thingworx-mcp-server

Provides a Spring Boot MCP server that exposes PTC ThingWorx entities (Things, Properties, Services, and Collections) as AI-friendly tools/endpoints. It uses ThingWorx REST API access with AppKey authentication and includes Redis-backed caching with runtime toggles, configurable via environment variables, and Docker support.

Evaluated Apr 04, 2026 (16d ago)

Repo ↗ Ai Ml mcp thingworx iot spring-boot java ai-tools redis caching integration

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

Uses ThingWorx AppKey provided via environment variable, which is a reasonable secret-distribution pattern. However, the README does not state whether the MCP server enforces TLS/HTTPS or authenticates clients of its own endpoints, nor does it describe rate limiting, scope granularity, or secure logging practices. Caching to Redis introduces additional risk if Redis is exposed or misconfigured.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You want an MCP-compatible tool server to front ThingWorx for development/evaluation and you can supply a ThingWorx AppKey plus (optionally) a Redis cache.

Avoid When

You cannot ensure secure handling of the AppKey and you do not control network exposure of the MCP server endpoints (e.g., open to the public).

Use Cases

• Building LLM/AI agents that can list ThingWorx Things and metadata
• Enabling agents to read property values and invoke ThingWorx services
• Rapid prototyping of an “AI-friendly” integration layer on top of ThingWorx
• Local or cloud deployment of a tool server that fronts ThingWorx

Not For

• Production systems without review/hardening (repo describes itself as experimental)
• Environments requiring strict enterprise compliance guarantees
• Use cases needing advanced agent workflow management beyond tool invocation

Interface

REST API

Yes

GraphQL

gRPC

MCP Server

Yes ↗

SDK

Webhooks

Authentication

Methods: ThingWorx AppKey via environment variable THINGWORX_APP_KEY

OAuth: No Scopes: No

Auth for ThingWorx is described as AppKey authentication. The README does not describe any authentication/authorization mechanism for clients calling the MCP server itself.

Pricing

Free tier: No

Requires CC: No

No pricing model described (open-source repository; cost depends on your deployment and infrastructure like Redis/ThingWorx).

Agent Metadata

Pagination

none

Idempotent

False

Retry Guidance

Not documented

Known Gotchas

⚠ Repository is described as experimental; behavior/edge cases may require testing.
⚠ No documented retry/idempotency guidance is provided in the README.
⚠ MCP endpoint configuration exists but details about tool schemas, error formats, and rate limits are not shown in the provided README snippet.

Alternatives

Direct ThingWorx REST API integration from your agent/orchestration layer Using an existing ThingWorx-to-MCP connector (if available internally) Building a custom MCP server that wraps ThingWorx APIs with tighter security controls and explicit error/retry semantics

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for thingworx-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-04-04.