A comprehensive Model Context Protocol (MCP) server that provides automated API tools for Medusa e-commerce backend operations. This server exposes all major Medusa admin API functionality through MCP-compatible tools for use with AI assistants like Claude Desktop.
Medusa.js is a modern, open-source e-commerce platform built for developers. It provides a headless commerce backend with powerful admin APIs for managing products, orders, customers, and all aspects of e-commerce operations.
This MCP server provides 14 comprehensive admin tools covering all major Medusa.js operations:
- 🛍️ Products Management - Products, variants, categories, tags, types
- 📦 Orders Management - List, get, cancel, complete, archive, transfer, fulfillment
- 📋 Draft Orders - Cart-like functionality with line item management
- 👥 Customers Management - Customer CRUD, addresses, customer groups
- 📊 Collections Management - Collections CRUD, product associations
- 📈 Inventory Management - Inventory items, stock locations, levels, reservations
- 🌍 Regions & Shipping - Regions, shipping options, profiles, fulfillment
- 💰 Pricing & Promotions - Price lists, promotions, campaigns
- 💳 Payments & Refunds - Payment collections, captures, refunds
- 🔄 Returns & Exchanges - Returns, swaps, claims, order edits
- 🎁 Gift Cards - Gift card operations and balance management
- 📈 Tax Management - Tax rates and tax regions
- 📺 Sales Channels - Channel operations and product associations
- 👤 Users & Auth - User management, invites, API keys
- ✅ 200+ API actions across all Medusa admin endpoints
- ✅ Full CRUD operations for all major resources
- ✅ Advanced e-commerce operations (fulfillment, order edits, promotions)
- ✅ MCP-compatible for seamless AI assistant integration
- ✅ Zero installation required - run directly with npx
- ✅ Comprehensive error handling and validation
- Node.js v18+ (v20+ recommended)
- Running Medusa.js backend server
- Medusa admin API key
MCP Medusa supports three usage modes:
| Mode | Transport | Use Case | Best For |
|---|---|---|---|
| Local | STDIO | Direct IDE integration (npx) | Individual developers |
| Remote HTTP | Streamable HTTP | Web apps with LLM integration | Production web apps |
| Remote via mcp-remote | STDIO → HTTP bridge | IDEs connecting to remote server | Teams sharing one deployment |
Best for: Individual developers using Claude Desktop, Windsurf, Cursor, or other MCP-compatible IDEs.
Direct integration running locally via npx - no server deployment needed.
macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json
{
"mcpServers": {
"medusa-admin": {
"command": "npx",
"args": ["-y", "mcp-medusa"],
"env": {
"MEDUSA_BASE_URL": "http://localhost:9000",
"MEDUSA_API_KEY": "your_admin_api_key"
}
}
}
}Location: ~/.codeium/windsurf/mcp_config.json
{
"mcpServers": {
"medusa-admin": {
"command": "npx",
"args": ["-y", "mcp-medusa"],
"env": {
"MEDUSA_BASE_URL": "http://localhost:9000",
"MEDUSA_API_KEY": "your_admin_api_key"
}
}
}
}Best for: Web applications integrated with LLMs that need to access Medusa operations programmatically.
Deploy to Digital Ocean App Platform, then connect from your web application via HTTP.
# Install doctl CLI
brew install doctl # macOS
snap install doctl # Linux
# Authenticate
doctl auth init
# Create app (requires GitHub connection in DO Dashboard first)
doctl apps create --spec deployment/digitalocean/app.yamlGo to Apps > mcp-medusa > Settings > App-Level Environment Variables and add:
| Variable | Type | Description |
|---|---|---|
MEDUSA_BASE_URL |
Secret | Your Medusa backend URL (e.g., https://api.mystore.com) |
MEDUSA_API_KEY |
Secret | Medusa admin API key |
MCP_AUTH_TOKEN |
Secret | Generate with openssl rand -base64 32 |
Initialize session:
const MCP_URL = 'https://your-app.ondigitalocean.app/mcp';
const AUTH_TOKEN = 'your_mcp_auth_token';
// Initialize MCP session
const initResponse = await fetch(MCP_URL, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': `Bearer ${AUTH_TOKEN}`
},
body: JSON.stringify({
jsonrpc: '2.0',
id: 1,
method: 'initialize',
params: {
clientInfo: { name: 'my-web-app', version: '1.0.0' }
}
})
});List available tools:
const toolsResponse = await fetch(MCP_URL, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': `Bearer ${AUTH_TOKEN}`
},
body: JSON.stringify({
jsonrpc: '2.0',
id: 2,
method: 'tools/list'
})
});
const { result } = await toolsResponse.json();
console.log('Available tools:', result.tools);Execute a tool:
const ordersResponse = await fetch(MCP_URL, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': `Bearer ${AUTH_TOKEN}`
},
body: JSON.stringify({
jsonrpc: '2.0',
id: 3,
method: 'tools/call',
params: {
name: 'manage_medusa_admin_orders',
arguments: {
action: 'list',
limit: 10
}
}
})
});
const { result } = await ordersResponse.json();
console.log('Orders:', JSON.parse(result.content[0].text));| Endpoint | Method | Auth | Description |
|---|---|---|---|
/health |
GET | No | Liveness check |
/ready |
GET | No | Readiness check (shows tools count) |
/mcp |
POST | Bearer | Main MCP JSON-RPC endpoint (Streamable HTTP) |
Best for: Teams where multiple developers need to share a single MCP server deployment, or when you want IDE access to a remote Medusa instance.
This uses the mcp-remote package to bridge local STDIO-based IDEs to a remote HTTP server using Streamable HTTP transport.
- MCP Medusa deployed to Digital Ocean (see Option 2)
MCP_AUTH_TOKENconfigured in the deployment
macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"medusa-remote": {
"command": "npx",
"args": [
"-y", "mcp-remote",
"https://your-app.ondigitalocean.app/mcp",
"--header", "Authorization:Bearer ${MCP_AUTH_TOKEN}"
],
"env": {
"MCP_AUTH_TOKEN": "your_secure_token_here"
}
}
}
}Location: ~/.codeium/windsurf/mcp_config.json
{
"mcpServers": {
"medusa-remote": {
"command": "npx",
"args": [
"-y", "mcp-remote",
"https://your-app.ondigitalocean.app/mcp",
"--header", "Authorization:Bearer ${MCP_AUTH_TOKEN}"
],
"env": {
"MCP_AUTH_TOKEN": "your_secure_token_here"
}
}
}
}Location: Cursor Settings > MCP Servers
{
"mcpServers": {
"medusa-remote": {
"command": "npx",
"args": [
"-y", "mcp-remote",
"https://your-app.ondigitalocean.app/mcp",
"--header", "Authorization:Bearer ${MCP_AUTH_TOKEN}"
],
"env": {
"MCP_AUTH_TOKEN": "your_secure_token_here"
}
}
}
}┌─────────────────┐ STDIO ┌─────────────────┐ HTTPS ┌─────────────────┐
│ Claude Desktop │ ◄────────────► │ mcp-remote │ ◄───────────► │ MCP Medusa │
│ Windsurf │ │ (npx bridge) │ │ (Digital Ocean)│
│ Cursor │ └─────────────────┘ └────────┬────────┘
└─────────────────┘ │
┌────────▼────────┐
│ Medusa Backend │
└─────────────────┘
- Your IDE spawns
mcp-remoteas a local process mcp-remoteconnects to the remote MCP server via Streamable HTTP- Commands from the IDE are forwarded to the remote server
- Responses are returned back through the bridge
- Shared deployment: Multiple team members use the same MCP server
- Centralized Medusa access: One secure connection to your Medusa backend
- No local credentials: API keys stay on the server, only auth token needed locally
- Works with any MCP-compatible IDE: Claude Desktop, Windsurf, Cursor, etc.
| Variable | Required | Mode | Description | Example |
|---|---|---|---|---|
MEDUSA_BASE_URL |
Yes | All | Your Medusa backend URL | http://localhost:9000 |
MEDUSA_API_KEY |
Yes | All | Admin API key or JWT token | sk_admin_... |
MCP_AUTH_TOKEN |
Remote only | HTTP | Token for client authentication | openssl rand -base64 32 |
- Access your Medusa Admin dashboard
- Go to Settings → API Keys
- Create a new API key with admin permissions
- Copy the key and add it to your configuration
After configuring Claude Desktop:
- Restart Claude Desktop completely
- Look for the MCP server indicator (hammer icon) in the chat interface
- The server should show a green status indicator when connected
// List orders with filtering
{
"action": "list",
"limit": 10,
"status": "pending"
}
// Get specific order
{
"action": "get",
"id": "order_01234567890"
}
// Complete an order
{
"action": "complete",
"id": "order_01234567890"
}// List products
{
"action": "list",
"limit": 20,
"status": "published"
}
// Create new product
{
"action": "create",
"title": "New Product",
"description": "Product description",
"handle": "new-product"
}// List customers
{
"action": "list",
"limit": 50
}
// Create customer
{
"action": "create",
"email": "customer@example.com",
"first_name": "John",
"last_name": "Doe"
}| Tool | Description | Key Actions |
|---|---|---|
manage_medusa_admin_orders |
Order management & fulfillment | list, get, cancel, complete, archive, transfer |
manage_medusa_admin_draft_orders |
Cart-like draft order operations | create, list, get, delete, convert_to_order |
manage_medusa_admin_products |
Product & variant management | list, get, create, update, delete, list_variants |
manage_medusa_admin_customers |
Customer & group management | list, get, create, update, delete, list_groups |
manage_medusa_admin_collections |
Collection management | list, get, create, update, delete, add_products |
manage_medusa_admin_inventory |
Inventory & stock management | list_items, list_locations, list_levels, create_reservation |
manage_medusa_admin_regions |
Regions & shipping | list_regions, list_shipping_options, create_region |
manage_medusa_admin_pricing |
Pricing & promotions | list_price_lists, list_promotions, list_campaigns |
manage_medusa_admin_payments |
Payment operations | list_payments, capture_payment, refund_payment |
manage_medusa_admin_returns |
Returns & exchanges | list_returns, list_exchanges, list_claims |
manage_medusa_admin_gift_cards |
Gift card management | list, get, create, update, delete |
manage_medusa_admin_taxes |
Tax management | list_tax_rates, list_tax_regions, create_tax_rate |
manage_medusa_admin_sales_channels |
Sales channel management | list, get, create, add_products |
manage_medusa_admin_users |
User & auth management | list_users, list_invites, list_api_keys |
Once configured, try these prompts with Claude:
- "Show me the latest orders from my Medusa store"
- "Create a new product called 'Test Product' with a price of $29.99"
- "List the most recent customers and their details"
- "Check the inventory levels for all products"
- "Create a new customer group called 'VIP'"
- Never share your API keys - Keep them secure and private
- Use HTTPS in production - Configure
MEDUSA_BASE_URLwith HTTPS - Rotate API keys regularly - Generate new admin API keys periodically
- Limit API key permissions - Use admin users with appropriate role restrictions
The following sections are for developers who want to contribute to this project or run it locally for development purposes.
1. Clone the repository
git clone https://github.com/minimalart/mcp-medusa.git
cd mcp-medusa2. Install dependencies
npm install3. Configure environment variables
cp env.example .envUpdate .env with your Medusa configuration:
MEDUSA_BASE_URL=http://localhost:9000
MEDUSA_API_KEY=your_admin_api_key_or_jwt_tokenSTDIO Mode (for Claude Desktop testing):
npm run dev
# or
node mcpServer.jsHTTP Mode (for web apps and mcp-remote):
npm run dev:http
# or
node server/index.jsVercel Local Development:
npm run dev:vercelList available tools:
npm run list-toolsTest Medusa connectivity:
node test-medusa-tools.jsTest MCP tools:
node test-mcp-tools.js# STDIO mode
npx @modelcontextprotocol/inspector@latest node mcpServer.js
# Vercel dev mode (requires Vercel dev running)
npx @modelcontextprotocol/inspector@latest http://localhost:3000/api/mcpBuild image:
docker build -t medusa-mcp .Run with environment file:
docker run -i --rm --env-file=.env medusa-mcp# Deploy to production
vercel --prodSet environment variables in Vercel dashboard:
MEDUSA_BASE_URLMEDUSA_API_KEY
mcp-medusa/
├── mcpServer.js # STDIO transport (local IDEs)
├── server/
│ ├── index.js # HTTP transport (remote/web)
│ ├── transports/
│ │ └── streamable-http.js # Streamable HTTP implementation
│ └── middleware/
│ └── auth.js # Bearer token authentication
├── lib/
│ ├── tools.js # Tool discovery system
│ └── constants.js # Shared configuration
├── tools/
│ └── medusa-admin-api/ # All Medusa admin tools
│ ├── medusa-admin-orders.js
│ ├── medusa-admin-products.js
│ ├── medusa-admin-customers.js
│ └── ...
├── deployment/
│ └── digitalocean/
│ └── app.yaml # DO App Platform config
├── docs/
│ └── REMOTE-SETUP.md # Remote deployment guide
├── index.js # CLI entry point
└── commands/tools.js # CLI tool listing command
- Create new tool file in
tools/medusa-admin-api/ - Follow the existing tool pattern:
export const apiTool = { definition: { name: 'your_tool_name', description: 'Tool description', parameters: { /* parameter schema */ } }, function: yourToolFunction };
- Add tool path to
tools/paths.js - Test with
npm run list-tools
- Fork the repository
- Create a feature branch:
git checkout -b feature/new-tool - Implement your changes
- Test thoroughly:
npm run list-tools && node test-medusa-tools.js - Submit a pull request
- Medusa.js Documentation - Official Medusa documentation
- Medusa Admin API Reference - Complete API reference
- Model Context Protocol - MCP specification
- Claude Desktop - AI assistant with MCP support
This project is licensed under the MIT License - see the LICENSE file for details.
- Issues: Open an issue on GitHub
- Documentation: Check the Medusa.js documentation for API details
- Community: Join the Medusa Discord community for general support
Built for the Medusa.js ecosystem 🏪 Powered by Model Context Protocol 🤖