Back to Home
sooperset icon

mcp-atlassian

Verified Safe

by sooperset

View Source

Overview

Provides an MCP (Model Context Protocol) server for interacting with Atlassian Jira and Confluence APIs, offering tools for content management, search, and workflow automation.

Installation

Run Command
mcp-atlassian

Environment Variables

  • MCP_VERBOSE
  • MCP_LOGGING_STDOUT
  • MCP_VERY_VERBOSE
  • TRANSPORT
  • STATELESS
  • PORT
  • HOST
  • STREAMABLE_HTTP_PATH
  • ENABLED_TOOLS
  • READ_ONLY_MODE
  • JIRA_URL
  • JIRA_USERNAME
  • JIRA_API_TOKEN
  • JIRA_PERSONAL_TOKEN
  • JIRA_SSL_VERIFY
  • JIRA_PROJECTS_FILTER
  • JIRA_HTTP_PROXY
  • JIRA_HTTPS_PROXY
  • JIRA_NO_PROXY
  • JIRA_SOCKS_PROXY
  • JIRA_CUSTOM_HEADERS
  • JIRA_CLIENT_CERT
  • JIRA_CLIENT_KEY
  • JIRA_CLIENT_KEY_PASSWORD
  • DISABLE_JIRA_MARKUP_TRANSLATION
  • CONFLUENCE_URL
  • CONFLUENCE_USERNAME
  • CONFLUENCE_API_TOKEN
  • CONFLUENCE_PERSONAL_TOKEN
  • CONFLUENCE_SSL_VERIFY
  • CONFLUENCE_SPACES_FILTER
  • CONFLUENCE_HTTP_PROXY
  • CONFLUENCE_HTTPS_PROXY
  • CONFLUENCE_NO_PROXY
  • CONFLUENCE_SOCKS_PROXY
  • CONFLUENCE_CUSTOM_HEADERS
  • CONFLUENCE_CLIENT_CERT
  • CONFLUENCE_CLIENT_KEY
  • CONFLUENCE_CLIENT_KEY_PASSWORD
  • ATLASSIAN_OAUTH_ENABLE
  • ATLASSIAN_OAUTH_CLIENT_ID
  • ATLASSIAN_OAUTH_CLIENT_SECRET
  • ATLASSIAN_OAUTH_REDIRECT_URI
  • ATLASSIAN_OAUTH_SCOPE
  • ATLASSIAN_OAUTH_CLOUD_ID
  • ATLASSIAN_OAUTH_ACCESS_TOKEN
  • ATLASSIAN_OAUTH_REFRESH_TOKEN
  • ATLASSIAN_OAUTH_EXPIRES_AT

Security Notes

The server demonstrates good security practices: - Sensitive data (API tokens, OAuth secrets) are loaded from environment variables or `keyring` (with file fallback), not hardcoded. Logging of sensitive data is masked. - SSL verification is enabled by default for all API calls and can be configured with custom CA bundles and client certificates. - `UserTokenMiddleware` properly extracts and validates authentication headers (OAuth, PAT) and returns 401 for failures. - Content preprocessing and HTML sanitization (`_convert_html_to_markdown`, `_process_user_mentions_in_soup`, `clean_jira_text`) are implemented to mitigate XSS risks in displayed content. - The OAuth setup wizard, if used, runs a local server with CSRF protection (`state` parameter). A minor point is the default binding to `0.0.0.0` for HTTP transports, which should be protected by external firewall rules in production environments.

Similar Servers

atlassian-mcp-server

208

The Atlassian Rovo MCP Server acts as a cloud-based bridge, connecting Atlassian Cloud sites (Jira, Compass, Confluence) with external AI tools and IDEs to enable real-time data interaction and automation of development workflows.

Other
9
$Medium

Jira-MCP-Server

1

Provides an AI-callable interface (via Model Context Protocol) to manage Jira tasks, sprints, comments, and team workload using OAuth authentication.

Other
9
$Low

jira-mcp

1

The Jira MCP server provides a Model Context Protocol (MCP) interface, enabling Large Language Models (LLMs) to interact with Jira for tasks like searching, creating, updating, and managing tickets and sprints.

Other
7
$Medium

custom-atlassian-mcp

1

This server integrates AI assistants and MCP clients with Atlassian Jira Cloud to retrieve issue attachment metadata and download attachment content.

Other
8
$High

Stats

Interest Score100
Security Score9
Cost ClassMedium
Avg Tokens2000
Stars4003
Forks849
Last Update2026-01-12

Tags

AtlassianJiraConfluenceMCPIntegrationsAPIServer