npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

suitecrm-mcp-server-sse

v1.0.2

Published

SuiteCRM MCP Server with SSE transport and HTTP endpoints for frontend integration

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

arauf037arauf037

Keywords

suitecrmmcpmodel-context-protocolsseserver-sent-eventscrmapioauthhttpfrontend

Readme

SuiteCRM MCP Server SSE

A production-ready Model Context Protocol (MCP) server for SuiteCRM integration using Server-Sent Events (SSE) transport. Perfect for web applications and production portals that need real-time SuiteCRM data access.

Features

  • SSE Transport: Server-Sent Events for real-time web communication
  • Production Ready: Express server with security, CORS, rate limiting
  • SuiteCRM Integration: Full OAuth 2.0 authentication and API access
  • Four Core Tools:
    • authenticate_crm - Authenticate with SuiteCRM
    • get_modules - Fetch available CRM modules
    • get_module_schema - Get detailed module schemas
    • execute_query - Execute SQL queries with security validation
  • Security Features: SQL injection prevention, input validation, audit logging
  • Performance: Token caching, schema caching, connection pooling
  • TypeScript: Full type definitions included
  • Multi-Client Support: Multiple web clients can connect simultaneously

Installation

npm install suitecrm-mcp-server-sse

Quick Start

1. Install the Package

npm install suitecrm-mcp-server-sse

2. Create a Server Instance

const { SuiteCRMCPServer } = require('suitecrm-mcp-server-sse');

// Create server instance
const server = new SuiteCRMCPServer();

// Start the server
server.run().catch(console.error);

3. Configure Environment Variables

Create a .env file:

# Server Configuration
SERVER_PORT=3000
SERVER_HOST=0.0.0.0
CORS_ORIGIN=*

# SuiteCRM Configuration
SUITECRM_URL=https://your-suitecrm-instance.com
SUITECRM_CLIENT_ID=your_oauth_client_id
SUITECRM_CLIENT_SECRET=your_oauth_client_secret

# Performance Configuration
MAX_QUERY_ROWS=100
REQUEST_TIMEOUT=30000
LOG_LEVEL=info

# Rate Limiting
RATE_LIMIT_WINDOW=60000
RATE_LIMIT_MAX_REQUESTS=100

4. Start the Server

# Using npm script
npm start

# Or directly
node dist/index.js

Server Endpoints

Once started, your server will be available at:

  • MCP SSE Endpoint: http://localhost:3000/mcp
  • Health Check: http://localhost:3000/health
  • API Documentation: http://localhost:3000/docs
  • Server Info: http://localhost:3000/

Usage Examples

Web Client Integration

<!DOCTYPE html>
<html>
<head>
    <title>SuiteCRM MCP Client</title>
</head>
<body>
    <h1>SuiteCRM MCP Client</h1>
    <div id="output"></div>
    
    <script>
        // Connect to MCP server via SSE
        const eventSource = new EventSource('http://localhost:3000/mcp');
        
        eventSource.onopen = function(event) {
            console.log('Connected to MCP server');
            document.getElementById('output').innerHTML += '<p>✅ Connected to MCP server</p>';
        };
        
        eventSource.onmessage = function(event) {
            const data = JSON.parse(event.data);
            console.log('Received:', data);
            document.getElementById('output').innerHTML += '<p>📨 ' + JSON.stringify(data) + '</p>';
        };
        
        eventSource.onerror = function(event) {
            console.error('SSE error:', event);
            document.getElementById('output').innerHTML += '<p>❌ Connection error</p>';
        };
    </script>
</body>
</html>

Express.js Integration

const express = require('express');
const { SuiteCRMCPServer } = require('suitecrm-mcp-server-sse');

const app = express();
app.use(express.json());

// Initialize MCP server
const mcpServer = new SuiteCRMCPServer();

// Start MCP server
mcpServer.run().catch(console.error);

// Your Express routes
app.get('/api/status', (req, res) => {
    res.json({ status: 'MCP server running' });
});

app.listen(3001, () => {
    console.log('Express app running on port 3001');
    console.log('MCP server running on port 3000');
});

Node.js Client

const { Client } = require('@modelcontextprotocol/sdk/client/index.js');
const { SseClientTransport } = require('@modelcontextprotocol/sdk/client/sse.js');

async function testMCP() {
    const transport = new SseClientTransport('http://localhost:3000/mcp');
    const client = new Client({
        name: 'test-client',
        version: '1.0.0'
    });
    
    await client.connect(transport);
    
    // List available tools
    const tools = await client.listTools();
    console.log('Available tools:', tools);
    
    // Test authentication
    const result = await client.callTool('authenticate_crm', {
        crm_url: 'https://your-suitecrm-instance.com',
        client_id: 'your_client_id',
        client_secret: 'your_client_secret'
    });
    
    console.log('Authentication result:', result);
}

testMCP().catch(console.error);

Configuration Options

Environment Variables

| Variable | Description | Default | |----------|-------------|---------| | SERVER_PORT | HTTP server port | 3000 | | SERVER_HOST | HTTP server host | 0.0.0.0 | | CORS_ORIGIN | CORS allowed origins | * | | SUITECRM_URL | SuiteCRM instance URL | http://localhost/suitecrm | | SUITECRM_CLIENT_ID | OAuth client ID | - | | SUITECRM_CLIENT_SECRET | OAuth client secret | - | | LOG_LEVEL | Logging level | info | | MAX_QUERY_ROWS | Maximum rows per query | 100 | | REQUEST_TIMEOUT | Request timeout (ms) | 30000 | | RATE_LIMIT_WINDOW | Rate limit window (ms) | 60000 | | RATE_LIMIT_MAX_REQUESTS | Max requests per window | 100 |

API Tools

1. authenticate_crm

Authenticate with SuiteCRM using client credentials.

Parameters:

  • crm_url (string): SuiteCRM instance URL
  • client_id (string): OAuth client ID
  • client_secret (string): OAuth client secret

2. get_modules

Fetch available CRM modules.

Parameters:

  • crm_url (string): SuiteCRM instance URL
  • access_token (string): Valid access token

3. get_module_schema

Get detailed schema for a specific module.

Parameters:

  • crm_url (string): SuiteCRM instance URL
  • access_token (string): Valid access token
  • module_name (string): Name of the module

4. execute_query

Execute SQL query against CRM database.

Parameters:

  • crm_url (string): SuiteCRM instance URL
  • access_token (string): Valid access token
  • sql_query (string): SQL query to execute (SELECT only)

Security Features

  • SQL Injection Prevention: Query validation and sanitization
  • Rate Limiting: Configurable request limits per IP
  • CORS Protection: Configurable cross-origin resource sharing
  • Security Headers: Helmet.js for security headers
  • Input Validation: Zod schema validation for all inputs
  • Audit Logging: Comprehensive logging of all operations

Production Deployment

Docker Deployment

FROM node:18-alpine

WORKDIR /app

COPY package*.json ./
RUN npm ci --only=production

COPY dist ./dist
COPY .env ./

EXPOSE 3000

CMD ["node", "dist/index.js"]

Environment Configuration

# Production environment variables
export NODE_ENV=production
export SERVER_PORT=3000
export SERVER_HOST=0.0.0.0
export CORS_ORIGIN=https://yourdomain.com
export SUITECRM_URL=https://your-suitecrm-instance.com
export SUITECRM_CLIENT_ID=your_production_client_id
export SUITECRM_CLIENT_SECRET=your_production_client_secret
export LOG_LEVEL=warn

Load Balancer Configuration

upstream mcp_server {
    server localhost:3000;
}

server {
    listen 80;
    server_name yourdomain.com;

    location /mcp {
        proxy_pass http://mcp_server;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_read_timeout 86400;
    }

    location /health {
        proxy_pass http://mcp_server;
    }
}

Monitoring and Logging

The server includes comprehensive logging:

// Log levels: debug, info, warn, error
// Logs are written to console and files (if configured)

// Example log output:
// [2024-01-15T10:30:00.000Z] INFO: Starting SuiteCRM MCP Server with SSE transport
// [2024-01-15T10:30:00.100Z] INFO: HTTP server started on http://0.0.0.0:3000
// [2024-01-15T10:30:05.200Z] INFO: SSE connection established

Troubleshooting

Common Issues

  1. Connection Refused: Check if server is running on correct port
  2. CORS Errors: Verify CORS_ORIGIN configuration
  3. Authentication Failed: Check SuiteCRM credentials and URL
  4. Rate Limited: Increase rate limit settings if needed

Debug Mode

Enable debug logging:

LOG_LEVEL=debug

Health Check

Monitor server health:

curl http://localhost:3000/health

Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Make your changes
  4. Add tests
  5. Submit a pull request

License

MIT License - see LICENSE file for details.

Support

Changelog

v1.0.0

  • Initial release
  • SSE transport support
  • Production-ready Express server
  • Full SuiteCRM integration
  • Security features and rate limiting