dbankscard/jamf-mcp-server

Jamf Pro MCP Server v2.2

A comprehensive MCP (Model Context Protocol) server that enables AI assistants to interact with Jamf Pro for complete Apple device management. Works with Claude Desktop and ChatGPT (via MCP Connectors).

Two modes: Classic Mode (108 individual tools) or Code Mode (2 tools + sandboxed JavaScript SDK)

What's New in v2.2

• Code Mode — a new execution model that exposes just 2 MCP tools (jamf_search + jamf_execute) instead of 108 individual tools. The agent writes JavaScript that runs in a sandboxed node:vm context with a typed Jamf API client, enabling complex multi-step workflows in a single tool call. Includes capability-based access control, budget tracking, plan/apply workflow, and an approval gate for high-impact commands.
• Concurrency limiting — semaphore-style ConcurrencyLimiter (default 5, configurable via JAMF_MAX_CONCURRENCY) prevents 429 rate-limit errors. Applied to both the core API client and Code Mode sandbox.
• Policy caching — getPolicyDetails results are now cached to avoid redundant API calls, with automatic invalidation on policy writes.
• Static computer group XML fix — createStaticComputerGroup and updateStaticComputerGroup now use proper XML via XmlBuilder (with escaping) instead of broken JSON or raw template literals.

What's in v2.1

• 108 tools (up from 56) — expanded coverage across the full Jamf Pro API and Classic API
• 12 resources — all returning live data including compliance, storage, OS versions, encryption, and patch reports
• 12 workflow prompts — guided templates for common admin tasks like onboarding, offboarding, security audits, and staged rollouts
• Compound tools — single-call operations like getFleetOverview, getDeviceFullProfile, getSecurityPosture, and getPolicyAnalysis that combine multiple API calls behind the scenes
• Bearer Token authentication on Classic API — full OAuth2 Client Credentials support without needing a username/password
• Parallel API calls — batch operations and compound tools run requests concurrently for faster results
• Correct Jamf terminology — all documentation and tool descriptions align with official Jamf developer documentation

Quick Start

For Claude Desktop Users

git clone https://github.com/dbankscard/jamf-mcp-server.git
cd jamf-mcp-server
npm install
npm run build

Configure your credentials in Claude Desktop (see Configuration below).

For ChatGPT Users

git clone https://github.com/dbankscard/jamf-mcp-server.git
cd jamf-mcp-server
./chatgpt/start-chatgpt-poc.sh

See our for 5-minute setup.

Code Mode (New)

Code Mode replaces 108 individual MCP tools with just 2:

Why Code Mode? This implementation is inspired by Cloudflare's Code Mode pattern, which addresses a fundamental tension in MCP: agents need many tools to do useful work, but every tool definition consumes context window tokens. Cloudflare found that exposing their full API as individual MCP tools would consume over 1 million tokens — more than the entire context window of most models. Their solution: collapse everything into a search + execute pattern where agents discover APIs on demand and write code against a typed SDK, reducing token usage by up to 99.9%.

We applied the same pattern to Jamf Pro. Our 108 Classic Mode tools consume ~40,000 tokens of tool definitions. Code Mode reduces that to ~1,000 tokens (2 tool definitions) while retaining access to the full API surface. The agent uses jamf_search to discover methods, then writes JavaScript that runs in a sandboxed node:vm context. This also enables multi-step workflows in a single tool call — chaining API calls, filtering results, and building reports without LLM round-trips between each step.

Safety features:

• Plan/Apply workflow — run with mode: "plan" to preview all writes without executing, then mode: "apply" to commit
• Capability-based access — declare only the permissions your code needs (read:computers, write:policies, command:mdm, etc.)
• Budget tracking — automatic call-count limits prevent runaway loops
• Approval gate — high-impact commands (wipe, lock, delete) require an explicit approval token
• Concurrency throttling — API calls are rate-limited to prevent 429 errors

Code Mode Configuration

Use dist/index-code.js as the entry point instead of dist/index-main.js:

{
  "mcpServers": {
    "jamf-code": {
      "command": "node",
      "args": ["/absolute/path/to/jamf-mcp-server/dist/index-code.js"],
      "env": {
        "JAMF_URL": "https://your-instance.jamfcloud.com",
        "JAMF_CLIENT_ID": "your-api-client-id",
        "JAMF_CLIENT_SECRET": "your-api-client-secret"
      }
    }
  }
}

Code Mode Example

// Find all computers not checked in for 30 days
const computers = await jamf.getAllComputers(200);
const stale = computers.filter(c => helpers.daysSince(c.lastContactTime) > 30);
log(`Found ${stale.length} stale computers`);
return stale.map(c => ({ id: c.id, name: c.name, lastContact: c.lastContactTime }));

Code Mode vs Classic Mode Benchmark

Real numbers from a live Jamf Pro instance (npm run benchmark):

Key takeaways:

• Multi-step workflows: 7 tool calls → 1 (86% fewer LLM round-trips, 21% faster wall-clock). In real usage the savings are even larger — each Classic tool call is an LLM inference round-trip costing seconds of latency and tokens.
• Smaller payloads: Code Mode returns only the fields you ask for — 76% smaller for stale-computer queries (9 KB vs 38 KB), which means fewer tokens fed back to the LLM.
• Simple lookups: Roughly equivalent. Classic's purpose-built tools have slightly less overhead for single-call operations.
• Bottom line: Code Mode's value scales with task complexity. The more steps a workflow requires, the bigger the advantage.

Run the benchmark yourself:

npm run benchmark   # requires JAMF_URL, JAMF_CLIENT_ID, JAMF_CLIENT_SECRET

Classic Mode (108 Tools)

What You Can Do

Ask natural language questions about your Jamf fleet:

• "How is my fleet doing?" — uses getFleetOverview for a single-call summary
• "Tell me about LAPTOP-001" — uses getDeviceFullProfile to resolve by name, serial, or ID
• "What's our security posture?" — uses getSecurityPosture for encryption and compliance analysis
• "How is the Software Install policy performing?" — uses getPolicyAnalysis with auto-resolve by name
• "Find all devices that haven't checked in for 30 days"
• "Deploy software updates to the marketing team"
• "Retrieve the LAPS password for this device"
• "Show me patch compliance across the fleet"

Tools (108)

Compound Tools (Start Here)

These combine multiple API calls into a single operation:

• getFleetOverview: Comprehensive fleet summary — inventory counts, compliance rates, and mobile device status in one call
• getDeviceFullProfile: Complete device profile by name, serial, or ID — resolves automatically and fetches details, policy logs, and history in parallel
• getSecurityPosture: Fleet security analysis — FileVault encryption rates, compliance status, and OS version currency
• getPolicyAnalysis: Policy analysis by ID or name — configuration, scope, compliance, and performance

Device Management

• searchDevices: Find devices by name, serial number, IP address, or username
• getDeviceDetails: Detailed device information by ID
• checkDeviceCompliance: Find devices that haven't reported in X days
• getDevicesBatch: Get details for multiple devices in a single request
• updateInventory: Force inventory update on a device

Computer History & MDM Commands

• getComputerHistory: Full computer history — policy logs, MDM commands, audit events, screen sharing, user/location changes
• getComputerPolicyLogs: Policy execution logs showing success/failure per device
• getComputerMDMCommandHistory: MDM command history with status and timestamps
• sendComputerMDMCommand: Send MDM commands to macOS — lock, wipe, restart, shutdown, remote desktop (requires confirmation)
• flushMDMCommands: Clear pending/failed MDM commands to unstick devices (requires confirmation)

Policy Management

• listPolicies: List all policies with optional category filter
• getPolicyDetails: Detailed policy info including scope, scripts, and packages
• searchPolicies: Search policies by name
• executePolicy: Run a policy on specific devices (requires confirmation)
• createPolicy: Create a new policy with full configuration (requires confirmation)
• updatePolicy: Update an existing policy (requires confirmation)
• clonePolicy: Clone a policy with a new name (requires confirmation)
• setPolicyEnabled: Enable or disable a policy (requires confirmation)
• updatePolicyScope: Add/remove computers and groups from policy scope (requires confirmation)
• deletePolicy: Delete a policy (requires confirmation)

Script Management

• listScripts: List all scripts
• searchScripts: Search scripts by name
• getScriptDetails: Full script content, parameters, and metadata
• deployScript: Execute a script on devices (requires confirmation)
• createScript: Create a new script (requires confirmation)
• updateScript: Update an existing script (requires confirmation)
• deleteScript: Delete a script (requires confirmation)

Configuration Profile Management

• listConfigurationProfiles: List profiles (computer or mobile device)
• getConfigurationProfileDetails: Detailed profile information
• searchConfigurationProfiles: Search profiles by name
• deployConfigurationProfile: Deploy a profile to devices (requires confirmation)
• removeConfigurationProfile: Remove a profile from devices (requires confirmation)
• deleteConfigurationProfile: Delete a configuration profile (requires confirmation)

Package Management

• listPackages: List all packages
• searchPackages: Search packages by name
• getPackageDetails: Detailed package information
• getPackageDeploymentHistory: Deployment history via policy analysis
• getPoliciesUsingPackage: Find all policies using a specific package
• getPackageDeploymentStats: Deployment statistics and scope analysis

Computer Group Management

• listComputerGroups: List groups (smart, static, or all)
• getComputerGroupDetails: Group details including membership and smart group criteria
• searchComputerGroups: Search groups by name
• getComputerGroupMembers: List all members of a group
• createStaticComputerGroup: Create a static group (requires confirmation)
• updateStaticComputerGroup: Update group membership (requires confirmation)
• deleteComputerGroup: Delete a group (requires confirmation)

Advanced Computer Searches

• listAdvancedComputerSearches: List all saved advanced searches
• getAdvancedComputerSearchDetails: Get search configuration and results
• createAdvancedComputerSearch: Create a new advanced search (requires confirmation)
• deleteAdvancedComputerSearch: Delete a saved search (requires confirmation)

Mobile Device Management

• searchMobileDevices: Search mobile devices by name, serial, or UDID
• getMobileDeviceDetails: Detailed mobile device information
• listMobileDevices: List all mobile devices
• updateMobileDeviceInventory: Force inventory update on a mobile device
• sendMDMCommand: Send MDM commands — lock, wipe, clear passcode, lost mode, settings (requires confirmation)
• listMobileDeviceGroups: List mobile device groups
• getMobileDeviceGroupDetails: Group details including membership

Reporting & Analytics

• getInventorySummary: Fleet inventory summary — device counts, OS distribution, model distribution
• getDeviceComplianceSummary: Compliance summary — check-in rates, failed policies, missing software
• getPolicyComplianceReport: Policy compliance — success/failure rates, scope coverage
• getSoftwareVersionReport: Software version distribution across devices

Buildings, Departments & Categories

• listBuildings / getBuildingDetails: Organizational buildings for multi-site scoping
• listDepartments / getDepartmentDetails: Departments for scoping and reporting
• listCategories / getCategoryDetails: Categories for organizing policies, scripts, and profiles

Local Administrator Password Solution (LAPS)

• getLocalAdminPassword: Retrieve the current LAPS password for a device (requires confirmation)
• getLocalAdminPasswordAudit: Audit trail of password views and rotations
• getLocalAdminPasswordAccounts: List LAPS-managed accounts on a device

Patch Management

• listPatchSoftwareTitles: List patch software title configurations
• getPatchSoftwareTitleDetails: Patch title details with versions and definitions
• listPatchPolicies: List patch policies with deployment status
• getPatchPolicyDashboard: Patch compliance dashboard — latest version, pending, failed

Extension Attributes

• listComputerExtensionAttributes: List all custom extension attributes
• getComputerExtensionAttributeDetails: Full EA details including script content
• createComputerExtensionAttribute: Create a new extension attribute (requires confirmation)
• updateComputerExtensionAttribute: Update an extension attribute (requires confirmation)
• deleteComputerExtensionAttribute: Delete an extension attribute (requires confirmation)

Managed Software Updates

• listSoftwareUpdatePlans: List active and completed OS update plans
• createSoftwareUpdatePlan: Create an OS update plan for specific devices (requires confirmation)
• getSoftwareUpdatePlanDetails: Update plan status and device progress

PreStage Enrollments

• listComputerPrestages / getComputerPrestageDetails / getComputerPrestageScope: Computer PreStage Enrollment configuration and device assignments
• listMobilePrestages / getMobilePrestageDetails: Mobile device PreStage Enrollments

Network Segments

• listNetworkSegments: List network segments for location-based management
• getNetworkSegmentDetails: Segment details including IP ranges and building assignment

Accounts & Users

• listAccounts / getAccountDetails / getAccountGroupDetails: Jamf Pro admin accounts and groups with privileges
• listUsers / getUserDetails / searchUsers: End-user records (not admin accounts)

App Installers

• listAppInstallers: List Jamf App Catalog titles
• getAppInstallerDetails: Detailed app installer information

Restricted Software

• listRestrictedSoftware: List restricted software entries
• getRestrictedSoftwareDetails: Restricted software configuration details
• createRestrictedSoftware: Create a new restricted software entry (requires confirmation)
• updateRestrictedSoftware: Update an existing restricted software entry (requires confirmation)
• deleteRestrictedSoftware: Delete a restricted software entry (requires confirmation)

Webhooks

• listWebhooks: List configured webhooks
• getWebhookDetails: Webhook configuration details

Resources (12)

Prompts (12 Workflow Templates)

Skills (ChatGPT Integration)

Advanced multi-step operations for the ChatGPT connector:

• skill_device_search: Intelligent device search with natural language processing
• skill_find_outdated_devices: Identify devices not checking in
• skill_batch_inventory_update: Update multiple devices efficiently
• skill_deploy_policy_by_criteria: Deploy policies based on device criteria
• skill_scheduled_compliance_check: Automated compliance reporting

Configuration

Jamf Pro API Authentication

1. In Jamf Pro, go to Settings > System > API Roles and Clients
2. Create a new API Role with necessary permissions
3. Create a new API Client — note the Client ID and generate a Client Secret

Claude Desktop Configuration

Add to your Claude Desktop config file:

• macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
• Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "jamf-pro": {
      "command": "node",
      "args": ["/absolute/path/to/jamf-mcp-server/dist/index-main.js"],
      "env": {
        "JAMF_URL": "https://your-instance.jamfcloud.com",
        "JAMF_CLIENT_ID": "your-api-client-id",
        "JAMF_CLIENT_SECRET": "your-api-client-secret"
      }
    }
  }
}

ChatGPT Configuration

See for detailed instructions.

Enhanced Mode (Optional)

{
  "env": {
    "JAMF_USE_ENHANCED_MODE": "true",
    "JAMF_MAX_CONCURRENCY": "5",
    "JAMF_MAX_RETRIES": "3",
    "JAMF_RETRY_DELAY": "1000",
    "JAMF_RETRY_MAX_DELAY": "10000",
    "JAMF_DEBUG_MODE": "false",
    "JAMF_ENABLE_RETRY": "true",
    "JAMF_ENABLE_RATE_LIMITING": "false",
    "JAMF_ENABLE_CIRCUIT_BREAKER": "false",
    "JAMF_READ_ONLY": "false"
  }
}

Installation

git clone https://github.com/dbankscard/jamf-mcp-server.git
cd jamf-mcp-server
npm install
npm run build

Development

npm run dev          # Run in development mode
npm run build:force  # Build without tests
npm test             # Run tests

Security

• Read-Only Mode: Set JAMF_READ_ONLY=true to prevent any modifications
• Confirmation Required: All destructive operations require explicit confirm: true
• Tool Annotations: Each tool declares readOnlyHint and destructiveHint for client-side safety
• Client Credentials Authentication: Supports Jamf Pro API roles and clients
• Concurrency Limiting: Prevents 429 rate-limit errors (default 5 concurrent, configurable via JAMF_MAX_CONCURRENCY)
• Code Mode Sandbox: node:vm isolation — no require, import, fetch, fs, or process access
• Rate Limiting: Optional built-in rate limiter
• Circuit Breaker: Optional circuit breaker for failure protection

Recommended API Permissions

For full functionality:

• Read access to computers, policies, scripts, configuration profiles, packages, mobile devices, buildings, departments, categories, Extension Attributes, Patch Management, PreStage Enrollments, network segments, accounts, users, webhooks
• LAPS password access (for LAPS tools)
• Update access for inventory updates, policies, scripts, extension attributes
• Execute access for policies, scripts, and MDM commands

For read-only mode:

• Read access to all resources only

Architecture

                    ┌─ Classic Mode (108 tools) ──┐
Claude Desktop ──>  │  MCP Server (stdio)          │──>  Jamf Pro API
                    ├─ Code Mode (2 tools) ────────┤
                    │  jamf_search + jamf_execute   │──>  (sandboxed VM)  ──>  Jamf Pro API
                    └──────────────────────────────┘
ChatGPT ──>  Tunnel (Cloudflare) ──>  MCP Server (HTTP)  ──>  Jamf Pro API

The server uses a hybrid API client that supports both the Jamf Pro API and Classic API, with automatic fallback between them for maximum compatibility across Jamf Pro versions. All API calls pass through a concurrency limiter to prevent rate-limit errors.

Troubleshooting

Authentication Issues

• Verify your API credentials (Client ID and Secret)
• Ensure the API client has the required permissions
• For Classic API endpoints, the server automatically uses Bearer Token authentication

503 Errors on Classic API

• If using Client Credentials only (no username/password), ensure you're running v2.1+ which supports Bearer Token authentication on Classic API endpoints

Timeouts on Compound Tools

• The default request timeout is 30 seconds
• Compound tools like getFleetOverview make parallel API calls and may need more time on slower instances

Contributing

Contributions are welcome! Please:

1. Fork the repository
2. Create a feature branch
3. Add tests for new functionality
4. Submit a pull request

License

MIT

Resources

• Model Context Protocol Documentation
• Jamf Pro API Documentation
• ChatGPT MCP Connectors
• Claude Desktop MCP Servers

Support

• Create an Issue
• Fork this Repository

Built with ❤️ for the Jamf, Claude, and ChatGPT communities