A standalone MCP (Model Context Protocol) server for sending emails via Gmail. Built with the @modelcontextprotocol/sdk and designed for deployment on Railway.
- MCP Server Implementation: Proper MCP server using
McpServerclass andStreamableHTTPServerTransport - Gmail Integration: Send emails using the Gmail API with OAuth2 authentication
- Secure API: API key authentication via
x-api-keyheader - Railway Ready: Configured for seamless Railway deployment
Send an email via Gmail API.
Parameters:
to(string, required): Recipient email addresssubject(string, required): Email subject linebody(string, required): Email body content (plain text)
Example:
{
"to": "recipient@example.com",
"subject": "Hello from Iris",
"body": "This is a test email sent via the Iris MCP server."
}- Node.js: Version 18 or higher
- Google Cloud Project: With Gmail API enabled
- Gmail OAuth2 Credentials: Client ID, Client Secret, and Refresh Token
- Go to Google Cloud Console
- Create a new project or select an existing one
- Enable the Gmail API:
- Navigate to "APIs & Services" > "Library"
- Search for "Gmail API"
- Click "Enable"
- Go to "APIs & Services" > "Credentials"
- Click "Create Credentials" > "OAuth client ID"
- Configure the OAuth consent screen if prompted:
- User Type: External (for testing) or Internal (for workspace)
- Add required information (app name, user support email, etc.)
- Add scopes:
https://www.googleapis.com/auth/gmail.send - Add test users if using External type
- Create OAuth client ID:
- Application type: Web application
- Name: Iris MCP Server
- Authorized redirect URIs:
https://developers.google.com/oauthplayground
- Save the Client ID and Client Secret
- Go to Google OAuth 2.0 Playground
- Click the gear icon (⚙️) in the top right
- Check "Use your own OAuth credentials"
- Enter your Client ID and Client Secret
- Close the settings
- In the left panel under "Step 1: Select & authorize APIs":
- Scroll down to "Gmail API v1"
- Select
https://www.googleapis.com/auth/gmail.send - Click "Authorize APIs"
- Sign in with your Google account and grant permissions
- In "Step 2: Exchange authorization code for tokens":
- Click "Exchange authorization code for tokens"
- Copy the Refresh Token (you'll need this for the environment variables)
- Clone the repository:
git clone <your-repo-url>
cd iris- Install dependencies:
npm install- Create a
.envfile based on.env.example:
cp .env.example .env- Edit
.envand add your credentials:
GMAIL_CLIENT_ID=your-client-id.apps.googleusercontent.com
GMAIL_CLIENT_SECRET=your-client-secret
GMAIL_REFRESH_TOKEN=your-refresh-token
IRIS_API_KEY=your-secure-api-key
PORT=3000- Build the project:
npm run build- Start the server:
npm startOr run in development mode with hot reload:
npm run devThe server will start at http://localhost:3000.
- Initialize git (if not already done):
git init
git add .
git commit -m "Initial commit: Iris MCP server"- Push to GitHub (or GitLab/Bitbucket):
git remote add origin <your-repo-url>
git push -u origin main- Go to Railway
- Sign up or log in
- Click "New Project"
- Select "Deploy from GitHub repo"
- Choose your Iris repository
- Railway will automatically detect the Node.js project
In the Railway project settings, add the following environment variables:
GMAIL_CLIENT_ID: Your Gmail OAuth2 Client IDGMAIL_CLIENT_SECRET: Your Gmail OAuth2 Client SecretGMAIL_REFRESH_TOKEN: Your Gmail OAuth2 Refresh TokenIRIS_API_KEY: A strong, randomly generated API key for authenticationPORT: Railway sets this automatically, no need to add it manually
Railway will automatically deploy your application. Once deployed:
- Go to "Settings" > "Networking"
- Click "Generate Domain" to get a public URL
- Your MCP server will be available at
https://your-app.railway.app/mcp
All requests to the MCP server must include the x-api-key header:
curl -X POST https://your-app.railway.app/mcp \
-H "x-api-key: your-secure-api-key" \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"method": "tools/call",
"params": {
"name": "send_email",
"arguments": {
"to": "recipient@example.com",
"subject": "Test Email",
"body": "This is a test email from Iris."
}
},
"id": 1
}'Check if the server is running:
curl https://your-app.railway.app/health \
-H "x-api-key: your-secure-api-key"Response:
{
"status": "ok",
"server": "iris",
"version": "1.0.0"
}iris/
├── src/
│ ├── auth/
│ │ └── gmail.ts # Gmail OAuth2 client setup
│ ├── tools/
│ │ ├── gmail.ts # send_email tool implementation
│ │ └── index.ts # Tool registration with MCP server
│ └── server.ts # MCP server + Express + transport setup
├── .env.example # Environment variable template
├── .gitignore
├── package.json
├── tsconfig.json
└── README.md
- All endpoints require authentication via the
x-api-keyheader - OAuth2 refresh tokens are securely stored in environment variables
- Never commit
.envfiles or expose your API keys - Use strong, randomly generated API keys in production
If you get "Unauthorized" errors:
- Verify your
IRIS_API_KEYis correctly set - Ensure you're including the
x-api-keyheader in all requests
If emails fail to send:
- Verify your Gmail OAuth credentials are correct
- Ensure the Gmail API is enabled in Google Cloud Console
- Check that your refresh token hasn't expired (test users' refresh tokens expire after 7 days)
- For production, publish your OAuth consent screen to avoid token expiration
Test users in OAuth consent screen (External, unpublished) have refresh tokens that expire after 7 days. For production:
- Complete the OAuth consent screen verification process
- Publish your app
- Or use Internal user type if you have a Google Workspace
ISC