MCP server for ArcGIS Portal and ArcGIS Online. Lets AI assistants search content, query feature layers, manage features, handle content operations, and administer users and groups.
Built on the Model Context Protocol for integration with Claude Desktop, Cursor, VS Code Copilot, and other MCP clients.
Disclaimer: This is an independent open-source project. It is not affiliated with, endorsed by, or sponsored by Esri Inc. "ArcGIS" is a registered trademark of Esri.
Features
- Connect to any ArcGIS Enterprise Portal or ArcGIS Online
- Search for items (feature services, web maps, layers, dashboards)
- Inspect item metadata, tags, and descriptions
- List layers in a feature service with geometry types and counts
- Query features with attribute filters, spatial filters, field selection, and pagination
- Add, update, and delete features in hosted feature layers
- Manage content: update item properties, share/unshare, delete items, read web map definitions
- Manage users: list users, get detailed user profiles
- Manage groups: list groups, create groups, invite users
- Publish services: upload files and publish as hosted feature services
- Run geoprocessing: execute synchronous and asynchronous GP tasks
- Portal admin: system info, license management, usage statistics
- Batch operations: bulk delete, share, and update multiple items
- Health check portal system status (requires admin privileges)
Design Principles
- No arcgis Python package dependency: uses raw REST API calls via requests so you don't need to install the arcgis package
- Works with Enterprise Portal AND ArcGIS Online: same tools, same API
- Multiple auth methods: token, username/password (generateToken), client_credentials, and OAuth2
- Auto-connect: reads .env file on startup, no manual auth needed per session
- 2FA-friendly: works with Enterprise portals that require two-factor authentication (client_credentials, no browser)
- Self-signed cert friendly: handles Enterprise portals with self-signed certificates
- Hardened: SQL injection validation on WHERE clauses, XSS protection in OAuth callbacks, automatic retry with exponential backoff on transient failures