OpenFGA MCP Server

By evansims GitHub

A Model Context Protocol (MCP) server providing tools to read, search, and manipulate OpenFGA stores programmatically via Large Language Models (LLMs.)

automation mcp

Overview

what is OpenFGA MCP?

OpenFGA MCP is an experimental Model Context Protocol (MCP) server that allows Large Language Models (LLMs) to read, search, and manipulate OpenFGA stores programmatically, enabling advanced authorization capabilities for AI applications.

how to use OpenFGA MCP?

To use OpenFGA MCP, install it via pip or from source, then run the server and connect your LLM application to the MCP server endpoint.

key features of OpenFGA MCP?

Programmatic access to OpenFGA stores via LLMs
Dynamic access control based on natural language
Policy management through conversational interfaces
Explainable authorization and policy debugging

use cases of OpenFGA MCP?

Dynamic Access Control: LLMs interpret natural language to determine permissions based on context.
Policy Management: Create or adjust authorization policies through conversational interfaces.
Explainable Authorization: Provide clear justifications for access decisions.
Policy Debugging: Diagnose permissions issues conversationally.
Secure Collaboration: Grant temporary access with precise scope.

FAQ from OpenFGA MCP?

What are the requirements to run OpenFGA MCP?

You need Python 3.10+ and OpenFGA installed.

Is OpenFGA MCP compatible with other clients?

Yes, it is compatible with various MCP clients like Cursor, Windsurf, and Claude Desktop.

What license does OpenFGA MCP use?

OpenFGA MCP is licensed under the Apache License 2.0.

Content

OpenFGA MCP Server

An experimental Model Context Protocol (MCP) server that enables Large Language Models (LLMs) to read, search, and manipulate OpenFGA stores. Unlocks authorization for agentic AI, and fine-grained vibe coding✨ for humans.

Requirements

Python 3.12+
An OpenFGA server

Features

Tools

Store Management

create_store: Creates a new Store. (create-store)
list_stores: List all stores. (list-stores)
get_store: Get a store details. (get-store)
delete_store: Delete a store. (delete-store)
get_store_id_by_name: Get the ID of a store by it's name.

Authorization Model Management

write_authorization_model: Write an authorization model. (write-authorization-model)
read_authorization_models: List all authorization models. (read-authorization-models)
get_authorization_model: Get a particular version of an authorization model details. (get-authorization-model)

Relationship Tuples Management

write_relation_tuples: Write relation tuples. (write-relation-tuples)
read_relation_tuples: Read relation tuples. (read-relation-tuples)

Relationship Queries

check: Check if a user has a relation to an object. (check)
list_objects: List objects of a type that a user has a relation to. (list-objects)
list_users: List users that have a given relationship with a given object. (list-users)

Resources

Prompts

Usage

We recommend running the server using UVX:

uvx openfga-mcp@latest

Installing via Smithery

To install OpenFGA MCP Server for Claude Desktop automatically via Smithery:

npx -y @smithery/cli install @evansims/openfga-mcp --client claude

Configuration

The server accepts the following arguments:

--openfga_url: URL of your OpenFGA server
--openfga_store: ID of the OpenFGA store the MCP server will use
--openfga_model: ID of the OpenFGA authorization model the MCP server will use

For API token authentication:

--openfga_token: API token for use with your OpenFGA server

For Client Credentials authentication:

--openfga_client_id: Client ID for use with your OpenFGA server
--openfga_client_secret: Client secret for use with your OpenFGA server
--openfga_api_issuer: API issuer for use with your OpenFGA server
--openfga_api_audience: API audience for use with your OpenFGA server

For example:

uvx openfga-mcp@latest \
  --openfga_url="http://127.0.0.1:8080" \
  --openfga_store="your-store-id" \
  --openfga_model="your-model-id"

Using with Claude Desktop

To configure Claude to use the server, add the following to your Claude config:

{
  "mcpServers": {
    "openfga-mcp": {
      "command": "uvx",
      "args": ["openfga-mcp@latest"]
    }
  }
}

You may need to specify the full path to your uvx executable. Use which uvx to find it.
You must restart Claude after updating the configuration.

Using with Raycast

Using with Cursor

Using with Windsurf

Development

To setup your development environment, run:

make setup

To run the development server:

make run \
  --openfga_url="http://127.0.0.1:8080" \
  --openfga_store="your-store-id" \
  --openfga_model="your-model-id"

To run the development server with the MCP Inspector:

make dev

License

Apache 2.0

No tools information available.

School MCP by 54yyyu

A Model Context Protocol (MCP) server for academic tools, integrating with Canvas and Gradescope platforms.

canvas mcp

View Details

repo-template by loonghao

A Model Context Protocol (MCP) server for Python package intelligence, providing structured queries for PyPI packages and GitHub repositories. Features include dependency analysis, version tracking, and package metadata retrieval for LLM interactions.

pypi mcp

View Details

Google Calendar MCP Server by ymello

google-calendar mcp

View Details

strava-mcp by jeremysilva1098

MCP server for strava

strava mcp

View Details

Grasshopper MCP サーバー by norioh-japan

Model Context Protocol (MCP) server implementation for Rhinoceros/Grasshopper integration, enabling AI models to interact with parametric design tools

grasshopper mcp

View Details

Computer Control MCP by AB498

MCP server that provides computer control capabilities, like mouse, keyboard, OCR, etc. using PyAutoGUI, RapidOCR, ONNXRuntime. Similar to 'computer-use' by Anthropic. With Zero External Dependencies.

automation computer-use

View Details

MCP Kali Server by Wh0am123

MCP configuration to connect AI agent to a Linux machine.

security mcp

View Details