MCP Server
Jitsu runs an MCP server, so AI agents can manage your pipeline directly: create destinations, wire up streams, inspect Live Events, and edit Functions.
There is a single endpoint:
https://use.jitsu.com/mcpuse.jitsu.com is the Jitsu Cloud console. If you self-host Jitsu, replace it with your own
console host — the MCP server is served at /mcp on the same host.
For interactive clients, authentication is OAuth 2.1 — you don't paste an API key. The first time a client uses the server, a browser tab opens asking you to approve the connection. Approve it once and the client gets a scoped, revocable token. The connection shows up under your account and can be revoked any time (see Managing access).
In CI and other headless environments the browser flow can't run. There you authenticate with a personal API key instead — see Automation and CI.
Connect a client
The endpoint is the same everywhere; only the configuration format differs.
Add the server with one command:
claude mcp add --transport http jitsu https://use.jitsu.com/mcpThe next time the agent calls a Jitsu tool, Claude Code opens a browser tab for the OAuth
approval. Run /mcp inside Claude Code to check the connection status or re-authenticate.
- Open Settings → Connectors.
- Click Add custom connector.
- Name it
Jitsuand set the URL tohttps://use.jitsu.com/mcp. - Click the connector and Connect — a browser window opens for the OAuth approval.
Add Jitsu to your MCP config — ~/.cursor/mcp.json for all projects, or .cursor/mcp.json
in a single project:
{
"mcpServers": {
"jitsu": {
"url": "https://use.jitsu.com/mcp"
}
}
}Open Settings → MCP, and Cursor will prompt you to log in to Jitsu through the browser.
Create .vscode/mcp.json in your workspace (or run MCP: Add Server from the command
palette and pick HTTP):
{
"servers": {
"jitsu": {
"type": "http",
"url": "https://use.jitsu.com/mcp"
}
}
}Start the server from the mcp.json editor or the MCP: List Servers command. VS Code
opens a browser tab for the OAuth approval on first use.
Automation and CI
OAuth needs a browser, so it doesn't work in CI, cron jobs, or any headless setup. For those, authenticate with a personal API key — the same key the Management API uses. The key maps to your user and inherits your workspace access, so an agent running with it can do anything you can.
Generate a key on the user settings page and pass it in an
Authorization header. API keys have the format {keyId}:{keySecret}; the secret is shown
only once at creation. Keys can be set to never expire, which is what you want for CI.
Authorization: Bearer <api-key>With Claude Code, add the header on the command line:
claude mcp add --transport http jitsu https://use.jitsu.com/mcp \
--header "Authorization: Bearer $JITSU_API_KEY"For clients configured through a file, set a static header on the server — the same shape as in
Connect a client, plus a headers block. Read the key from an environment
variable rather than committing it. For Cursor (~/.cursor/mcp.json):
{
"mcpServers": {
"jitsu": {
"type": "http",
"url": "https://use.jitsu.com/mcp",
"headers": {
"Authorization": "Bearer ${JITSU_API_KEY}"
}
}
}
}VS Code uses a top-level servers key instead of mcpServers; add the same headers block to
the jitsu entry shown in its tab above.
Revoke a key from the same API Keys page to cut off access.
What the agent can do
The tools mirror the Management API. Every configuration object — destination,
stream, service, connection, function — follows the same list / get / create / update / delete shape, so an agent that learns one resource knows them all.
| Tool | What it does |
|---|---|
list_workspaces | List the workspaces you can access |
list_resources | List resources of a type in a workspace |
get_resource | Get a single resource by id |
get_resource_schema | Get the JSON Schema for creating/updating a resource type |
create_resource | Create a resource |
update_resource | Update a resource by id |
delete_resource | Delete a resource by id |
list_event_sources | List the sources — streams, connections, destinations — you can read events for |
query_events | Read recent Live Events for a stream, connection, or destination |
Resource type is one of destination, stream, service, function, or connection.
The agent typically calls get_resource_schema first to learn the exact payload, then
create_resource or update_resource.
Live Events and Functions
query_events exposes the same real-time stream as the Live Events
view in the UI: incoming events, function execution logs, and warehouse write statuses, with
an errors-only filter. The agent calls list_event_sources first to find the stream,
connection, or destination to watch. Combined with the config tools, this lets an agent verify
its own work — create a connection, send a test event, check that it landed.
Because Functions are configuration objects too, the agent can read a function's
code with get_resource and ship a fix with update_resource. So when Live Events shows a
function throwing, the agent can find the bug and correct it without leaving the conversation.
Managing access
Each connected client holds a token issued through OAuth. To see or revoke them, open the API Keys section of your account. Revoking a key disconnects that client immediately; reconnecting re-runs the browser approval.