Keepit MCP is Keepit's Model Context Protocol (MCP) server for use with Claude Desktop or other applications that support local stdio-based MCP servers. Keepit MCP's tools help you monitor, manage, and secure your Keepit estate using AI.
Keepit MCP provides integration with Keepit for backup and data protection services
Keepit MCP allows you to use natural language — Claude Desktop or any MCP client — to interact with your Keepit account through the Keepit REST API.
Example queries:
Do I have any unhealthy connectors?Show me failed audit logs with duration PT6HGet all users in my tenant(with Lokka integration)
To get a sense of what's possible with Keepit MCP, we've provided a comprehensive set of example prompts in PROMPTS.md.
The Model Context Protocol (MCP) is a standardized way for AI assistants like Claude to interact with external tools and data sources. MCP servers act as bridges between an LLM and external services, allowing the LLM to:
- Retrieve data from external systems
- Execute commands on those systems
- Present the results back to the user
Claude Desktop can connect to multiple MCP servers simultaneously, each providing access to different services. Microsoft has added support for MCP to VSCode and Copilot Studio and is adding MCP tools as first-class apps in an upcoming release of Windows 11. Many other tools can consume MCP servers as well.
Keepit MCP runs as a local MCP server on your local machine. As you can see from inspecting the code, it does not have access to the local filesystem or machine. However, depending on what other MCP servers you have configured, the LLM you use may have access to local or remote files (including through Google Drive or OneDrive), the ability to send mail, and other capabilities. We have put guardrails in place (strict type safety, input and schema validation, etc.), but the ultimate protection for your Keepit account is to safeguard the API token you use for running Keepit MCP, including making sure that it has the least privilege necessary to run the tools you want to use.
You should also note that it is possible that the LLM you use may take actions you didn't explicitly command. Be careful when testing prompts to ensure that an over-eager LLM construction won't result in an action that damages important data.
Keepit MCP is written as a collection of MCP tools. There are tools for connectors, audit logs, jobs, snapshots, and so on. This approach was chosen to make implementation easier. It's a little clunky for the end user because they must consent to every individual tool – it might be worth refactoring to combine multiple tool handlers into one. However, the big advantage of this approach is that MCP tools are composable, so users can easily create prompts/queries that take results from different tools (and thus from different services).
An example: "We had an outage yesterday. For all connectors:
- Show health status now
- Show job history for P2D - any spike in failures?
- Show audit logs for P2D - any config changes or unusual admin activity?
- Cross-reference: which connectors had both failed jobs AND audit events within the same 2-hour window?"
Each tool contains the logic required to request a specific item type and return it in a format that the LLM can consume. The tool definitions specify the input schema for each individual tool, and the tool handler (which actually does the work for the tool) may return structured results or simple items like a string or GUID.
To use the Keepit MCP server for either production or development, you need to install the repository on your local machine.
Follow the steps below to set up the project environment:
- Install the required software (if not already installed):
- Clone the repository:
git clone https://github.com/keepit-official/keepit-mcp.git
- After cloning the repository, open the project folder:
cd keepit-mcp - Install dependencies using the command:
npm install
This project can be used for:
- Сreating MCPB package
- Installing MCPB package into Claude
- Run Keepit MCP server with MCP clients that support
stdiotransport - Developing the Keepit MCP server
Note: Before proceeding, make sure the project is properly installed (see the Installation section).
- Open the project folder:
cd keepit-mcp - Run the build command:
npm run generate-mcpb
- After a successful build, the
keepit-mcp.mcpbfile will be generated.
- Download and install the desktop version of Claude Claude Desktop Download (if not already installed)
- In the Claude app, go to:
Settings > Extensions > Advanced settings - Click
Install Extension... - In the popup, select the previously generated MCPB package (
keepit-mcp.mcpb) and click Install. - Upon installation, you will be prompted with a popup requiring your Keepit account credentials: login, password, and the region where your account is hosted.
- Note: We highly recommend using a secondary token (instead of your main login/password) for authentication. You can create one in the Keepit Web App: (
User info page > Security tab > Secondary tokens)
- Note: We highly recommend using a secondary token (instead of your main login/password) for authentication. You can create one in the Keepit Web App: (
- Enable the newly installed extension.
- We highly recommend that you read our security recommendations.
Alongside the Keepit MCP server, we have a dedicated Proxy server. This server acts as a wrapper around the MCP and allows us to test new or existing MCP tools locally without the need to repeatedly create MCPB packages.
The Proxy server is an HTTP server that listens for incoming requests (e.g., from Postman) and forwards them to the MCP server.
Responses from the MCP server are then sent back through the Proxy to the HTTP client.
This setup is always available during development and enables us to debug and test everything locally in real-time, making development and troubleshooting much faster and more convenient.
-
In the project root, create an
.envfile to store your configuration:nano .env or vim .env
-
Inside the created
.envfile, add the following environment variables (values shown as examples):KEEPIT_USER=OgGvCVqJDkPVql=?75AXDIBM KEEPIT_PASS=55Z,oS0yn8n.esNdrjvZgfEE KEEPIT_ENV=ws-test LOCAL_PORT=5000- Note: The LOCAL_PORT field is optional. If not specified, the server will run on http://127.0.0.1:3000
-
Run the following command to start the development server:
npm start
- Open the API client.
- Use the following request params:
For example:
Request type: POST Request URL: http://localhost:3000/ (or port which you set in .env file) Body: raw/JSON Textfield: { "requestName": "TOOL_NAME" } OR { "requestName": "TOOL_NAME", "argumentsList": { "ARGUMENT_NAME": "ARGUMENT_VALUE" } }
{ "requestName": "get_active_jobs", "argumentsList": { "guid": "etabjx-opdiwv-lkxb6e" } }
Postman provides native support for MCP servers, allowing you to test the Keepit MCP server directly within Postman. This approach is simpler than using the HTTP Proxy server for testing.
Steps to test:
-
Start the Keepit MCP server:
npm start
-
Open Postman and create an MCP request:
- Open Postman and navigate to your workspace
- Click on the
Newbutton to create a new request - Select request type: MCP Request (instead of HTTP)
-
Configure the MCP server connection:
- In the MCP request panel, configure the server settings:
- Server type: stdio
- Command:
node(or your Node.js path) - Arguments:
<path-to-keepit-mcp>/build/main.js - Environment variables: Add your environment variables (KEEPIT_USER, KEEPIT_PASS, KEEPIT_ENV)
- In the MCP request panel, configure the server settings:
-
Send MCP tool requests:
- Once connected, Postman will discover and display all available MCP tools from the Keepit MCP server
- Select a tool from the list and configure its parameters
- Send the request to test the tool's functionality
For more detailed information about Postman's MCP support, see Postman's MCP documentation.
The MCP Inspector is a built-in debugging tool that allows you to test and inspect MCP servers directly from the command line. It provides a web-based UI to interact with your MCP server and inspect all available tools and their responses.
Steps to test:
-
Ensure your MCP server is built:
npm run build
-
Run MCP Inspector with your Keepit MCP server:
npx @modelcontextprotocol/inspector build/main.js
-
Access the inspector UI:
- The command will output a local URL (typically
http://localhost:5173) - Open this URL in your web browser
- The inspector will display all available tools from the Keepit MCP server
- The command will output a local URL (typically
For more information about MCP Inspector, see the official MCP documentation.
This section describes how tools are implemented in Keepit MCP, providing a pattern for developers to follow when creating new tools.
Keepit MCP uses a modular, composable tool architecture with three distinct layers for each tool category:
┌─────────────────────────────────────────┐
│ Tool Definitions & Schemas │
│ - Defines tool name, description │
│ - Specifies input/output schemas (JSON)│
│ - Declares required ACL permissions │
└────────────────────┬────────────────────┘
│
┌────────────────────▼────────────────────┐
│ Tool Handlers (Business Logic) │
│ - Implements tool execution │
│ - Validates inputs & handles errors │
│ - Calls helper functions │
└────────────────────┬────────────────────┘
│
┌────────────────────▼────────────────────┐
│ Tool Helpers (API & Data Logic) │
│ - Makes API requests │
│ - Transforms data │
│ - Returns structured results │
└─────────────────────────────────────────┘
Each tool category has a dedicated folder with three files:
src/tools/
├── [category]/
│ ├── [category]-tools-definitions.ts # Tool schemas & metadata
│ ├── [category]-tools-handler.ts # Tool execution logic
│ └── [category]-tools.helper.ts # API & business logic
├── index.ts # Tool aggregation & export
└── tools.interfaces.ts # Shared TypeScript types
This software ("Keepit MCP") is provided "as is" without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose, and non-infringement. In no event shall Keepit A/S or the authors be liable for any claim, damages, or other liability, whether in an action of contract, tort, or otherwise, arising from, out of, or in connection with the software or the use or other dealings in the software.
To the maximum extent permitted by law, Keepit A/S and its affiliates shall not be liable for any direct, indirect, incidental, special, consequential, or punitive damages, loss of data, revenue, profits, or business opportunities, system downtime, security breaches, or unauthorized access, costs of procurement of substitute services or technology, and damages arising from reliance on AI-generated recommendations or actions.
Users agree to indemnify and hold harmless Keepit and its affiliates from any claims, damages, losses, or expenses arising from use or misuse of the Keepit MCP server, violation of third-party terms of service or acceptable use policies, non-compliance with applicable laws or regulations, unauthorized access, or security incidents related to user credentials.
Keepit makes no guarantees regarding availability, performance, or reliability of the Keepit MCP server, compatibility with future versions of Claude Desktop, MCP protocol, or integrated APIs, continued support, updates, or maintenance of this software, response times, error handling, or system stability.
Third-Party API Dependencies: Keepit MCP integrates with external APIs, including Keepit and Microsoft services. Users are responsible for complying with all applicable API terms of service and acceptable use policies, managing their own API credentials, tokens, and access permissions securely, ensuring proper security practices when handling API keys and authentication tokens, monitoring their usage and associated costs across all integrated services.
Users acknowledge that:
- All prompts, API responses, and data transmitted through this software may be processed by third-party AI services and their associated data processors via servers that may be located in various jurisdictions, including but not limited to the United States.
- Backup data, credentials, and operational commands flow through multiple systems.
- Data may be transmitted across different geographic regions and cloud providers.
- Users are responsible for ensuring compliance with applicable data protection regulations (GDPR, CCPA, etc.).
This software uses AI interpretation to execute commands against production backup and restore systems. Users assume all responsibility for actions taken by the AI system, including unintended or over-eager responses, data restoration, deletion, or modification operations initiated through natural language commands, verification of AI-interpreted commands before execution, particularly for any potentially destructive operations, implementing appropriate safeguards, testing procedures, and understand rollback capabilities if any.
This disclaimer may be updated at any time without notice. Continued use of the software constitutes acceptance of any modifications to these terms.