mcp-server-airbnb by tamirlocalsn - MCP Server

Airbnb MCP Server

MCP Server for searching Airbnb and get listing details.

Tools

airbnb_search
- Search for Airbnb listings
- Required Input:
  - apiKey (string) - API key for authentication
  - location (string)
- Optional Inputs:
  - placeId (string)
  - checkin (string, YYYY-MM-DD)
  - checkout (string, YYYY-MM-DD)
  - adults (number)
  - children (number)
  - infants (number)
  - pets (number)
  - minPrice (number)
  - maxPrice (number)
  - cursor (string)
  - ignoreRobotsText (boolean)
- Returns: Array of listings with details like name, price, location, etc.
airbnb_listing_details
- Get detailed information about a specific Airbnb listing
- Required Input:
  - apiKey (string) - API key for authentication
  - id (string)
- Optional Inputs:
  - checkin (string, YYYY-MM-DD)
  - checkout (string, YYYY-MM-DD)
  - adults (number)
  - children (number)
  - infants (number)
  - pets (number)
  - ignoreRobotsText (boolean)
- Returns: Detailed listing information including description, host details, amenities, pricing, etc.

Features

Respects Airbnb's robots.txt rules
Uses cheerio for HTML parsing
API key authentication for secure access
Returns structured JSON data
Reduces context load by flattening and picking data

Authentication

This MCP server supports multiple authentication methods for secure access:

API Key Authentication - Simple token-based authentication
SAML Authentication - Enterprise-grade SAML 2.0 authentication
OpenID Connect (OIDC) - Modern OAuth 2.0-based authentication
JWT Token Validation - Direct JWT token validation

Authentication is enabled by default and can be configured using environment variables.

Discovery Endpoints

The server now exposes standardized discovery metadata so that downstream systems can auto-configure themselves:

GET /.well-known/mcp.json - Describes the MCP server, supported authentication methods, and tool catalog
GET /.well-known/oauth-authorization-server - OAuth 2.0 Authorization Server metadata (issuer, authorization/token endpoints)

When running behind a proxy or load balancer, set AIRBNB_MCP_PUBLIC_URL so that the discovery documents advertise the correct public hostname.

Quick Start with API Key Authentication

Set your API key:

export AIRBNB_MCP_API_KEY="your-secret-api-key-here"

Start the server:
```
npm start
```

Using the API key: When calling tools via stdio, include the apiKey parameter:

{
  "apiKey": "your-secret-api-key-here",
  "location": "New York, NY"
}

Multi-Method Authentication Setup

Configure multiple authentication methods:

# Enable multiple authentication methods
export AIRBNB_MCP_AUTH_METHODS="api-key,saml,oidc"

# API Key configuration
export AIRBNB_MCP_API_KEY="your-secret-api-key"

# SAML configuration (example)
export SAML_ENTRY_POINT="https://your-idp.com/saml/sso"
export SAML_ISSUER="https://your-app.com/saml/metadata"
export SAML_CALLBACK_URL="https://your-app.com/auth/saml/callback"
export SAML_CERT="-----BEGIN CERTIFICATE-----\n...\n-----END CERTIFICATE-----"

# OIDC configuration (example)
export OIDC_ISSUER="https://your-oidc-provider.com"
export OIDC_CLIENT_ID="your-client-id"
export OIDC_CLIENT_SECRET="your-client-secret"
export OIDC_CALLBACK_URL="https://your-app.com/auth/oidc/callback"

HTTP Authentication Endpoints

When using HTTP mode (npm run serve), the following endpoints are available:

Authentication Endpoints:

GET /auth/saml - Initiate SAML authentication
POST /auth/saml/callback - SAML callback endpoint
GET /auth/oidc - Initiate OIDC authentication
GET /auth/oidc/callback - OIDC callback endpoint
GET /auth/status - Check authentication status
POST /auth/logout - Logout and destroy session
POST /mcp - Main MCP API endpoint (requires authentication)

API Key Authentication:

curl -X POST http://localhost:3000/mcp \
  -H "Content-Type: application/json" \
  -H "x-api-key: your-secret-api-key-here" \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"airbnb_search","arguments":{"location":"New York, NY"}}}'

JWT Token Authentication:

curl -X POST http://localhost:3000/mcp \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer your-jwt-token" \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"airbnb_search","arguments":{"location":"New York, NY"}}}'

Popular Identity Providers

The server supports integration with popular identity providers:

Microsoft Azure AD (Entra ID)
Google OAuth 2.0
Okta
Auth0
Any SAML 2.0 or OIDC compliant provider

Configuration Files

Copy .env.example to .env and configure your authentication settings
See AUTHENTICATION.md for detailed configuration instructions
Refer to the example configurations for popular providers

Disabling Authentication (Development Only)

export AIRBNB_MCP_ENABLE_AUTH=false

Warning: Only disable authentication in secure development environments.

Setup

Installing on Claude Desktop

Before starting make sure Node.js is installed on your desktop for npx to work.

Go to: Settings > Developer > Edit Config
Add the following to your claude_desktop_config.json:

{
  "mcpServers": {
    "airbnb": {
      "command": "npx",
      "args": [
        "-y",
        "@openbnb/mcp-server-airbnb"
      ]
    }
  }
}

To ignore robots.txt for all requests, use this version with --ignore-robots-txt args

{
  "mcpServers": {
    "airbnb": {
      "command": "npx",
      "args": [
        "-y",
        "@openbnb/mcp-server-airbnb",
        "--ignore-robots-txt"
      ]
    }
  }
}

Restart Claude Desktop and plan your next trip that include Airbnbs!

Other Option: Installing via Smithery

To install mcp-server-airbnb for Claude Desktop automatically via Smithery:

npx -y @smithery/cli install @openbnb-org/mcp-server-airbnb --client claude

Build (for devs)

npm install
npm run build

License

This MCP server is licensed under the MIT License.

Disclaimer

Airbnb is a trademark of Airbnb, Inc. OpenBnB is not related to Airbnb, Inc. or its subsidiaries