Avanan MSP (Legacy SmartAPI)

authSTDIOregistry active

Summary

Connects to Avanan's legacy MSP SmartAPI for managing multi-tenant email security deployments. You get full CRUD on child MSP partners, users, customer tenants, and license assignments, plus monthly and daily usage reporting. Authentication uses a three-part HMAC scheme with app ID, token, and shared secret. The signing implementation is a best-guess HMAC-SHA256 since the API guide defers to another doc, so you'll want to verify signRequest() against Avanan's actual spec before production. Supports US, EU, CA, and AP regional endpoints and includes a gateway mode that pulls credentials from per-request headers. Reach for this if you're running an MSP reselling Avanan and need programmatic tenant provisioning and license management.

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

avanan-legacy-mcp

MCP server for the Avanan MSP SmartAPI (the "legacy" Avanan MSP tenant management API — distinct from avanan-mcp, which targets the Checkpoint Harmony Email & Collaboration HEC API).

Implements the Jan 2024 Avanan MSP SmartAPI Reference Guide:

Group	Tools
Child MSPs	`avanan_list_msp_partners`, `avanan_create_msp_partner`, `avanan_delete_msp_partner`
MSP users	`avanan_list_msp_users`, `avanan_get_msp_user`, `avanan_create_msp_user`, `avanan_update_msp_user`, `avanan_delete_msp_user`
Customer tenants	`avanan_list_tenants`, `avanan_get_tenant`, `avanan_create_tenant`, `avanan_delete_tenant`
Licenses	`avanan_list_licenses`, `avanan_list_addons`, `avanan_assign_license`
Usage	`avanan_get_monthly_usage`, `avanan_get_daily_usage`

Configuration

Env var	Required	Description
`AVANAN_APP_ID`	yes	Application ID provided by Avanan Support (`x-av-app-id`).
`AVANAN_TOKEN`	yes	Token from the Avanan auth handshake (`x-av-token`).
`AVANAN_SECRET`	yes	Shared secret used to compute the `x-av-sig` HMAC.
`AVANAN_REGION`	no	`us` \| `eu` \| `ca` \| `ap`. Defaults to JWT region claim, then `us`.
`MCP_TRANSPORT`	no	`stdio` (default) or `http`.
`MCP_HTTP_PORT`	no	HTTP transport port (default 8080).
`LOG_LEVEL`	no	`debug` \| `info` \| `warn` \| `error` (default `info`).

In gateway mode, credentials are taken per-request from headers: X-Avanan-App-Id, X-Avanan-Token, X-Avanan-Secret, optionally X-Avanan-Region.

Status

[!IMPORTANT] The x-av-sig signing algorithm is implemented as a best-guess HMAC-SHA256 because the MSP SmartAPI guide defers signing details to the parent Avanan API Reference Guide. Replace the body of signRequest() in src/utils/client.ts with the exact algorithm before production use. The function is isolated so no other code needs to change.

Build

npm install
npm run build
npm start

Regional endpoints

Region	Base
US	`https://smart-api-production-1-us.avanan.net`
EU	`https://smart-api-production-1-eu.avanan.net`
CA	`https://smart-api-production-1-ca.avanan.net`
AP	`https://smart-api-production-5-ap.avanan.net`

All endpoints sit under /v1.0/msp/....

Featured

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Configuration

AVANAN_APP_ID*

Application ID provided by Avanan Support (x-av-app-id)

AVANAN_TOKEN*secret

Token from the Avanan auth handshake (x-av-token)

AVANAN_SECRET*secret

Shared secret used to compute the x-av-sig HMAC

AVANAN_REGION

API region: us, eu, ca, or ap (defaults to JWT region claim, then us)

MCP_TRANSPORTdefault: stdio

Transport mode: 'stdio' for local CLI use, 'http' for gateway hosting

MCP_HTTP_PORTdefault: 8080

HTTP transport listen port

LOG_LEVELdefault: info

Log verbosity: debug, info, warn, error

Registryactive

Packageghcr.io/wyre-technology/avanan-legacy-mcp:v1.0.1

TransportSTDIO

AuthRequired

UpdatedJun 2, 2026

View on GitHub

avanan-legacy-mcp

MCP server for the Avanan MSP SmartAPI (the "legacy" Avanan MSP tenant management API — distinct from avanan-mcp, which targets the Checkpoint Harmony Email & Collaboration HEC API).

Implements the Jan 2024 Avanan MSP SmartAPI Reference Guide:

Group

Tools

Child MSPs

avanan_list_msp_partners, avanan_create_msp_partner, avanan_delete_msp_partner

MSP users

avanan_list_msp_users, avanan_get_msp_user, avanan_create_msp_user, avanan_update_msp_user, avanan_delete_msp_user

Customer tenants

avanan_list_tenants, avanan_get_tenant, avanan_create_tenant, avanan_delete_tenant

Licenses

avanan_list_licenses, avanan_list_addons, avanan_assign_license

Usage

avanan_get_monthly_usage, avanan_get_daily_usage

Configuration

Env var

Required

Description

AVANAN_APP_ID

yes

Application ID provided by Avanan Support (x-av-app-id).

AVANAN_TOKEN

yes

Token from the Avanan auth handshake (x-av-token).

AVANAN_SECRET

yes

Shared secret used to compute the x-av-sig HMAC.

AVANAN_REGION

us | eu | ca | ap. Defaults to JWT region claim, then us.

MCP_TRANSPORT

stdio (default) or http.

MCP_HTTP_PORT

HTTP transport port (default 8080).

LOG_LEVEL

debug | info | warn | error (default info).

In gateway mode, credentials are taken per-request from headers: X-Avanan-App-Id, X-Avanan-Token, X-Avanan-Secret, optionally X-Avanan-Region.

Status

[!IMPORTANT] The x-av-sig signing algorithm is implemented as a best-guess HMAC-SHA256 because the MSP SmartAPI guide defers signing details to the parent Avanan API Reference Guide. Replace the body of signRequest() in src/utils/client.ts with the exact algorithm before production use. The function is isolated so no other code needs to change.

Region

Base

https://smart-api-production-1-us.avanan.net

https://smart-api-production-1-eu.avanan.net

https://smart-api-production-1-ca.avanan.net

https://smart-api-production-5-ap.avanan.net

Configuration

AVANAN_APP_ID*

Application ID provided by Avanan Support (x-av-app-id)

AVANAN_TOKEN*secret

Token from the Avanan auth handshake (x-av-token)

AVANAN_SECRET*secret

Shared secret used to compute the x-av-sig HMAC

AVANAN_REGION

API region: us, eu, ca, or ap (defaults to JWT region claim, then us)

MCP_TRANSPORTdefault: stdio

Transport mode: 'stdio' for local CLI use, 'http' for gateway hosting

MCP_HTTP_PORTdefault: 8080

HTTP transport listen port

LOG_LEVELdefault: info

Log verbosity: debug, info, warn, error