Skip to main content

Announcing StackOne Defender: leading open-source prompt injection guard for your agent Read More

Connect

Connectors Agent Auth MCP Connector Builder

Optimize

Tool Discovery Falcon Engine

Secure

Defender
Connectors

HRIS / HCM

Employee Onboarding Employee Offboarding

Recruiting

Application Screening Interview Scheduling

Customer Support

Ticket Triage Voice Call Summarization

Sales & CRM

Deal Risk Scoring Lead Qualification

Accounting & Finance

Invoice Processing Month-End Accruals

Marketing

Campaign Reports Lead Nurture Sequences
View all use cases

Developers

Docs Changelog Status

Learn

Blog Case Studies Events Partners
Pricing
Login Book Demo Start Free

Harness MCP Server
for AI Agents

Production-ready Harness MCP server with 69 extensible actions — plus built-in authentication, security, and optimized execution.

Start Free Book Demo Read Docs →
Harness logo
Harness MCP Server
Built by StackOne StackOne

Coverage

69 Agent Actions

Create, read, update, and delete across Harness — and extend your agent's capabilities with custom actions.

MCP Actions → Create Actions →

Authentication

Agent Tool Authentication

Per-user OAuth in one call. Your Harness MCP server gets session-scoped tokens with zero credentials stored on your infra.

Agent Auth →

Security

Agent Protection

Every Harness tool response scanned for prompt injection in milliseconds — 88.7% accuracy, all running on CPU.

Prompt Injection Defense →

Performance

Max Agent Context. Min Cost.

Free up to 96% of your agent's context window to enhance reasoning and reduce cost, on every Harness call.

Tools Discovery →

What is the Harness MCP Server?

A Harness MCP server lets AI agents read and write Harness data through the Model Context Protocol — Anthropic's open standard for connecting LLMs to external tools. StackOne's Harness MCP server ships with 69 pre-built actions, fully extensible via the Connector Builder — plus managed authentication, prompt injection defense, and optimized agent context. Connect it from MCP clients like Claude Desktop, Cursor, and VS Code, or from agent frameworks like OpenAI Agents SDK, LangChain, and Vercel AI SDK.

All Harness MCP Tools and Actions

Every action from Harness's API, ready for your agent. Create, read, update, and delete — scoped to exactly what you need.

SDK API Keys

  • Create SDK API Key

    Create a new Feature Flags SDK API key for an environment. Use Server keys for backend SDKs and Client keys for frontend or mobile SDKs.

  • List SDK API Keys

    Retrieve all Feature Flags SDK API keys for a specific environment, including their type, name, and metadata.

  • Get SDK API Key

    Retrieve detailed metadata for a specific SDK API key, including its type, name, and expiration status.

  • Delete SDK API Key

    Delete an SDK API key, immediately revoking access for all Feature Flag SDKs that use it.

Environments

  • Create Environment

    Create a new environment in a project to serve as a deployment target for feature flag targeting and release management.

  • List Environments

    Retrieve a paginated list of all environments in a project, providing the environment identifiers needed for feature flag and deployment actions.

  • Get Environment

    Retrieve full details for a specific environment by its identifier, including name, type, tags, and configuration metadata.

  • Update Environment

    Update an existing environment by replacing all fields. Provide complete values for every field, not just the ones being changed, as this is a full replacement operation.

  • Delete Environment

    Delete an environment from a project, permanently removing all environment-specific feature flag states, targeting rules, and variation maps.

Feature Flags

  • Create Feature Flag

    Create a new feature flag in a project with specified variations, kind, and default serving behavior.

  • List Feature Flags

    Retrieve all feature flags for a project with optional filtering by name, kind, status, and pagination support.

  • Get Feature Flag

    Retrieve a single feature flag by identifier with full configuration details including variations, targeting rules, and environment state.

  • Update Feature Flag

    Modify a feature flag using instruction-based patching to toggle state, update targeting rules, add targets to variations, or change serving configuration.

  • Delete Feature Flag

    Delete a feature flag by identifier, removing it from the project and all SDK evaluations.

Invites

  • List Invites

    Retrieve a paginated list of pending invitations at account, organization, or project scope, showing who has been invited but has not yet accepted.

  • Get Invite

    Retrieve a single pending invitation by its invite ID, returning the full invite details including email, role bindings, invite type, and approval status.

  • Delete Invite

    Delete a pending invitation by its identifier, permanently canceling the invitation so the invitee can no longer accept it.

Organizations

  • Create Organization

    Create a new organization in the Harness account with a unique identifier, name, and optional description and tags.

  • List Organizations

    Retrieve a paginated list of all organizations accessible under the authenticated account, with optional filtering by identifiers, search term, and sort order.

  • Get Organization

    Retrieve the full details of a single organization by its unique identifier, including name, description, tags, and metadata.

  • Update Organization

    Replace all fields of an existing organization. Provide values for every field, not just the fields being changed, as this performs a full replacement.

  • Delete Organization

    Permanently delete an organization and all its contained resources, including projects, feature flags, targets, and segments.

Projects

  • Create Project

    Create a new project within an organization to serve as a container for feature flags, targets, segments, and other module resources.

  • List Projects

    Retrieve a paginated list of all projects the authenticated user is a member of, with optional filtering by organization, module type, and search term.

  • Get Project

    Retrieve the full details of a specific project by its unique identifier, including enabled modules, color, and tags.

  • Update Project

    Update an existing project by replacing all fields. Provide the complete project object with every field, not just the changed ones.

  • Delete Project

    Permanently delete a project and all its contained resources including feature flags, targets, segments, and environments. This action is irreversible.

Role Assignments

  • Create Role Assignment

    Assign a role to a principal (user, user group, or service account) within a resource group at a specific scope, granting that principal the role's permissions.

  • List Role Assignments

    Retrieve a paginated list of role assignments at a given scope, showing which principals (users, user groups, service accounts) hold which roles on which resource groups.

  • Get Role Assignment

    Retrieve the full details of a single role assignment by its identifier, including the assigned role, resource group, principal, scope, and management flags.

  • Delete Role Assignment

    Remove a role assignment, revoking the assigned role's permissions from the principal (user, user group, or service account) at the specified scope.

Roles

  • Create Role

    Create a custom role with specific permissions and allowed scope levels for fine-grained access control.

  • List Roles

    Retrieve a paginated list of roles with their permissions, scope levels, and assignment counts, with optional filtering by name and management type.

  • Get Role

    Retrieve the full details of a single role including its permission identifiers, allowed scope levels, and management metadata.

  • Update Role

    Update a role's name, permissions, scope levels, description, and tags via full replacement. Requires all fields to be provided.

  • Delete Role

    Permanently delete a role by its identifier. Returns the deleted role object on success.

Target Groups

  • Create Target Group

    Create a new target group (segment) with explicit target inclusion/exclusion and rule-based targeting clauses for a given project and environment.

  • List Target Groups

    Retrieve all target groups (segments) for an environment with optional filtering by name or identifier and configurable sorting and pagination.

  • Get Target Group

    Retrieve full details for a specific target group including its included/excluded targets, targeting rules, and version metadata.

  • Update Target Group

    Modify a target group using instruction-based patch operations to add or remove included and excluded targets.

  • Delete Target Group

    Delete a target group (segment) permanently from the specified environment, removing all target associations.

Tags

  • Create Tag

    Create a new tag for organizing and categorizing feature flags within a project. Tags are auto-created when attached to feature flags, but this action lets you pre-define them.

  • List Tags

    Retrieve all tags available for categorizing feature flags in a given project and environment. Supports filtering by tag identifier and pagination.

  • Get Tag

    Retrieve detailed information for a specific tag, including the feature flags associated with it.

  • Delete Tag

    Delete a tag and automatically remove it from all feature flags it was associated with.

Targets

  • Create Target

    Create a new feature flag target representing a user, service, or entity for flag evaluation in a specific environment.

  • List Targets

    Retrieve a paginated list of all feature flag targets for a specific environment, with optional filtering and sorting.

  • Get Target

    Retrieve the full details for a specific target, including its custom attributes and associated segments.

  • Delete Target

    Permanently remove a target from the environment, stopping all feature flag evaluations for this target.

User Groups

  • Create User Group

    Create a new user group at account, organization, or project scope with optional initial members, notification channels, and SSO linking.

  • List User Groups

    Retrieve a paginated list of user groups at account, organization, or project scope, with optional filtering by name, scope inheritance, and SSO group linkage.

  • Get User Group

    Retrieve the full details of a single user group by its identifier, including the member user list, notification configurations, and SSO linking status.

  • Update User Group

    Update an existing user group via full replacement (PUT). All fields must be provided, not just the changed ones -- omitted optional fields will be cleared.

  • Delete User Group

    Permanently delete a user group by its identifier. Member users are not deleted from the account.

Users

  • Add Users

    Invite one or more users to the account, organization, or project by email address, with optional role bindings and user group assignments at time of invitation.

  • List Users

    Retrieve a paginated list of users in the account, organization, or project scope, with optional filtering by name, email, specific UUIDs, and parent scope inheritance.

  • Get User

    Retrieve a single user's full profile and role assignments by UUID, including every role binding with its resource group, scope level, and management flags.

  • Update User

    Update a user's profile information by replacing the full user object. Always call get_user first to retrieve current values, then modify and submit all fields.

  • Remove User

    Remove a user from the specified account, organization, or project scope, revoking all their role assignments and access at that scope without deleting their Harness account.

Other (10)

  • Add User To Group

    Add a single user to an existing user group by their user UUID and group identifier. The user inherits all role assignments associated with the group.

  • Get Feature Flag Dependants

    Retrieve all feature flags that depend on the specified flag as a prerequisite.

  • List Pending Users

    Retrieve a paginated list of pending (not yet accepted) user invitations with aggregated role assignment details, with optional filtering by name, email, role, and resource group.

  • List Segment Flags

    Retrieve all feature flags that reference the specified target group in their targeting rules.

  • Get Target Segments

    Retrieve all target groups (segments) that a specific target belongs to, including both explicit and rule-based memberships.

  • List Aggregated Users

    Retrieve users enriched with their role assignment metadata, including role names, resource groups, scope levels, and management flags, with optional filtering by role or resource group.

  • Remove User From Group

    Remove a single user from a user group by their user UUID and group identifier. The user's individual role assignments are not affected.

  • Restore Feature Flag

    Restore a previously deleted feature flag back to active state with its original configuration.

  • Resend Invite

    Resend the invitation email for a pending invite that has not yet been accepted, optionally updating the invite's role bindings and user group assignments.

  • Modify Target

    Perform a full replacement update of a target, replacing its name, attributes, and all associations.

Set Up Your Harness MCP Server in Minutes

One endpoint. Any framework. Your agent is talking to Harness in under 10 lines of code.

MCP Clients

Agent Frameworks

Claude Desktop
{
  "mcpServers": {
    "stackone": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote@latest",
        "https://api.stackone.com/mcp?x-account-id=<account_id>",
        "--header",
        "Authorization: Basic <YOUR_BASE64_TOKEN>"
      ]
    }
  }
}

More Developer Tools MCP Servers

Azure DevOps

172+ actions

Cloudflare

137+ actions

Bitbucket

134+ actions

Supabase

128+ actions

GitLab

125+ actions

Terraform

118+ actions

OneLogin

109+ actions

All Developer Tools MCP Servers →

Harness MCP Server Resources

MCP Code Mode: Keeping Tool Responses Out of Agent Context

Anthropic's code_execution processes data already in context. Custom MCP code mode keeps raw tool responses in a sandbox. 14K tokens vs 500.

11 min

Comparing BM25, TF-IDF, and Hybrid Search for MCP Tool Discovery

Benchmarking BM25, TF-IDF, and hybrid search for MCP tool discovery across 916 tools. The 80/20 TF-IDF/BM25 hybrid hits 21% Top-1 accuracy in under 1ms.

10 min

Indirect Prompt Injection Defense for MCP Tools: A Technical Guide

MCP tools that read emails, CRM records, and tickets are indirect prompt injection vectors. Here's how we built a two-tier defense that scans tool results in ~11ms.

12 min

Harness MCP Server FAQ

Harness MCP server vs direct API integration — what's the difference?
A Harness MCP server and direct API integration serve different use cases. Direct API integration is for software-to-software — backend code calling Harness. A Harness MCP server is for AI agents — MCP clients like Claude and Cursor, plus framework agents built with OpenAI, LangChain, or Vercel AI — discovering and calling Harness at runtime. StackOne provides both.
How does Harness authentication work for AI agents?
Harness authentication for AI agents works through a StackOne Connect Session. Create one via the dashboard or the SDK — you get an auth link and ready-to-paste config for Claude Desktop, Cursor, and other MCP clients. Your user authenticates their own Harness account; StackOne handles token exchange, storage, and refresh. Credentials never reach the LLM, and each user is isolated via origin_owner_id.
Are Harness MCP tools vulnerable to prompt injection?
Yes — Harness MCP tools can be vulnerable to indirect prompt injection. Any tool that reads user-written content — documents, messages, tickets, records, or free-text fields — is a potential vector. StackOne Defender scans every tool response before it enters the agent's context — regex patterns in ~1ms, then a MiniLM classifier in ~4ms. 88.7% accuracy, CPU-only.
What is the context bloat of a Harness agent and how do I avoid it?
Context bloat happens when Harness tool schemas and API responses eat your Harness agent's memory, preventing it from reasoning effectively. A single Harness query can return a massive JSON response, and connecting multiple tools compounds the problem. Tools Discovery and Code Mode reduce context bloat — loading only relevant tools per query and keeping raw responses out of the agent's context.
Can I limit which actions my Harness agent can access?
Yes — you can limit which actions your Harness agent can access directly from the StackOne dashboard. Toggle actions on or off, or restrict them to specific accounts, with no code changes to your agent. Session tokens can be scoped to exact actions so if one leaks, exposure stays contained.
Can I create custom agent actions for my Harness MCP server?
Yes — you can create custom agent actions for your Harness MCP server using Connector Builder. It's an integration agent your coding assistant (Claude Code, Cursor, or Copilot) can invoke to research Harness's API, generate production-ready connector YAML, test against the live API, and validate before you ship.
When should I NOT use a Harness MCP server?
Skip a Harness MCP server if your integration is purely software-to-software — direct Harness API integration is simpler when no AI agent is involved. For deterministic, compliance-critical operations (financial transactions, regulatory reporting), direct API gives you predictable behavior without agent-driven decision-making. MCP shines when AI agents need to dynamically discover and call Harness actions at runtime.
What AI frameworks and AI clients does the StackOne Harness MCP server support?
The StackOne Harness MCP server supports both. MCP clients (paste-and-go apps): Claude Desktop, Claude Code, Cursor, VS Code, Goose. Agent frameworks (code SDKs you build with): OpenAI Agents SDK, Anthropic, Vercel AI, Google ADK, CrewAI, Pydantic AI, LangChain, LangGraph, Azure AI Foundry.

Put your AI agents to work

All the tools you need to build and scale AI agent integrations, with best-in-class connectivity, execution, and security.

Start Free Book Demo