Company logoOpen Ticket AI

Zammad MCP Server — Claude & Cursor Setup

Configure Claude Desktop and Cursor to use the Zammad MCP Server via uvx or a local install.

Claude & Cursor Setup

Both Claude Desktop and Cursor support MCP servers that run as local subprocesses (stdio transport).

Cursor

  1. Open Settings → MCP (or edit your MCP config JSON).
  2. Add a server entry:
{
  "mcpServers": {
    "zammad": {
      "command": "uvx",
      "args": ["zammad-mcp-server"],
      "env": {
        "ZAMMAD_URL": "https://your-zammad-instance.example.com",
        "ZAMMAD_HTTP_TOKEN": "your_token",
        "MCP_DENIED_TOOLS": "delete_ticket,delete_user,delete_organization"
      }
    }
  }
}
  1. Restart Cursor or reload MCP servers.
  2. In chat, confirm tools appear and run health_check.

Using a local venv instead of uvx:

{
  "mcpServers": {
    "zammad": {
      "command": "C:\\path\\to\\.venv\\Scripts\\zammad-mcp-server.exe",
      "env": {
        "ZAMMAD_URL": "https://your-zammad-instance.example.com",
        "ZAMMAD_HTTP_TOKEN": "your_token"
      }
    }
  }
}

On macOS/Linux, point command to the zammad-mcp-server binary inside your virtualenv.

Claude Desktop

Config file locations:

OSPath
macOS~/Library/Application Support/Claude/claude_desktop_config.json
Windows%APPDATA%\Claude\claude_desktop_config.json

Example configuration:

{
  "mcpServers": {
    "zammad": {
      "command": "uvx",
      "args": ["zammad-mcp-server"],
      "env": {
        "ZAMMAD_URL": "https://your-zammad-instance.example.com",
        "ZAMMAD_HTTP_TOKEN": "your_token",
        "MCP_DENIED_TOOLS": "delete_ticket,delete_user,delete_organization"
      }
    }
  }
}

Restart Claude Desktop after saving.

Local Zammad (Docker dev stack)

If you use the docker-compose dev environment:

"env": {
  "ZAMMAD_URL": "http://localhost:8080",
  "ZAMMAD_HTTP_TOKEN": "your_dev_token"
}

Default admin credentials in the dev stack are documented in the GitHub README — change them before exposing the instance.

Example workflows

Once connected, you can ask your assistant to:

  • Search and summarize long ticket threads
  • Draft customer-facing replies (you review before create_article)
  • List organizations or users matching criteria
  • Report ticket stats for a date range

Always review AI-generated ticket updates before applying them in production.

Security reminder

  • Never commit tokens into git-tracked config files.
  • Prefer MCP_DENIED_TOOLS for delete operations in agent-facing setups.
  • See Security for token scoping guidance.