phpipam-mcp-server

Provides a Model Context Protocol (MCP) server that exposes phpIPAM operations (read/search/list and some write/admin actions) as MCP tools, using phpIPAM API access authenticated via a static App Code token over HTTPS.

Evaluated Apr 04, 2026 (27d ago)

Homepage ↗ Repo ↗ Infrastructure mcp phpipam ipam network-automation python infrastructure api-integration

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

Relies on HTTPS for transport (explicitly stated). Uses a static app code token (no expiration) which increases blast radius if leaked. README does not mention least-privilege scopes or secret-handling practices beyond using env vars; security posture depends on phpIPAM permissions assigned to the app.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You already have phpIPAM with an app configured for 'SSL with App Code token' and want an MCP-enabled assistant to query and perform controlled IPAM operations.

Avoid When

You need fine-grained OAuth scopes, short-lived credentials, or guaranteed idempotent/retry-safe write semantics.

Use Cases

• Agent-assisted IP address management (search/reserve/update/release) in phpIPAM
• Network inventory retrieval for sections/subnets/VLANs/VRFs/locations/DNS nameservers
• Automation of subnet lifecycle tasks (create/update/delete) with MCP tooling

Not For

• Direct internet-facing control plane without additional network hardening
• High-volume bulk migrations without explicit operational safeguards/idempotency
• Environments that cannot use a long-lived app code token

Interface

REST API

GraphQL

gRPC

MCP Server

Yes

SDK

Webhooks

Authentication

Methods: phpIPAM 'SSL with App Code token' (static app code token) via environment variables

OAuth: No Scopes: No

Authentication is configured by env vars: PHPIPAM_URL, PHPIPAM_APP_ID, PHPIPAM_APP_CODE. No token expiration or OAuth flow is described; relies on HTTPS transport.

Pricing

Free tier: No

Requires CC: No

No pricing information provided; this appears to be self-hosted software.

Agent Metadata

Pagination

limit-based (max=50/100 depending on tool)

Idempotent

False

Retry Guidance

Not documented

Known Gotchas

⚠ Write operations include destructive actions (delete_subnet warns it deletes all IPs in the subnet). Agents should require explicit confirmation before deletes.
⚠ Operations accept include_fields/include_usage parameters; agents may over-fetch unless they constrain fields.
⚠ Idempotency and safe retries for create/reserve/update/delete are not documented; retries could cause duplicates or unintended state changes.

Alternatives

Use phpIPAM’s native API directly from your automation Build/consume a REST wrapper around phpIPAM and call it from your agent (with your own retry/idempotency logic) Use an existing phpIPAM integration if available in your MCP ecosystem

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for phpipam-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-04-04.