# Apono Admin MCP Server A Model Context Protocol (MCP) server lets AI clients connect to external tools and data sources in a consistent, secure way. The Apono Admin MCP Server extends this capability to Apono’s Admin APIs, giving administrators a natural-language interface for managing access data and configurations: * **Efficiency**: Retrieve and manage access data without manually querying multiple APIs * **Security and compliance**: Administrative actions are routed through Apono’s policies and logged for auditing * **Consistency**: The same queries and workflows are available across all supported AI tools

### Install the MCP Admin server Apono supports the http (remote) mode to connect the AI client directly to the hosted Apono MCP endpoint. The following sections provide setup instructions for each client. ### Install on Cursor {% tabs %} {% tab title="Manual" %} Follow these steps to install the MCP Admin server: 1. In Cursor, click **Tools & MCP**. The **Tools & MCP** page appears. 2. Click **New MCP Server**. The **mcp.json** file opens in a new tab. 3. Add the following configuration to the file. ```json { "mcpServers": { "Apono MCP": { "command": "npx", "args": [ "mcp-remote", "https://mcp.apono.io", "--static-oauth-client-metadata", "{\"scope\":\"openid profile email groups\"}" ], "env": { "NODE_TLS_REJECT_UNAUTHORIZED": "1" } } } } ``` 4. Save the file. 5. Find the newly installed server and ensure the toggle is switched on. 6. Quit and restart Cursor. {% endtab %} {% endtabs %} *** ### Install on Claude #### Connect Claude with Apono **Prerequisite**

Item	Description
Owner role	Organization admin account with the Owner role

**Installation** Follow these steps to connect Claude with Apono: 1. In Claude, from the main navigation click **Admin settings > Connectors**. The **Connectors** page appears. 2. Click **Add custom connector**. The **Add custom connector** settings appear. 3. Enter a **Name** for the connector, such as *Apono Admin MCP*. 4. In the **Remote MCP Server URL** field, enter **. 5. Click **Add**. #### Add Apono Admin MCP to a user account **Prerequisite**

Item	Description
Connector setup	Settings enabling Claude to interact with Apono This must be completed by an organization admin with the Owner role.

Item

Description

Connector setup

Settings enabling Claude to interact with Apono

This must be completed by an organization admin with the Owner role.

**Installation** Follow these steps to add Apono Admin MCP to a user account: 1. In Claude, click **Settings > Connectors**. The **Connectors** page appears. 2. Click **Connect Apono Admin MCP**. *** ### Use the MCP server Follow these steps to make inquiries to Apono: 1. In your AI client, open the chat or inline interface. 2. Start a conversation in your AI client to explore or manage access configurations. For example, you can list available access flows, check details for a specific bundle, or view users and groups in your Apono environment. | Sample prompts | | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | |

Show me all access flows with user {username}.
List all active users currently on-call via incident.io.
Which connector version is used for AWS?

| *** ### Security notes To use Apono safely, keep in mind how authorization and authentication work in your AI client. #### Authorization When you first run an Apono tool, your AI client may prompt you to authorize it. Select **Allow once** to ensure you maintain control over when and how each tool can be used. #### Authentication To authenticate with the Apono Admin MCP, click **Connect**. This will open a browser tab and authenticate you via SSO. You may be asked to re-authenticate periodically. {% hint style="warning" %} Different GPTs can behave differently. {% endhint %} *** ### Available tools When you use Apono through your AI client, the client communicates with the MCP server by calling specific Apono Admin MCP Server tools. Each tool maps to an API endpoint that handles a different part of the access management workflow. The table below lists the available commands and their functions. #### Users & Groups

Tool	Description
get_user	Retrieve details of a specific user by ID or email
list_users	List all users with optional filtering by name, role, or source integration
get_group	Get details of a specific group by ID
list_groups	List all groups with optional filtering by name
list_group_members	Retrieve a list of access scopes

#### Access Control

Tool	Description
get_access_flow	Retrieve details of a specific access flow
list_access_flows	List all access flows (defines what resources users can request)
get_access_scope	Get details of a specific access scope
list_access_scopes	List all access scopes

#### Bundles & Resources

Tool	Description
get_bundle	Get details of a specific bundle
list_bundles	List all bundles available to request

#### Integrations & Connectors

Tool	Description
get_integration	Get details of a specific integration
list_integrations	List all integrations with optional filtering by status, type, or category
get_connector	Get details of a specific connector
list_connectors	List all connectors with optional filtering by status

#### Activity & Reporting

Tool	Description
list_activity_reports	List activity reports (insights into active/granted access)
get_activity_report	Get details of a specific activity report

#### Attributes

Tool	Description
list_attributes	List attributes (user descriptors like group, department, etc.)