Skip to main content
mcpSource-backed

Heroku MCP Server for Claude

Official Heroku Platform MCP server that connects Claude and other MCP clients to Heroku apps, dynos, add-ons, pipelines, Private Spaces, maintenance mode, logs, deployments, one-off dynos, Heroku Postgres, and optional Heroku AI tools through the Heroku CLI.

by Heroku · submitted by oktofeesh1·added 2026-06-04·
Review first review before installing

Open the source and read safety notes before installing.

Citation facts

Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.

Source URLs
https://devcenter.heroku.com/articles/heroku-mcp-server, https://github.com/heroku/heroku-mcp-server
Safety notes
Heroku documents the server as early development, and the available functionality and tools may evolve. Re-check the Dev Center page and repo before using it for production-sensitive workflows., Prefer `heroku mcp:start` because it uses the current Heroku CLI authentication context and avoids placing a Heroku API token directly in MCP client configuration., The server can perform account-write and production-impacting operations: creating and renaming apps, transferring apps, deploying projects, running one-off dynos, scaling and restarting dynos, provisioning add-ons, toggling maintenance mode, creating and promoting pipelines, and managing Private Space resources., Heroku Postgres tools can execute SQL, inspect active queries and locks, manage credentials, terminate database processes, manage backups, and start upgrades. Treat those tools as database administration capabilities, not read-only observability., `deploy_one_off_dyno` can execute generated code or commands on a Heroku one-off dyno with file creation, network access, environment variables, and automatic cleanup. Do not run unreviewed code from prompts, issues, pull requests, or third-party repositories., The server does not document a global read-only mode. Limit the Heroku account, team, app, pipeline, and database permissions available to the MCP client before connecting it to an assistant., Cost-bearing operations such as app creation, dyno scaling, add-on provisioning, one-off dynos, AI model provisioning, database backups, and database upgrades should require explicit human approval and a clear target app or team., Use staging apps, disposable review apps, narrow Heroku teams, and short-lived authorization tokens before allowing an agent near production apps, production databases, Shield Spaces, or regulated workloads.
Privacy notes
Tool results can expose Heroku account context, team names, app names, regions, stack and runtime details, dyno names, process types, add-ons, pipeline names, Private Space names, database identifiers, logs, SQL text, query output, query plans, credentials metadata, backup metadata, and deployment details., `HEROKU_API_KEY` is an authorization token for the Heroku account context that created it. Keep it out of prompts, screenshots, shell history, repository files, shared MCP configs, and client logs., The preferred CLI-auth flow still grants the MCP server whatever access the local Heroku CLI session has. Review the active Heroku account before connecting the server to a client., App logs and deployment output can include request data, error traces, customer identifiers, webhook payloads, add-on connection hints, and secrets accidentally printed by application code., Postgres query results, backup output, locks, active queries, credential metadata, and upgrade output can contain sensitive schema names, tenant records, operational metadata, and personally identifiable information., Client-side transcripts, MCP debug logs, Heroku CLI output, VS Code debug settings, and assistant conversations may retain Heroku account and database details outside Heroku.
Author
Heroku
Submitted by
oktofeesh1
Claim status
unclaimed
Last verified
2026-06-04

Decision playbook

Review trust signals before you adopt

Signals are present but mixed. Use the checklist below to confirm the source and operational safety for your environment.

Compare context
Selected

0

Current score

78

Baseline

Delta

No baseline selected

No major trust-signal divergence detected in the current selection.

Source and provenance checks

Complete

Confirm ownership and provenance before trusting install instructions.

  • Source link availableRequired

    Open the canonical repository and verify ownership.

    Done
  • Source provenance statusRequired

    Marked as source-backed.

    Done
  • Metadata reviewed

    Registry metadata indicates a reviewed listing.

    Done

Safety and privacy checks

Complete

Validate risk disclosures before installation or API wiring.

  • Safety notes presentRequired

    Review the listed safety guidance before running commands.

    Done
  • Privacy notes presentRequired

    Review data handling notes before connecting accounts or secrets.

    Done
  • Trust level risk gateRequired

    Trust level does not block evaluation.

    Done

Package and install checks

Needs review

Check package metadata and artifact integrity signals.

  • Install payload available

    Install or copy payload is available for review.

    Done
  • Package verification flag

    No package verification flag provided.

    Pending
  • Checksum metadata

    No checksum provided for downloaded artifact.

    Pending

Compare-driven decision checks

Needs review

Use compare context to validate trade-offs before adoption.

  • Compare tray has multiple entries

    Add at least one more entry to compare trust differences.

    Pending
  • Baseline comparison available

    No baseline peer selected yet.

    Pending
  • Diverging trust signals identified

    No major trust-signal divergence found.

    Pending

Setup at a glance

CLI install

Copy-ready — paste the snippet to get started.

15 minutes

Adoption plan

Balanced adoption plan

Current risk score 16/100. Use staged verification before broader rollout.

Risk 16

Pre-adoption checks

Validate source and review signals before any execution.

  • Confirm source provenanceRequired

    Source URL/provenance metadata is present.

    Done
  • Confirm metadata review state

    Listing has review metadata.

    Done
  • Verify install payload

    Install/config payload exists and can be inspected.

    Done

Security checks

Confirm safety, privacy, and package integrity signals.

  • Review safety notesRequired

    Safety notes are present.

    Done
  • Review privacy notesRequired

    Privacy notes are present.

    Done
  • Verify package integrity metadata

    No package verification/checksum metadata.

    Pending

Rollout

Adopt in controlled steps based on the selected plan.

  • Run in isolated sandbox firstRequired

    Use a constrained sandbox and observe behavior across multiple tasks.

    Pending
  • Roll out graduallyRequired

    Roll out to a small cohort before wider usage.

    Pending
  • Set monitoring and fallback

    Define rollback path and monitor errors after adoption.

    Pending

Evidence readiness

Evidence readiness matrix · balanced

Required evidence gates are covered (5/6 signals complete).

Risk 15

Source provenance

Present

Source repository/provenance is listed.

Required in this preset

Metadata review

Present

Review metadata is present.

Required in this preset

Safety notes

Present

Safety notes are present.

Required in this preset

Privacy notes

Present

Privacy notes are present.

Optional in this preset

Package integrity

Missing

Package integrity metadata is missing.

Optional in this preset

Install payload

Present

Install payload is available.

Required in this preset

Required evidence gates are covered for this preset.

Decision timeline

Decision timeline · balanced

5/6 steps complete with no blocking gaps for this preset.

Risk 14

triage

Confirm source provenanceRequired

Source/provenance metadata is available.

Done

triage

Check metadata review statusRequired

Review metadata is available.

Done

verify

Review safety notesRequired

Safety notes are available.

Done

verify

Review privacy notes

Privacy notes are available.

Done

verify

Validate package integrity metadata

Package integrity metadata is missing.

Pending

rollout

Verify install payload and commandsRequired

Install payload is available.

Done

No required blockers for this timeline preset.

Prerequisite readiness

Prerequisite readiness

7 prerequisites to line up before setup. Have accounts and credentials ready first. Includes a review or approval gate.

0/7 ready
Account & credentials4Install & runtime2Review & approval115 minutes

Safety & privacy surface

Safety & privacy surface

8 safety and 6 privacy notes across 5 risk areas. Review closely: credentials & tokens, permissions & scopes, network access.

5 areas
  • SafetyGeneralHeroku documents the server as early development, and the available functionality and tools may evolve. Re-check the Dev Center page and repo before using it for production-sensitive workflows.
  • SafetyCredentials & tokensPrefer `heroku mcp:start` because it uses the current Heroku CLI authentication context and avoids placing a Heroku API token directly in MCP client configuration.
  • SafetyExecution & processesThe server can perform account-write and production-impacting operations: creating and renaming apps, transferring apps, deploying projects, running one-off dynos, scaling and restarting dynos, provisioning add-ons, toggling maintenance mode, creating and promoting pipelines, and managing Private Space resources.
  • SafetyCredentials & tokensHeroku Postgres tools can execute SQL, inspect active queries and locks, manage credentials, terminate database processes, manage backups, and start upgrades. Treat those tools as database administration capabilities, not read-only observability.
  • SafetyNetwork access`deploy_one_off_dyno` can execute generated code or commands on a Heroku one-off dyno with file creation, network access, environment variables, and automatic cleanup. Do not run unreviewed code from prompts, issues, pull requests, or third-party repositories.
  • SafetyPermissions & scopesThe server does not document a global read-only mode. Limit the Heroku account, team, app, pipeline, and database permissions available to the MCP client before connecting it to an assistant.
  • SafetyGeneralCost-bearing operations such as app creation, dyno scaling, add-on provisioning, one-off dynos, AI model provisioning, database backups, and database upgrades should require explicit human approval and a clear target app or team.
  • SafetyCredentials & tokensUse staging apps, disposable review apps, narrow Heroku teams, and short-lived authorization tokens before allowing an agent near production apps, production databases, Shield Spaces, or regulated workloads.
  • PrivacyCredentials & tokensTool results can expose Heroku account context, team names, app names, regions, stack and runtime details, dyno names, process types, add-ons, pipeline names, Private Space names, database identifiers, logs, SQL text, query output, query plans, credentials metadata, backup metadata, and deployment details.
  • PrivacyCredentials & tokens`HEROKU_API_KEY` is an authorization token for the Heroku account context that created it. Keep it out of prompts, screenshots, shell history, repository files, shared MCP configs, and client logs.
  • PrivacyCredentials & tokensThe preferred CLI-auth flow still grants the MCP server whatever access the local Heroku CLI session has. Review the active Heroku account before connecting the server to a client.
  • PrivacyCredentials & tokensApp logs and deployment output can include request data, error traces, customer identifiers, webhook payloads, add-on connection hints, and secrets accidentally printed by application code.
  • PrivacyCredentials & tokensPostgres query results, backup output, locks, active queries, credential metadata, and upgrade output can contain sensitive schema names, tenant records, operational metadata, and personally identifiable information.
  • PrivacyExecution & processesClient-side transcripts, MCP debug logs, Heroku CLI output, VS Code debug settings, and assistant conversations may retain Heroku account and database details outside Heroku.

Safety notes

  • Heroku documents the server as early development, and the available functionality and tools may evolve. Re-check the Dev Center page and repo before using it for production-sensitive workflows.
  • Prefer `heroku mcp:start` because it uses the current Heroku CLI authentication context and avoids placing a Heroku API token directly in MCP client configuration.
  • The server can perform account-write and production-impacting operations: creating and renaming apps, transferring apps, deploying projects, running one-off dynos, scaling and restarting dynos, provisioning add-ons, toggling maintenance mode, creating and promoting pipelines, and managing Private Space resources.
  • Heroku Postgres tools can execute SQL, inspect active queries and locks, manage credentials, terminate database processes, manage backups, and start upgrades. Treat those tools as database administration capabilities, not read-only observability.
  • `deploy_one_off_dyno` can execute generated code or commands on a Heroku one-off dyno with file creation, network access, environment variables, and automatic cleanup. Do not run unreviewed code from prompts, issues, pull requests, or third-party repositories.
  • The server does not document a global read-only mode. Limit the Heroku account, team, app, pipeline, and database permissions available to the MCP client before connecting it to an assistant.
  • Cost-bearing operations such as app creation, dyno scaling, add-on provisioning, one-off dynos, AI model provisioning, database backups, and database upgrades should require explicit human approval and a clear target app or team.
  • Use staging apps, disposable review apps, narrow Heroku teams, and short-lived authorization tokens before allowing an agent near production apps, production databases, Shield Spaces, or regulated workloads.

Privacy notes

  • Tool results can expose Heroku account context, team names, app names, regions, stack and runtime details, dyno names, process types, add-ons, pipeline names, Private Space names, database identifiers, logs, SQL text, query output, query plans, credentials metadata, backup metadata, and deployment details.
  • `HEROKU_API_KEY` is an authorization token for the Heroku account context that created it. Keep it out of prompts, screenshots, shell history, repository files, shared MCP configs, and client logs.
  • The preferred CLI-auth flow still grants the MCP server whatever access the local Heroku CLI session has. Review the active Heroku account before connecting the server to a client.
  • App logs and deployment output can include request data, error traces, customer identifiers, webhook payloads, add-on connection hints, and secrets accidentally printed by application code.
  • Postgres query results, backup output, locks, active queries, credential metadata, and upgrade output can contain sensitive schema names, tenant records, operational metadata, and personally identifiable information.
  • Client-side transcripts, MCP debug logs, Heroku CLI output, VS Code debug settings, and assistant conversations may retain Heroku account and database details outside Heroku.

Prerequisites

  • Heroku account with access to the apps, teams, pipelines, Private Spaces, add-ons, Heroku Postgres databases, or AI resources Claude should inspect or manage.
  • Heroku CLI 10.8.1 or later installed globally and authenticated with the intended Heroku account.
  • Node.js 20 or later when running the npm package directly with `npx -y @heroku/mcp-server`.
  • MCP-capable client configuration for Claude Desktop, Cursor, VS Code, Zed, Windsurf, Cline, Trae, or another stdio-compatible client.
  • Authorization plan for using the current Heroku CLI session through `heroku mcp:start` or a Heroku authorization token in `HEROKU_API_KEY`.
  • Deployment and database safety plan for app creation, renaming, transfer, dyno scaling, restarts, add-on provisioning, maintenance mode, pipeline promotion, SQL execution, Postgres credentials, backups, and upgrades.
  • Review process for any agent action that can create billable resources, deploy code, execute one-off dynos, change production traffic, or modify a Heroku Postgres database.

Schema details

Install type
cli
Troubleshooting
No
Source repository stats
Scope
Source repo
Collection metadata
Estimated setup
15 minutes
Difficulty
advanced
Full copyable content
{
  "mcpServers": {
    "heroku": {
      "command": "heroku mcp:start"
    }
  }
}

About this resource

Content

Heroku MCP Server connects Claude and other MCP-capable clients to the Heroku Platform through a local stdio server backed by the Heroku CLI. It gives an assistant tools for listing and inspecting apps, managing dynos, reading logs, provisioning add-ons, creating pipelines, promoting releases, toggling maintenance mode, deploying projects, running one-off dynos, operating Heroku Postgres, and optionally using Heroku AI tools when the Heroku AI CLI plugin is installed.

The safest setup is Heroku's recommended heroku mcp:start command, because it uses the active Heroku CLI session instead of storing a raw Heroku API token in MCP client configuration. Treat the connected client as an operator with the same Heroku access as the authenticated CLI session.

Features

  • Official Heroku Platform MCP server maintained in the heroku/heroku-mcp-server repository.
  • Stdio MCP server that runs through Heroku CLI 10.8.1 or later.
  • Recommended heroku mcp:start launch path that reuses existing Heroku CLI authentication.
  • Alternate npm launch path with npx -y @heroku/mcp-server and HEROKU_API_KEY.
  • Client examples for Claude Desktop, Cursor, VS Code, Zed, Windsurf, Cline, and Trae.
  • App management tools for listing apps, inspecting app details, creating apps, renaming apps, transferring apps, deploying projects, and running one-off dynos.
  • Dyno and process tools for listing, scaling, resizing, and restarting dynos.
  • Add-on tools for listing add-ons, inspecting add-ons, provisioning add-ons, and listing add-on services and plans.
  • Maintenance and logs tools for enabling or disabling maintenance mode and reading application logs.
  • Pipeline tools for creating, listing, inspecting, and promoting Heroku pipelines.
  • Team and space tools for listing teams and Private Spaces.
  • Heroku Postgres tools for SQL execution, database details, active queries, locks, outliers, credentials, process termination, maintenance, backups, and upgrades.
  • Optional Heroku AI tools for listing available models, provisioning model access, and making inference requests when the @heroku/plugin-ai CLI plugin is installed.
  • Dev Center resource support for bringing Heroku documentation into compatible MCP clients.

Use Cases

  • Ask Claude to inventory Heroku apps, dynos, add-ons, teams, spaces, and pipelines before a migration or cleanup.
  • Inspect app metadata and logs while debugging a failed deploy or runtime incident.
  • Scale or restart dynos during a supervised staging incident-response drill.
  • Create a disposable app or pipeline from an app.json project definition.
  • Run a short-lived one-off dyno to test a script after reviewing the generated code and target app.
  • Inspect Heroku Postgres locks, outliers, active queries, backup state, or maintenance windows.
  • Execute SQL in development or staging databases while keeping production databases out of the MCP client's credentials.
  • Pull Heroku Dev Center context into a Claude workflow while building or operating Heroku apps.

Installation

Preferred Heroku CLI setup

Install or upgrade the Heroku CLI, authenticate with the intended account, and confirm version 10.8.1 or later:

heroku --version
heroku auth:whoami

Then configure the MCP client to launch the server through the Heroku CLI:

{
  "mcpServers": {
    "heroku": {
      "command": "heroku mcp:start"
    }
  }
}

VS Code stdio setup

VS Code's MCP config can split the command and arguments:

{
  "mcp": {
    "servers": {
      "heroku": {
        "type": "stdio",
        "command": "heroku",
        "args": ["mcp:start"]
      }
    }
  }
}

npm setup with API token

Use the npm package only when you intentionally want to pass a Heroku authorization token through HEROKU_API_KEY:

{
  "mcpServers": {
    "heroku": {
      "command": "npx",
      "args": ["-y", "@heroku/mcp-server"],
      "env": {
        "HEROKU_API_KEY": "<YOUR_HEROKU_AUTH_TOKEN>"
      }
    }
  }
}

Generate a token with heroku authorizations:create, heroku auth:token, or the Heroku Dashboard's account applications page. Rotate and revoke tokens when they are no longer needed.

Configuration

Request timeout

The npm server supports MCP_SERVER_REQUEST_TIMEOUT, defaulting to 15000 milliseconds when unset:

{
  "mcpServers": {
    "heroku": {
      "command": "npx",
      "args": ["-y", "@heroku/mcp-server"],
      "env": {
        "HEROKU_API_KEY": "<YOUR_HEROKU_AUTH_TOKEN>",
        "MCP_SERVER_REQUEST_TIMEOUT": "30000"
      }
    }
  }
}

Use longer timeouts for operations that regularly wait on Heroku CLI output, but avoid masking hung or ambiguous deployment/database operations.

Heroku account scoping

Before connecting the server, run:

heroku auth:whoami
heroku apps --team YOUR_TEAM

Confirm the authenticated account, team, and target apps are the ones you want the assistant to see. If the workflow only needs staging access, authenticate a dedicated Heroku account or team role with staging-only permissions.

Examples

Ask Claude to inspect app and pipeline state:

Use the Heroku MCP server to list apps for the staging team, summarize dyno
formation and add-ons for APP_NAME, and do not change anything.

Ask for a supervised logs review:

Read the latest Heroku logs for APP_NAME, identify likely startup failures, and
propose fixes. Do not restart dynos or change config.

Run a database investigation only after scoping the target:

Use pg_info, pg_locks, and pg_outliers on the staging database for APP_NAME.
Do not run pg_psql, pg_kill, pg_credentials, pg_backups, or pg_upgrade unless I
approve the exact command and target.

Source Notes

  • Official docs: Heroku MCP Server STDIO Mode.
  • Official repository: heroku/heroku-mcp-server.
  • npm package: @heroku/mcp-server, Apache-2.0, Node.js >=20.
  • The Dev Center page says the server is early development and currently supports Heroku CLI 10.8.1 or later.
  • The README and manifest list app, dyno, add-on, maintenance, log, pipeline, team, space, Postgres, deployment, one-off dyno, optional AI, and Dev Center resource capabilities.

Duplicate Check

  • Checked current upstream content for Heroku titles, slugs, source URLs, heroku-mcp-server, @heroku/mcp-server, heroku mcp:start, and Dev Center MCP docs.
  • Checked live open issues and pull requests for Heroku MCP and heroku-mcp-server.
  • No dedicated Heroku MCP entry, source URL duplicate, target file duplicate, or open duplicate PR was found before drafting.

Disclosure

This is an independent community directory entry submitted by oktofeesh1. Heroku is a Salesforce platform, but this listing is not sponsored, paid, affiliate-backed, or submitted by Heroku. Use Heroku's current pricing, security, compliance, and support documentation when deciding whether to connect an AI assistant to real Heroku resources.

Source citations

Add this badge to your README

Show that Heroku MCP Server for Claude is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/mcp/heroku-mcp-server.svg)](https://heyclau.de/entry/mcp/heroku-mcp-server)

How it compares

Heroku MCP Server for Claude side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

1 trust signal differ across this comparison (Submitter).

Field

Official Heroku Platform MCP server that connects Claude and other MCP clients to Heroku apps, dynos, add-ons, pipelines, Private Spaces, maintenance mode, logs, deployments, one-off dynos, Heroku Postgres, and optional Heroku AI tools through the Heroku CLI.

Open dossier

MCP server for Coolify infrastructure management, diagnostics, deployments, logs, projects, environments, applications, databases, services, env vars, storage, scheduled tasks, private keys, cloud tokens, teams, and docs search.

Open dossier

Connect Claude to DigitalOcean — manage Apps, Droplets, managed Databases, Kubernetes, Container Registry, networking, and Functions — with DigitalOcean's official Model Context Protocol server.

Open dossier

The official Render MCP server lets LLMs manage Render resources: create and manage web services, static sites, cron jobs, Postgres and Key-Value instances, monitor deploys, query logs and metrics, and run read-only SQL against Render Postgres.

Open dossier
Next steps
Trust
Review statusReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewed
Package trustPackage not verifiedPackage not verifiedPackage not verifiedPackage not verified
Source provenanceSource-backedSource-backedSource-backedSource-backed
SubmitterDiffersoktofeesh1oktofeesh1
Install riskReview firstReview firstReview firstReview first
Notes Safety ✓ Privacy ✓ Safety ✓ Privacy ✓ Safety ✓ Privacy ✓ Safety ✓ Privacy ✓
BrandCoolify MCP Server logoCoolify MCP ServerKubernetes logoKubernetes
Categorymcpmcpmcpmcp
SourceSource-backedSource-backedSource-backedSource-backed
AuthorHerokuStuart MasonDigitalOceanrender-oss
Added2026-06-042026-06-062026-06-172026-06-11
Platforms
Harness
Source repo
Safety notesHeroku documents the server as early development, and the available functionality and tools may evolve. Re-check the Dev Center page and repo before using it for production-sensitive workflows. Prefer `heroku mcp:start` because it uses the current Heroku CLI authentication context and avoids placing a Heroku API token directly in MCP client configuration. The server can perform account-write and production-impacting operations: creating and renaming apps, transferring apps, deploying projects, running one-off dynos, scaling and restarting dynos, provisioning add-ons, toggling maintenance mode, creating and promoting pipelines, and managing Private Space resources. Heroku Postgres tools can execute SQL, inspect active queries and locks, manage credentials, terminate database processes, manage backups, and start upgrades. Treat those tools as database administration capabilities, not read-only observability. `deploy_one_off_dyno` can execute generated code or commands on a Heroku one-off dyno with file creation, network access, environment variables, and automatic cleanup. Do not run unreviewed code from prompts, issues, pull requests, or third-party repositories. The server does not document a global read-only mode. Limit the Heroku account, team, app, pipeline, and database permissions available to the MCP client before connecting it to an assistant. Cost-bearing operations such as app creation, dyno scaling, add-on provisioning, one-off dynos, AI model provisioning, database backups, and database upgrades should require explicit human approval and a clear target app or team. Use staging apps, disposable review apps, narrow Heroku teams, and short-lived authorization tokens before allowing an agent near production apps, production databases, Shield Spaces, or regulated workloads.Coolify MCP Server can start, stop, restart, redeploy, cancel deployments, update env vars, create or delete projects, environments, applications, databases, services, backups, storages, scheduled tasks, private keys, GitHub apps, and cloud tokens depending on API permissions. Batch tools such as `restart_project_apps`, `bulk_env_update`, `stop_all_apps`, and `redeploy_project` can affect multiple production services at once. Deployment, control, backup, storage, private key, cloud token, GitHub app, and scheduled-task operations should require explicit confirmation. Custom `--header` values may carry auth-proxy secrets; never let an agent invent, log, or modify them casually. Test on non-production projects or staging resources before allowing Claude to operate live Coolify infrastructure.Tools can create, update, restart, and delete live infrastructure (Apps, Droplets, Databases) — scope the API token and select only the --services you need. Destructive actions (delete, rollback) act on production resources; confirm before running them through Claude.Write-capable: tools can create and modify real Render infrastructure — create_web_service, create_static_site, create_cron_job, create_postgres, create_key_value, and update_environment_variables provision or change live resources that may incur billing. update_environment_variables replaces the complete environment variable set for a service; an incomplete array can drop existing variables. Created services run build and start commands you supply; treat generated commands as code execution on Render's platform. The server reaches Render's API over the network; the hosted option (https://mcp.render.com/mcp) sends your requests through Render's hosted MCP endpoint. Review and confirm tool calls before approving them, since an LLM can issue provisioning or env-var changes on your behalf.
Privacy notesTool results can expose Heroku account context, team names, app names, regions, stack and runtime details, dyno names, process types, add-ons, pipeline names, Private Space names, database identifiers, logs, SQL text, query output, query plans, credentials metadata, backup metadata, and deployment details. `HEROKU_API_KEY` is an authorization token for the Heroku account context that created it. Keep it out of prompts, screenshots, shell history, repository files, shared MCP configs, and client logs. The preferred CLI-auth flow still grants the MCP server whatever access the local Heroku CLI session has. Review the active Heroku account before connecting the server to a client. App logs and deployment output can include request data, error traces, customer identifiers, webhook payloads, add-on connection hints, and secrets accidentally printed by application code. Postgres query results, backup output, locks, active queries, credential metadata, and upgrade output can contain sensitive schema names, tenant records, operational metadata, and personally identifiable information. Client-side transcripts, MCP debug logs, Heroku CLI output, VS Code debug settings, and assistant conversations may retain Heroku account and database details outside Heroku.Coolify access tokens, base URLs, custom headers, application UUIDs, server IPs, domains, logs, env vars, deployment logs, private keys, cloud-provider tokens, GitHub app data, team membership, backups, database metadata, and service configuration can be exposed to the MCP client. Application and deployment logs may contain secrets, customer data, build output, container metadata, private repository details, and runtime errors. Environment variable and cloud-token tools can reveal or mutate sensitive infrastructure credentials. Documentation search is local to the server, but Coolify API calls contact the configured Coolify instance. Keep tokens and auth-proxy headers in local MCP client configuration only, and avoid sharing transcripts that include infrastructure identifiers or logs.Resource metadata, logs, and metrics enter the MCP client context and the model's prompt. The DIGITALOCEAN_API_TOKEN is a secret — store it in the client config or environment, never in shared repositories.Authentication uses a RENDER_API_KEY scoped to your Render workspace(s); anyone with the key can manage those resources. Keep it in a server-scoped header or server-scoped env block, not a top-level/global env block shared with other MCP servers. query_render_postgres runs SQL against your Render Postgres and returns row data to the LLM — query results may include sensitive application data. Logs and metrics tools (list_logs, list_log_label_values, get_metrics) surface application log contents and performance data to the model. update_environment_variables and service details can expose configuration values; avoid sending secrets you don't want the model to see. When using the hosted server, requests transit Render's hosted MCP infrastructure rather than staying entirely local.
Prerequisites
  • Heroku account with access to the apps, teams, pipelines, Private Spaces, add-ons, Heroku Postgres databases, or AI resources Claude should inspect or manage.
  • Heroku CLI 10.8.1 or later installed globally and authenticated with the intended Heroku account.
  • Node.js 20 or later when running the npm package directly with `npx -y @heroku/mcp-server`.
  • MCP-capable client configuration for Claude Desktop, Cursor, VS Code, Zed, Windsurf, Cline, Trae, or another stdio-compatible client.
  • Running Coolify instance with API access enabled.
  • Coolify API access token scoped to the resources Claude may inspect or manage.
  • Node.js 20 or newer for the published npm server.
  • Review of which servers, projects, applications, databases, services, deployments, env vars, private keys, teams, cloud tokens, and scheduled tasks the token can access.
  • A DigitalOcean account.
  • A DigitalOcean API token (DIGITALOCEAN_API_TOKEN) with the scopes for the services you enable.
  • Node.js (npx) to run @digitalocean/mcp, or use the hosted remote endpoint.
  • An MCP client such as Claude Code or Claude Desktop.
  • A Render account
  • A Render API key created from Account Settings (dashboard.render.com/u/settings)
  • An MCP-compatible client (e.g. Claude Desktop, Cursor)
  • For the local binary only: the unzipped release executable, or Go to build from source
Install
heroku mcp:start
npx -y @masonator/coolify-mcp
claude mcp add digitalocean -e DIGITALOCEAN_API_TOKEN=<your-token> -- npx -y @digitalocean/mcp --services apps,droplets,databases
# Recommended: use Render's hosted MCP server (no local install required).
# Optional local binary — download from GitHub Releases, then point your
# MCP client at the unzipped executable:
#   https://github.com/render-oss/render-mcp-server/releases
Config
{
  "mcpServers": {
    "heroku": {
      "command": "npx",
      "args": ["-y", "@heroku/mcp-server"],
      "env": {
        "HEROKU_API_KEY": "<YOUR_HEROKU_AUTH_TOKEN>",
        "MCP_SERVER_REQUEST_TIMEOUT": "30000"
      }
    }
  }
}
{
  "mcpServers": {
    "coolify": {
      "command": "npx",
      "args": [
        "-y",
        "@masonator/coolify-mcp"
      ],
      "env": {
        "COOLIFY_BASE_URL": "https://your-coolify-instance.example",
        "COOLIFY_ACCESS_TOKEN": "your-api-token"
      },
      "type": "stdio"
    }
  }
}
{
  "mcpServers": {
    "digitalocean": {
      "command": "npx",
      "args": ["-y", "@digitalocean/mcp", "--services", "apps,droplets,databases"],
      "env": {
        "DIGITALOCEAN_API_TOKEN": "<your-token>"
      }
    }
  }
}
// Hosted server (recommended) — HTTP clients such as Cursor / Windsurf:
{
  "mcpServers": {
    "render": {
      "url": "https://mcp.render.com/mcp",
      "headers": {
        "Authorization": "Bearer <YOUR_API_KEY>"
      }
    }
  }
}

// Hosted server for Claude Desktop via mcp-remote; env is scoped to render only:
{
  "mcpServers": {
    "render": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://mcp.render.com/mcp",
        "--header",
        "Authorization: Bearer ${RENDER_API_KEY}"
      ],
      "env": {
        "RENDER_API_KEY": "<YOUR_API_KEY>"
      }
    }
  }
}

// Local binary alternative (stdio transport); env is scoped to render only:
{
  "mcpServers": {
    "render": {
      "command": "/path/to/render-mcp-server",
      "args": ["--transport", "stdio"],
      "env": {
        "RENDER_API_KEY": "<YOUR_API_KEY>"
      }
    }
  }
}
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed
Open 4 picks in the interactive comparison tool

Related guides

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.