The Kiteworks MCP Server enables Large Language Model (LLM) applications to securely interact with your Kiteworks instance through the Model Context Protocol (MCP). This cross-platform server provides AI assistants with the ability to create Secure Data Forms, manage files, folders, and user information within your Kiteworks environment while maintaining enterprise-grade security.

Key Capabilities:

• File Management: Upload, download, retrieve metadata, rename, move, and delete files (single or multiple)
• Folder Operations: Navigate hierarchies, create, rename, move, delete, and search files/folders with filtering (single or multiple)
• Forms Creation: Generate Kiteworks Secure Data Forms from templates with preview links
• Search by Name or Content: Search for files and folders by name or content
• User Information: Access current user details and authentication status
• Dual Mode Support: Local STDIO mode for single users, Remote HTTPS mode for multi-user deployments
• OAuth 2.1 Security: Dynamic Client Registration, Authorization Code flow with PKCE, JWT access and refresh tokens with automatic refresh
• FIPS 140-3 Mode: AES-256-GCM encryption, RSA Signature with SHA-256, TLS 1.3 with NIST-approved curves
• Quantum-resistant forward secrecy: Hybrid X25519+ML-KEM-768 key exchange for TLS (FIPS 203)
• Rate Limiting: Configurable limits at global, per-user, and per-session levels
• Cross-Platform: Native binaries for Windows, Linux, and macOS

Deployment Modes:

• Local STDIO Server: Single-user deployment able to upload / download files locally
• Remote HTTPS Server: Multi-user centralized https server with OAuth authentication, running as Docker container or systemd service
• Claude Desktop extension: Native extension package (.mcpb) for Claude Desktop

Usage Examples and Available Tools:

• Usage Examples - Check the detailed examples showing more complex operations, such as 'Compliance Review with Forms', 'Sensitive Data Audit', 'Collect and Download Deliverables for Review', 'Project Handover', etc.
• List of Available MCP Tools

This MCP server may handle sensitive data accessible to connected AI assistants. Only install trusted and verified MCP servers.

The Kiteworks MCP Server does not expose credentials or security tokens to the LLM. They are securely stored in your operating system encrypted keychain or encrypted credential store.

In Local STDIO mode, the Kiteworks MCP Server does not make the data it transfers available to the LLM (in the LLM context). In addition, by default absolute paths are not allowed for uploading or storing downloaded content. You will not be able to upload /etc/passwd or download to /etc/passwd. To allow absolute paths, consult the command line options.
Text files can be accessed by the LLM by loading them in the LLM context.

The Kiteworks MCP Server validates the TLS certificate of the remote Kiteworks server it connects to. It will abort if it can't be validated, to protect against man in the middle attacks. If your Kiteworks instance uses a self-signed certificate or a certificate from an unknown certificate authority, you can supply the Root CA chain using a command line option.

You can enable strict FIPS 140-3 mode by setting the GODEBUG=fips140=only env variable. In this mode a protected cryptographic module with integrity self-check is loaded and only NIST-approved algorithms are used.

• Deployment Architecture

• Deployment Guide covering:

  • Creating an OAuth application in Kiteworks and configuring scopes
  • Docker container deployment
  • Deployment as Linux Systemd service

This mode is more powerful and unlocks capabilities, such as transferring files outside the LLM context.
The MCP protocol by nature is a "command channel". In STDIO mode, the Kiteworks MCP Server gives AI agents a "data channel" as well.

macOS Quick Start Guide - Complete setup walkthrough for macOS users, covering Claude Desktop and Claude Code with AWS Bedrock

• Download the .mcpb package
• Click on your User name at the bottom left and select Settings -> Extensions -> Advanced Settings
• Click Install Extension and browse for the .mcpb file and follow the instructions on the screen
• Enter your Kiteworks URL and accept the data terms

On first start, a browser window will open and you will be prompted to enter your Kiteworks credentials.
Due to Claude's active development, it may have bugs and require you to restart Claude Desktop.

# Windows
claude mcp add --transport stdio kiteworks C:\Path\To\kiteworks-mcp.exe start https://your.kiteworks.domain

# Linux / macOS
claude mcp add --transport stdio kiteworks /path/to/kiteworks-mcp start https://your.kiteworks.domain

Start Claude Code and type /mcp. Select kiteworks and authenticate in your Kiteworks instance.

Optional flags: you can add them after the "start" command

• Enable absolute paths: --insecure-absolute-paths
• Enable move/delete tools: --enable-destructive-tools (disabled by default)
• If Kiteworks uses custom CA certificates: --ca-cert /path/to/ca_chain.pem

claude mcp add --transport stdio kiteworks kiteworks-mcp start --insecure-absolute-paths --enable-destructive-tools https://your.kiteworks.domain

Note: If your MCP Server uses a self-signed certificate, then Claude Code will need to trust the issuing CA. Set this env variable before starting Claude Code:

• NODE_EXTRA_CA_CERTS=/path/to/ca_chain.pem

The issuing CA certificate must be in PEM format and contain the complete certificate chain.

By default, for additional security, the MCP Server restricts file operations to relative paths only. Uploads and Downloads will use the current working directory of the MCP Client. You can enable full file system access using the --insecure-absolute-paths flag of the "start" command.

When enabled, file operations can access:

• Full system directories: /home/user/documents/file.txt
• Root filesystem access: /etc/passwd, /var/log/system.log
• Windows system paths: C:\Windows\System32\config.txt

See: VS Code MCP Servers Guide

Configuration example:

{
  "mcpServers": {
    "kiteworks": {
      "command": "/path/to/kiteworks-mcp",
      "args": [
        "start",
        "--insecure-absolute-paths",
        "--enable-destructive-tools",
        "--ca-cert",
        "/path/to/ca_chain.pem",
        "https://your.kiteworks.domain:8443"
      ]
    }
  }
}

Many MCP Clients only support connecting to remote HTTPS MCP servers. The initial setup is easier as you don't need to install anything, but also the capabilities are limited. Remote MCP Servers do not have access to your file system and can't upload or download files.

The main settings needed by MCP clients are the URL of the MCP server and information on how to authenticate.

• MCP Server URL: https://mcp-server.example.com:8443/mcp (adjust host and port as needed.)
• Authentication: OAuth with DCR (Dynamic Client Registration)

When using it for the first time, your MCP Client will launch a browser and prompt you to authenticate in Kiteworks.

# adjust host and port as needed
claude mcp add --transport http kiteworks https://mcp-server.example.com:8443/mcp

• Dev Guide - How to build from source and run a test MCP Server locally.

The MCP Server collects and stores:

• User consent for AI access to Kiteworks data
• OAuth authentication tokens (securely stored in encrypted credentials store)

The server does NOT:

• Share data with third parties
• Store file contents
• Transmit data outside of your LLM interactions

For complete privacy information about how Kiteworks handles your data, see our privacy policy: https://www.kiteworks.com/privacy-policy