
How to add Jenkins MCP Server Plugin to Claude Desktop
Official Jenkins plugin that turns your controller into an MCP server — agents query jobs, trigger builds, read logs. Paste the config into ~/Library/Application Support/Claude/claude_desktop_config.json and restart Claude Desktop.
Last updated June 14, 2026 · 95★ · http · apikey · official
Claude Desktop config for Jenkins MCP Server Plugin
claude mcp add jenkins http://jenkins-host/mcp-server/mcp --transport http --header "Authorization: Basic <user:token base64>"{
"mcpServers": {
"jenkins-mcp-server-plugin": {
"command": "npx",
"args": [
"-y",
"mcp-remote",
"https://<your-jenkins-host>/mcp-server/mcp",
"--header",
"Authorization: Basic <base64 of username:api-token>"
]
}
}
}Claude Desktop connects to remote servers through the `mcp-remote` proxy (installed on first run via npx). Restart Claude Desktop after saving.
Setup steps
- 1Open Claude Desktop → Settings → Developer → Edit Config (this opens ~/Library/Application Support/Claude/claude_desktop_config.json).
- 2Paste the Jenkins MCP Server Plugin config below under the top-level "mcpServers" key.
- 3Fill in any placeholder secrets (API keys, paths) in the snippet.
- 4Save the file, then fully quit and reopen Claude Desktop.
- 5Open a chat and confirm Jenkins MCP Server Plugin's tools appear under the 🔌 tools menu.
Before you start
- Jenkins 2.533 or newer with the MCP Server plugin installed from the Plugin Manager
- A Jenkins API token: user icon → Security → Add new token
- Base64-encode username:token for the Authorization header (echo -n "<username>:<token>" | base64)
What Jenkins MCP Server Plugin can do in Claude Desktop
getJobGet a Jenkins job by its full path
getJobsPaginated list of Jenkins jobs sorted by name
triggerBuildTrigger a build, with JSON parameters for parameterized jobs
getQueueItemGet information about a queued item by ID
getBuildRetrieve a specific build or the last build of a job
updateBuildUpdate a build's display name and/or description
getBuildLogRead build log lines with cursor pagination and end-relative reads
searchBuildLogSearch build logs for a string or regex pattern
Security
Endpoints honor normal Jenkins authentication — the base64 user:token in the Authorization header is encoding, not encryption, and grants that user's full permissions including triggering builds and replaying Pipeline scripts. In production, enable Origin validation (requireOriginMatch / requireOriginHeader system properties) and raise keep-alive and reverse-proxy timeouts per the README; the /mcp-health endpoint is intentionally unauthenticated but exposes only status counts.
Jenkins MCP Server Plugin + Claude Desktop FAQ
Where is the Claude Desktop config file?
Claude Desktop reads MCP servers from ~/Library/Application Support/Claude/claude_desktop_config.json. Paste the Jenkins MCP Server Plugin config there under the "mcpServers" key and restart the client.
Is Jenkins MCP Server Plugin safe to use with Claude Desktop?
Endpoints honor normal Jenkins authentication — the base64 user:token in the Authorization header is encoding, not encryption, and grants that user's full permissions including triggering builds and replaying Pipeline scripts. In production, enable Origin validation (requireOriginMatch / requireOriginHeader system properties) and raise keep-alive and reverse-proxy timeouts per the README; the /mcp-health endpoint is intentionally unauthenticated but exposes only status counts.
Is the Jenkins MCP plugin official and safe to expose?
It's maintained in the jenkinsci GitHub org under MIT and reuses Jenkins' own authentication — nothing is anonymous except the lightweight /mcp-health status endpoint. Treat the base64 Authorization value like a password, use a least-privilege Jenkins user for the token, and turn on the Origin-validation system properties in production.
Which endpoint should my client use — streamable HTTP, SSE, or stateless?
Streamable HTTP at /mcp-server/mcp for almost everything — the README recommends it for connection reliability. Use /mcp-server/sse for GitHub Copilot (known issues with streamable there) and /mcp-server/stateless for clients that make independent, sessionless requests.
Can it modify my Jenkins instance?
It can trigger, rebuild, and replay builds and update build display names/descriptions — all as the API-token user, so Jenkins permissions are the control point. It has no tools to create or delete jobs, change system configuration, or manage credentials.