
How to add Jenkins MCP Server Plugin to Cursor
Official Jenkins plugin that turns your controller into an MCP server — agents query jobs, trigger builds, read logs. Paste the config into ~/.cursor/mcp.json and restart Cursor.
Last updated June 14, 2026 · 95★ · http · apikey · official
Cursor config for Jenkins MCP Server Plugin
claude mcp add jenkins http://jenkins-host/mcp-server/mcp --transport http --header "Authorization: Basic <user:token base64>"{
"mcpServers": {
"jenkins-mcp-server-plugin": {
"url": "https://<your-jenkins-host>/mcp-server/mcp",
"type": "streamable-http",
"headers": {
"Authorization": "Basic <base64 of username:api-token>"
}
}
}
}Remote server — no local install needed. Restart the client after saving the config.
Setup steps
- 1Open Cursor → Settings → MCP → Add new MCP server (or edit ~/.cursor/mcp.json directly).
- 2Paste the Jenkins MCP Server Plugin config below into the "mcpServers" object.
- 3Fill in placeholder secrets, then save.
- 4Cursor reloads MCP servers automatically — check Settings → MCP for a green status dot.
- 5Ask Cursor to use one of Jenkins MCP Server Plugin's tools to confirm it's connected.
Before you start
- Jenkins 2.533 or newer with the MCP Server plugin installed from the Plugin Manager
- A Jenkins API token: user icon → Security → Add new token
- Base64-encode username:token for the Authorization header (echo -n "<username>:<token>" | base64)
What Jenkins MCP Server Plugin can do in Cursor
getJobGet a Jenkins job by its full path
getJobsPaginated list of Jenkins jobs sorted by name
triggerBuildTrigger a build, with JSON parameters for parameterized jobs
getQueueItemGet information about a queued item by ID
getBuildRetrieve a specific build or the last build of a job
updateBuildUpdate a build's display name and/or description
getBuildLogRead build log lines with cursor pagination and end-relative reads
searchBuildLogSearch build logs for a string or regex pattern
Security
Endpoints honor normal Jenkins authentication — the base64 user:token in the Authorization header is encoding, not encryption, and grants that user's full permissions including triggering builds and replaying Pipeline scripts. In production, enable Origin validation (requireOriginMatch / requireOriginHeader system properties) and raise keep-alive and reverse-proxy timeouts per the README; the /mcp-health endpoint is intentionally unauthenticated but exposes only status counts.
Jenkins MCP Server Plugin + Cursor FAQ
Where is the Cursor config file?
Cursor reads MCP servers from ~/.cursor/mcp.json. Paste the Jenkins MCP Server Plugin config there under the "mcpServers" key and restart the client.
Is Jenkins MCP Server Plugin safe to use with Cursor?
Endpoints honor normal Jenkins authentication — the base64 user:token in the Authorization header is encoding, not encryption, and grants that user's full permissions including triggering builds and replaying Pipeline scripts. In production, enable Origin validation (requireOriginMatch / requireOriginHeader system properties) and raise keep-alive and reverse-proxy timeouts per the README; the /mcp-health endpoint is intentionally unauthenticated but exposes only status counts.
Is the Jenkins MCP plugin official and safe to expose?
It's maintained in the jenkinsci GitHub org under MIT and reuses Jenkins' own authentication — nothing is anonymous except the lightweight /mcp-health status endpoint. Treat the base64 Authorization value like a password, use a least-privilege Jenkins user for the token, and turn on the Origin-validation system properties in production.
Which endpoint should my client use — streamable HTTP, SSE, or stateless?
Streamable HTTP at /mcp-server/mcp for almost everything — the README recommends it for connection reliability. Use /mcp-server/sse for GitHub Copilot (known issues with streamable there) and /mcp-server/stateless for clients that make independent, sessionless requests.
Can it modify my Jenkins instance?
It can trigger, rebuild, and replay builds and update build display names/descriptions — all as the API-token user, so Jenkins permissions are the control point. It has no tools to create or delete jobs, change system configuration, or manage credentials.