MCP Server for Lemonldap-NG
Manage your Lemonldap-NG web SSO instances from Claude, Cursor, or any MCP-compatible AI assistant.
What You Can Do
| Capability | Description |
|---|---|
| Configuration | Read, update, export, import, merge, and rollback SSO configuration. Test email settings. |
| Sessions | Search, inspect, modify, and delete user sessions. Backup all sessions. Manage offline/refresh tokens. |
| OIDC Relying Parties | Enable the OIDC issuer, list/add/update/delete relying parties with sensible defaults. |
| OIDC Testing | Full OIDC flow testing: discovery, authorization with PKCE, token exchange, userinfo, introspection. |
| SAML Federation | Download IdP metadata, import SAML federations. |
| Two-Factor Auth | List and manage users' 2FA devices (TOTP, U2F, WebAuthn). |
| User Consents | List and revoke OIDC consents per user. |
| User Directory | Look up user attributes from the configured backend. |
| Cache & Maintenance | Purge central and local caches, rotate OIDC keys, delete sessions by UID pattern. |
| Multi-Instance | Manage multiple SSO instances (prod, staging, dev) from a single server. |