{"id":"poddubnyoleg-lightdash-mcp","name":"lightdash_mcp","homepage":"https://pypi.org/project/lightdash-mcp/","repo_url":"https://github.com/poddubnyoleg/lightdash_mcp","category":"ai-ml","subcategories":[],"tags":["mcp","lightdash","analytics","business-intelligence","data-visualization","python"],"what_it_does":"Provides an MCP (Model Context Protocol) server that connects AI assistants to Lightdash to support discovery of projects/explores/schemas, execution of queries, and CRUD-style management of charts, dashboards, tiles, and spaces—primarily via Lightdash REST endpoints using a personal access token, with optional support for auth frontends such as Cloudflare Access and Google Cloud IAP.","use_cases":["Letting LLMs explore available Lightdash datasets (projects/explores) and understand schemas","Automatically creating/updating Lightdash charts and dashboards from natural-language intent","Running query executions for specific charts/dashboards/tiles and returning results to an agent","Programmatic organization of Lightdash content using spaces"],"not_for":["Replacing Lightdash as the primary UI for end users who do not want automation","Handling sensitive analytics without access controls and careful secret management","High-scale public workloads where unauthenticated requests could be made to the MCP server"],"best_when":"You already have a Lightdash instance and want an AI agent to programmatically inspect and manage analytics artifacts (charts/dashboards) with an MCP client (e.g., Claude Desktop/Code).","avoid_when":"You cannot safely store and protect LIGHTDASH_TOKEN (or related IAP credentials), or you require explicit documented rate-limit behavior and strict SLAs.","alternatives":["Use Lightdash’s own API directly from your application (where available)","Build a custom MCP server wrapping the Lightdash API you need","Use an existing BI-agent integration framework if it already supports Lightdash"],"af_score":59.2,"security_score":58.8,"reliability_score":31.2,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:35:53.787138+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Lightdash Personal Access Token via LIGHTDASH_TOKEN (mapped to HTTP Authorization: ApiKey as described)","Optional Google Cloud IAP JWT signing (IAP_ENABLED + related service-account/ADC env vars) with Proxy-Authorization: Bearer <jwt>","Optional Cloudflare Access (CF_ACCESS_CLIENT_ID / CF_ACCESS_CLIENT_SECRET)"],"oauth":false,"scopes":false,"notes":"Authentication is centered on a Lightdash Personal Access Token; optional IAP/Cloudflare settings are supported for environments behind those access layers. The README does not describe fine-grained scopes in terms of MCP tool permissions."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing for the MCP server is stated in the provided content; cost likely depends on your Lightdash plan and any cloud/access-layer usage (e.g., IAP/JWT signing)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":59.2,"security_score":58.8,"reliability_score":31.2,"mcp_server_quality":70.0,"documentation_accuracy":75.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":65.0,"rate_limit_clarity":10.0,"tls_enforcement":85.0,"auth_strength":70.0,"scope_granularity":35.0,"dependency_hygiene":55.0,"secret_handling":45.0,"security_notes":"Uses a Lightdash Personal Access Token and supports passing through Authorization. The README provides operational guidance for 401/connection errors, but does not document tool-level authorization boundaries or rate limits. Secret handling guidance warns against committing .mcp.json containing secrets. TLS enforcement is not explicitly stated, but LIGHTDASH_URL examples use HTTPS. Dependency list is minimal in the manifest snippet; no CVE/SBOM data is provided.","uptime_documented":0.0,"version_stability":35.0,"breaking_changes_history":50.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":"No idempotency guarantees described for create/update/delete operations (charts/dashboards/tiles/spaces).","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["State-changing tool calls (create/update/delete) are likely not idempotent; agents should avoid automatic retries without safeguards.","Credentials in MCP client config files (e.g., .mcp.json) risk leakage if not gitignored.","The server requires LIGHTDASH_TOKEN and LIGHTDASH_URL; incorrect/expired tokens will lead to 401 errors.","If your Lightdash instance is behind Cloudflare Access or Google IAP, you must set the corresponding environment variables or connectivity/auth will fail."]}}