Admin MCP
Run your MintMCP organization from the same MCP client your team already uses. The Admin MCP exposes MintMCP's admin operations as tools, so you can install a connector, write a guardrail rule, or invite a teammate in plain language from Claude Code, Cursor, or ChatGPT, without opening the dashboard.
Because every action runs as you, the Admin MCP enforces the same permissions as the dashboard and writes the same audit trail, so an AI assistant can only do what your role already allows.
What you can do
Onboard a new organization
Ask the assistant to get you started and it inspects your org (which servers are installed, whether you've invited your team) and walks you through remaining setup steps with live links into the dashboard.
"Help me get my MintMCP organization set up."
Browse and install MCP servers
Search the MintMCP catalog, see what a connector needs before you commit, and install it, or add an MCP server that isn't in the catalog by URL. New servers default to admin-only access until you choose to roll them out to the whole organization.
"Install the GitHub connector, but keep it admin-only for now." "Add the remote MCP server at https://mcp.example.com and make it available to everyone."
Deploy and operate hosted connectors
Build and ship MCP servers that MintMCP runs on its own infrastructure: push a container image, deploy it, set environment variables, check runtime status, and restart when needed. Secrets never pass through chat: the assistant hands you a browser link to enter them.
"Deploy this Dockerfile as a hosted connector and show me its status." "Restart the hosted connector behind our internal-tools server."
Customize what each server exposes
List the tools a server offers and turn individual tools on or off so your organization only sees the operations you've approved.
"List the tools on our Salesforce server and disable the ones that can delete records."
Govern with rules and middleware
Create declarative rules that match tool names or prompt text with a regex, or write custom JavaScript middleware for logic a pattern can't express: allowlists, masking, or programmatic checks. Author middleware with create_gateway_middleware, then activate it with a rule that references it. Test a rule against sample inputs before it goes live, and roll back middleware to a previous version from the history.
"Block any tool call that runs
kubectl get secretsand tell me if it would have caught these three examples." "Write middleware that redacts email addresses from tool responses."
Manage users and roles
Invite teammates by email with the right role, see which roles are available, and remove people who no longer need access.
"Invite alex@acme.com as an admin and dana@acme.com as a member."
Monitor activity and audit usage
Get a summary of recent MCP activity, see which users called which servers over any period, and query the call log (tool calls, prompt reads, timing, and status) to investigate a specific incident.
"Which users called our production database server this week?" "Show me failed tool calls on the Slack server in the last 24 hours."
Permissions and audit trail
The Admin MCP comes pre-installed as MintMCP Admin, scoped to your organization, with access restricted to admins by default. Admins can open it to more members, and each operation is permission-checked at the moment it runs: if your role can't perform an action in the dashboard, the same action fails here. An assistant connected to the Admin MCP is never more privileged than the person using it.
Every call flows through the MintMCP gateway like any other MCP traffic, so admin actions land in the same activity log and audit trail as the rest of your organization's usage.
Tool reference
The Admin MCP's tools fall into four groups: Activity, Deploy, Connector, and Rules. The Admin MCP evolves quickly, so connect to it for the current tool list.
Activity tools
Review organization-wide MCP usage.
| Tool | What it does | Key inputs |
|---|---|---|
activity_overview | Summarizes MCP activity for the last day, week, or month. Read-only, returns bounded aggregate stats. | period (day, week, or month) |
users_by_gateway | Shows which users used which Virtual MCP (VMCP) gateways over a period. Returns up to 1000 users per gateway when gatewayId is provided, otherwise 50. | period, gatewayId (optional), limitUsersPerGateway (optional) |
Deploy tools
Deploy, update, and observe hosted connectors. For the full walkthrough, see Custom MCP connectors.
| Tool | What it does | Key inputs |
|---|---|---|
get_deploy_guide | Returns the full guide for building and deploying a hosted connector: transport selection, credential handling, Dockerfile templates, and debugging. Call this first. | none |
create_registry_push_session | Issues a short-lived Docker registry credential URL for pushing an image. Pass hostedId to update an existing connector; omit it to create a new one. | hostedId (optional) |
deploy_pushed_image | Finalizes and deploys a pushed image: updates the connector named by hostedId, or creates a new one when config is provided. | finalizeToken, hostedId (optional), envVars (optional), config (optional) |
configure_connector_env | Sets environment variables on a hosted connector. Global vars take a value immediately; per-user vars are declared by name only and each user fills in their own value in the MintMCP UI. | gatewayId, envVars |
query_mcp_logs | Queries the organization's MCP call logs: recent tool calls, prompt reads, and resource reads with timing and error info. Filter to a single caller with actor, and each returned entry carries its caller's userId, userEmail, or agentId so one query's results feed the next. | gatewayId (optional), actor (optional: exactly one of userId, userEmail, or agentId), status (optional: success or error), limit (optional, default 20, max 100) |
Connector tools
Install new MCPs, then inspect and operate installed MCPs (Virtual MCPs and bundles) and the connectors behind them.
| Tool | What it does | Key inputs |
|---|---|---|
install_catalog_connector | Installs an MCP from the MintMCP catalog by canonical name (for example com.mintmcp/gmail). Defaults to admin-only availability, and any secret values (bearer tokens, OAuth client secrets, encrypted headers, hosted secret env vars) go through the browser handoff: the tool returns pending_secret_input with a configureUrl instead of taking secrets in chat. | name, availability (optional: admin_only or all_members, default admin_only), serverUrl (optional), connectionConfig (optional), headers (optional), oauthBroker (optional) |
install_remote_mcp | Installs a remote URL-based MCP server that isn't in the catalog, with the same admin-only default and browser handoff for secrets. Pure OAuth/DCR and no-auth installs complete without a handoff. | url, title (optional), availability (optional, default admin_only), connectionConfig (optional), headers (optional), includeUserIdentity (optional), oauthBroker (optional) |
update_remote_mcp | Updates the connection settings of an existing remote MCP server. Secret values go through the same browser handoff (pending_secret_input with a configureUrl); pure OAuth/DCR and no-auth updates complete without one. | gatewayId, plus the connection fields to change |
list_gateways | Lists all installed MCPs with each MCP's ID, title, and type (registry, hosted, remote, bundled, or local_instructions). | none |
get_mcp_details | Returns a VMCP's full configuration: title, targets (connectors), tool settings, middleware, and OAuth config. | gatewayId |
list_mcp_tools | Lists all tools a VMCP exposes, with customizations (enabled/disabled, name and description overrides) applied. | gatewayId |
list_connector_tools | Lists the raw tools reported by the underlying connector, before MCP-level customizations. Works when the MCP maps to exactly one connector. | gatewayId |
refresh_mcp_tools | Re-fetches the tool list from the running connector. Works when the MCP maps to exactly one connector. | gatewayId |
get_hosted_connector_config | Returns a hosted connector's deployment config: command, env vars (as hashes, never plaintext), transport, CPU/memory, scaling, and OAuth setup. | gatewayId |
get_hosted_connector_status | Returns the runtime state of a hosted connector. | gatewayId |
restart_hosted_connector | Restarts the machine running a hosted connector. | gatewayId |
get_remote_server_config | Returns the connection config for a remote MCP server: URL, auth method, credential mode, connection status, header names (values never shown), tool customizations, and auth instructions. | gatewayId |
Rules tools
Draft, test, and manage guardrail rules for Agent Monitor.
| Tool | What it does | Key inputs |
|---|---|---|
list_rules | Lists all custom organization rules with each rule's ID, name, description, enabled status, and matcher configuration. | none |
create_rule | Creates a rule. All actions are stripped automatically, so new rules are live but harmless until you add actions with update_rule. | rule (matcher, name, description, is_enabled) |
test_rule | Tests a regex matcher against sample tool calls (testCases) or prompts (testStrings). Testing a saved rule by ruleId is preferred over an inline matcher. | ruleId or matcher, testCases, testStrings |
update_rule | Updates a rule by ID, typically to add actions (agent-level: deny tool calls, send Slack notifications) or gatewayActions (gateway-level: allow, mask, or block requests, send Slack notifications) after testing. Takes the full rule body. | ruleId, rule |
Secret handling
Secrets never pass through the MCP conversation: not to the assistant, not to the model, not into the chat log.
- Registry credentials are short-lived. Deploying an image uses a scoped, single-purpose registry credential that expires after the push, so there's no standing password to copy around or rotate.
- Secret values are entered in the browser, not the chat. When a deploy needs a secret environment variable, the assistant hands you a secure link to the MintMCP dashboard. You enter values there directly, they're encrypted at rest, and the connector deploys with secrets already in place, so the assistant only ever sees that the step completed.
- Per-user secrets stay per-user. Variables scoped per-user are declared by name only; each member supplies their own value in the UI, so one user's credential is never visible to another.
- Read-back is scrubbed. Tools that return connector configuration show environment values as hashes and never reveal credential or header values.
Connect to the Admin MCP
The Admin MCP is installed automatically when your organization is created, so it already appears in your server list.
- Open the MintMCP Admin server in your servers.
- Go to the MCP Client Setup tab and copy the MCP URL.
- Add that URL to your MCP client (see Connect Claude Code, Connect Claude on the web, or Connect ChatGPT).
If it was removed, install it again from the MCP store, where it's listed as MintMCP Admin.