/ Annuaire / Playground / unifi-mcp
← Tous les serveurs ↗ GitHub
● Communauté sirkirby ⚡ Instantané

unifi-mcp

par sirkirby · sirkirby/unifi-mcp

Operate your Ubiquiti UniFi stack — Network, Protect cameras, Access doors — by chatting with Claude. 224 tools covering the real product surface.

unifi-mcp is actually three MCP servers bundled: Network (161 tools, stable), Protect (34 tools, beta), and Access (29 tools, beta). Cross-product event correlation via optional cloud relay. Installs via uvx or the Claude Code plugin marketplace.

▶ Voir la démo 📦 Installer 💡 Cas d'usage

Pourquoi l'utiliser

Fonctionnalités clés

Démo en direct

Aperçu en pratique

unifi.replay ▶ prêt
0/0

Installer

Choisissez votre client

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "unifi": {
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ],
      "_inferred": true
    }
  }
}

Ouvrez Claude Desktop → Settings → Developer → Edit Config. Redémarrez après avoir enregistré.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "unifi": {
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ],
      "_inferred": true
    }
  }
}

Cursor utilise le même schéma mcpServers que Claude Desktop. La config projet l'emporte sur la globale.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "unifi": {
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ],
      "_inferred": true
    }
  }
}

Cliquez sur l'icône MCP Servers dans la barre latérale Cline, puis "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "unifi": {
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ],
      "_inferred": true
    }
  }
}

Même format que Claude Desktop. Redémarrez Windsurf pour appliquer.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "unifi",
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ]
    }
  ]
}

Continue utilise un tableau d'objets serveur plutôt qu'une map.

~/.config/zed/settings.json
{
  "context_servers": {
    "unifi": {
      "command": {
        "path": "uvx",
        "args": [
          "unifi-mcp"
        ]
      }
    }
  }
}

Ajoutez dans context_servers. Zed recharge à chaud à la sauvegarde.

claude mcp add unifi -- uvx unifi-mcp

Une seule ligne. Vérifiez avec claude mcp list. Supprimez avec claude mcp remove.

Cas d'usage

Usages concrets : unifi-mcp

Investigate a motion alert across cameras and doors

👤 UniFi home/SMB users ⏱ ~10 min intermediate

Quand l'utiliser : You got a Protect motion alert at 2 AM. Who was it? Did a door open?

Prérequis
  • UniFi controller + credentials — UniFi UI > Admin > API credentials
Déroulement
  1. Pull the motion event
    Get Protect motion events between 01:55 and 02:05 today. Include smart detection labels.✓ Copié
    → Event list with 'person' / 'vehicle' tags
  2. Correlate with doors
    Were any Access doors opened in the same window?✓ Copié
    → Door open events or none
  3. Check network side
    Any new/unknown clients joined the network in that window?✓ Copié
    → Network client delta

Résultat : Fast sensemaking of a potential incident without clicking between 3 UniFi apps.

Pièges
  • Protect timestamps use controller timezone — Always ask Claude to convert to your local time explicitly

Provision and audit guest networks

👤 Office IT, Airbnb hosts ⏱ ~10 min beginner

Quand l'utiliser : You want a throwaway guest WiFi for the week, auto-expiring.

Déroulement
  1. Create SSID
    Create a guest SSID 'Week42' on the 2.4 + 5 GHz bands with a random 12-char password. Expires in 7 days.✓ Copié
    → SSID created + password returned
  2. Review
    End of week — how many clients connected, total bandwidth, any suspicious patterns?✓ Copié
    → Usage report

Résultat : Less hassle than doing it in the UI.

Pièges
  • Claude leaves the SSID up past expiry — Set a UniFi scheduled rule; don't rely on LLM to remember

Audit your firewall rules for drift

👤 Self-hosted homelabbers, SMB admins ⏱ ~30 min advanced

Quand l'utiliser : You've added rules over time and want a second pair of eyes on what's actually allowed.

Déroulement
  1. Dump rules
    List all firewall rules, grouped by zone.✓ Copié
    → Complete rule inventory
  2. Audit
    Flag any rules that allow inbound from 0.0.0.0/0 to internal services. Flag overly permissive any-any rules.✓ Copié
    → Risk-flagged subset
  3. Propose tightening
    For each flagged rule, propose the minimal scope change that preserves functionality.✓ Copié
    → Concrete diff suggestions

Résultat : A tighter firewall configured in one session.

Pièges
  • Applying changes blindly locks you out — Have Claude list changes; apply them yourself via the UI for anything gateway-related

Combinaisons

Associez-le à d'autres MCPs pour un effet X10

unifi + ssh-manager

Run deep diagnostics on a controller via SSH when the API isn't enough

If a UniFi API call returns no data for a device, SSH into the controller and run info on that device's ID.✓ Copié

Outils

Ce que ce MCP expose

OutilEntréesQuand appelerCoût
network_list_clients site?: str See who's on your network 1 API call
network_firewall_rules action: list|create|update|delete, ... Audit or change firewall 1 API call
network_health Diagnose offline APs, high error rates 1 API call
protect_list_events start, end, cameras?, types? Investigate motion/detection events 1 API call
access_open_door door_id, duration_s? Remote door unlock — destructive; confirm first 1 API call + physical effect

Coût et limites

Coût d'exécution

Quota d'API
Your controller — no external limits
Tokens par appel
List calls 500-3000 tokens; individual ops 100-500
Monétaire
Free, MIT. UniFi hardware/licenses are your existing spend.
Astuce
Only enable the product servers you actually use — Network only for most homelabs reduces schema overhead.

Sécurité

Permissions, secrets, portée

Portées minimales : Dedicated UniFi admin user with role scoped to needed product
Stockage des identifiants : UNIFI_HOST, UNIFI_USERNAME, UNIFI_PASSWORD env vars; or experimental read-only UNIFI_API_KEY
Sortie de données : LAN to controller; optional cloud relay for cross-product correlation
Ne jamais accorder : Super Admin credentials to an agent that can also reach the public internet

Dépannage

Erreurs courantes et correctifs

Cannot connect to controller

Check UNIFI_HOST — include https:// and port (e.g. https://unifi.local:8443). Self-signed cert? Set UNIFI_VERIFY_SSL=false (for trusted LAN only).

Vérifier : curl -k https://unifi.local:8443/api/system
401 Unauthorized

Credentials wrong, or 2FA required. Create a local admin without 2FA for automation.

Protect events empty

Ensure Protect is actually installed on this controller. protect_health confirms.

Alternatives

unifi-mcp vs autres

AlternativeQuand l'utiliserCompromis
unifi-api-client in custom scriptsYou want full customization and don't use AI for opsYou write all the glue; no MCP ergonomics

Plus

Ressources

📖 Lire le README officiel sur GitHub

🐙 Voir les issues ouvertes

🔍 Parcourir les 400+ serveurs MCP et Skills