N-able MCP
Overview, Tools, and Client Integration Guide
Connect to N-able MCP in 2 Simple Steps
N-able MCP lets you connect such AI tools as Claude, GitHub Copilot, Gemini and many more - directly to your N-able environment. Built on the N-able GraphQL API, it gives AI assistants real-time access to N-central device data, N-sight RMM data, and more via the N-able GraphQL API.
Ask questions in natural language, run compliance checks, and query your fleet without writing code or navigating separate product APIs.
View the full list of default and custom tools currently available.
Choose endpoint
Connect your tool
Verify quickly
1. Choose your endpoint
N-able MCP provides three distinct endpoints for different purposes. Choose the endpoint that matches your use case before configuring your AI tool or IDE.
/mcp and /mcp-preview can read and modify live production data across all connected N-able products. This includes executing scripts on devices and will extend to billing and other data as the platform grows. Understand the implications before connecting to a production endpoint. Use with caution - changes affect real customer environments.If you open the MCP endpoint in a web browser you may see an RBAC: access denied message. This is expected because N-able MCP only accepts POST requests.
Production
https://api.n-able.com/mcpData access
Use case
Read-only
https://api.n-able.com/mcp-read-onlyData access
Use case
Preview
https://api.n-able.com/mcp-previewData access
Use case
2. Connect your AI Tool or IDE (Non-Exhaustive Examples)
Before you start: Get your API Token
To connect N-able MCP to an AI tool or IDE, you need a valid API token. Tokens are tied to the N-able SSO user account that creates them, so the token only returns data that account has permission to see.
Get your API Token
To communicate with N-able MCP, clients must provide a valid authorization token via the HTTP header:
Authorization: Bearer <YOUR_API_TOKEN>Permissions
API tokens inherit permissions from the N-able SSO user who created them, so authorization depends on that user account's access.
If a token does not have adequate permissions:
- Queries may fail with a 401 Unauthorized error
- Fields your user account cannot access may return
nullrather than an error - Device lists will only include customers your account has permission to see
Example: if your token was created by a user with access to 3 of your 10 customer accounts, a query for all devices will only return devices from those 3 accounts.
N-able MCP works with any MCP-compatible AI tool or IDE. Find your tool below, copy the configuration, and restart the application. If your tool is not listed, the same pattern applies: use the server URL and pass your API token in the Authorization header.
Pick your tool
spawn npx ENOENT or command not found, use the full absolute path to npx in your MCP config instead of just npx.Quick checks:
- Confirm
npxis installed and available in your terminal withnpx --version - Find the executable path:
- Windows:
where npx - macOS/Linux:
which npx
- Windows:
- If your MCP client still fails, set the full path in config (examples below)
{
"mcpServers": {
"n-able": {
"command": "C:/Program Files/nodejs/npx",
"args": [
"-y",
"mcp-remote",
"https://api.n-able.com/mcp-read-only",
"--header",
"Authorization: Bearer <YOUR_API_TOKEN>"
]
}
}
}Common npx locations:
- Windows:
C:/Program Files/nodejs/npxorC:/Program Files/nodejs/npx.cmd - macOS (Homebrew):
/opt/homebrew/bin/npx(Apple Silicon) or/usr/local/bin/npx(Intel) - Linux: usually
/usr/bin/npxor/usr/local/bin/npx
Slash hygiene (common copy/paste issue):
- Use single forward slashes in local paths and endpoint paths
- Avoid accidental double slashes like
C://...or/mcp/preview
{
"bad": {
"command": "C://Program Files/nodejs/npx",
"url": "https://api.n-able.com/mcp/preview"
},
"good": {
"command": "C:/Program Files/nodejs/npx",
"url": "https://api.n-able.com/mcp-preview"
}
}Claude Desktop
https://api.n-able.com/mcp-read-only.Claude Code
Authorization header.Gemini CLI
httpUrl and token header.Copilot VS Code
servers and explicit token header.Copilot Studio
/mcp-preview for safety, but you can swap in /mcp for production or /mcp-preview.5. Verify it's working (Expected Behavior)
Once N-able MCP is configured properly:
✔️ There should be no console errors
- No connection failures
- No token-related errors
- N-able MCP tools visible to the agent
✔ N-able MCP server visible to the agent ✔ Requests authenticated using an API token ✔ Agent can resolve the schema and execute queries
Step 1: Quick connection check
After verification, you can test the connection by asking:
Q&A · Quick connection check
User input:“How many devices are you managing?”
AI tool/agent response
The agent should have used the default MCP tools to run a GraphQL operation and return an expected output like:
The number will reflect the actual device count in your tenant.
This proves that:
- Authentication is correct
- Default tools are available
- The N-able GraphQL API is reachable
Step 2: Real MSP example
After the quick connection check, try a query that demonstrates an operational use case for MSP automation:
Q&A · Real MSP example
User input:“Show me all Windows devices that don't have full BitLocker encryption, grouped by customer.”
AI tool/agent response
Current tools
View the full list of default and custom tools currently available.
Error Handling & Troubleshooting
| Problem | Likely cause | Fix |
|---|---|---|
| 401 Unauthorized | Token is missing, malformed, or has been revoked. | Generate a new token at https://n-able.app/api-token-management and update your AI tool or IDE configuration. |
| 404 Not Found | The endpoint URL is wrong. | Confirm the URL is https://api.n-able.com/mcp-preview with no trailing slash. |
spawn npx ENOENT or command not found | Your MCP client cannot resolve npx from PATH (common in desktop apps or service contexts). | Set command to the absolute npx path (for example C:/Program Files/nodejs/npx), then restart the client. Verify the path using where npx (Windows) or which npx (macOS/Linux). |
Config contains C://... or /mcp/preview | Path/URL uses an incorrect slash pattern from copy/paste. | Normalize to single-slash Windows paths (C:/Program Files/nodejs/npx) and use the correct endpoint format (https://api.n-able.com/mcp-preview or https://api.n-able.com/mcp-read-only). |
| N-able MCP tools not visible in your AI tool | The client is misconfigured or was not restarted after setup. | Re-check your configuration file, save it, and fully restart the IDE or AI tool. |
| Query returns no results or fewer devices than expected | The token was created by a user who does not have access to all customers in N-able. | Create a new token using an account with the appropriate customer access. See the Permissions section above. |
execute returns an error but other tools work | execute is not enabled in your MCP client configuration. | Check your MCP configuration and ensure execute is explicitly permitted. It is the only tool that requires this. |
Security fields such as BitLocker return null | BitLocker data is only available for Windows devices. Non-Windows devices and some server editions will return null. | Filter your query to Windows assets using operatingSystem: { type: { equals: WINDOWS } } before checking BitLocker status. |
| Your AI assistant reports an unknown field | The field name may have changed in a recent schema update, or the field does not exist. | Use the search tool to find the correct field name, or check the schema changelog in the references below for recent changes. |
Additional References
- CAT-MIP MCP Standard - https://cat-mip.org/ - External CAT-MIP project documentation related to MCP interoperability.
- CAT-MIP Releases - https://github.com/cat-mip/cat-mip/releases - Release history for the CAT-MIP project.
Share your feedback
N-able MCP is in active development and the tools added next will be shaped by what MSP automation workflows actually need. If something is missing, broken, or could work better, let us know.
Quiz Time
Ready for a quick challenge?
Updated 12 days ago