Connect Claude to ServiceAlert (MCP)

The Model Context Protocol (MCP) is a small JSON-RPC interface that lets a model client (Claude Code, Claude Desktop, or any other MCP-aware tool) call functions exposed by a server. ServiceAlert runs an MCP server at https://servicealert.ai/api/mcp with eight tools that read your monitor / incident / service catalog and let you silence or escalate from the prompt.

Examples once configured:

• "Are any of my monitors down right now?"
• "Show me everything in the Payments service."
• "What's the recent incident history for the past 7 days?"
• "Silence the noisy database health check for an hour" (Claude prompts for confirmation before invoking the write tool).

The server respects the same RBAC and team-access rules as the REST API, so MCP can only see the monitors and services your API key already has access to.

The MCP server authenticates with the same API keys that power the REST API. Generate one at /monitor/api-keys, name it per machine (e.g. claude-code-laptop, claude-desktop-work) so a leak on one device doesn't force you to re-config every other.

You'll pass the key as a Bearer token in the client config below. Treat it like an SSH private key — anyone who holds it can read (and write, on tools that support it) everything your account can.

If a key leaks, revoke it instantly from /monitor/api-keys; the next request from that key returns 401 with no propagation delay. Then check /audit-logs for any mcp.tool.call events from the key's id you don't recognise.

Claude Code reads MCP servers from ~/.config/claude-code/settings.json (macOS / Linux) or %APPDATA%\claude-code\settings.json (Windows). Add the servicealert entry:

{
  "mcpServers": {
    "servicealert": {
      "transport": {
        "type": "http",
        "url": "https://servicealert.ai/api/mcp",
        "headers": {
          "Authorization": "Bearer YOUR_API_KEY_HERE"
        }
      }
    }
  }
}

Reload Claude Code (⌘R / Ctrl-R); the servicealert server appears in /mcp. From any project you can now ask "are any of my monitors down right now?" and Claude will call the right tool on your behalf.

Claude Desktop's config lives at ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows). Same JSON shape:

{
  "mcpServers": {
    "servicealert": {
      "transport": {
        "type": "http",
        "url": "https://servicealert.ai/api/mcp",
        "headers": {
          "Authorization": "Bearer YOUR_API_KEY_HERE"
        }
      }
    }
  }
}

Restart Claude Desktop after editing.

Read-only:

• list_monitors — list your monitors with current status, last check time, target. Filter by type, status, or service.
• get_monitor — full detail for one monitor: config, alert channels, last 10 check results, any active silence reason.
• list_services — service catalog with tier, on-call schedule, runbook URL, monitor count per service.
• list_incidents — recent declared incidents (last 30 days by default). Filter by status.
• query_status — fleet snapshot: counts of monitors by status plus the list of anything currently down or degraded.

Write tools (carry destructiveHint: true, Claude clients prompt for confirmation before invoking):

• silence_monitor — silence alerts on the latest open incident for N minutes (1–1440). Mirrors the Slack-button snooze.
• wake_monitor — clear an active silence and resume alerting immediately. No-op if not silenced.
• declare_incident — open a new declared incident with title / severity / summary / monitor_ids / service_ids. May notify on-call rotations and downstream integrations, Claude prompts before invoking.

Every write call is audit-logged at /audit-logs as mcp.tool.call with the tool name, sanitised args, and the calling key id, so a leaked-key forensic trace shows exactly what was changed.

The MCP server only reads ServiceAlert data tied to the API key's user id. It does not see other users' monitors, services, or incidents.

The Anthropic client (Claude Code or Desktop) sends tool inputs and results to Anthropic's models for inference. ServiceAlert does not proxy through Anthropic, we serve the MCP transport directly. No ServiceAlert data leaves our servers except in the tool response that Claude itself receives back to your local client.

Requests are rate-limited to 60 per minute per API key (sliding window). Exceeding it returns 429 Too Many Requests with a Retry-After: 60 header. The cap protects against runaway client loops and limits the blast radius of a leaked key.

• The server isn't showing up in /mcp. Confirm the JSON parses (no trailing commas) and that the URL ends in /api/mcp exactly. Reload the client after every config edit.
• Every tool call returns "Authorization required". Double-check the Bearer token in the headers block matches a live API key from /monitor/api-keys. Revoked keys return 401 immediately.
• "Method not found: tools/list" errors. Older MCP clients negotiate an older protocol version. The server speaks both 2025-06-18 and 2024-11-05; if your client uses something older than that, upgrade the client.
• Tool calls timing out. A single call should return in under 500 ms. The most common cause is list_monitors with no filter on a large account — pass { "limit": 50 } to bound the query.