Zalt/docs
Dashboard
MCP SERVER

Model Context Protocol Server

The Zalt MCP Server enables AI agents and coding assistants to manage authentication directly. Built for the vibe coding era - let your AI handle user management, security policies, and analytics.

Why MCP?

MCP (Model Context Protocol) allows AI assistants like Claude, Cursor, and Kiro to interact with external services. With Zalt's MCP server, you can manage users, sessions, and security policies using natural language - no dashboard needed.

Installation

Terminal
npm install -g @zalt/mcp-server

Configuration

Add to your MCP configuration file (e.g., ~/.kiro/settings/mcp.json):

mcp.json
{
  "mcpServers": {
    "zalt": {
      "command": "npx",
      "args": ["@zalt/mcp-server"],
      "env": {
        "ZALT_REALM_ID": "your-realm-id",
        "ZALT_SECRET_KEY": "your-secret-key"
      }
    }
  }
}

Available Tools (21 total)

User Management(6 tools)
zalt_list_users

List users with pagination and filters

zalt_get_user

Get user by ID or email

zalt_update_user

Update user profile and metadata

zalt_suspend_user

Suspend user account

zalt_activate_user

Reactivate suspended user

zalt_delete_user

Soft or hard delete user (GDPR)

Session Management(3 tools)
zalt_list_sessions

List active sessions for user

zalt_revoke_session

Revoke specific session

zalt_revoke_all_sessions

Revoke all sessions for user

MFA Management(4 tools)
zalt_get_mfa_status

Get MFA status for user

zalt_reset_mfa

Reset MFA for user (admin)

zalt_configure_mfa_policy

Set realm MFA policy

zalt_get_mfa_policy

Get current MFA policy

API Keys(3 tools)
zalt_list_api_keys

List API keys for user

zalt_create_api_key

Create new API key

zalt_revoke_api_key

Revoke API key

Analytics(3 tools)
zalt_get_auth_stats

Login success/failure rates, DAU/MAU

zalt_get_security_events

Recent security events

zalt_get_failed_logins

Failed login attempts

Usage Examples

Natural Language Commands
// Example: List all active users with MFA enabled
> Use zalt_list_users with status="active" and mfaEnabled=true

// Example: Suspend a user after security incident
> Use zalt_suspend_user with userId="user_abc123" 
  and reason="Suspicious activity detected"

// Example: Get authentication statistics
> Use zalt_get_auth_stats for the last 7 days

// Example: Reset MFA for locked out user
> Use zalt_reset_mfa with userId="user_xyz" 
  and reason="User lost authenticator device"

Security Note

The MCP server uses your secret key for authentication. Never share your secret key or commit it to version control. All operations are logged for audit purposes.

Get StartedView on GitHub