Infisical

Manage secrets and environment variables with Infisical's official MCP server.

GitHub

Infisical Model Context Protocol

The Infisical Model Context Protocol server allows you to integrate with Infisical APIs through function calling. This protocol supports various tools to interact with Infisical.

Setup

Environment variables

In order to use the MCP server, you must first set the environment variables required for authentication.

  • INFISICAL_AUTH_METHOD: The authentication method to use. Supported values are universal-auth and access-token. Defaults to universal-auth.
  • INFISICAL_UNIVERSAL_AUTH_CLIENT_ID: The Machine Identity universal auth client ID. Required when INFISICAL_AUTH_METHOD is universal-auth.
  • INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET: The Machine Identity universal auth client secret. Required when INFISICAL_AUTH_METHOD is universal-auth.
  • INFISICAL_TOKEN: An access token for authentication. This can be both a personal access token or a machine identity access token. Required when INFISICAL_AUTH_METHOD is access-token.
  • INFISICAL_HOST_URL: Optionally set a custom host URL. This is useful if you're self-hosting Infisical or you're on dedicated infrastructure. Defaults to https://app.infisical.com.

To run the Infisical MCP server using npx, use the following command:

npx -y @infisical/mcp

Usage with Claude Desktop

Add the following to your claude_desktop_config.json. See here for more details.

Universal Auth (default)

{
  "mcpServers": {
    "infisical": {
      "command": "npx",
      "args": ["-y", "@infisical/mcp"],
      "env": {
        "INFISICAL_HOST_URL": "https://<custom-host-url>.com",
        "INFISICAL_UNIVERSAL_AUTH_CLIENT_ID": "<machine-identity-universal-auth-client-id>",
        "INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET": "<machine-identity-universal-auth-client-secret>"
      }
    }
  }
}

Access Token

{
  "mcpServers": {
    "infisical": {
      "command": "npx",
      "args": ["-y", "@infisical/mcp"],
      "env": {
        "INFISICAL_HOST_URL": "https://<custom-host-url>.com",
        "INFISICAL_AUTH_METHOD": "access-token",
        "INFISICAL_TOKEN": "<your-access-token>"
      }
    }
  }
}

Available tools

ToolDescription
create-secretCreate a new secret
delete-secretDelete a secret
update-secretUpdate a secret
list-secretsLists all secrets
get-secretGet a single secret
create-projectCreate a new project
create-environmentCreate a new environment
create-folderCreate a new folder
invite-members-to-projectInvite one or more members to a project
list-projectsList all projects

Debugging the Server

To debug your server, you can use the MCP Inspector.

First build the server

npm run build

Run the following command in your terminal:

# Start MCP Inspector and server
npx @modelcontextprotocol/inspector node dist/index.js

Instructions

  1. Set the environment variables as described in the Environment Variables step.
  2. Run the command to start the MCP Inspector.
  3. Open the MCP Inspector UI in your browser and click Connect to start the MCP server.
  4. You can see all the available tools and test them individually.

Related Servers