Back to Browse
Free
Server data from the Official MCP Registry
MCP server for Kaseya VSA RMM — agents, patches, procedures, alarms, tickets.
About
MCP server for Kaseya VSA RMM — agents, patches, procedures, alarms, tickets.
Security Report
4.8
Use Caution4.8High RiskThis is a well-structured MCP server for the Kaseya VSA RMM API with appropriate authentication, proper separation of concerns, and good error handling. Credentials are stored via environment variables or gateway headers (not hardcoded), destructive operations require user confirmation via elicitation, and permissions align with the server's purpose. Minor code quality observations exist but do not present security risks. Supply chain analysis found 3 known vulnerabilities in dependencies (1 critical, 1 high severity).
7 files analyzed · 8 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Permissions Required
This plugin requests these system permissions. Most are normal for its category.
What You'll Need
Set these up before or after installing:
Full base URL including /api/v1.0 (e.g. https://vsa.example.com/api/v1.0)
Environment variable: KASEYA_VSA_TENANT_URL
Local-auth username (omit if using Kaseya One token)
Environment variable: KASEYA_VSA_USERNAME
Local-auth password (omit if using Kaseya One token)Required
Environment variable: KASEYA_VSA_PASSWORD
Kaseya One SSO token (alternative to username + password)Required
Environment variable: KASEYA_VSA_K1_TOKEN
Transport mode for the server. Set to 'stdio' for local CLI use; the image defaults to 'http' for gateway hosting.
Environment variable: MCP_TRANSPORT
Credential source: 'env' reads vars locally, 'gateway' expects header injection from the WYRE MCP Gateway.
Environment variable: AUTH_MODE
Log verbosity: debug, info, warn, error
Environment variable: LOG_LEVEL
How to Install
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-wyre-technology-kaseya-vsa-mcp": {
"env": {
"AUTH_MODE": "your-auth-mode-here",
"LOG_LEVEL": "your-log-level-here",
"MCP_TRANSPORT": "your-mcp-transport-here",
"KASEYA_VSA_K1_TOKEN": "your-kaseya-vsa-k1-token-here",
"KASEYA_VSA_PASSWORD": "your-kaseya-vsa-password-here",
"KASEYA_VSA_USERNAME": "your-kaseya-vsa-username-here",
"KASEYA_VSA_TENANT_URL": "your-kaseya-vsa-tenant-url-here"
},
"args": [
"-y",
"@wyre-technology/kaseya-vsa-mcp"
],
"command": "npx"
}
}
}Documentation
View on GitHubFrom the project's GitHub README.
Kaseya VSA MCP Server
Model Context Protocol (MCP) server for the Kaseya VSA RMM API. Exposes managed endpoints, software / hardware inventory, patch state, agent procedures, alarms, Service Desk tickets, organizations, and machine groups to AI assistants.
Tools
| Tool | Description |
|---|---|
kaseya_vsa_list_agents | List managed endpoints (agents). Optional $filter. |
kaseya_vsa_get_agent | Get an agent's details by ID. |
kaseya_vsa_get_software_inventory | Installed software for an agent. |
kaseya_vsa_get_hardware_inventory | Hardware audit for an agent. |
kaseya_vsa_get_patch_status | Pending and installed patches for an agent. |
kaseya_vsa_deploy_patches_now | Force a patch deploy on an agent (destructive — confirmation required). |
kaseya_vsa_list_procedures | Agent procedures available to run. |
kaseya_vsa_run_procedure | Execute a procedure on an agent (destructive — confirmation required). |
kaseya_vsa_list_alarms | Open alarms (optional state filter; date-window elicitation if missing). |
kaseya_vsa_list_tickets | Service Desk tickets (returns a friendly message if SD module isn't enabled). |
kaseya_vsa_list_organizations | Tenant organizations. |
kaseya_vsa_list_machine_groups | Machine group hierarchy. |
When the user omits required filters or runs a destructive action, the server uses MCP elicitation to prompt for choices or confirm.
Configuration
Environment-variable mode (default)
| Variable | Required | Description |
|---|---|---|
KASEYA_VSA_TENANT_URL | yes | Full base URL incl. /api/v1.0 |
KASEYA_VSA_USERNAME | one of | Local-auth username |
KASEYA_VSA_PASSWORD | one of | Local-auth password (secret) |
KASEYA_VSA_K1_TOKEN | one of | Kaseya One SSO token (alternative to username + password) |
MCP_TRANSPORT | no | stdio (default) or http |
MCP_HTTP_PORT | no | HTTP listen port (default 8080) |
AUTH_MODE | no | env (default) or gateway |
Either the username + password pair OR the KASEYA_VSA_K1_TOKEN is required.
Gateway mode
When deployed behind the WYRE MCP Gateway, set AUTH_MODE=gateway and the
server will read credentials from per-request HTTP headers:
X-Kaseya-VSA-Tenant-Url(required)X-Kaseya-VSA-Username(with password)X-Kaseya-VSA-Password(with username)X-Kaseya-VSA-K1-Token(alternative to username + password)
Each request creates a fresh server instance with isolated credentials — no
cross-tenant process.env pollution.
Local development
npm install
npm run build
KASEYA_VSA_TENANT_URL=https://vsa.example.com/api/v1.0 \
KASEYA_VSA_USERNAME=... \
KASEYA_VSA_PASSWORD=... \
npm start
Run as HTTP for testing:
MCP_TRANSPORT=http npm start
curl http://localhost:8080/health
Docker
docker build -t kaseya-vsa-mcp .
docker run --rm -p 8080:8080 \
-e KASEYA_VSA_TENANT_URL=https://vsa.example.com/api/v1.0 \
-e KASEYA_VSA_USERNAME=... \
-e KASEYA_VSA_PASSWORD=... \
kaseya-vsa-mcp
License
Apache-2.0
Reviews
No reviews yet
Be the first to review this server!
More Developer Tools MCP Servers
Git
Freeby Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
80.0K
Stars
4
Installs
6.5
Security
No ratings yet
Local
Toleno
Freeby Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
114
Stars
418
Installs
8.0
Security
4.8
Local
mcp-creator-python
Freeby mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
-
Stars
58
Installs
10.0
Security
5.0
Local