crowdit-mcp-server
Verified Safeby chrisgermon
Overview
Unified Model Context Protocol (MCP) server for integrating various business services and applications, designed to be interacted with by AI agents.
Installation
python server.pyEnvironment Variables
- MCP_API_KEY
- PORT
- HALOPSA_RESOURCE_SERVER
- HALOPSA_AUTH_SERVER
- HALOPSA_CLIENT_ID
- HALOPSA_CLIENT_SECRET
- HALOPSA_TENANT
- XERO_CLIENT_ID
- XERO_CLIENT_SECRET
- XERO_TENANT_ID
- XERO_REFRESH_TOKEN
- SHAREPOINT_CLIENT_ID
- SHAREPOINT_CLIENT_SECRET
- SHAREPOINT_TENANT_ID
- SHAREPOINT_REFRESH_TOKEN
- QUOTER_CLIENT_ID
- QUOTER_CLIENT_SECRET
- FORTICLOUD_USERNAME
- FORTICLOUD_PASSWORD
- CIPP_CLIENT_SECRET
- N8N_API_URL
- N8N_API_KEY
- VISIONRAD_HOSTNAME
- VISIONRAD_USERNAME
- VISIONRAD_PRIVATE_KEY
- SALESFORCE_INSTANCE_URL
- SALESFORCE_CLIENT_ID
- SALESFORCE_CLIENT_SECRET
- SALESFORCE_REFRESH_TOKEN
- NINJAONE_CLIENT_ID
- NINJAONE_CLIENT_SECRET
- BIGQUERY_PROJECT_ID
- BIGQUERY_JOB_PROJECT_ID
- BIGQUERY_DATA_PROJECT_ID
- CIPP_TENANT_ID
- CIPP_CLIENT_ID
- CIPP_API_URL
- NINJAONE_REGION
- RDS_HOSTNAME
- RDS_USERNAME
- RDS_PASSWORD
- RDS_DATABASE
- RDS_PORT
- AZURE_TENANT_ID
- AZURE_CLIENT_ID
- AZURE_CLIENT_SECRET
- AZURE_SUBSCRIPTION_ID
- MAXOTEL_USERNAME
- MAXOTEL_PASSWORD
- MAXOTEL_AUTH_KEY
- UBUNTU_HOSTNAME
- UBUNTU_PORT
- UBUNTU_USERNAME
- UBUNTU_PASSWORD
- UBUNTU_PRIVATE_KEY
- UBUNTU_PRIVATE_KEY_SECRET
- UBUNTU_VERIFY_HOST
- UBUNTU_TIMEOUT
- UBUNTU_SERVER_NAME
- DICKERDATA_USERNAME
- DICKERDATA_PASSWORD
- DICKERDATA_API_KEY
- INGRAM_MICRO_CLIENT_ID
- INGRAM_MICRO_CLIENT_SECRET
- INGRAM_MICRO_REFRESH_TOKEN
- CARBON_CLIENT_ID
- CARBON_CLIENT_SECRET
- CARBON_API_URL
- AUVIK_USERNAME
- AUVIK_API_KEY
- AUVIK_API_URL
- METABASE_URL
- METABASE_USERNAME
- METABASE_PASSWORD
- METABASE_API_KEY
- LOG_FORMAT
- GCP_PROJECT_ID
- GOOGLE_CLOUD_PROJECT
- GCLOUD_PROJECT_ID
- GCLOUD_KEY_PATH
Security Notes
The server leverages Google Secret Manager for sensitive credentials, which is a strong security practice. API key authentication is enforced by middleware for most endpoints. However, if 'MCP_API_KEY' is not configured, the server allows unprotected access (though it logs a warning). SSH host verification can be optionally disabled for Ubuntu/VisionRad servers, which is a potential MITM risk if not carefully managed. Destructive operations (e.g., Azure resource group deletion) include 'force' flags that bypass confirmation, requiring careful agent prompting. A Xero client ID is hardcoded in `deploy.sh`, which might be a public ID, but generally hardcoding IDs can be risky. Initial secret setup involves placeholder values that *must* be manually updated.
Similar Servers
mcphub
An orchestration hub that aggregates, manages, and routes Model Context Protocol (MCP) servers and their tools, providing a centralized interface, user management, OAuth 2.0 authorization server capabilities, and AI-powered tool discovery and routing.
git-netai
Provides a unified, asynchronous Model Context Protocol (MCP) server for managing multi-platform network infrastructure (routers, firewalls, WiFi, monitoring, data centers) via a single AI-accessible API.
mcp-compose
This server provides a robust example of OAuth2 authentication for MCP (Model Context Protocol) servers, using GitHub as the identity provider. It demonstrates secure multi-server management, protocol translation, and integration with AI agents for tool invocation.
mcp-servers
Provides an MCP server for Qdrant vector database integration, enabling AI agents to perform semantic search, store documents, and manage collections with advanced multi-tenant filtering capabilities.