CLI Reference - MCP Server
The akeyless mcp command starts an MCP server that enables AI assistants such as Cursor and GitHub Copilot to securely interact with Akeyless services through a standardized interface.
What Is MCP?
Model Context Protocol (MCP) is an open standard that allows AI assistants to securely access external data sources and tools.
With MCP, You Can
- Safely authenticate AI assistants with Akeyless
- Interact with Akeyless secrets, targets, and other resources
- Leverage existing profiles and authentication methods
- Connect to Akeyless Gateway instances
Features
- Secure Authentication – Uses Akeyless authentication mechanisms
- Tool Integration – Access Akeyless secrets, targets, RBAC, and more
- Profile Support – Works with your existing Akeyless CLI profiles
- Gateway Integration – Supports both local and cloud Akeyless Gateways
Usage
Basic Commands
# Start MCP server with access key authentication
akeyless mcp --access-id <your-access-id> --access-key <your-access-key> --access-type access_key --gateway-url https://api.akeyless.io
# Start MCP server with SAML authentication
akeyless mcp --access-id <your-access-id> --access-type saml --gateway-url https://api.akeyless.io
# Start MCP server with a profile
akeyless mcp --profile <profile-name> --gateway-url https://api.akeyless.ioSupported Authentication Methods
--access-type [=access_key]
(access_key / password / saml / ldap / k8s / azure_ad / oidc / aws_iam / universal_identity / jwt / gcp / cert / oci / kerberos)The mcp command accepts the same authentication parameters as standard Akeyless CLI auth commands. For more details, see Akeyless Authentication Documentation
Common Parameters
--access-id: Your Akeyless Access ID
--access-key: Your Akeyless Access Key (for access_key auth)
--access-type: Authentication method (see list above)
--gateway-url: Gateway URL (default: http://localhost:8080/v2)
--profile: Use an existing CLI profile
Setting Up MCP With Cursor
-
Install Akeyless CLI: Ensure the Akeyless CLI is installed and configured.
-
Update Cursor Settings: Open settings (Cmd/Ctrl + Shift + P → Preferences: Open Settings (JSON)) and add:
{ "mcp.servers": { "akeyless": { "command": "akeyless", "args": ["mcp", "--profile", "your-profile-name", "--gateway-url", "https://api.akeyless.io"] }, "akeyless-saml": { "command": "akeyless", "args": ["mcp", "--access-id", "your-access-id", "--access-type", "saml", "--gateway-url", "https://api.akeyless.io"] }, "akeyless-oidc": { "command": "akeyless", "args": ["mcp", "--access-id", "your-access-id", "--access-type", "oidc", "--gateway-url", "https://api.akeyless.io"] } } } -
Restart Cursor for the changes to take effect.
-
Verify that you can now run queries such as:
- “Show me my Akeyless secrets”
- “Create a new secret called
api-key” - “List all my targets”
Setting Up MCP With GitHub Copilot
-
Install Copilot CLI
npm install -g @githubnext/github-copilot-cli -
Configure Copilot
Edit
\~/.copilot/config.ymlto include:mcpServers: akeyless: command: akeyless args: ["mcp", "--profile", "your-profile-name", "--gateway-url", "https://api.akeyless.io"] akeyless-saml: command: akeyless args: ["mcp", "--access-id", "your-access-id", "--access-type", "saml", "--gateway-url", "https://api.akeyless.io"] akeyless-oidc: command: akeyless args: ["mcp", "--access-id", "your-access-id", "--access-type", "oidc", "--gateway-url", "https://api.akeyless.io"] -
Start Copilot with MCP
copilot mcp -
Use Copilot You can now manage secrets, configure targets, and perform infrastructure tasks via Copilot.
Examples
Secret Operations
# Start MCP server
akeyless mcp --profile production --gateway-url https://api.akeyless.io
# In Cursor/Copilot
# "Create a secret called 'database-password' with value 'secure123'"
# "Show me all secrets in the /prod/ path"Target Management
# "List all my AWS targets"
# "Update the SSH target with new credentials"Production Setup
# Production
akeyless mcp --profile prod --gateway-url https://api.akeyless.io
# Development / Testing
akeyless mcp --profile dev --gateway-url http://localhost:8080/v2Updated 6 days ago