MCP server for downloading Jira and Confluence Cloud attachments
Project description
MCP Atlassian Attachments
A Model Context Protocol (MCP) server for downloading Jira Cloud attachments by attachment ID, using Atlassian Cloud granular API token authentication.
Supplement to the official Atlassian MCP server. The official Atlassian MCP server covers search, issue management, and content operations but does not support downloading attachment files to disk. This server fills that gap.
Requirements: Python 3.13+, an Atlassian Cloud account, and a granular API token with the read:attachment:jira scope.
Authentication
This server uses granular API tokens — scoped tokens that limit access to exactly the permissions needed.
Create a granular API token
- Go to id.atlassian.com/manage-profile/security/api-tokens
- Click Create API token and choose "Create API token with scopes"
- Select the scope:
read:attachment:jira - Copy the generated token
Why granular tokens?
Granular tokens route through api.atlassian.com instead of your org's domain, which requires Atlassian to verify your token's scope. This follows the least-privilege principle — the token can only read attachments, nothing else.
The server automatically resolves your Cloud ID from your site URL at startup (via /_edge/tenant_info), so you never need to look it up manually.
Quick start
The fastest way to try the server is with the MCP Inspector. Set the three required environment variables and run:
From the published package (no clone needed):
ATLASSIAN_SITE_URL=https://yourorg.atlassian.net \
ATLASSIAN_EMAIL=your.email@example.com \
ATLASSIAN_API_TOKEN=your-api-token \
npx -y @modelcontextprotocol/inspector uvx mcp-atlassian-attachments
From a local clone:
ATLASSIAN_SITE_URL=https://yourorg.atlassian.net \
ATLASSIAN_EMAIL=your.email@example.com \
ATLASSIAN_API_TOKEN=your-api-token \
npx -y @modelcontextprotocol/inspector uv run mcp-atlassian-attachments
Configuration
Set environment variables or create a config file. Environment variables take priority.
Environment variables:
export ATLASSIAN_SITE_URL="https://yourorg.atlassian.net"
export ATLASSIAN_EMAIL="your.email@example.com"
export ATLASSIAN_API_TOKEN="your-api-token"
Config file (~/.config/mcp-atlassian-attachments/config.json):
{
"site_url": "https://yourorg.atlassian.net",
"email": "your.email@example.com",
"api_token": "your-api-token"
}
The server resolves your Atlassian Cloud ID automatically from the site URL — no manual lookup required.
Tools
| Tool | Description | Required params |
|---|---|---|
download_jira_attachment_tool |
Download a Jira attachment by ID. | attachment_id, output_dir |
Common parameters
| Parameter | Type | Description |
|---|---|---|
attachment_id |
string | Jira attachment ID |
output_dir |
string | Local directory for the saved file. Created automatically if it does not exist. |
filename |
string (optional) | Override filename. Uses metadata filename when omitted. |
overwrite |
bool (optional) | Replace an existing file. Defaults to false. |
Output
The tool returns a JSON object:
{
"product": "jira",
"attachmentId": "439535",
"filename": "screenshot.png",
"mimeType": "image/png",
"size": 496724,
"path": "/your/output/dir/screenshot.png",
"sourceUrl": "https://api.atlassian.com/ex/jira/<cloud-id>/rest/api/3/attachment/content/439535"
}
MCP host configuration
Add the following to your MCP host's config file. The JSON is the same for Cursor (.cursor/mcp.json), Claude Desktop (claude_desktop_config.json), and Claude Code (.claude.json).
{
"mcpServers": {
"atlassian": {
"command": "uvx",
"args": ["mcp-atlassian-attachments"],
"env": {
"ATLASSIAN_SITE_URL": "https://yourorg.atlassian.net",
"ATLASSIAN_EMAIL": "your.email@example.com",
"ATLASSIAN_API_TOKEN": "your-api-token"
}
}
}
}
Security
ATLASSIAN_API_TOKENis never logged or included in error messages.- The computed
Authorizationheader is never exposed in tool output or errors. - File writes are confined to the provided
output_dir. - Filenames are sanitized to prevent path traversal.
Tests
uv run pytest tests/ -v
Roadmap
download_confluence_attachment_tool— Confluence Cloud uses a different API (/wiki/api/v2/) and a different identifier model. Planned for a future release.
License
MIT. See LICENSE.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file mcp_atlassian_attachments-0.1.1.tar.gz.
File metadata
- Download URL: mcp_atlassian_attachments-0.1.1.tar.gz
- Upload date:
- Size: 48.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
53cf0d11a46524ea933ab8043b39ea05e7ce1bd04ebdbcf73e91aa0d349d567d
|
|
| MD5 |
f7735b8981835f8ca73381515b4ab06c
|
|
| BLAKE2b-256 |
f87145c468c293240a1092839d765e4d2061ed941a5d917be5ae3078aa3a5f24
|
Provenance
The following attestation bundles were made for mcp_atlassian_attachments-0.1.1.tar.gz:
Publisher:
ci.yml on alyiox/mcp-atlassian-attachments
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
mcp_atlassian_attachments-0.1.1.tar.gz -
Subject digest:
53cf0d11a46524ea933ab8043b39ea05e7ce1bd04ebdbcf73e91aa0d349d567d - Sigstore transparency entry: 1409331774
- Sigstore integration time:
-
Permalink:
alyiox/mcp-atlassian-attachments@658f21ddddb5a793fb2108639110dbac608365e2 -
Branch / Tag:
refs/tags/0.1.1 - Owner: https://github.com/alyiox
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
ci.yml@658f21ddddb5a793fb2108639110dbac608365e2 -
Trigger Event:
push
-
Statement type:
File details
Details for the file mcp_atlassian_attachments-0.1.1-py3-none-any.whl.
File metadata
- Download URL: mcp_atlassian_attachments-0.1.1-py3-none-any.whl
- Upload date:
- Size: 8.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1ed9a1a59ccd8fc0a82d7e66605173dd29d37005ba3b60aa963a949df4824baa
|
|
| MD5 |
ac28d0789766e9b984eb247812594d88
|
|
| BLAKE2b-256 |
8f14912f03d0e22f20025a1cc4414b76e33edaeabfca6756dfa73db027d9a94a
|
Provenance
The following attestation bundles were made for mcp_atlassian_attachments-0.1.1-py3-none-any.whl:
Publisher:
ci.yml on alyiox/mcp-atlassian-attachments
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
mcp_atlassian_attachments-0.1.1-py3-none-any.whl -
Subject digest:
1ed9a1a59ccd8fc0a82d7e66605173dd29d37005ba3b60aa963a949df4824baa - Sigstore transparency entry: 1409331780
- Sigstore integration time:
-
Permalink:
alyiox/mcp-atlassian-attachments@658f21ddddb5a793fb2108639110dbac608365e2 -
Branch / Tag:
refs/tags/0.1.1 - Owner: https://github.com/alyiox
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
ci.yml@658f21ddddb5a793fb2108639110dbac608365e2 -
Trigger Event:
push
-
Statement type:
