Skip to main content
hc
Submit
mcpSource-backedReview first Safety Privacy

Fly.io MCP Server for Claude

Manage Fly.io applications, machines, volumes, secrets, certificates, and organizations from Claude — with the official Fly.io MCP server built into the flyctl CLI.

by Fly.io·added 2026-06-18·
Claude CodeCodexCursorClaude Desktop
HarnessClaude CodeCodexCursorClaude Desktop
Review first review before installing

Open the source and read safety notes before installing.

Safety notes

  • The Fly.io MCP server runs locally with full access to your authenticated Fly.io account — it can create, delete, and modify apps, machines, and secrets.
  • Fly.io warns that running the server remotely can give others access to run commands on your behalf; keep it bound to localhost unless you intend remote access.
  • Destructive operations (machine deletion, secret updates) are available — review Claude's proposed commands before executing in production environments.

Privacy notes

  • App names, machine IDs, secret names (not values unless explicitly requested), and log content may be surfaced into Claude's context.
  • Fly.io API tokens (`FLY_ACCESS_TOKEN`) grant full account access — store them in your environment, not in repositories.

Prerequisites

  • flyctl installed — see fly.io/docs/flyctl/install/ (Homebrew: `brew install flyctl`)
  • Logged in to Fly.io: `fly auth login`
  • Or set `FLY_ACCESS_TOKEN` environment variable for headless/CI use.
  • An MCP client such as Claude Code or Claude Desktop.

Schema details

Install type
cli
Troubleshooting
No
Source repository stats
Scope
Source repo
Collection metadata
Estimated setup
10 minutes
Difficulty
beginner
Tool listing metadata
Full copyable content
{
  "mcpServers": {
    "fly": {
      "command": "fly",
      "args": ["mcp", "server"]
    }
  }
}

About this resource

Overview

The Fly.io MCP Server is the official Model Context Protocol integration built directly into the flyctl CLI. It lets Claude manage your Fly.io infrastructure — applications, machines, volumes, secrets, certificates, logs, and organizations — through natural language. It runs locally as a stdio process using your fly auth login session (or FLY_ACCESS_TOKEN) and is part of the MIT-licensed flyctl codebase.

Run fly mcp server --claude to auto-configure Claude Code, or configure it manually in Claude Desktop. The server also supports SSE and streaming HTTP transports for remote deployments.

Key capabilities

  • App management — list, inspect, and manage Fly applications.
  • Machine operations — create, start, stop, and delete Fly Machines (lightweight VMs).
  • Volumes — manage persistent storage volumes attached to machines.
  • Secrets — inspect and update application secrets.
  • Certificates — manage TLS certificates for custom domains.
  • Logs — retrieve recent application and machine logs.
  • Organizations — list and switch between Fly organizations.

How it compares

Server PaaS platform Machine-level ops Secrets access CLI-integrated Transport
Fly.io MCP Fly.io Yes (Fly Machines) Yes Yes stdio / HTTP
Railway MCP Railway No Yes Yes (CLI) stdio / Remote
Render MCP Render No Limited No Remote
DigitalOcean MCP DO cloud Yes (Droplets) Limited No Remote
Vercel MCP Vercel edge No Yes No Remote

Fly.io's MCP is unique in offering machine-level control (create/destroy Fly Machines) alongside traditional app-layer operations, making it well-suited for infrastructure automation workflows.

Installation

Automatic (recommended)

# Install flyctl (macOS/Linux — see fly.io/docs/flyctl/install/)
brew install flyctl

# Log in
fly auth login

# Auto-configure Claude Code
fly mcp server --claude

Manual Claude Desktop config

{
  "mcpServers": {
    "fly": {
      "command": "fly",
      "args": ["mcp", "server"]
    }
  }
}

API token (headless/CI)

# Set the token
export FLY_ACCESS_TOKEN=<your-token>

# Or pass it explicitly
fly mcp server --access-token $FLY_ACCESS_TOKEN --claude

Other editors

fly mcp server --cursor     # Cursor
fly mcp server --vscode     # VS Code
fly mcp server --zed        # Zed

Requirements

  • flyctl CLI (install via Homebrew: brew install flyctl, or from fly.io/docs/flyctl/install/)
  • A Fly.io account (fly auth login)
  • An MCP client (Claude Code or Claude Desktop)

Security

  • The server runs locally with your full Fly.io account access — scope your token or account to only the organizations and apps you need.
  • Do not expose the server on a non-localhost bind address unless you intend to share access.
  • Treat FLY_ACCESS_TOKEN as a secret.

Source Verification Notes

Verified on 2026-06-18:

  • The official flyctl repository github.com/superfly/flyctl (MIT) is the authoritative source for the fly mcp server command.
  • Fly.io's MCP server documentation at fly.io/docs/mcp/flyctl-server/ documents the --claude, --cursor, --zed, and other client flags; the auth priority order (header > --access-token > FLY_ACCESS_TOKEN); and the stdio/SSE/HTTP transport options.
  • Fly.io's MCP overview at fly.io/docs/mcp/ confirms the managed capabilities: apps, certificates, logs, Machines, organizations, secrets, and volumes.
  • Claude Code's MCP documentation describes the stdio connector pattern used here.
#fly-io#deployment#cloud#infrastructure#paas#devops#machines

Source citations

Add this badge to your README

Show that Fly.io MCP Server for Claude is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/mcp/fly-io-mcp-server.svg)](https://heyclau.de/entry/mcp/fly-io-mcp-server)

How it compares

Fly.io MCP Server for Claude side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

FieldFly.io MCP Server for Claude

Manage Fly.io applications, machines, volumes, secrets, certificates, and organizations from Claude — with the official Fly.io MCP server built into the flyctl CLI.

Open dossier 		Railway MCP Server for Claude

Manage Railway projects, services, deployments, and environments from Claude — create projects, deploy templates, pull variables, trigger redeployments, and more — with the official Railway MCP server built into the Railway CLI.

Open dossier 		Render MCP Server

The official Render MCP server lets LLMs manage Render resources: create and manage web services, static sites, cron jobs, Postgres and Key-Value instances, monitor deploys, query logs and metrics, and run read-only SQL against Render Postgres.

Open dossier 		DigitalOcean MCP Server for Claude

Connect Claude to DigitalOcean — manage Apps, Droplets, managed Databases, Kubernetes, Container Registry, networking, and Functions — with DigitalOcean's official Model Context Protocol server.

Open dossier
Trust
Install riskReview firstReview firstReview firstReview first
Notes Safety Privacy Safety Privacy Safety Privacy Safety Privacy
Categorymcpmcpmcpmcp
Sourcesource-backedsource-backedsource-backedsource-backed
AuthorFly.ioRailwayrender-ossDigitalOcean
Added2026-06-182026-06-182026-06-112026-06-17
Platforms
Claude CodeCodexCursorClaude Desktop
Claude CodeClaude Desktop
Claude CodeClaude Desktop
Claude CodeClaude Desktop
Source repo
Safety notesThe Fly.io MCP server runs locally with full access to your authenticated Fly.io account — it can create, delete, and modify apps, machines, and secrets. Fly.io warns that running the server remotely can give others access to run commands on your behalf; keep it bound to localhost unless you intend remote access. Destructive operations (machine deletion, secret updates) are available — review Claude's proposed commands before executing in production environments.The Railway CLI MCP server runs as a local stdio process with full access to your authenticated Railway account — it can create, delete, and modify projects and services. Use Railway's environment scoping and project permissions to limit blast radius; avoid running the MCP server under an account with access to production environments unless intentional. A remote option (`--remote`) routes requests through `mcp.railway.com`; prefer local stdio if you prefer to keep credentials on-device.Write-capable: tools can create and modify real Render infrastructure — create_web_service, create_static_site, create_cron_job, create_postgres, create_key_value, and update_environment_variables provision or change live resources that may incur billing. update_environment_variables replaces the complete environment variable set for a service; an incomplete array can drop existing variables. Created services run build and start commands you supply; treat generated commands as code execution on Render's platform. The server reaches Render's API over the network; the hosted option (https://mcp.render.com/mcp) sends your requests through Render's hosted MCP endpoint. Review and confirm tool calls before approving them, since an LLM can issue provisioning or env-var changes on your behalf.Tools can create, update, restart, and delete live infrastructure (Apps, Droplets, Databases) — scope the API token and select only the --services you need. Destructive actions (delete, rollback) act on production resources; confirm before running them through Claude.
Privacy notesApp names, machine IDs, secret names (not values unless explicitly requested), and log content may be surfaced into Claude's context. Fly.io API tokens (`FLY_ACCESS_TOKEN`) grant full account access — store them in your environment, not in repositories.Railway commands may expose environment variable names and values from your projects into the Claude context; treat these as secrets. The Railway CLI authenticates via stored tokens — keep your Railway account credentials secure.Authentication uses a RENDER_API_KEY scoped to your Render workspace(s); anyone with the key can manage those resources. Keep it in a server-scoped header or server-scoped env block, not a top-level/global env block shared with other MCP servers. query_render_postgres runs SQL against your Render Postgres and returns row data to the LLM — query results may include sensitive application data. Logs and metrics tools (list_logs, list_log_label_values, get_metrics) surface application log contents and performance data to the model. update_environment_variables and service details can expose configuration values; avoid sending secrets you don't want the model to see. When using the hosted server, requests transit Render's hosted MCP infrastructure rather than staying entirely local.Resource metadata, logs, and metrics enter the MCP client context and the model's prompt. The DIGITALOCEAN_API_TOKEN is a secret — store it in the client config or environment, never in shared repositories.
Prerequisites
  • flyctl installed — see fly.io/docs/flyctl/install/ (Homebrew: `brew install flyctl`)
  • Logged in to Fly.io: `fly auth login`
  • Or set `FLY_ACCESS_TOKEN` environment variable for headless/CI use.
  • An MCP client such as Claude Code or Claude Desktop.
  • Railway CLI installed: `npm i -g @railway/cli` (or `brew install railway` on macOS).
  • Logged in to Railway: `railway login`
  • An MCP client such as Claude Code or Claude Desktop.
  • A Render account
  • A Render API key created from Account Settings (dashboard.render.com/u/settings)
  • An MCP-compatible client (e.g. Claude Desktop, Cursor)
  • For the local binary only: the unzipped release executable, or Go to build from source
  • A DigitalOcean account.
  • A DigitalOcean API token (DIGITALOCEAN_API_TOKEN) with the scopes for the services you enable.
  • Node.js (npx) to run @digitalocean/mcp, or use the hosted remote endpoint.
  • An MCP client such as Claude Code or Claude Desktop.
Install
fly mcp server --claude
railway mcp install --agent claude-code
# Recommended: use Render's hosted MCP server (no local install required).
# Optional local binary — download from GitHub Releases, then point your
# MCP client at the unzipped executable:
#   https://github.com/render-oss/render-mcp-server/releases

claude mcp add digitalocean -e DIGITALOCEAN_API_TOKEN=<your-token> -- npx -y @digitalocean/mcp --services apps,droplets,databases
Config
{
  "mcpServers": {
    "fly": {
      "command": "fly",
      "args": ["mcp", "server"]
    }
  }
}
{
  "mcpServers": {
    "railway": {
      "command": "railway",
      "args": ["mcp"]
    }
  }
}
// Hosted server (recommended) — HTTP clients such as Cursor / Windsurf:
{
  "mcpServers": {
    "render": {
      "url": "https://mcp.render.com/mcp",
      "headers": {
        "Authorization": "Bearer <YOUR_API_KEY>"
      }
    }
  }
}

// Hosted server for Claude Desktop via mcp-remote; env is scoped to render only:
{
  "mcpServers": {
    "render": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://mcp.render.com/mcp",
        "--header",
        "Authorization: Bearer ${RENDER_API_KEY}"
      ],
      "env": {
        "RENDER_API_KEY": "<YOUR_API_KEY>"
      }
    }
  }
}

// Local binary alternative (stdio transport); env is scoped to render only:
{
  "mcpServers": {
    "render": {
      "command": "/path/to/render-mcp-server",
      "args": ["--transport", "stdio"],
      "env": {
        "RENDER_API_KEY": "<YOUR_API_KEY>"
      }
    }
  }
}

{
  "mcpServers": {
    "digitalocean": {
      "command": "npx",
      "args": ["-y", "@digitalocean/mcp", "--services", "apps,droplets,databases"],
      "env": {
        "DIGITALOCEAN_API_TOKEN": "<your-token>"
      }
    }
  }
}
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.