The Zuplo MCP server is now live at https://dev.zuplo.com/mcp, making your
Zuplo account operable from any MCP client. It exposes the full
Zuplo Developer API as Model Context Protocol tools, so
an agent can list deployments, roll API keys, add a custom domain, query audit
logs, and run anything else the Developer API supports in a single authenticated
session.
- Teams operating Zuplo from inside Claude Code, Cursor, or VS Code instead of bouncing to the portal
- Platform engineers automating gateway changes from an agent rather than a CI script
- Anyone building AI workflows that need to read or modify gateway state alongside other systems
What the Zuplo MCP server exposes
The tool catalog is generated directly from the Developer API’s OpenAPI spec. Every endpoint the API ships becomes an MCP tool the moment it deploys, with no hand-maintained tool definitions falling out of sync.
| Area | What agents can do |
|---|---|
| Accounts | List accounts and identify the caller (WhoAmI) |
| Projects | List projects and environments in an account |
| Deployments | List, read, redeploy, and delete deployments. Upload sources and check deployment status |
| API Key Buckets | Create, list, read, update, and delete API key buckets |
| API Key Consumers | Create, list, read, update, delete, and roll keys for consumers. Manage consumer managers |
| API Keys | Create (single or bulk), list, read, update, and delete keys for a consumer |
| Custom Domains | Create, list, update, and delete custom domains |
| Client mTLS CAs | Create, list, update, and delete client mTLS CA certificates |
| Tunnels | Create, list, read, update, and delete tunnels. Configure and inspect tunneled services |
| Variables | Create and update environment variables on a project branch |
| Audit Logs | Query audit logs with filtering and pagination |
| Analytics | Get recent calls and request statistics by status code for a deployment |
If your team already operates Zuplo through the Developer API, the MCP server gives you the same primitives with an agent on the other end.
Authenticate the Zuplo MCP server with an API key
The server uses the same API keys as the Developer API. Create one in the Zuplo Portal under Account Settings → API Keys, then pass it as a bearer token:
The key’s permissions determine which accounts, projects, and operations show up as tools at runtime, so the agent only ever sees the surface you’ve granted.
Scope it tightly: a key with full account access lets the agent do anything you can do, which is the same trust model as API automation but with a much chattier client on the other end.
Common mistake:
Reusing your personal full-access API key for an agent session. Create a dedicated, scoped key per agent or per project. Treat it like a production credential, because it is one.
Add the Zuplo MCP server to your client
The server speaks MCP over HTTP with bearer auth, so any client that supports
custom headers works: Claude Code, Cursor, VS Code, or anything else MCP-aware.
Point your client at https://dev.zuplo.com/mcp and pass the bearer token in
the Authorization header. Keep the key out of source control by storing it in
an environment variable or your client’s secret store.
Example prompts the Zuplo MCP server handles
Once connected, you can drive Zuplo from natural-language prompts:
- “List all deployments in the
productionenvironment of projectmy-api.” - “Create a new API key consumer named
acme-corpand generate a key that expires in 30 days.” - “Roll all API keys for consumer
legacy-clientand set a 7-day expiration on the old key.” - “Show me the request stats by status code for the latest deployment over the last 24 hours.”
- “Add
api.example.comas a custom domain on theproductionenvironment.” - “Set the environment variable
LOG_LEVELtodebugon themainbranch.”
The agent picks the tools, fills in parameters from context, and reports back.
The “open the portal, find the project, click into the right environment” friction disappears, and for operations you’d normally script, the script writes itself.
Pair this with
Zuplo’s Agent Skills and
you get the combination that earns its place. The four skills (zuplo-guide,
zuplo-monetization, zuplo-cli, and zudoku-guide) give your agent grounded
context: how the request pipeline works, how policies compose, how monetization
plans hang together, how the CLI maps to the platform.
This server gives it the surface to act on that knowledge. An agent that can both look up how a policy works and apply it to a route is a different class of tool.
Build with AI
Connect your agent to Zuplo with the MCP server and Agent Skills. Setup, scopes, and the full skill catalog.
Where this fits
Alongside Zuplo’s Agent Skills, this completes the toolkit: the skills teach an agent how Zuplo works, this server lets it act. We expect most teams running Zuplo from an agent to install both.
It also tracks our broader thinking on MCP: last year we wrote about MCP’s first year and the CLI vs MCP question. This release is the practical answer for Zuplo: anything you can do against the Developer API, you can now ask an agent to do.
The Zuplo MCP Server is ready to use. Create an API key, drop the snippet into your client of choice, and start asking your agent to do the gateway work you’d usually click through.