{"id":"wyre-technology-autotask-mcp","name":"autotask-mcp","homepage":"https://mcp.wyretechnology.com","repo_url":"https://github.com/wyre-technology/autotask-mcp","category":"api-gateway","subcategories":[],"tags":["ai-ml","mcp","model-context-protocol","autotask","kaseya","psa","msp","integration","automation","typeScript"],"what_it_does":"Provides an MCP (Model Context Protocol) server that connects an AI assistant to Kaseya Autotask PSA, exposing ~39 tools for common MSP workflows such as searching/creating/updating companies, contacts, tickets, time entries, projects, billing items, notes, and attachments, with optional HTTP Streamable transport and an MCP bundle for desktop clients.","use_cases":["AI-assisted ticket triage and investigation in Autotask","Natural-language lookup of companies/contacts/resources and mapping IDs to names","Automated creation of tickets, projects, tasks, and time entries from chat/agent workflows","Assisting finance workflows by searching billing items/approvals, quotes, invoices, and contracts","Capturing and retrieving notes and attachments associated with Autotask entities"],"not_for":["Public-facing untrusted environments without strong network controls and credential governance","Use as a replacement for Autotask admin/security tooling or to bypass Autotask permission models","Highly regulated workflows that require explicit vendor-provided audit/compliance evidence beyond what is documented in the README"],"best_when":"You run an MSP that already has Autotask API access and want an MCP-enabled AI assistant to execute or assist with day-to-day PSA operations using either local stdio or a Docker-hosted HTTP transport.","avoid_when":"You cannot restrict outbound/inbound network access, or you cannot safely manage Autotask credentials used by the MCP server.","alternatives":["Other MCP servers/integrations for MSP tooling (e.g., IT Glue, HaloPSA, ConnectWise Automate, NinjaOne)","Direct use of Autotask REST APIs via a custom integration/tooling layer","Non-MCP automation approaches (e.g., scheduled jobs + RPA) tailored to Autotask workflows"],"af_score":59.2,"security_score":53.8,"reliability_score":35.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:28:46.754552+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Autotask credentials via environment variables (AUTOTASK_USERNAME, AUTOTASK_SECRET, AUTOTASK_INTEGRATION_CODE)","Gateway mode header injection (X-API-Key, X-API-Secret, X-Integration-Code, optional X-API-URL)"],"oauth":false,"scopes":false,"notes":"Authentication is based on Autotask API credentials provided to the MCP server. In gateway mode, credentials are injected via HTTP headers per request; README does not describe additional authorization/authorization checks beyond header-based credential injection."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information for the package/service is provided in the supplied README/manifest."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":59.2,"security_score":53.8,"reliability_score":35.0,"mcp_server_quality":85.0,"documentation_accuracy":75.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":65.0,"rate_limit_clarity":20.0,"tls_enforcement":70.0,"auth_strength":55.0,"scope_granularity":20.0,"dependency_hygiene":60.0,"secret_handling":65.0,"security_notes":"TLS enforcement for the HTTP transport is not explicitly stated in the README (scores assume typical HTTPS usage but cannot confirm). Authentication uses Autotask API credentials; the design offers no explicit fine-grained tool-level scopes and has an explicit gateway mode that transmits secrets via HTTP headers, increasing the importance of transport security and access control. Logging is configurable but the README does not confirm whether secrets are always redacted.","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":50.0,"error_recovery":35.0,"idempotency_support":"false","idempotency_notes":"CRUD tools include create/update operations but README does not describe idempotency semantics, safe-retry behavior, or idempotency keys.","pagination_style":"unknown","retry_guidance_documented":false,"known_agent_gotchas":["Create/update tools may have side effects; without documented idempotency and retry guidance, agents should avoid blind retries after partial failures.","Gateway mode relies on per-request credential headers; incorrect header handling or missing transport security could expose credentials.","Autotask API behavior (rate limiting, partial failures, and eventual consistency) is not documented here; agents should expect Autotask-specific constraints."]}}