Production-grade Model Context Protocol (MCP) server for Snipe-IT IT asset management.
Connect Claude (and any MCP-compatible AI client) directly to your Snipe-IT instance. Manage hardware assets, users, licenses, accessories, consumables, and more — all from natural language.
- 70+ tools across 17 resource families — full Snipe-IT API coverage
- Security-first — HTTPS enforcement, token never logged, input validation via Zod
- Production-ready — rate limiting, retry with backoff, timeout controls, structured logging
- Two transports —
stdiofor Claude Desktop,httpfor remote/server use - Typed — strict TypeScript throughout
- Tested — unit, integration, and contract tests
In your Snipe-IT instance: Profile → API Tokens → Create Token
Grant only the permissions your use case needs (see Token Permissions).
Edit ~/Library/Application Support/Claude/claude_desktop_config.json (macOS):
{
"mcpServers": {
"snipe-it": {
"command": "npx",
"args": ["-y", "mcp-snipe-it"],
"env": {
"SNIPE_IT_URL": "https://your-snipeit-instance.example.com",
"SNIPE_IT_API_TOKEN": "your-api-token-here"
}
}
}
}Restart Claude Desktop. You should now be able to ask things like:
"Show me all laptops checked out to the Engineering department" "Check in asset #1042 and set status to Available" "Which software licenses expire in the next 30 days?"
| Tool | Description |
|---|---|
assets_list |
Search & list assets with filters |
assets_get |
Get asset by ID |
assets_get_by_tag |
Find asset by asset tag |
assets_get_by_serial |
Find asset by serial number |
assets_create |
Create a new asset |
assets_update |
Partially update an asset |
assets_delete |
Delete an asset (destructive) |
assets_checkout |
Check out to user/location/asset |
assets_checkin |
Check in an asset |
assets_audit |
Record audit event |
assets_audit_due |
List assets due for audit |
assets_list_licenses |
Licenses on this asset |
assets_restore |
Restore deleted asset |
users_list, users_get, users_me, users_create, users_update, users_delete, users_get_assets, users_get_accessories, users_get_licenses, users_restore
licenses_list, licenses_get, licenses_create, licenses_update, licenses_delete, licenses_list_seats, licenses_assign_seat
locations_list, locations_get, locations_create, locations_update, locations_delete, locations_get_users
accessories_list, accessories_get, accessories_create, accessories_update, accessories_delete, accessories_checkout, accessories_checkin, accessories_list_checkedout
consumables_list, consumables_get, consumables_create, consumables_update, consumables_delete, consumables_checkout
components_list, components_get, components_create, components_update, components_delete, components_checkout, components_checkin, components_list_assets
models_list, models_get, models_create, models_update, models_delete
Full CRUD for each resource family.
fields_list, fields_get, fields_create, fields_update, fields_delete, fieldsets_list, fieldsets_get, fieldsets_create, fieldsets_delete, fieldsets_get_fields
maintenances_list, maintenances_get, maintenances_create, maintenances_update, maintenances_delete
| Variable | Required | Default | Description |
|---|---|---|---|
SNIPE_IT_URL |
Yes | — | Base URL of your Snipe-IT instance (must be HTTPS) |
SNIPE_IT_API_TOKEN |
Yes | — | API token from Snipe-IT |
TRANSPORT |
No | stdio |
stdio or http |
HTTP_PORT |
No | 3000 |
Port for HTTP transport |
REQUEST_TIMEOUT_MS |
No | 30000 |
Per-request timeout |
MAX_RETRIES |
No | 3 |
Retries for GET requests |
RATE_LIMIT_PER_MINUTE |
No | 100 |
Max requests/minute |
MAX_PAGE_SIZE |
No | 500 |
Max results per list call |
LOG_LEVEL |
No | info |
error, warn, info, debug |
ALLOW_HTTP |
No | false |
Allow HTTP URLs (local dev only) |
Create a dedicated API token with only the permissions your use case needs:
| Use case | Permissions needed |
|---|---|
| Read-only inventory queries | View: assets, users, licenses, locations |
| Full asset lifecycle | Above + Create/Edit/Delete assets, Checkout/Checkin |
| Admin operations | All permissions |
Never use a superadmin token unless absolutely necessary.
docker run --rm \
-e SNIPE_IT_URL=https://your-instance.example.com \
-e SNIPE_IT_API_TOKEN=your-token \
-e TRANSPORT=http \
-p 3000:3000 \
ghcr.io/CroDevil75/mcp-snipe-it:latestgit clone https://github.com/CroDevil75/mcp-snipe-it
cd mcp-snipe-it
npm install
cp .env.example .env # fill in SNIPE_IT_URL and SNIPE_IT_API_TOKEN
npm run dev # stdio mode
# or
TRANSPORT=http npm run dev # HTTP mode
# Run tests
npm test
# MCP Inspector (interactive testing)
make inspectormake docker-up # starts Snipe-IT + MySQL locally
# Create API token at http://localhost:8080
# Add token to .env
make test-integration| mcp-snipe-it | Snipe-IT | Node.js | MCP SDK |
|---|---|---|---|
| 0.1.x | 6.x, 7.x | ≥20 | ≥1.10 |
See docs/compatibility-matrix.md for full details.
See CONTRIBUTING.md. PRs welcome!
See SECURITY.md for reporting vulnerabilities. See docs/security.md for the security model.
MIT — © mcp-snipe-it contributors
This project is not affiliated with or endorsed by Snipe-IT / Grokability. Snipe-IT is a trademark of Grokability.