Skip to main content
Glama

Action1 MCP Server

MCP Compatible License

MCP server for Action1 — endpoint inventory, patch visibility, and policy automation via the Model Context Protocol.

Read-only in v1. Deploy / automation surface is intentionally separated to a later release for blast-radius reasons (a bad policy push can brick endpoint fleets).

Tools

Tool

Description

action1_navigate

Discover available tools by domain (organizations / endpoints / policies / updates)

action1_list_organizations

List Action1 tenants accessible to the configured credentials

action1_list_endpoints

List managed devices in an organization

action1_get_endpoint

Get a single endpoint by id

action1_list_missing_updates

List missing OS/application patches across endpoints — Action1's headline value-prop

action1_list_policies

List automation / policy / remediation rules

API surface maps to PSAction1 (Action1's MIT-licensed PowerShell module). When the v1 surface earns its keep, write tools (deploy, requery, package upload) come in v2 behind separate review.

Related MCP server: datto-bcdr-mcp

Usage

Claude Desktop (MCPB)

Install via the MCPB bundle from the latest release.

Required credentials (created in Action1 → Settings → API Credentials, non-recoverable on creation — copy immediately):

  • API Key (Client ID)

  • Secret

  • Region (NorthAmerica default; also Europe, AsiaPacific, Australia)

  • Optional default organization id (for single-tenant use)

Stdio (direct)

ACTION1_API_KEY=... \
ACTION1_SECRET=... \
ACTION1_REGION=NorthAmerica \
ACTION1_DEFAULT_ORG_ID=org-... \
npx -y github:wyre-technology/action1-mcp

HTTP (gateway mode)

MCP_TRANSPORT=http PORT=8080 AUTH_MODE=gateway \
  docker run -p 8080:8080 ghcr.io/wyre-technology/action1-mcp:latest

Per-request credentials via headers:

  • X-Action1-API-Key

  • X-Action1-Secret

  • X-Action1-Region

  • X-Action1-Default-Org-Id

Architecture

src/
├── index.ts                  # stdio + HTTP transports, tool dispatch
├── sdk/
│   └── action1-client.ts     # embedded REST + OAuth client (factor-out candidate
│                             # if surface crosses ~20 tools / 2+ domains)
├── utils/
│   ├── client.ts             # credential resolution (env vs gateway headers)
│   └── types.ts              # DomainHandler interface
├── domains/                  # one file per resource type
│   ├── organizations.ts
│   ├── endpoints.ts
│   ├── policies.ts
│   └── updates.ts
└── __tests__/domains/        # one test per domain

Per-request credential isolation via AsyncLocalStorage — concurrent requests in HTTP mode never share credentials through process.env.

Development

npm install
npm run build
npm test
npm run dev      # tsc --watch
npm run lint     # eslint
npm run typecheck

License

Apache-2.0. See LICENSE.

Install Server
A
license - permissive license
A
quality
A
maintenance

Maintenance

Maintainers
11hResponse time
1wRelease cycle
9Releases (12mo)
Commit activity

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/wyre-technology/action1-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server