MCP server for the Anthropic Admin API — manage your Claude org from any MCP-compatible client.
Project description
anthropic-admin-mcp
The MCP server Anthropic hasn't shipped yet — full coverage of the Anthropic Admin API and the Usage & Cost API, properly typed, properly tooled, and properly safety-scoped.
Manage your Anthropic organization from any MCP-compatible client (Claude Desktop, Cursor, Windsurf, ChatGPT, etc.) using natural language:
- "What did my organization spend last week, grouped by workspace?"
- "Which API key burned through the most Opus tokens yesterday?"
- "Show me Pre-Mortem's usage day-by-day for the last 14 days."
- "Invite contractor@example.com as a developer to the Sandbox workspace."
- "Deactivate the API key named 'old-laptop'."
10 read tools, 10 write tools, audit logging, optional workspace scoping, read-only mode, role-escalation guard.
Why this exists
Anthropic ships an excellent Admin API with ~22 endpoints across organization management, workspaces, members, API keys, usage reporting, and cost reporting. Existing MCP wrappers from third parties cover a tiny slice of it through commercial integration platforms. This server is native, free, open-source, and complete — installable in two minutes against your own Admin key.
Install
pip install git+https://github.com/Trushtonfactory/anthropic-admin-mcp.git
Or for local development:
git clone https://github.com/Trushtonfactory/anthropic-admin-mcp.git
cd anthropic-admin-mcp
python3 -m venv .venv
source .venv/bin/activate
pip install -e .
Configure
-
Get an Admin API key at console.anthropic.com → Settings → Admin Keys. Requires an Organization plan (Team / Pro+ / Enterprise) and the admin role. Individual accounts cannot create Admin keys.
-
Copy
.env.exampleto.envand fill in your key:cp .env.example .env # edit .env: ANTHROPIC_ADMIN_KEY=sk-ant-admin-...
-
Wire it into your MCP client. For Claude Desktop, add to
~/Library/Application Support/Claude/claude_desktop_config.json:{ "mcpServers": { "anthropic-admin": { "command": "anthropic-admin-mcp", "env": { "ANTHROPIC_ADMIN_KEY": "sk-ant-admin-..." } } } }
See
examples/claude_desktop_config.jsonfor more options (read-only mode, workspace scoping).
Tools
Read (10)
| Tool | Purpose |
|---|---|
get_org_info |
Smoke-test the key; return org id + name |
list_members |
List org members and roles |
list_invites |
List pending and historical invites |
list_workspaces |
List active (and optionally archived) workspaces |
get_workspace |
Resolve a workspace ID to its full record |
list_workspace_members |
List members of a specific workspace |
list_api_keys |
List keys with filters by status / workspace |
get_usage_report |
Token usage, grouped by workspace/api_key/model/etc. |
get_cost_report |
Dollar costs, grouped by workspace / description |
get_claude_code_usage |
Claude Code-specific usage data |
Write (10) — all require confirm=True
| Tool | Action |
|---|---|
invite_member |
Send an invite (cannot grant admin) |
delete_invite |
Cancel a pending invite |
update_member_role |
Change a member's org role (cannot touch admin) |
remove_member |
Remove a non-admin member |
create_workspace |
Create a new workspace |
update_workspace |
Rename or recolor a workspace |
archive_workspace |
Archive a workspace |
add_workspace_member |
Grant workspace access |
update_workspace_member_role |
Change a workspace role |
remove_workspace_member |
Revoke workspace access |
update_api_key |
Rename or deactivate an API key |
Running
# Full mode (read + write), stdio transport
anthropic-admin-mcp
# Read-only — recommended for first-time setup
anthropic-admin-mcp --read-only
# Streamable HTTP (for remote MCP clients)
anthropic-admin-mcp --http --port 8000
# Restrict writes to specific workspaces (set in .env or shell)
ALLOWED_WORKSPACES=wrkspc_abc,wrkspc_xyz anthropic-admin-mcp
Safety
See SECURITY.md for the full threat model and design notes. The short version:
- Reads are open. Anything the Admin API exposes with your key, this server exposes.
- Writes are guarded. Every mutation requires
confirm=True, gets audit-logged to JSONL, and respects optional workspace scoping. - Role escalation is blocked client-side even though the API itself blocks it server-side — clearer error messages for Claude.
- No credential exfiltration paths. The Admin API never returns key values, and this server never logs the Admin key itself.
Status
v0.1.0 — read + write tool surface complete. Pagination, error messages, and audit logging tested manually. No usage limits implemented yet. Pydantic response models are minimal (tools return raw dicts).
Issues and PRs welcome.
License
MIT — see LICENSE.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file anthropic_admin_mcp-0.1.1.tar.gz.
File metadata
- Download URL: anthropic_admin_mcp-0.1.1.tar.gz
- Upload date:
- Size: 19.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c698793c2ebb901dec287a9bcd1280d0c7e48ebd12c8fe0f3efb57cf067a00bc
|
|
| MD5 |
580b15a6f96a3d729e7e9ef2d5760491
|
|
| BLAKE2b-256 |
81f576fb60a025849f3d507acf1cad65111399edcef7c89016bea0989ba9bfd6
|
File details
Details for the file anthropic_admin_mcp-0.1.1-py3-none-any.whl.
File metadata
- Download URL: anthropic_admin_mcp-0.1.1-py3-none-any.whl
- Upload date:
- Size: 18.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2a0bce42831810c01ee9b28ff8b2302c27e877b5d3867e823b56715d48e77255
|
|
| MD5 |
33498c33d7c570c47d4de7fb92cb5be7
|
|
| BLAKE2b-256 |
7c84e88a89b4bc92ad6509ccb80bdb0b9bd77ab8bb9e2496756b2e8b45f5029f
|
