pipedrive-api-token
by layer5-5
Overview
Pipedrive CRM integration with Layer55 authentication for AI assistants using Model Context Protocol (MCP).
Installation
docker run -p 8002:8002 -e LAYER55_API_URL=http://api:8066 -e JWT_SECRET_KEY=your-secret pipedrive-mcp:latestEnvironment Variables
- LAYER55_API_URL
- JWT_SECRET_KEY
- VALID_API_KEYS
Security Notes
CRITICAL: The server's default configuration for API key validation (used for '/mcp/tools/call') accepts *any* non-empty API key if 'VALID_API_KEYS' environment variable is not explicitly set. This makes the tool execution endpoint vulnerable to unauthorized access in its default state, even with warnings in the code. Furthermore, '/mcp/initialize' and '/mcp/tools/public' endpoints are *unauthenticated* in the provided source code (main.py), directly contradicting the README's claim that all MCP endpoints require JWT. The default 'JWT_SECRET_KEY' is also a fallback 'dev-fallback-key-change-in-production', which is highly insecure for production. Permissive CORS ('*') is also configured by default. These issues combine to create a very low security posture out-of-the-box.
Similar Servers
plane-mcp-server
Provides AI agents with tools to interact with Plane APIs for project and work item management.
hayhooks
Deploy and serve Haystack Pipelines and Agents as REST APIs or MCP Tools, with OpenAI compatibility and Open WebUI integration, including support for RAG systems with file uploads and streaming.
airtable-mcp
Provides a Model Context Protocol (MCP) server for Airtable, enabling AI agents to perform full CRUD operations, schema management, webhooks, batch operations, and AI-powered analytics through natural language interactions.
pagerduty-mcp-server
The PagerDuty MCP Server allows MCP-enabled clients (like AI agents) to interact with a PagerDuty account to manage incidents, services, schedules, event orchestrations, and other PagerDuty resources.