Keepit Live World Tour: Join us in a city near you

Keepit Platform LoginPartner Portal Login
Support
DEENESFRPT
Keepit Platform LoginPartner Portal Login
Support
DEENESFRPT
Get a demo

MCP Documentation

HomeHelp centerMCP DocumentationMCP overview for partners

MCP overview for partners

MCPBy

Overview

Keepit MCP is a locally deployed Model Context Protocol (MCP) server that creates a secure bridge between AI assistants and your Keepit backup environment. It translates natural language requests into Keepit REST API calls, enabling your team to monitor, manage, and secure your backup estate through conversation.

Unlike hosted integrations, Keepit MCP runs entirely within your infrastructure. Your data never leaves your control, and all operations happen through your existing security boundaries.

Key characteristics

Runs locally on your machine or dedicated server

  • 100% control over where data is going, which model is used to process it
  • Read-only in first version (no write operations to your Keepit environment)
  • Compatible with any MCP-capable AI client (Claude Desktop, AnythingLLM, Jan, and others)
  • Open source and free

How it works

When you ask a question in your AI client:

Your AI client (e.g., Claude Desktop) sends the request to the local MCP server.

1. The MCP server translates this into the appropriate Keepit API calls.

2. Data is retrieved from your Keepit account via secure API connection.

3. Results are formatted and returned to your AI client.

4. Model processes results and outputs them back.

[AI Client]  →  [MCP Server (Local)]  →  [Keepit API (Secure)]

System requirements

Knowledge baseMonday connector

Requirement 

Details 

Node.js 

Version 22.10.0 or higher 

npm 

Version 10.9.2 or higher 

Git 

For cloning the repository 

Disk space 

Approximately 50 MB 

RAM 

Less than 100 MB 

Network 

HTTPS connectivity to Keepit API endpoints 

OS 

Windows, macOS, or Linux 

AI Client 

Claude Desktop (recommended), AnythingLLM, Jan, or any MCP-compatible client 
HomeHelp centerMCP DocumentationMCP overview for partners

MCP overview for partners

MCPBy

Installation

Step 1: Clone the repository

git clone https://github.com/keepit-official/keepit-mcp.git

cd keepit-mcp

Step 2: Install dependencies

npm install

Step 3: Configure credentials

For production use, we recommend using a secrets manager instead of storing credentials in clear text file. The MCP reads credentials from environment variables, so any method that injects KEEPIT_USER, KEEPIT_PASS, and KEEPIT_ENV will work.

Basic setup (Non-encrypted)

Pass credentials directly in your MCP client configuration.

The Claude configs are typically stored in these paths:

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json

Linux: ~/.config/Claude/claude.json

Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "keepit": {
      "command": "node",
      "args": ["/path/to/keepit-mcp/build/main.js"],
      "env": {
        "KEEPIT_USER": "your-username",
        "KEEPIT_PASS": "your-password",
        "KEEPIT_ENV": "us-dc"
      }
    }
  }
}

Credentials are passed directly in your MCP client configuration. While not encrypted, this keeps secrets out of your project repository, preventing accidental Git commits.

Using 1Password CLI (Cross-Platform)

1Password CLI (op) works on macOS, Linux, and Windows. Adjust the node path according to your deployment. In order to use it via CLI, you have to enable 1Password CLI in the 1Password desktop app Settings > Developer and allow biometric unlock.

Documentation:1Password CLI: Getting Started | Secret References

Path examples:

  • macOS/Linux: /path/to/keepit-mcp/build/main.js
  • Windows: C:/path/to/keepit-mcp/build/main.js
{
  "mcpServers": {
    "keepit": {
      "command": "op",
      "args": ["run", "--", "node", "/path/to/keepit-mcp/build/main.js"],
      "env": {
        "KEEPIT_USER": "op://Private/Keepit/username",
        "KEEPIT_PASS": "op://Private/Keepit/password",
        "KEEPIT_ENV": "op://Private/Keepit/datacenter"
      }
    }
  }
}

Windows user environment variables

Note: This option is for Windows users. Credentials are stored in the Windows Registry (unencrypted) but kept separate from the config file, reducing the risk of accidental sharing.

Set the following as User Environment Variables (see Microsoft's guide on environment variables):

  • KEEPIT_USER : your-username
  • KEEPIT_PASS : your-password
  • KEEPIT_ENV : us-dc

Restart Claude Desktop after adding the variables.

Then use this config no env block needed:

{
  "mcpServers": {
    "keepit": {
      "command": "node",
      "args": ["C:/Users/YourName/keepit-mcp/build/main.js"]
    }
  }
}

Security note: This approach stores credentials as plaintext in the Windows Registry. Any process running as your user can read them. The benefit over the basic setup is that credentials won't be accidentally shared when copying config files.

macOS Keychain

Documentation:Keychain Access User Guide | security command man page

Option A: Using Keychain Access GUI

1. Open Keychain Access (Applications → Utilities → Keychain Access)

2. Select login keychain in the sidebar

3. Click File > New Password Item (or press ⌘N)

4. Create two entries:

Keychain Item Name: keepit-mcp-username, Account: keepit, Password: your-username

Keychain Item Name: keepit-mcp-password, Account: keepit, Password: your-password

Option B: Using terminal

security add-generic-password -s "keepit-mcp-username" -a "keepit" -w "your-username"

security add-generic-password -s "keepit-mcp-password" -a "keepit" -w "your-password"

Claude Desktop config (uses security find-generic-password to retrieve at runtime):

{
  "mcpServers": {
    "keepit": {
      "command": "sh",
      "args": [
        "-c",
        "KEEPIT_USER=$(security find-generic-password -s keepit-mcp-username -a keepit -w) KEEPIT_PASS=$(security find-generic-password -s keepit-mcp-password -a keepit -w) KEEPIT_ENV=us-dc node /path/to/keepit-mcp/build/main.js"
      ]
    }
  }
}

Linux secret-tool (GNOME Keyring / libsecret)

Documentation:libsecret / secret-tool | secret-tool man page

First, store credentials (one-time):

secret-tool store --label="Keepit MCP Username" service keepit-mcp field username

secret-tool store --label="Keepit MCP Password" service keepit-mcp field password

Then in your MCP client config (e.g., Claude Code's ~/.claude.json or similar):

{
  "mcpServers": {
    "keepit": {
      "command": "sh",
      "args": [
        "-c",
        "KEEPIT_USER=$(secret-tool lookup service keepit-mcp field username) KEEPIT_PASS=$(secret-tool lookup service keepit-mcp field password) KEEPIT_ENV=us-dc node /path/to/keepit-mcp/build/main.js"
      ]
    }
  }
}

Step 4: Connect to your AI client

For Claude Desktop using the .mcpb package:

1. Build the package:npmrun generate-mcpb

2. In Claude Desktop, go to Settings > Extensions > Advanced settings.

3. Click Install Extension and select the generatedkeepit-mcp.mcpbfile.

4. Enter your Keepit credentials when prompted.

5. Enable the extension.

Alternatively, run the server directly with npm start and configure your AI client to connect to the local MCP endpoint. 

Supported tools and capabilities

Keepit MCP for Partners exposes 11 tools via the MCP protocol. 

Knowledge baseMonday connector

Tool 

Description 

pmc_get_my_account_info 

Your own partner account at a glance — name, contact details, assigned product, and the full list of users with their roles 

pmc_get_subaccount_list 

A flat list of every customer account you manage — Account IDs, company names, emails etc. 

pmc_get_subaccount_info 

Deep detail on a single customer — assigned products, service period, users with roles, contact info etc. 

pmc_get_subaccount_connectors 

All connectors configured for a specific customer — IDs, names, types, creation dates 

pmc_get_all_critical_connectors 

Portfolio-wide scan of every connector currently in a critical state, with the owning account and a plain-language failure reason for each 

pmc_get_connectors_health_summary 

Connector health info for subaccount providing health status, last successful backup date, and failure details for anything unhealthy 

pmc_get_connector_issue_solution 

Surfaces help center articles and plain-language guidance for the most common connector failure types 

pmc_get_seats_allocation 

Seat allocation breakdown for a date range — total connectors, total seats, and peak usage per connector. Covers either your whole partner portfolio or a single customer 

pmc_get_subaccount_seat_usage_history 

A historical timeline of seat usage snapshots — timestamps, resource names, usage counts, and seat types — for a specific customer 

pmc_get_subaccounts_exceeding_seat_limit 

Shows every account in your portfolio that has gone over its seat limit — including how much they've exceeded it, when the grace period expires, and whether it has already expired 

pmc_get_audit_log_history 

A timestamped record of activity events across all accounts in your portfolio for a specified date range