Sitecore MCP Server: Secure Work with Remote Servers

Anton Tishchenko
Anton Tishchenko
Cover Image for Sitecore MCP Server: Secure Work with Remote Servers

Using an AI agent for work with local Sitecore is great. But there are a lot of Sitecore instances that are not local. Test servers, dev servers, UAT server, Production. They are hosted remotely, and if you want to get benefits from the Model Context Protocol for remote servers, you need secure communication. Also, there are Cloud services that support MCP. Probably, you want to try the Sitecore MCP server with them as well. And we made it possible! Now you can use the Sitecore MCP server remotely with the minimum level of effort.

There are two ways in which the MCP server could be protected. First is the implementation of OAuth. The current specification of MCP authorization is in draft state. And a major part of the clients do not support it. Once it is ready and there is a big adoption of this approach, we will implement it for the Sitecore MCP server as well. It will allow the usage of the same MCP server by different users, and we will know who exactly used which tools.

OAuth is not ready yet, and we still need secure remote access to our Sitecore MCP server. We want to have an MCP server that will be available on the Internet. But only certain people and AI Agents can access it. And we implemented it. We added a new feature to the Sitecore Model Context Protocol (MCP) server. It allows you to configure a secret token that allows usage of the MCP server only for those who know this token.

Configuration

Sitecore MCP server is configured via environment variables. You set credentials for GraphQL, Sitecore PowerShell Extensions, and Item Service using them. Now, there is one more environment variable: AUTORIZATION_HEADER. You configure it on the MCP server side. If it is empty, your server is not secure. Anyone who can access the server via network or via the Internet(if it is available publicly) will be able to use it.

$env:ENV.GRAPHQL_ENDPOINT = "https://xmcloudcm.localhost/sitecore/api/graph/"
$env:ENV.GRAPHQL_API_KEY = "{6D3F291E-66A5-4703-887A-D549AF83D859}"
$env:GRAPHQL_SCHEMAS = "edge"
$env:ITEM_SERVICE_DOMAIN = "sitecore"
$env.ITEM_SERVICE_USERNAME = "AIUser"
$env.ITEM_SERVICE_PASSWORD = "Sdiboe#sdsifyEajnde"
$env.ITEM_SERVICE_SERVER_URL = "https://xmcloudcm.localhost/"
$env.POWERSHELL_DOMAIN = "sitecore",
$env.POWERSHELL_USERNAME = "AIUser",
$env.POWERSHELL_PASSWORD = "Sdiboe#sdsifyEajnde",
$env.POWERSHELL_SERVER_URL = "https://xmcloudcm.localhost/",
$env.TRANSPORT = "streamable-http"
$env.AUTORIZATION_HEADER = "SOME-secret-STRING"
npx @antonytm/mcp-sitecore-server@latest

And on the MCP client side, you need to configure the authorization header.

{
  "mcpServers": {
    "Sitecore": {
      "url": "https://your-publicly-available-sitecore-mcp-server/mcp",
      "headers": {
        "authorization": "SOME-secret-STRING"
      }
    }
  }
}

Conclusions

Now, you can make your Sitecore Model Context Protocol server available on the Internet, but it will still be protected. It opens a new window of possibilities! You can integrate it with any cloud services that support Model Context Protocol! You can use it with Local, QA, Dev, UAT, and Production Sitecore servers.

If you need help in adding it to your workflow, contact us! We will be glad to help configure it! And we will bring your productivity to the next level with modern AI tools!