Argo CD MCP server
Argo CD is a declarative GitOps continuous delivery tool for Kubernetes. An AI agent with access to Argo CD can deploy applications, manage multi-cluster deployments, configure repositories, sync application state, and retrieve deployment status without manual kubectl operations or access to the Argo CD UI.
Setting up an MCP server
This article covers the standard steps for creating an MCP server in AI Gateway and connecting it to an AI client. The steps are the same for every integration — application-specific details (API credentials, OAuth endpoints, and scopes) are covered in the individual application pages.
Before you begin
You'll need:
- Access to AI Gateway with permission to create MCP servers
- API credentials for the application you're connecting (see the relevant application page for what to collect)
Create an MCP server
Find the API in the catalog
- Sign in to AI Gateway and select MCP Servers from the left navigation.
- Select New MCP Server.
- Search for the application you want to connect, then select it from the catalog.
Configure the server
- Enter a Name for your server — something descriptive that identifies both the application and its purpose.
- Enter a Description so your team knows what the server is for.
- Set the Timeout value. 30 seconds works for most APIs; increase to 60 seconds for APIs that return large payloads.
- Toggle Production mode on if this server will be used in a live workflow.
- Select Next.
Configure authentication
Enter the authentication details for the application. This varies by service — see the Authentication section of the relevant application page for the specific credentials, OAuth URLs, and scopes to use.
Configure security
- Set any Rate limits appropriate for your use case and the API's own limits.
- Enable Logging if you want AI Gateway to record requests and responses for auditing.
- Select Next.
Deploy
Review the summary, then select Deploy. AI Gateway provisions the server and provides a server URL you'll use when configuring your AI client.
Connect to an AI client
Once your server is deployed, you'll need to add it to the AI client your team uses. Select your client for setup instructions:
Tips
- You can create multiple MCP servers for the same application — for example, a read-only server for reporting agents and a read-write server for automation workflows.
- If you're unsure which OAuth scopes to request, start with the minimum read-only set and add write scopes only when needed. Most application pages include scope recommendations.
- You can edit a server's name, description, timeout, and security settings after deployment without redeploying.
Authentication
Argo CD uses Bearer token authentication. Generate an API token from the Argo CD UI at Settings > Accounts. Create a service account with appropriate RBAC permissions.
| Value | Setting |
|---|---|
| API token header | Authorization: Bearer YOUR_TOKEN |
| Base URL | https://argocd.your-company.com |
Available tools
This MCP server enables application lifecycle management, repository operations, cluster management, project configuration, and monitoring for multi-cluster GitOps deployments.
| Tool | Description |
|---|---|
| List applications | Retrieve all applications across projects |
| Get application | Retrieve application details including sync status |
| Create application | Create a new application pointing to a Git repository |
| Update application | Modify application configuration and target settings |
| Delete application | Remove an application from Argo CD |
| Sync application | Trigger synchronization between Git and cluster |
| Rollback application | Revert to a previous application revision |
| Get application events | Retrieve recent events for an application |
| Get resource tree | Retrieve managed Kubernetes resources |
| List repositories | Retrieve configured Git repositories |
| Get repository | Retrieve repository connection details |
| Add repository | Register a new Git repository with credentials |
| Validate repository | Test connectivity to a Git repository |
| Get repository refs | Retrieve branches and tags in a repository |
| List clusters | Retrieve registered Kubernetes clusters |
| Get cluster | Retrieve cluster configuration and status |
| Register cluster | Add a new Kubernetes cluster for multi-cluster management |
| Invalidate cache | Clear resource cache for a cluster |
| List projects | Retrieve all projects with RBAC settings |
| Get project | Retrieve project configuration and sync windows |
| Create project | Create a new project for team-scoped access |
| List project roles | Retrieve roles and permissions for a project |
| Create project role | Define custom role with specific permissions |
| Create API token | Generate an API token for project access |
| Delete API token | Revoke a project API token |
| List ApplicationSets | Retrieve template-based application definitions |
| Get ApplicationSet | Retrieve ApplicationSet configuration and generated apps |
Tips
Use project-scoped tokens for least privilege — instead of admin tokens, create project-scoped tokens with only the permissions your integration needs. This limits blast radius if credentials are compromised.
Configure automatic sync with self-heal to keep applications synchronized with Git. This prevents drift and ensures predictable cluster state.
Configure sync windows to restrict deployments to maintenance windows. This prevents unexpected changes during business hours.
Check application sync status before making changes — out-of-sync applications may indicate pending Git changes or cluster issues.
Regularly rotate credentials for repository and cluster access. Implement automated key rotation for production deployments.
Cequence AI Gateway