/ Directorio / Playground / unifi-mcp
← Todos los servidores ↗ GitHub
● Comunidad sirkirby ⚡ Instantáneo

unifi-mcp

por sirkirby · sirkirby/unifi-mcp

Operate your Ubiquiti UniFi stack — Network, Protect cameras, Access doors — by chatting with Claude. 224 tools covering the real product surface.

unifi-mcp is actually three MCP servers bundled: Network (161 tools, stable), Protect (34 tools, beta), and Access (29 tools, beta). Cross-product event correlation via optional cloud relay. Installs via uvx or the Claude Code plugin marketplace.

▶ Ver demo 📦 Instalar 💡 Casos de uso

Por qué usarlo

Características clave

Demo en vivo

Cómo se ve en la práctica

unifi.replay ▶ listo
0/0

Instalar

Elige tu cliente

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "unifi": {
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ],
      "_inferred": true
    }
  }
}

Abre Claude Desktop → Settings → Developer → Edit Config. Reinicia después de guardar.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "unifi": {
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ],
      "_inferred": true
    }
  }
}

Cursor usa el mismo esquema mcpServers que Claude Desktop. La configuración del proyecto prevalece sobre la global.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "unifi": {
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ],
      "_inferred": true
    }
  }
}

Haz clic en el icono MCP Servers de la barra lateral de Cline y luego en "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "unifi": {
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ],
      "_inferred": true
    }
  }
}

Mismo formato que Claude Desktop. Reinicia Windsurf para aplicar.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "unifi",
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ]
    }
  ]
}

Continue usa un array de objetos de servidor en lugar de un mapa.

~/.config/zed/settings.json
{
  "context_servers": {
    "unifi": {
      "command": {
        "path": "uvx",
        "args": [
          "unifi-mcp"
        ]
      }
    }
  }
}

Añádelo a context_servers. Zed recarga en caliente al guardar.

claude mcp add unifi -- uvx unifi-mcp

Un solo comando. Verifica con claude mcp list. Quita con claude mcp remove.

Casos de uso

Usos del mundo real: unifi-mcp

Investigate a motion alert across cameras and doors

👤 UniFi home/SMB users ⏱ ~10 min intermediate

Cuándo usarlo: You got a Protect motion alert at 2 AM. Who was it? Did a door open?

Requisitos previos
  • UniFi controller + credentials — UniFi UI > Admin > API credentials
Flujo
  1. Pull the motion event
    Get Protect motion events between 01:55 and 02:05 today. Include smart detection labels.✓ Copiado
    → Event list with 'person' / 'vehicle' tags
  2. Correlate with doors
    Were any Access doors opened in the same window?✓ Copiado
    → Door open events or none
  3. Check network side
    Any new/unknown clients joined the network in that window?✓ Copiado
    → Network client delta

Resultado: Fast sensemaking of a potential incident without clicking between 3 UniFi apps.

Errores comunes
  • Protect timestamps use controller timezone — Always ask Claude to convert to your local time explicitly

Provision and audit guest networks

👤 Office IT, Airbnb hosts ⏱ ~10 min beginner

Cuándo usarlo: You want a throwaway guest WiFi for the week, auto-expiring.

Flujo
  1. Create SSID
    Create a guest SSID 'Week42' on the 2.4 + 5 GHz bands with a random 12-char password. Expires in 7 days.✓ Copiado
    → SSID created + password returned
  2. Review
    End of week — how many clients connected, total bandwidth, any suspicious patterns?✓ Copiado
    → Usage report

Resultado: Less hassle than doing it in the UI.

Errores comunes
  • Claude leaves the SSID up past expiry — Set a UniFi scheduled rule; don't rely on LLM to remember

Audit your firewall rules for drift

👤 Self-hosted homelabbers, SMB admins ⏱ ~30 min advanced

Cuándo usarlo: You've added rules over time and want a second pair of eyes on what's actually allowed.

Flujo
  1. Dump rules
    List all firewall rules, grouped by zone.✓ Copiado
    → Complete rule inventory
  2. Audit
    Flag any rules that allow inbound from 0.0.0.0/0 to internal services. Flag overly permissive any-any rules.✓ Copiado
    → Risk-flagged subset
  3. Propose tightening
    For each flagged rule, propose the minimal scope change that preserves functionality.✓ Copiado
    → Concrete diff suggestions

Resultado: A tighter firewall configured in one session.

Errores comunes
  • Applying changes blindly locks you out — Have Claude list changes; apply them yourself via the UI for anything gateway-related

Combinaciones

Combínalo con otros MCPs para multiplicar por 10

unifi + ssh-manager

Run deep diagnostics on a controller via SSH when the API isn't enough

If a UniFi API call returns no data for a device, SSH into the controller and run info on that device's ID.✓ Copiado

Herramientas

Lo que expone este MCP

HerramientaEntradasCuándo llamarCoste
network_list_clients site?: str See who's on your network 1 API call
network_firewall_rules action: list|create|update|delete, ... Audit or change firewall 1 API call
network_health Diagnose offline APs, high error rates 1 API call
protect_list_events start, end, cameras?, types? Investigate motion/detection events 1 API call
access_open_door door_id, duration_s? Remote door unlock — destructive; confirm first 1 API call + physical effect

Coste y límites

Lo que cuesta ejecutarlo

Cuota de API
Your controller — no external limits
Tokens por llamada
List calls 500-3000 tokens; individual ops 100-500
Monetario
Free, MIT. UniFi hardware/licenses are your existing spend.
Consejo
Only enable the product servers you actually use — Network only for most homelabs reduces schema overhead.

Seguridad

Permisos, secretos, alcance

Ámbitos mínimos: Dedicated UniFi admin user with role scoped to needed product
Almacenamiento de credenciales: UNIFI_HOST, UNIFI_USERNAME, UNIFI_PASSWORD env vars; or experimental read-only UNIFI_API_KEY
Salida de datos: LAN to controller; optional cloud relay for cross-product correlation
No conceder nunca: Super Admin credentials to an agent that can also reach the public internet

Resolución de problemas

Errores comunes y soluciones

Cannot connect to controller

Check UNIFI_HOST — include https:// and port (e.g. https://unifi.local:8443). Self-signed cert? Set UNIFI_VERIFY_SSL=false (for trusted LAN only).

Verificar: curl -k https://unifi.local:8443/api/system
401 Unauthorized

Credentials wrong, or 2FA required. Create a local admin without 2FA for automation.

Protect events empty

Ensure Protect is actually installed on this controller. protect_health confirms.

Alternativas

unifi-mcp vs otros

AlternativaCuándo usarlaContrapartida
unifi-api-client in custom scriptsYou want full customization and don't use AI for opsYou write all the glue; no MCP ergonomics

Más

Recursos

📖 Lee el README oficial en GitHub

🐙 Ver issues abiertas

🔍 Ver todos los 400+ servidores MCP y Skills