mcpserver.so LogoMCPFly
Submit
Tufin MCP Server logo

Tufin MCP Server

by stonecircle82

Security/ToolsTufinAPIAutomationSecurityREST APIRBACAI Integration

The Tufin MCP Server is an open-source project providing a REST API layer over Tufin's SecureTrack and SecureChange APIs. It simplifies integration with AI tools and automation scripts by offering centralized control and enhanced security through API keys and RBAC.

View on GitHub

Last updated: N/A

What is Tufin MCP Server?

The Tufin MCP Server acts as a secure proxy and abstraction layer for Tufin APIs (v25.1 targeted), providing a standardized REST/JSON API interface.

How to use Tufin MCP Server?

To use the server, clone the repository, configure the environment variables (including Tufin credentials and API keys), install dependencies, and run the server locally or in a Docker container. API access is controlled via API keys passed in the X-API-Key header, with RBAC determining allowed actions.

Key features of Tufin MCP Server

  • Standard REST/JSON API interface (documented via OpenAPI)

  • Centralized Tufin Authentication (using Basic Auth)

  • API Key Authentication with Role-Based Access Control (RBAC)

  • Endpoints for key SecureChange and SecureTrack operations

  • Structured JSON Logging with Request IDs

  • IP-based Rate Limiting

  • Basic Python and JavaScript/TypeScript Client Libraries

  • Docker support

Use cases of Tufin MCP Server

  • Simplify AI integration with Tufin data and actions

  • Automate security policy management tasks

  • Integrate Tufin with chatbots and other automation platforms

  • Centralize Tufin access control and authentication

FAQ from Tufin MCP Server

What Tufin versions are supported?

The server is primarily targeting Tufin v25.1.

How do I authenticate with the API?

Pass your generated API key in the X-API-Key HTTP header for all requests except /health.

How is access controlled?

Access is controlled by roles assigned to API keys during key creation. Allowed roles for each endpoint are configured in src/app/core/config.py under ENDPOINT_PERMISSIONS.

How do I run the server in production?

Replace InMemorySecureStore with a production-ready solution (Database, Vault) and implement secure API key management (generation, revocation). Ensure proper SSL certificate verification (TUFIN_SSL_VERIFY) is configured.

Where can I find the API documentation?

An OpenAPI 3.0 specification file (openapi.yaml) is included in the root directory.

Tufin MCP Server - MCP Server | MCP Directory