{"id":"phpipam-mcp-server","name":"phpipam-mcp-server","homepage":"https://pypi.org/project/phpipam-mcp-server/","repo_url":"https://github.com/InfraMCP/phpipam-mcp-server","category":"infrastructure","subcategories":[],"tags":["mcp","phpipam","ipam","network-automation","python","infrastructure","api-integration"],"what_it_does":"Provides a Model Context Protocol (MCP) server that exposes phpIPAM operations (read/search/list and some write/admin actions) as MCP tools, using phpIPAM API access authenticated via a static App Code token over HTTPS.","use_cases":["Agent-assisted IP address management (search/reserve/update/release) in phpIPAM","Network inventory retrieval for sections/subnets/VLANs/VRFs/locations/DNS nameservers","Automation of subnet lifecycle tasks (create/update/delete) with MCP tooling"],"not_for":["Direct internet-facing control plane without additional network hardening","High-volume bulk migrations without explicit operational safeguards/idempotency","Environments that cannot use a long-lived app code token"],"best_when":"You already have phpIPAM with an app configured for 'SSL with App Code token' and want an MCP-enabled assistant to query and perform controlled IPAM operations.","avoid_when":"You need fine-grained OAuth scopes, short-lived credentials, or guaranteed idempotent/retry-safe write semantics.","alternatives":["Use phpIPAM’s native API directly from your automation","Build/consume a REST wrapper around phpIPAM and call it from your agent (with your own retry/idempotency logic)","Use an existing phpIPAM integration if available in your MCP ecosystem"],"af_score":53.8,"security_score":53.5,"reliability_score":21.2,"package_type":"mcp_server","discovery_source":["pypi"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T21:48:37.119585+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["phpIPAM 'SSL with App Code token' (static app code token) via environment variables"],"oauth":false,"scopes":false,"notes":"Authentication is configured by env vars: PHPIPAM_URL, PHPIPAM_APP_ID, PHPIPAM_APP_CODE. No token expiration or OAuth flow is described; relies on HTTPS transport."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided; this appears to be self-hosted software."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":53.8,"security_score":53.5,"reliability_score":21.2,"mcp_server_quality":74.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":85.0,"rate_limit_clarity":10.0,"tls_enforcement":90.0,"auth_strength":55.0,"scope_granularity":20.0,"dependency_hygiene":45.0,"secret_handling":55.0,"security_notes":"Relies on HTTPS for transport (explicitly stated). Uses a static app code token (no expiration) which increases blast radius if leaked. README does not mention least-privilege scopes or secret-handling practices beyond using env vars; security posture depends on phpIPAM permissions assigned to the app.","uptime_documented":0.0,"version_stability":45.0,"breaking_changes_history":20.0,"error_recovery":20.0,"idempotency_support":"false","idempotency_notes":"Write operations are listed, but no explicit idempotency guarantees, idempotency keys, or retry guidance are documented in the provided README.","pagination_style":"limit-based (max=50/100 depending on tool)","retry_guidance_documented":false,"known_agent_gotchas":["Write operations include destructive actions (delete_subnet warns it deletes all IPs in the subnet). Agents should require explicit confirmation before deletes.","Operations accept include_fields/include_usage parameters; agents may over-fetch unless they constrain fields.","Idempotency and safe retries for create/reserve/update/delete are not documented; retries could cause duplicates or unintended state changes."]}}