MCP.so
Sign In

Portainer MCP

@portainer

About Portainer MCP

Official Portainer MCP server

Basic information

Category

Other

License

MIT

Runtime

python

Transports

stdio

Publisher

portainer

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "portainer-mcp": {
      "command": "docker",
      "args": [
        "run",
        "-d",
        "--name",
        "portainer-mcp",
        "-p",
        "17717:17717",
        "\\"
      ]
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is Portainer MCP?

Portainer MCP is the official MCP server for Portainer, generated from the Portainer OpenAPI spec via FastMCP. It exposes the Portainer REST API as MCP tools to list and inspect environments, manage GitOps workflows, and troubleshoot Docker and Kubernetes resources, and also supports proxying requests to the underlying Docker and K8s APIs of each environment.

How to use Portainer MCP?

Portainer MCP can be deployed locally via uvx (stdio), installed as a self-contained MCP bundle, or deployed as a container for team use. You need a Portainer URL and an API key (generated under My Account → Access tokens). For a local test, register with Claude Code using claude mcp add portainer -e PORTAINER_URL=... -e PORTAINER_API_KEY=... -- uvx --from "mcp-portainer~=2.43.0" mcp-portainer. The container deployment requires a shared gate token (PORTAINER_MCP_AUTH_TOKEN) and each user forwards their own Portainer API key.

Key features of Portainer MCP

  • Exposes Portainer REST API as MCP tools
  • List, inspect, and manage environments
  • Manage GitOps workflows
  • Troubleshoot Docker and Kubernetes resources
  • Proxy to underlying Docker and K8s APIs
  • Multiple deployment modes: local, bundle, container
  • Supports capability profiles to restrict or expand tools
  • Environment variable redaction enabled by default
  • Gate token authentication for team container deployment
  • Version must match Portainer instance minor version

Use cases of Portainer MCP

  • Inspect and manage Portainer environments from an AI assistant
  • Automate GitOps workflows on Portainer-managed Docker/K8s clusters
  • Troubleshoot containerized and Kubernetes workloads via MCP tools
  • Proxy AI-driven requests to the Docker or K8s API of a specific environment

FAQ from Portainer MCP

What version of Portainer is compatible with Portainer MCP?

The MCP server’s minor version must match your Portainer instance’s minor version. For example, MCP server 2.43.x works with Portainer 2.43.x.

How do I obtain an API key for Portainer MCP?

Generate an API key in Portainer under My Account → Access tokens before using either the local or container deployment.

Can I restrict which tools are available in Portainer MCP?

Yes. Portainer MCP supports capability profiles to enable only a subset of tools, such as read-only mode or disabling proxy capabilities. See docs/profiles.md for details.

What transport and authentication options does the container deployment support?

The container supports BYO TLS certificates, TLS-terminated reverse proxy, or plaintext HTTP (not recommended for production). It uses a shared gate token (PORTAINER_MCP_AUTH_TOKEN) for admission and each user forwards their own Portainer API key for authorization.

Is it safe to expose Portainer MCP on the public internet?

No. It is not recommended to expose this MCP server on the public internet; host it inside your private infrastructure, even behind a TLS proxy.

Comments

More Other MCP servers