Klaviyo MCP Server
OfficialKlaviyo's official MCP server: manage campaigns, profiles, flows, events, and reporting from AI clients with an API key.
Add to your client
Copy the config for your MCP client and paste it into its config file.
uvx klaviyo-mcp-server@latestPaste into ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"klaviyo-mcp-server": {
"command": "uvx",
"args": [
"klaviyo-mcp-server@latest"
],
"env": {
"PRIVATE_API_KEY": "<your-klaviyo-private-api-key>",
"READ_ONLY": "false",
"ALLOW_USER_GENERATED_CONTENT": "false"
}
}
}
}Requires `uv` (the Python package runner). Install it from https://docs.astral.sh/uv/ if `uvx` is not found.
Step-by-step guides: Add to Claude Desktop · Add to Cursor · Add to Windsurf
Before you start
- uv installed (uvx fetches and runs klaviyo-mcp-server@latest; requires Python 3.13+, which uv manages)
- A Klaviyo private API key with the scopes you need (Profiles, Campaigns, Flows, Events, ...)
- Owner, Admin, or Manager role on the Klaviyo account to create that key
About Klaviyo MCP Server
Klaviyo published this server itself, and it shows in the packaging: a PyPI package (klaviyo-mcp-server, Python 3.13+) run via uvx, documented on developers.klaviyo.com with per-client setup for Claude Desktop, Cursor, and others. Auth is a private API key in the PRIVATE_API_KEY env var; creating one requires an Owner, Admin, or Manager role on the account, and the key's scopes (Profiles, Campaigns, Flows, Events, ...) are the real permission boundary.
The tool set mirrors the day-to-day of an email/SMS marketer. Campaign tools list and create campaigns and pull performance; profile tools fetch, create, and update customer records; flow reporting exposes automation performance; template tools create and edit email templates; event tools read and record customer activity. That makes 'how did last week's campaign do, and draft a follow-up for non-openers' a single conversation instead of dashboard archaeology.
The guardrail design is worth copying: READ_ONLY=true turns off all mutations at the server level regardless of key scopes, and ALLOW_USER_GENERATED_CONTENT controls whether tools may return content written by end customers — Klaviyo treating prompt injection via review text as a real threat model. Klaviyo's docs also describe a remote streamable-HTTP variant with OAuth (dynamic client registration) for clients that prefer hosted connections over local uvx.
Limitations are the usual platform-server kind: you are bound by Klaviyo API rate limits and the account's plan features, the package requires a recent Python (3.13+, handled transparently by uv), and there is no public GitHub repo to audit — the code arrives via PyPI releases.
Tools & capabilities (10)
get_campaignsList and inspect campaigns.
create_campaignCreate a new campaign.
get_profilesFetch customer profiles.
create_profileCreate a customer profile.
update_profileUpdate an existing profile.
get_flow_reportPull performance reporting for flows.
create_email_templateCreate an email template.
update_dnd_email_templateUpdate a drag-and-drop email template.
get_eventsRead customer events.
create_eventRecord a new event.
What this server can do
Klaviyo MCP Server provides tools for these capabilities — tap one to see every MCP server that does the same:
When to use it
- Ask for last month's campaign and flow performance and get numbers, not dashboard screenshots
- Draft, create, and iterate on email templates and campaigns conversationally
- Look up a customer's profile and event history while debugging a deliverability or segmentation issue
- Run a read-only analytics setup for the whole team with READ_ONLY=true and a narrowly-scoped key
Quick setup
- 1Install uv: curl -LsSf https://astral.sh/uv/install.sh | sh
- 2In Klaviyo (Owner/Admin/Manager account): Settings → API keys → create a private key with the scopes you need
- 3Add the uvx config block with PRIVATE_API_KEY to claude_desktop_config.json (or your client's MCP config)
- 4Decide the guardrails: READ_ONLY=true for reporting-only, ALLOW_USER_GENERATED_CONTENT=false unless UGC access is required
- 5Restart the client and test with 'list my recent campaigns'
Security notes
The private API key carries exactly the scopes you grant it — mint a minimal one, and set READ_ONLY=true if you only need reporting. Keep ALLOW_USER_GENERATED_CONTENT=false unless you truly need the agent reading customer-written content (reviews, form responses), since that text is a prompt-injection vector.
Klaviyo MCP Server FAQ
Is it safe to connect the Klaviyo MCP server to my production account?
Reasonably, if you use the guardrails: the key's scopes cap what the agent can reach, READ_ONLY=true disables all writes server-side, and ALLOW_USER_GENERATED_CONTENT=false keeps customer-written text (a prompt-injection vector) out of the context. Start read-only with minimal scopes and widen deliberately.
Is this official and free?
Yes — it is published by Klaviyo on PyPI and documented on developers.klaviyo.com, and the server costs nothing beyond your existing Klaviyo subscription. Normal API rate limits and plan-based feature availability still apply.
Does it run locally or hosted?
The standard setup is local: uvx runs the Python package on your machine over stdio with your API key in env. Klaviyo's docs also describe a remote streamable-HTTP option with OAuth dynamic client registration if your client prefers a hosted connection.
Alternatives to Klaviyo MCP Server
Compare all alternatives →Connect your personal WhatsApp: search, read and send messages and media locally
Lets agents read LinkedIn profiles, companies, jobs and messages through your own logged-in browser session.
Powerful Slack MCP with stdio/SSE/HTTP, DMs, group DMs and no-admin token auth
Compare Klaviyo MCP Server with: