# Frontegg MCP

> Frontegg connects your agent to a B2B SaaS identity management platform, letting you programmatically handle user accounts and multi-tenant structures. Use this MCP to list all customer accounts, audit roles and permissions, or onboard new users instantly from any compatible AI client. It's built for DevOps teams that need real-time visibility into who has access to what across complex environments.

## Overview
- **Category:** developer-tools
- **Price:** Free
- **Tags:** b2b-saas, user-management, authentication, multi-tenancy, provisioning, audit-logs

## Description

Managing B2B identities gets complicated fast. When you have multiple customers (tenants), keeping track of user roles and permissions manually is a nightmare. This MCP connects your agent directly to the core logic of the Frontegg platform, letting you manage all that identity data without ever touching an admin dashboard. You can list every tenant account and instantly pull detailed profiles for any global user. Need to onboard someone or shut down access? Your agent handles it in plain conversation. It’s exactly what you need when you want your AI client to treat your B2B SaaS environment like a database, rather than a confusing web UI. By connecting this MCP through Vinkius, you get instant command-line control over complex user and tenant lifecycles.

## Tools

### create_tenant
Creates a brand new customer account (tenant) within the system.

### create_user
Adds and provisions an individual user profile to the platform.

### delete_tenant
Completely removes a customer account (tenant) from the system.

### delete_user
Removes an existing user profile entirely.

### check_environment_status
Verifies that the API connection and necessary credentials are working correctly.

### get_tenant_details
Retrieves specific metadata about an existing customer account (tenant).

### get_user_details
Fetches comprehensive profile information for a specific user.

### list_m2m_tokens
Lists all available Machine-to-Machine tokens associated with the system.

### list_permissions
Outputs a list of specific, granular permissions that can be assigned or audited.

### list_system_roles
Displays all available system roles (like Admin or Read-Only) that users can be given.

### list_tenants
Retrieves a complete list of every customer account currently active on the platform.

### list_users
Provides a global listing of all user profiles across all tenants.

## Prompt Examples

**Prompt:** 
```
List the first 10 tenants in our Frontegg environment.
```

**Response:** 
```
Retrieving tenants... I found 10 active customer tenants, including 'Acme Corp' (ID: tnt_123) and 'Globex Inc' (ID: tnt_456). Would you like to see the users for Acme Corp?
```

**Prompt:** 
```
Find the user details for 'jane@example.com'.
```

**Response:** 
```
Searching users... I found Jane Doe (jane@example.com). She is assigned to tenant 'Acme Corp' and has the 'Admin' role. Her account was created on Oct 1st.
```

**Prompt:** 
```
Create a new tenant named 'Stark Industries'.
```

**Response:** 
```
Tenant created! I have successfully provisioned the new tenant 'Stark Industries' in your Frontegg environment. The new Tenant ID is tnt_789012.
```

## Capabilities

### Manage Tenant Lifecycle
List all current customer accounts, retrieve their specific configuration details, or programmatically create and delete entire tenants.

### Control User Accounts
Access the global user database to fetch detailed profiles for any account, and instantly provision or remove individual users.

### Audit Access Control Models
List all available system roles and granular permissions across the entire platform, allowing you to audit security settings efficiently.

### Retrieve Integration Keys
Fetch Machine-to-Machine tokens for specific tenants when setting up back-end integrations.

## Use Cases

### Onboarding a new enterprise client
A PM needs to onboard 'Global Corp' and give them three specific users, each with an Admin role. They prompt their agent: 'Create tenant Global Corp and provision John Doe (Admin) and Jane Smith (Read-Only).' The MCP handles the `create_tenant`, followed by two calls to `create_user` and appropriate role assignment.

### Auditing an account leak
A Support Engineer receives a report of suspicious access. They ask their agent to 'Find all users in the tenant with ID tnt_123.' The MCP runs `get_tenant_details` and then uses `list_users` filtered by that specific tenant, identifying exactly who needs immediate deletion via `delete_user`.

### Decommissioning a customer account
A DevOps Admin confirms a client has left. They prompt: 'Delete the tenant named OldCo.' The MCP runs `list_tenants` to find the ID, and then executes `delete_tenant`, ensuring all associated user data is cleanly removed.

### Checking role assignment compliance
A Founder needs a list of every possible access level. They prompt: 'List all roles and permissions.' The MCP returns both the full set of system roles via `list_system_roles` and the granular rights available using `list_permissions`, confirming compliance.

## Benefits

- You can check the status of your API connection using `check_environment_status` before running any commands, ensuring zero downtime when provisioning users or managing tenants.
- Instead of clicking through tenant dashboards to see who belongs where, you can use `list_tenants` and then `get_user_details` to instantly cross-reference a user's full profile and assigned account ID.
- Auditing security models is simple: run `list_system_roles` and `list_permissions` to get a complete picture of every access level available across your entire SaaS setup.
- You gain control over the entire customer lifecycle by executing commands like `create_tenant` or `delete_user`, letting your agent handle the heavy lifting in one prompt.
- The system simplifies back-end integrations because you can use `list_m2m_tokens` to retrieve necessary keys without leaving your primary workspace.

## How It Works

The bottom line is that you talk to your AI client naturally, and it executes complex identity management actions directly against the Frontegg system.

1. Subscribe to this MCP through the Vinkius Marketplace.
2. Enter your Frontegg Client ID and API Key, which you find in your vendor workspace.
3. Start giving commands to your agent from Claude, Cursor, or any compatible client.

## Frequently Asked Questions

**How does Frontegg MCP handle multi-tenancy?**
It treats each customer account as a separate, managed silo (a tenant). You can use `list_tenants` to see all accounts and then target specific tenants when running user or role commands.

**Can I list every single user profile using the Frontegg MCP?**
Yes. The `list_users` tool provides a global listing of users, but you can also use `get_user_details` to fetch specific profiles for auditing.

**What if I need to delete a user or tenant?**
The MCP supports both cleanup actions. Use `delete_user` to remove an individual profile, or `delete_tenant` to wipe out all data associated with a whole customer account.

**Does Frontegg MCP help me audit security roles?**
Absolutely. You can run `list_system_roles` and `list_permissions` together to get the full catalog of what is assignable across your entire platform.

**Do I need specific keys to use Frontegg MCP?**
Yes, you must provide a valid Client ID and API Key. You can verify that everything is connected using the `check_environment_status` tool.