strapi-mcp-server
If you are the rightful owner of strapi-mcp-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.
A Model Context Protocol server for interacting with Strapi CMS, enabling AI assistants to interact with your Strapi instance through a standardized interface.
Strapi MCP Server
A Model Context Protocol server for interacting with Strapi CMS. This server enables AI assistants to interact with your Strapi instance through a standardized interface, supporting content types and REST API operations.
โ ๏ธ IMPORTANT DISCLAIMER: This software has been developed with the assistance of AI technology. It is provided as-is and should NOT be used in production environments without thorough testing and validation. The code may contain errors, security vulnerabilities, or unexpected behavior. Use at your own risk for research, learning, or development purposes only.
Changelog
Version 2.6.0 - Enhanced Validation & Debugging Update
- ๐ง Implemented structured error handling with McpError and ErrorCode
- โ Added comprehensive Zod validation for runtime type safety
- ๐ Integrated comprehensive logging system with request tracking
- ๐ Added debug mode configuration with environment variables
- ๐งน Removed unused prompt handlers for cleaner codebase
- โฌ๏ธ Updated all dependencies to latest versions
- ๐ Added DEBUGGING.md guide for development workflow
- ๐ก๏ธ Enhanced security with better input validation
- ๐ Improved developer experience with detailed error messages
For complete version history, see .
Features
- ๐ Schema introspection
- ๐ REST API support with validation
- ๐ธ Media upload handling
- ๐ JWT authentication
- ๐ Content type management
- ๐ผ๏ธ Image processing with format conversion
- ๐ Multiple server support
- โ Automatic schema validation
- ๐ Write protection policy
- ๐ Integrated documentation
- ๐ Version compatibility management
Installation
You can use this server directly with npx in your Claude Desktop configuration:
{
"mcpServers": {
"strapi": {
"command": "npx",
"args": ["-y", "@bschauer/strapi-mcp-server@2.6.0"]
}
}
}
Configuration
Create a configuration file at ~/.mcp/strapi-mcp-server.config.json:
{
"myserver": {
"api_url": "http://localhost:1337",
"api_key": "your-jwt-token-from-strapi-admin",
"version": "5.*" // Optional: Specify Strapi version (e.g., "5.*", "4.1.5", "v4")
}
}
You can configure multiple Strapi instances by adding them to this file.
Version Configuration
The server now supports various version formats:
- Wildcard: "5.", "4."
- Specific: "4.1.5", "5.0.0"
- Simple: "v4", "v5"
This helps the server provide version-specific guidance and handle API differences appropriately.
Getting a JWT Token
- Log in to your Strapi admin panel
- Create an API token with appropriate permissions
- Add the token to your config file under the appropriate server name
Usage
List Available Servers
strapi_list_servers();
// Now includes version information and differences between v4 and v5
Content Types
// Get all content types from a specific server
strapi_get_content_types({
server: "myserver",
});
// Get components with pagination
strapi_get_components({
server: "myserver",
page: 1,
pageSize: 25,
});
REST API
The REST API provides comprehensive CRUD operations with built-in validation and version-specific handling:
// Query content with filters
strapi_rest({
server: "myserver",
endpoint: "api/articles",
method: "GET",
params: {
filters: {
title: {
$contains: "search term",
},
},
},
});
// Create new content
strapi_rest({
server: "myserver",
endpoint: "api/articles",
method: "POST",
body: {
data: {
title: "New Article",
content: "Article content",
category: "news",
},
},
});
// Update content
strapi_rest({
server: "myserver",
endpoint: "api/articles/123",
method: "PUT",
body: {
data: {
title: "Updated Title",
content: "Updated content",
},
},
});
// Delete content
strapi_rest({
server: "myserver",
endpoint: "api/articles/123",
method: "DELETE",
});
Media Upload
// Upload image with automatic optimization
strapi_upload_media({
server: "myserver",
url: "https://example.com/image.jpg",
format: "webp",
quality: 80,
metadata: {
name: "My Image",
caption: "Image Caption",
alternativeText: "Alt Text",
},
});
Version Differences (v4 vs v5)
Key differences between Strapi versions that the server handles automatically:
v4
- Uses numeric IDs
- Nested attribute structure
- Data wrapper in responses
- Traditional REST patterns
- External i18n plugin
v5
- Document-based IDs
- Flat data structure
- Direct attribute access
- Enhanced JWT security
- Integrated i18n support
- New Document Service API
Security Features
Write Protection Policy
The server implements a strict write protection policy:
- All write operations require explicit authorization
- Protected operations include:
- POST (Create)
- PUT (Update)
- DELETE
- Media Upload
- Each operation is logged and validated
Best Practices
- Always check schema first with
strapi_get_content_types - Use proper plural/singular forms for endpoints
- Include error handling in your queries
- Validate URLs before upload
- Start with minimal queries and add population only when needed
- Always include the complete data object when updating
- Use filters to optimize query performance
- Leverage built-in schema validation
- Check version compatibility for your operations
- Follow the write protection policy guidelines
REST API Tips
Filtering
// Filter by field value
params: {
filters: {
title: "Exact Match";
}
}
// Contains filter
params: {
filters: {
title: {
$contains: "partial";
}
}
}
// Multiple conditions
params: {
filters: {
$and: [{ category: "news" }, { published: true }];
}
}
Sorting
params: {
sort: ["createdAt:desc"];
}
Pagination
params: {
pagination: {
page: 1,
pageSize: 25
}
}
Population
// Basic request without population
params: {
}
// Selective population when needed
params: {
populate: ["category"];
}
// Detailed population with field selection
params: {
populate: {
category: {
fields: ["name", "slug"];
}
}
}
Troubleshooting
Common issues and solutions:
-
404 Errors
- Check endpoint plural/singular form
- Verify content type exists
- Ensure correct API URL
- Check if using correct ID format (numeric vs document-based)
-
Authentication Issues
- Verify JWT token is valid
- Check token permissions
- Ensure token hasn't expired
-
Version-Related Issues
- Verify version specification in config
- Check data structure matches version
- Review version differences documentation
-
Write Protection Errors
- Ensure operation is authorized
- Check if operation is protected
- Verify request follows security policy
Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
License
MIT
