NinjaOne

18authSTDIOregistry active

Summary

Connects to NinjaOne's RMM platform via OAuth to manage devices, organizations, alerts, and tickets. Uses a hierarchical navigation pattern where you first call ninjaone_navigate to select a domain, then get access to that domain's specific tools. For devices you can list endpoints, schedule reboots, view Windows services, and check activity logs. Organizations let you create new ones and list their locations. Alerts can be viewed, dismissed individually, or bulk reset by device or org. Tickets support full CRUD operations including comments. Supports US, EU, and OC regions. Handy if you're managing MSP infrastructure and want to surface NinjaOne data or actions through Claude.

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

NinjaOne MCP Server

A Model Context Protocol (MCP) server for interacting with NinjaOne, featuring a decision tree architecture for efficient tool loading.

One-Click Deployment

[!IMPORTANT] Before you click: this server depends on @wyre-technology/node-ninjaone, which is hosted on the GitHub Packages npm registry. GitHub Packages has no anonymous access — even though the package is public, every npm install needs a token. The cloud builder runs npm install for you, so you must give it one, or the build fails with npm error 401 Unauthorized ... npm.pkg.github.com.

Create a GitHub Personal Access Token with the read:packages scope (classic token). Any GitHub account works — you do not need to be a member of the wyre-technology org to read its public packages.

Add it as a build variable when prompted by the deploy flow:

Cloudflare Workers → set a build variable named NODE_AUTH_TOKEN to your PAT (Workers → Settings → Build → Variables and Secrets).

DigitalOcean App Platform → set an encrypted env var named GITHUB_TOKEN with scope Build Time to your PAT (the .do/app.yaml already declares it).

[!NOTE] Both targets run the full MCP server. DigitalOcean builds the Docker image and serves it over HTTP; Cloudflare Workers serves the same server via the SDK's Web Standard Streamable HTTP transport (src/worker.ts). After deploying, set your NinjaOne credentials as secrets — NINJAONE_CLIENT_ID, NINJAONE_CLIENT_SECRET, and optionally NINJAONE_REGION — or set AUTH_MODE=gateway to take credentials per-request from X-Ninja-* headers. The MCP endpoint is /mcp; /health is an unauthenticated liveness probe.

Architecture

This MCP server uses a hierarchical tool loading approach instead of exposing all tools upfront:

Navigation Phase: Initially exposes only a navigation tool (ninjaone_navigate)
Domain Selection: User selects a domain (devices, organizations, alerts, tickets)
Domain Tools: Server exposes domain-specific tools after selection
Lazy Loading: Domain handlers and the NinjaOne client are loaded on-demand

This architecture provides:

Reduced cognitive load (fewer tools to choose from)
Faster initial load times
Better organization of related operations
Clear navigation state

Installation

This package is published to the GitHub Packages npm registry, which requires a token even for public packages. Authenticate once, then install:

# Authenticate npm to GitHub Packages (token needs the read:packages scope)
export NODE_AUTH_TOKEN=$(gh auth token)   # or a PAT with read:packages

npm install @wyre-technology/ninjaone-mcp

The repo's .npmrc already points the @wyre-technology scope at GitHub Packages and reads the token from NODE_AUTH_TOKEN, so no further config is needed. The same applies to npx @wyre-technology/ninjaone-mcp below. Prefer a zero-setup option? Use the prebuilt container image (ghcr.io/wyre-technology/ninjaone-mcp) or the .mcpb bundle attached to each release.

Configuration

Set the following environment variables:

Variable	Required	Description
`NINJAONE_CLIENT_ID`	Yes	OAuth 2.0 Client ID
`NINJAONE_CLIENT_SECRET`	Yes	OAuth 2.0 Client Secret
`NINJAONE_REGION`	No	Region: `us` (default), `eu`, or `oc`

NinjaOne API Regions

Region	Base URL
`us`	`https://app.ninjarmm.com`
`eu`	`https://eu.ninjarmm.com`
`oc`	`https://oc.ninjarmm.com`

Usage

Running Standalone

# Set credentials
export NINJAONE_CLIENT_ID="your-client-id"
export NINJAONE_CLIENT_SECRET="your-client-secret"
export NINJAONE_REGION="us"

# Run the server
npx @wyre-technology/ninjaone-mcp

Claude Desktop Configuration

Add to your Claude Desktop claude_desktop_config.json:

{
  "mcpServers": {
    "ninjaone": {
      "command": "npx",
      "args": ["@wyre-technology/ninjaone-mcp"],
      "env": {
        "NINJAONE_CLIENT_ID": "your-client-id",
        "NINJAONE_CLIENT_SECRET": "your-client-secret",
        "NINJAONE_REGION": "us"
      }
    }
  }
}

Docker

docker build -t ninjaone-mcp .
docker run -e NINJAONE_CLIENT_ID=xxx -e NINJAONE_CLIENT_SECRET=xxx -e NINJAONE_REGION=us ninjaone-mcp

Available Domains

Devices

Manage endpoints, reboot devices, view services and alerts.

Tools:

ninjaone_devices_list - List devices with filters
ninjaone_devices_get - Get device details
ninjaone_devices_reboot - Schedule a device reboot
ninjaone_devices_services - List Windows services on a device
ninjaone_devices_alerts - Get device-specific alerts
ninjaone_devices_activities - View device activity log

Organizations

Manage customer organizations and their resources.

Tools:

ninjaone_organizations_list - List organizations
ninjaone_organizations_get - Get organization details
ninjaone_organizations_create - Create a new organization
ninjaone_organizations_locations - List organization locations
ninjaone_organizations_devices - List devices for an organization

Alerts

View and manage alerts across all devices.

Tools:

ninjaone_alerts_list - List alerts with filters
ninjaone_alerts_reset - Reset/dismiss a single alert
ninjaone_alerts_reset_all - Reset all alerts for a device or organization
ninjaone_alerts_summary - Get alert count summary

Tickets

Manage service tickets.

Tools:

ninjaone_tickets_list - List tickets with filters
ninjaone_tickets_get - Get ticket details
ninjaone_tickets_create - Create a new ticket
ninjaone_tickets_update - Update an existing ticket
ninjaone_tickets_add_comment - Add a comment to a ticket
ninjaone_tickets_comments - Get ticket comments

Navigation Tools

Always available:

ninjaone_navigate - Select a domain to work with
ninjaone_status - Show current state and credential status
ninjaone_back - Return to main menu (when in a domain)

Example Workflow

User: Check my devices
Claude: [calls ninjaone_navigate with domain="devices"]
       -> Navigated to devices domain. Available tools: ...

User: List all Windows servers
Claude: [calls ninjaone_devices_list with device_class="WINDOWS_SERVER"]
       -> [device list results]

User: Now show me alerts
Claude: [calls ninjaone_back]
       -> Navigated back to main menu.
       [calls ninjaone_navigate with domain="alerts"]
       -> Navigated to alerts domain.

Authentication

NinjaOne uses OAuth 2.0 for authentication. You need to:

Log in to your NinjaOne dashboard
Go to Administration > Apps > API
Create a new API application
Note the Client ID and Client Secret
Configure the environment variables

The client library handles token refresh automatically.

License

Apache-2.0

Featured

CodeRabbit

AI writes the code. CodeRabbit catches the slop.

Try For Free →

Keep your Mac awake

Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.

One time payment $9 →

Context.dev

Integrate web data into your AI product. One API to scrape website & brand data.

Get API Key Now →

Make your agent a DeFi expert

Agent, run crypto. Access onchain data & trade routes via 1inch.

Install now →

Make money from your Skills

On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.

Start earning →

AppSignal

Monitor with ease. Code with confidence.

Start Free Trial →

Configuration

NINJAONE_CLIENT_ID*

NinjaOne OAuth 2.0 Client ID

NINJAONE_CLIENT_SECRET*secret

NinjaOne OAuth 2.0 Client Secret

NINJAONE_REGIONdefault: us

NinjaOne region: 'us' (default), 'eu', or 'oc'

MCP_TRANSPORTdefault: stdio

Transport mode for the server. Set to 'stdio' for local CLI use; the image defaults to 'http' for gateway hosting.

AUTH_MODEdefault: env

Credential source: 'env' reads vars locally, 'gateway' expects header injection from the WYRE MCP Gateway.

LOG_LEVELdefault: info

Log verbosity: debug, info, warn, error

Registryactive

Packageghcr.io/wyre-technology/ninjaone-mcp:v1.7.0

TransportSTDIO

AuthRequired

UpdatedJun 2, 2026

View on GitHub

NinjaOne MCP Server

A Model Context Protocol (MCP) server for interacting with NinjaOne, featuring a decision tree architecture for efficient tool loading.

One-Click Deployment

[!IMPORTANT] Before you click: this server depends on @wyre-technology/node-ninjaone, which is hosted on the GitHub Packages npm registry. GitHub Packages has no anonymous access — even though the package is public, every npm install needs a token. The cloud builder runs npm install for you, so you must give it one, or the build fails with npm error 401 Unauthorized ... npm.pkg.github.com.

Create a GitHub Personal Access Token with the read:packages scope (classic token). Any GitHub account works — you do not need to be a member of the wyre-technology org to read its public packages.

Add it as a build variable when prompted by the deploy flow:

Cloudflare Workers → set a build variable named NODE_AUTH_TOKEN to your PAT (Workers → Settings → Build → Variables and Secrets).

DigitalOcean App Platform → set an encrypted env var named GITHUB_TOKEN with scope Build Time to your PAT (the .do/app.yaml already declares it).

[!NOTE] Both targets run the full MCP server. DigitalOcean builds the Docker image and serves it over HTTP; Cloudflare Workers serves the same server via the SDK's Web Standard Streamable HTTP transport (src/worker.ts). After deploying, set your NinjaOne credentials as secrets — NINJAONE_CLIENT_ID, NINJAONE_CLIENT_SECRET, and optionally NINJAONE_REGION — or set AUTH_MODE=gateway to take credentials per-request from X-Ninja-* headers. The MCP endpoint is /mcp; /health is an unauthenticated liveness probe.

Architecture

This MCP server uses a hierarchical tool loading approach instead of exposing all tools upfront:

Navigation Phase: Initially exposes only a navigation tool (ninjaone_navigate)
Domain Selection: User selects a domain (devices, organizations, alerts, tickets)
Domain Tools: Server exposes domain-specific tools after selection
Lazy Loading: Domain handlers and the NinjaOne client are loaded on-demand

This architecture provides:

Reduced cognitive load (fewer tools to choose from)
Faster initial load times
Better organization of related operations
Clear navigation state

Installation

This package is published to the GitHub Packages npm registry, which requires a token even for public packages. Authenticate once, then install:

# Authenticate npm to GitHub Packages (token needs the read:packages scope)
export NODE_AUTH_TOKEN=$(gh auth token)   # or a PAT with read:packages

npm install @wyre-technology/ninjaone-mcp

Configuration

Set the following environment variables:

Variable	Required	Description
`NINJAONE_CLIENT_ID`	Yes	OAuth 2.0 Client ID
`NINJAONE_CLIENT_SECRET`	Yes	OAuth 2.0 Client Secret
`NINJAONE_REGION`	No	Region: `us` (default), `eu`, or `oc`

NinjaOne API Regions

Region	Base URL
`us`	`https://app.ninjarmm.com`
`eu`	`https://eu.ninjarmm.com`
`oc`	`https://oc.ninjarmm.com`

Usage

Running Standalone

# Set credentials
export NINJAONE_CLIENT_ID="your-client-id"
export NINJAONE_CLIENT_SECRET="your-client-secret"
export NINJAONE_REGION="us"

# Run the server
npx @wyre-technology/ninjaone-mcp

Claude Desktop Configuration

Add to your Claude Desktop claude_desktop_config.json:

{
  "mcpServers": {
    "ninjaone": {
      "command": "npx",
      "args": ["@wyre-technology/ninjaone-mcp"],
      "env": {
        "NINJAONE_CLIENT_ID": "your-client-id",
        "NINJAONE_CLIENT_SECRET": "your-client-secret",
        "NINJAONE_REGION": "us"
      }
    }
  }
}

Docker

docker build -t ninjaone-mcp .
docker run -e NINJAONE_CLIENT_ID=xxx -e NINJAONE_CLIENT_SECRET=xxx -e NINJAONE_REGION=us ninjaone-mcp

Available Domains

Devices

Manage endpoints, reboot devices, view services and alerts.

Tools:

ninjaone_devices_list - List devices with filters
ninjaone_devices_get - Get device details
ninjaone_devices_reboot - Schedule a device reboot
ninjaone_devices_services - List Windows services on a device
ninjaone_devices_alerts - Get device-specific alerts
ninjaone_devices_activities - View device activity log

Organizations

Manage customer organizations and their resources.

Tools:

ninjaone_organizations_list - List organizations
ninjaone_organizations_get - Get organization details
ninjaone_organizations_create - Create a new organization
ninjaone_organizations_locations - List organization locations
ninjaone_organizations_devices - List devices for an organization

Alerts

View and manage alerts across all devices.

Tools:

ninjaone_alerts_list - List alerts with filters
ninjaone_alerts_reset - Reset/dismiss a single alert
ninjaone_alerts_reset_all - Reset all alerts for a device or organization
ninjaone_alerts_summary - Get alert count summary

Tickets

Manage service tickets.

Tools:

ninjaone_tickets_list - List tickets with filters
ninjaone_tickets_get - Get ticket details
ninjaone_tickets_create - Create a new ticket
ninjaone_tickets_update - Update an existing ticket
ninjaone_tickets_add_comment - Add a comment to a ticket
ninjaone_tickets_comments - Get ticket comments

Navigation Tools

Always available:

ninjaone_navigate - Select a domain to work with
ninjaone_status - Show current state and credential status
ninjaone_back - Return to main menu (when in a domain)

Example Workflow

User: Check my devices
Claude: [calls ninjaone_navigate with domain="devices"]
       -> Navigated to devices domain. Available tools: ...

User: List all Windows servers
Claude: [calls ninjaone_devices_list with device_class="WINDOWS_SERVER"]
       -> [device list results]

User: Now show me alerts
Claude: [calls ninjaone_back]
       -> Navigated back to main menu.
       [calls ninjaone_navigate with domain="alerts"]
       -> Navigated to alerts domain.

Authentication

NinjaOne uses OAuth 2.0 for authentication. You need to:

Log in to your NinjaOne dashboard
Go to Administration > Apps > API
Create a new API application
Note the Client ID and Client Secret
Configure the environment variables

The client library handles token refresh automatically.

License

Apache-2.0