Relative export directories are normalized to absolute paths. Each snapshot includes manifest.json with request fingerprint, row/page counts, totals, artifact checksums, and limitations.

• gsc_build_traffic_drop_queue compares current and previous Search Analytics periods using two official query calls and returns stable JSON action items with heuristic likely causes, confidence, limitations, and manual-verification flags.

• gsc_build_content_action_queue uses one official Search Analytics query call and returns stable JSON heuristic opportunities for high-impression/low-CTR rows, striking-distance rankings, and page/query refresh candidates. Items require manual verification before content changes.

• gsc_build_cannibalization_decision_queue uses one official Search Analytics query call with query,page dimensions and returns a stable sampled diagnostic queue for likely competing pages. It is not proof of cannibalization and requires SERP, intent, canonical, internal-link, and business review before URL changes.

• gsc_run_weekly_seo_ops_report composes a stable read-only JSON weekly operator report from two dimensionless Search Analytics performance calls, the traffic-drop/content/cannibalization queues, and the static manual checklist. It supports partial failures by returning section-level errors and warnings instead of collapsing the whole report when at least one section succeeds.

• gsc_get_manual_operator_checklist is a static read-only checklist for UI-only/manual Search Console surfaces such as Manual actions, Security issues, Removals, Crawl stats, Core Web Vitals, HTTPS, Links, Enhancements, and Settings access. It does not call Google APIs, require credentials, click UI buttons, submit requests, remove URLs, request indexing, validate fixes, or change permissions.

• gsc_audit_jobposting_schema is a read-only HTML fetch and JSON-LD parser for supplied property-scoped job URLs. It blocks off-property/private targets, does not follow redirects, does not call Search Console, does not call the Google Indexing API, does not publish URL_UPDATED or URL_DELETED, does not request indexing, and does not write files. Its indexing_api_dry_run recommendation is advisory only.

• gsc_build_jobposting_lifecycle_queue composes the JobPosting audit with optional URL Inspection diagnostics when credentials are available. It is read-only, dry-run only, quota-conscious, supports partial per-URL failures, and never calls the Indexing API or mutates Search Console.

• gsc_run_adjacent_technical_diagnostics is auth-free and read-only. It safely samples supplied property-scoped pages for basic adjacent technical signals such as robots meta noindex, canonical hints, JSON-LD type counts, robots.txt summary counts, and manual PageSpeed/Rich Results UI links. It is not Search Console parity and does not call PageSpeed Insights, CrUX, Rich Results, Search Console, or Indexing APIs.

• Snapshot exports paginate with Search Analytics startRow and rowLimit, but the API remains bounded: exported rows may not equal a full UI export.

• Search Analytics requests support data_state="all", data_state="final", and data_state="hourly_all" (per call where available, or globally through GSC_DATA_STATE). Use hourly_all only with dimensions="hour" or a dimension list that includes hour, for example dimensions="hour,query"; requests without hour are rejected before invalid API calls or snapshot file writes.

• Official API surfaces: Search Analytics metrics, URL Inspection results for requested URLs, sitemap metadata, and property information.

• Adjacent approximations: content opportunities, page prioritization, period comparisons, and other workflows that rank or filter the returned rows.

• Sampled diagnostics: cannibalization checks and broad audits that look for patterns within available top rows.

• Manual-only surfaces: full UI exports, UI-only reports, and any workflow that requires complete row coverage beyond the API response.

JobPosting Schema Audit & Indexing API Dry-Run

gsc_audit_jobposting_schema returns stable JSON with top-level schema_version: "jobposting_schema_audit.v1" plus summary counts, per-URL issues, summarized JobPosting objects, dry-run Indexing API recommendations, limitations, and source provenance.

gsc_build_jobposting_lifecycle_queue returns stable JSON with top-level schema_version: "jobposting_lifecycle_queue.v1" plus prioritized action items for active valid jobs, schema-blocked jobs, missing or stale validThrough, expired/noindex jobs, optional URL Inspection observations, and dry-run-only URL_UPDATED/URL_DELETED recommendations. Actual Indexing API publish/delete remains outside this MCP flow and should only happen later behind explicit approval, eligibility, and quota gates.

Encoded source constraints:

• Google JobPosting docs: required properties checked include datePosted, description, hiringOrganization, jobLocation, and title; the remote-work exception requires jobLocationType plus applicantLocationRequirements; JobPosting should be on the most specific single job page, not listing pages; expired jobs should be removed or use past validThrough; content must match the page and users must be able to apply.

• Google Indexing API usage docs: Indexing API is only for pages with JobPosting or BroadcastEvent embedded in VideoObject; URL_UPDATED and URL_DELETED are publish actions; getMetadata is read-only status metadata and not indexing proof.

• Google Indexing API quota docs: default publish quota is 200 URLs/day/project, metadata quota is 180/min/project, and all endpoints share 380/min/project; production use requires approval and quota planning.

Limitations:

• The audit parses only static JSON-LD in <script type="application/ld+json">; it does not evaluate Microdata, RDFa, rendered JavaScript, or external feeds.

• The tool returns summaries only and does not echo full job descriptions.

• The dry-run recommendation is not proof of rich result eligibility, indexing, crawl timing, quota approval, or API access.

• Manual review is still required for apply-flow availability, page/content matching, whether the page is truly a single-job detail page, and business decisions about expired/noindex pages.

Getting Started

Quick Start Example

For a domain property, the most common format will be:

sc-domain:example.com

Recommended first workflow in your MCP client:

1. Call get_capabilities

2. Run get_search_analytics for sc-domain:example.com

3. Run compare_search_periods for the last 28 days vs. previous 28 days

4. Use batch_url_inspection or check_indexing_issues for priority URLs

5. Review get_sitemaps or manage_sitemaps

For job pages, ask: "Run gsc_build_jobposting_lifecycle_queue for https://example.com/ on these vacancy URLs and prioritize lifecycle actions, including dry-run URL_UPDATED or URL_DELETED recommendations." The tool will not call the Indexing API; if you later want fast recrawl requests for eligible vacancy pages, use the Google Indexing API separately for valid JobPosting URLs only after approval/quota review.

Step 1 — Set Up Google API Credentials

You need credentials before configuring any client. Pick one method:

Option A — OAuth (Recommended — uses your own Google account)

1. Go to Google Cloud Console and create or select a project

2. Enable the Search Console API

3. Go to Credentials → Create Credentials → OAuth client ID

4. Configure the OAuth consent screen, select Desktop app, click Create

5. Download the JSON file — save it somewhere permanent (e.g. ~/Documents/client_secrets.json)

On first use, a browser window will open asking you to sign in to your Google account. After that, the token is saved and no browser interaction is needed again.

Option B — Service Account (For automation or team use)

1. Go to Google Cloud Console and create or select a project

2. Enable the Search Console API

3. Go to Credentials → Create Credentials → Service Account

4. Go to the Keys tab → Add Key → Create new key → JSON → Download

5. Save the file somewhere permanent (e.g. ~/Documents/service_account.json)

6. Add the service account email to your GSC property: Search Console → Settings → Users and permissions → Add user → Full access

🎥 Watch the step-by-step setup tutorial for this section

Updated 2026 — covers the full installation process using the new uvx method, from setting up your Google credentials to your first successful query.

Step 2 — Installation

Option A — uvx (Recommended)

No cloning, no Python installation, no virtual environments. uvx downloads and runs the server automatically and keeps it up to date.

Install uv — open Terminal and run all three commands in order:

# 1. Download and install
curl -LsSf https://astral.sh/uv/install.sh | sh

# 2. Activate in the current Terminal session
source $HOME/.local/bin/env

# 3. Make it permanent for all future sessions
echo 'source $HOME/.local/bin/env' >> ~/.zshrc

Verify:

uv --version

Why all three commands? The installer puts uv in ~/.local/bin, but your already-open Terminal session doesn't know about that folder yet. Step 2 activates it immediately. Step 3 ensures every future Terminal window has it automatically.

Now configure your AI client:

Claude Desktop

Config file: ~/Library/Application Support/Claude/claude_desktop_config.json

OAuth:

{
  "mcpServers": {
    "gscServer": {
      "command": "/FULL/PATH/TO/uvx",
      "args": ["mcp-search-console"],
      "env": {
        "GSC_OAUTH_CLIENT_SECRETS_FILE": "/full/path/to/client_secrets.json"
      }
    }
  }
}

Service Account:

{
  "mcpServers": {
    "gscServer": {
      "command": "/FULL/PATH/TO/uvx",
      "args": ["mcp-search-console"],
      "env": {
        "GSC_CREDENTIALS_PATH": "/full/path/to/service_account.json",
        "GSC_SKIP_OAUTH": "true"
      }
    }
  }
}

Cursor

Config file: ~/.cursor/mcp.json

OAuth:

{
  "mcpServers": {
    "gscServer": {
      "command": "/FULL/PATH/TO/uvx",
      "args": ["mcp-search-console"],
      "env": {
        "GSC_OAUTH_CLIENT_SECRETS_FILE": "/full/path/to/client_secrets.json"
      }
    }
  }
}

Codex CLI

Config file: ~/.codex/config.toml

OAuth:

[mcp_servers.gscServer]
command = "/FULL/PATH/TO/uvx"
args = ["mcp-search-console"]
enabled = true
env = { GSC_OAUTH_CLIENT_SECRETS_FILE = "/full/path/to/client_secrets.json" }

Service Account:

[mcp_servers.gscServer]
command = "/FULL/PATH/TO/uvx"
args = ["mcp-search-console"]
enabled = true
env = { GSC_CREDENTIALS_PATH = "/full/path/to/service_account.json", GSC_SKIP_OAUTH = "true" }

Finding your uvx path: On macOS/Linux run which uvx in Terminal after installing uv (typically /Users/YOUR_NAME/.local/bin/uvx). On Windows, run Get-Command uvx | Select-Object -ExpandProperty Source in PowerShell (or where uvx in cmd) — it's usually C:\Users\YOUR_NAME\.local\bin\uvx.exe. Replace /FULL/PATH/TO/uvx in the configs above with that path.

Why the full path? GUI apps like Claude Desktop and Cursor launch without reading your shell config (~/.zshrc), so they don't know about ~/.local/bin. Using the full path guarantees it works regardless of how the app is launched. If you see a spawn uvx ENOENT error, this is the fix.

After saving the config, fully quit the app (Cmd+Q) and reopen it.

For OAuth: on first use, a browser window will open automatically for login. After that, the token is cached and you won't be asked again.

Option B — Clone (Advanced)

Prefer a video walkthrough for this method? The tutorial below covers the clone install path step by step — virtual environment setup, dependencies, and config:

Use this if you want to modify the code or run a specific local version. This method uses the video tutorial above for the credential setup steps.

Requires Python 3.10+. Python 3.9 is not supported by the current MCP Python SDK, so this server will not start there. Check your version with python --version. If it's below 3.10, install Python 3.10 or newer and recreate your virtual environment. The uvx method (Option A) avoids this entirely by managing the Python version for you, so it's still the recommended path for most users.

Clone the repo:

git clone <your-fork-url>
cd google-search-console-mcp

If you want to compare changes with upstream or contribute a fix back, keep the original project as an upstream remote:

git remote add upstream https://github.com/AminForou/mcp-gsc.git

Or download the ZIP from the green Code button at the top of this page and unzip it.

Set up the environment:

uv venv .venv
uv pip install -r requirements.txt

Configure your AI client (Claude Desktop example):

OAuth:

{
  "mcpServers": {
    "gscServer": {
      "command": "/full/path/to/google-search-console-mcp/.venv/bin/python",
      "args": ["/full/path/to/google-search-console-mcp/gsc_server.py"],
      "env": {
        "GSC_OAUTH_CLIENT_SECRETS_FILE": "/full/path/to/client_secrets.json"
      }
    }
  }
}

Service Account:

{
  "mcpServers": {
    "gscServer": {
      "command": "/full/path/to/google-search-console-mcp/.venv/bin/python",
      "args": ["/full/path/to/google-search-console-mcp/gsc_server.py"],
      "env": {
        "GSC_CREDENTIALS_PATH": "/full/path/to/service_account.json",
        "GSC_SKIP_OAUTH": "true"
      }
    }
  }
}

Mac path examples:

• Python: /Users/yourname/Documents/google-search-console-mcp/.venv/bin/python

• Script: /Users/yourname/Documents/google-search-console-mcp/gsc_server.py

Step 3 — Test

Ask your AI assistant: "List my GSC properties"

If you see your properties — it's working. If not, ask: "Call get_capabilities" to see auth status and diagnose the issue.

Environment Variables Reference

Cursor Marketplace

One-click install available — search for mcp-search-console in the Cursor Marketplace.

After installing, configure your credentials (see Step 1 above) then use the bundled skills directly in Cursor Agent chat:

Sample Prompts

Troubleshooting

spawn uvx ENOENT or command not found: uvx

Your AI client can't find uvx. Use the full path instead of just uvx:

# Find your full path (macOS/Linux):
which uvx
# Typically: /Users/YOUR_NAME/.local/bin/uvx

# Find your full path (Windows PowerShell):
Get-Command uvx | Select-Object -ExpandProperty Source
# Typically: C:\Users\YOUR_NAME\.local\bin\uvx.exe

Replace "command": "uvx" with the full path (e.g. "command": "/Users/YOUR_NAME/.local/bin/uvx") in your config.

uv --version gives "command not found" right after installing

The installer updates ~/.local/bin but your current Terminal session doesn't see it yet. Run:

source $HOME/.local/bin/env

Then add it permanently:

echo 'source $HOME/.local/bin/env' >> ~/.zshrc

Authentication failed / credentials file not found

Make sure you are using the absolute path to your credentials file — not a relative path, not ~/. Example:

/Users/yourname/Documents/client_secrets.json   ✅
~/Documents/client_secrets.json                 ✅
client_secrets.json                              ❌

MCP only works in Claude Desktop app, not the website

The MCP server runs locally on your machine. It only works in the Claude Desktop app (downloaded from claude.ai/download), not in the claude.ai browser interface.

AI Client Configuration Issues

1. Make sure all file paths in your config are correct absolute paths

2. Fully quit (Cmd+Q) and reopen the app after any config change — just closing the window is not enough

3. Ask your AI assistant to "call get_capabilities" — it will report the exact auth status and error

Safety: Destructive Operations

By default, add_site, delete_site, submit_sitemap, and delete_sitemap are disabled because they mutate external Google Search Console state. To enable these external mutations:

"GSC_ALLOW_DESTRUCTIVE": "true"

Remote Deployment & Docker (Advanced)

The standard setup runs the server locally. This section is only for users who want to run it on a remote server or in a container.

Remote SSE/HTTP mode has no built-in authentication. Treat it as a trusted-network-only mode and place it behind your own network controls, reverse proxy, or tunnel.

HTTP Transport

MCP_TRANSPORT=sse GSC_ALLOW_REMOTE_SSE=true MCP_HOST=0.0.0.0 MCP_PORT=3001 python gsc_server.py

Docker

docker build -t mcp-gsc .

docker run \
  -e MCP_TRANSPORT=sse \
  -e GSC_ALLOW_REMOTE_SSE=true \
  -e MCP_HOST=0.0.0.0 \
  -e MCP_PORT=3001 \
  -e GSC_CREDENTIALS_PATH=/app/credentials.json \
  -v /path/to/credentials.json:/app/credentials.json \
  -p 3001:3001 \
  mcp-gsc

Related Tools

Advanced GSC Visualizer — A Chrome extension (14,000+ users) with interactive charts, one-click export of up to 25,000 rows, keyword cannibalization detection, and an AI assistant — all directly inside Google Search Console. Built by the same author. Install from the Chrome Web Store →

Contributing

Found a bug or have an idea for improvement? Open an issue or submit a pull request on GitHub.

License

MIT License. See the LICENSE file for details.

Changelog

[0.3.2] — April 2026

• OAuth browser flow fixed for uvx — removed isatty block that prevented the OAuth browser window from opening when running as an MCP subprocess on macOS. OAuth + uvx now works out of the box.

• get_capabilities tool — returns all available tools grouped by category plus live auth status in one call.

• Better auth error messages — all tools now explicitly tell you to call reauthenticate when credentials are missing or expired.

• Improved list_properties description — better semantic tool discovery in clients that use lazy tool loading.

[0.3.1] — April 2026

• Fixed list_properties masking real auth errors; fail-fast on missing credentials.

[0.3.0] — April 2026

• Cursor Marketplace plugin with 4 bundled SEO skills

• Stable token storage in platform user config dir (survives uvx upgrades)

• Structured JSON output for all data tools

• 39 unit tests

[0.2.2] — April 2026

• Safety mode for destructive tools (disabled by default)

• HTTP/SSE transport for remote deployments

• Dockerfile

[0.2.1] — March 2026

• reauthenticate tool for switching Google accounts

• Fixed sitemap TypeError crash

• Fixed domain property 404 errors

[0.2.0] — March 2026

• dataState: "all" by default (matches GSC dashboard)

• Flexible row_limit parameter (up to 500)

• Multi-dimension filtering for advanced analytics

[0.1.0] — Initial release

• 20+ tools covering property management, search analytics, URL inspection, sitemap management, and operator queues

• OAuth and service account authentication