playbooks

home / mcp / huntress mcp server

Huntress MCP Server

MCP server for Huntress API integration

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "dynamicendpoints-huntress-mcp-server": {
      "url": "http://localhost:3000/mcp",
      "headers": {
        "HUNTRESS_API_KEY": "your_api_key_here",
        "HUNTRESS_API_SECRET": "your_api_secret_here"
      }
    }
  }
}

You can run the Huntress API MCP Server to gain programmatic access to Huntress features like accounts, organizations, agents, and incidents through the MCP protocol. This server exposes a stable HTTP/SSE transport and is designed for containerized deployment, browser-compatible CORS, and clear health and rate-limit controls so you can build reliable automation and tooling around Huntress data.

How to use

Connect to the MCP endpoint from your MCP client to discover available tools and perform operations against the Huntress API. You can use either the local stdio mode for development or container/HTTP mode for production deployments. In stdio mode you run the server locally and communicate via the MCP runtime, while in HTTP mode you send MCP requests to the HTTP endpoint and receive responses, including real-time updates via Server-Sent Events when supported.

How to install

Prerequisites: Node.js and npm must be installed on your machine.

Step 1: Install via Smithery (recommended for Claude Desktop users) and let Smithery manage the MCP server deployment.

npx -y @smithery/cli install huntress-mcp-server --client claude

Step 2: Manual installation (clone, install dependencies, and build).

git clone https://example.com/dynamicendpoints/huntress-mcp-server.git
cd huntress-mcp-server
npm install

Step 3: Configure environment variables and build the server.

HUNTRESS_API_KEY=your_api_key_here
HUNTRESS_API_SECRET=your_api_secret_here
```

```bash
npm run build

Step 4: Run the server in development or production mode as appropriate.

# Development: start the server (adjust as needed for your environment)
npm run dev
```

```bash
# Production/container start could be handled by your deployment tooling

Additional configuration and usage notes

The server requires authentication keys provided by Huntress. Set HUNTRESS_API_KEY and HUNTRESS_API_SECRET in your environment or pass them to the runtime configuration. When running in container mode, the server exposes a REST-like MCP endpoint and a health check endpoint, with SSE for streaming updates.

Available tools

get_account_info

Retrieve information about the current account.

list_organizations

List organizations under the account, with support for pagination.

get_organization

Fetch details for a specific organization.

list_agents

List agents associated with the account, with pagination support.

get_agent

Get details for a specific agent.

list_incidents

List incidents in the account with optional status filters and pagination.

get_incident

Get details of a specific incident.