electrical_services

Doppler MCP — Projects, secrets & config

Name: Doppler
Availability: InStock
Author: aerostack

MCP Server Hosted Public

Manage Doppler secrets, configs, projects, and service tokens — your AI agent's secure gateway to all environment variables.

@aerostack

•v0.1.0•MIT•Updated May 13, 2026

add_circleAdd to Workspace

robot_2

Use with AI AssistantsMCP

Connect Claude, Cursor, or any MCP-compatible client — then call tools directly

① Add This MCP Server

Paste into your AI client config — then all its tools are available instantly.

.claude/mcp.json

{
  "mcpServers": {
    "doppler": {
      "url": "https://mcp.aerostack.dev/s/aerostack/mcp-doppler",
      "headers": {
        "Authorization": "Bearer YOUR_AEROSTACK_TOKEN"
      }
    }
  }
}

Replace YOUR_AEROSTACK_TOKEN with your API token from the dashboard.

② Call a Tool

Ask your AI assistant to call a specific tool, or send raw JSON-RPC:

Natural Language Prompt

“Use the get_workplace tool to get doppler workplace details including name, billing email, and security policies”

Using a Workspace?

Add this MCP to your Workspace — your team shares one token, secrets are stored securely, and every AI agent in the workspace can call it without per-user setup.

add_circleAdd to Workspace

mcp-doppler — Doppler MCP Server

Manage secrets, configs, and service tokens across all your Doppler environments from any AI agent.

Doppler is the industry-standard secrets manager used by thousands of engineering teams to manage environment variables across development, staging, and production. This MCP server gives your AI agents full access to the Doppler API: listing and updating secrets, managing projects and configs, creating service tokens, and auditing activity — without ever hard-coding credentials.

Live endpoint: https://mcp.aerostack.dev/s/aerostack/mcp-doppler

What You Can Do

Read and write secrets across any Doppler project and config from your AI agent
Create, clone, and delete configs to manage environment branches programmatically
Generate and revoke service tokens to give other services scoped access to secrets
Download a full secrets bundle as JSON for bulk inspection or migration
Audit recent activity across your configs to track who changed what and when

Available Tools

Tool	Description
`_ping`	Verify credentials with a lightweight auth check — returns the workplace name
`get_workplace`	Get Doppler workplace details including name, billing email, and security policies
`list_projects`	List all projects in the Doppler workplace
`get_project`	Get details of a specific Doppler project
`create_project`	Create a new Doppler project
`delete_project`	Delete a project and all its configs/secrets (irreversible)
`list_environments`	List all environments for a project
`get_environment`	Get details of a specific environment by slug
`list_configs`	List all configs in a project
`get_config`	Get details of a specific config
`clone_config`	Clone an existing config into a new config with a different name
`list_secrets`	List all secret names and values in a config
`get_secret`	Get a single secret by name, including its raw and computed value
`set_secret`	Set one or more secrets in a config (key-value object)
`delete_secret`	Delete a single secret by name from a config
`download_secrets`	Download all secrets from a config as a JSON object
`list_service_tokens`	List all service tokens for a config
`create_service_token`	Create a new service token with read or read/write access
`revoke_service_token`	Revoke a service token by its slug
`get_activity_logs`	Get the last 20 activity log entries for a project and config

Configuration

Variable	Required	Description	How to Get
`DOPPLER_SERVICE_TOKEN`	Yes	Doppler Service Token	doppler.com → Your Project → Config → Access tab → Service Tokens → Generate. Use a config-scoped token with at least read access for read-only tools, or read/write to also set and delete secrets.

Use a read/write token if you want agents to set or delete secrets. A read-only token is sufficient if you only need to inspect and download existing values.

Service tokens are scoped to a single config. If you need cross-project access, generate a token from each config and configure them as separate MCP instances, or use a Doppler personal token (with dp.pt. prefix) which has workplace-wide access.

Quick Start

Add to Aerostack Workspace

Go to aerostack.dev → Your Project → MCPs
Search for "Doppler" and click Add to Workspace
Add your DOPPLER_SERVICE_TOKEN under Project → Secrets

Once added, every AI agent in your workspace can read and manage your Doppler secrets automatically.

Example Prompts

"List all secrets in the production config of my backend project"
"Set DATABASE_URL to postgres://... in the staging config of my-api"
"Clone the dev config into a new config called dev-feature-x"
"Create a read-only service token named 'deploy-bot' for the prd config"
"Show me recent activity in the production config to see who changed secrets today"

Direct API Call

# List secrets in a config
curl -X POST https://mcp.aerostack.dev/s/aerostack/mcp-doppler \
  -H 'Content-Type: application/json' \
  -H 'X-Mcp-Secret-DOPPLER-SERVICE-TOKEN: dp.st.prd.xxxx' \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"list_secrets","arguments":{"project":"my-backend","config":"prd"}}}'

# Set a secret
curl -X POST https://mcp.aerostack.dev/s/aerostack/mcp-doppler \
  -H 'Content-Type: application/json' \
  -H 'X-Mcp-Secret-DOPPLER-SERVICE-TOKEN: dp.st.prd.xxxx' \
  -d '{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"set_secret","arguments":{"project":"my-backend","config":"prd","secrets":{"STRIPE_SECRET_KEY":"sk_live_..."}}}}'

Technical Notes

Token scoping. Service tokens (dp.st.*) are config-scoped — they can only read/write secrets within the one config they were created for. To manage projects, environments, or workplace settings, you need a personal token (dp.pt.*) or a CLI token. Most agent use cases (reading/writing secrets in a known config) work fine with a service token.
Service token permissions. read tokens can only call read-only tools (list_secrets, get_secret, download_secrets, list_service_tokens, etc.). read/write tokens additionally allow set_secret, delete_secret, clone_config, create_service_token, and revoke_service_token.
Environments vs configs. In Doppler, an environment (e.g. production) is a grouping. A config (e.g. prd, prd_server) is the actual entity that holds secrets. Most tools operate on configs, not environments directly.
download_secrets returns the secrets as a flat JSON object — the same format Doppler injects into your app at runtime. It is the fastest way to export or diff secrets between configs.
Activity logs are per-config and return up to 20 of the most recent events including secret reads, writes, and token usage.

License

MIT

Details

upgradeVersion0.1.0

gavelLicenseMIT

wifiTransportstreamable-http

lockAccessPublic

categoryCategoryapi connectors

terminalTools

Live Endpoint

https://mcp.aerostack.dev/s/aerostack/mcp-doppler

Sub-50ms globally · Zero cold start

Publisher

@aerostack

Pre-built functions for the most common MCP tool patterns. Clone, extend, and deploy.

Similar MCP Servers

View all →

Frequently asked questions

Can Claude create projects in Doppler using the MCP?+

Yes. The Doppler MCP includes a create_project tool that lets Claude create projects in your Doppler account from a plain-English prompt. You can also update and delete projects — no Doppler UI needed.

Can Claude list and retrieve projects from my Doppler account?+

Yes. The Doppler MCP includes tools to list and retrieve projects from your Doppler account. Claude can filter, sort, and summarize projects based on your instructions.

Does the Doppler MCP work inside Cursor and Windsurf?+

Yes. The Doppler MCP uses the open Model Context Protocol standard, so it works in Claude, Cursor, Windsurf, and any other MCP-compatible AI tool. All 19 Doppler tools are available everywhere you connect it — install once on Aerostack.

Is the Doppler MCP on Aerostack secure and production-ready?+

Yes. Aerostack hosts the Doppler MCP with encrypted credential storage and per-account authentication. Your Doppler credentials are never shared with Claude's conversation — they're used server-side only.

mcp-doppler — Doppler MCP Server

Manage secrets, configs, and service tokens across all your Doppler environments from any AI agent.

Live endpoint: https://mcp.aerostack.dev/s/aerostack/mcp-doppler

What You Can Do

Read and write secrets across any Doppler project and config from your AI agent
Create, clone, and delete configs to manage environment branches programmatically
Generate and revoke service tokens to give other services scoped access to secrets
Download a full secrets bundle as JSON for bulk inspection or migration
Audit recent activity across your configs to track who changed what and when

Available Tools

Tool	Description
`_ping`	Verify credentials with a lightweight auth check — returns the workplace name
`get_workplace`	Get Doppler workplace details including name, billing email, and security policies
`list_projects`	List all projects in the Doppler workplace
`get_project`	Get details of a specific Doppler project
`create_project`	Create a new Doppler project
`delete_project`	Delete a project and all its configs/secrets (irreversible)
`list_environments`	List all environments for a project
`get_environment`	Get details of a specific environment by slug
`list_configs`	List all configs in a project
`get_config`	Get details of a specific config
`clone_config`	Clone an existing config into a new config with a different name
`list_secrets`	List all secret names and values in a config
`get_secret`	Get a single secret by name, including its raw and computed value
`set_secret`	Set one or more secrets in a config (key-value object)
`delete_secret`	Delete a single secret by name from a config
`download_secrets`	Download all secrets from a config as a JSON object
`list_service_tokens`	List all service tokens for a config
`create_service_token`	Create a new service token with read or read/write access
`revoke_service_token`	Revoke a service token by its slug
`get_activity_logs`	Get the last 20 activity log entries for a project and config

Configuration

Variable	Required	Description	How to Get
`DOPPLER_SERVICE_TOKEN`	Yes	Doppler Service Token	doppler.com → Your Project → Config → Access tab → Service Tokens → Generate. Use a config-scoped token with at least read access for read-only tools, or read/write to also set and delete secrets.

Use a read/write token if you want agents to set or delete secrets. A read-only token is sufficient if you only need to inspect and download existing values.

Service tokens are scoped to a single config. If you need cross-project access, generate a token from each config and configure them as separate MCP instances, or use a Doppler personal token (with dp.pt. prefix) which has workplace-wide access.

Quick Start

Add to Aerostack Workspace

Go to aerostack.dev → Your Project → MCPs
Search for "Doppler" and click Add to Workspace
Add your DOPPLER_SERVICE_TOKEN under Project → Secrets

Once added, every AI agent in your workspace can read and manage your Doppler secrets automatically.

Example Prompts

"List all secrets in the production config of my backend project"
"Set DATABASE_URL to postgres://... in the staging config of my-api"
"Clone the dev config into a new config called dev-feature-x"
"Create a read-only service token named 'deploy-bot' for the prd config"
"Show me recent activity in the production config to see who changed secrets today"

Direct API Call

# List secrets in a config
curl -X POST https://mcp.aerostack.dev/s/aerostack/mcp-doppler \
  -H 'Content-Type: application/json' \
  -H 'X-Mcp-Secret-DOPPLER-SERVICE-TOKEN: dp.st.prd.xxxx' \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"list_secrets","arguments":{"project":"my-backend","config":"prd"}}}'

# Set a secret
curl -X POST https://mcp.aerostack.dev/s/aerostack/mcp-doppler \
  -H 'Content-Type: application/json' \
  -H 'X-Mcp-Secret-DOPPLER-SERVICE-TOKEN: dp.st.prd.xxxx' \
  -d '{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"set_secret","arguments":{"project":"my-backend","config":"prd","secrets":{"STRIPE_SECRET_KEY":"sk_live_..."}}}}'

Technical Notes

Token scoping. Service tokens (dp.st.*) are config-scoped — they can only read/write secrets within the one config they were created for. To manage projects, environments, or workplace settings, you need a personal token (dp.pt.*) or a CLI token. Most agent use cases (reading/writing secrets in a known config) work fine with a service token.
Service token permissions. read tokens can only call read-only tools (list_secrets, get_secret, download_secrets, list_service_tokens, etc.). read/write tokens additionally allow set_secret, delete_secret, clone_config, create_service_token, and revoke_service_token.
Environments vs configs. In Doppler, an environment (e.g. production) is a grouping. A config (e.g. prd, prd_server) is the actual entity that holds secrets. Most tools operate on configs, not environments directly.
download_secrets returns the secrets as a flat JSON object — the same format Doppler injects into your app at runtime. It is the fastest way to export or diff secrets between configs.
Activity logs are per-config and return up to 20 of the most recent events including secret reads, writes, and token usage.

License

MIT

Doppler MCP — Projects, secrets & config

mcp-doppler — Doppler MCP Server

What You Can Do

Available Tools

Configuration

Quick Start

Add to Aerostack Workspace

Example Prompts

Direct API Call

Technical Notes

License

Details

Publisher

Tags

More in api connectors

Aerostack Registry

Algolia

Arangodb

Ayrshare

Basecamp

Bigquery

Similar MCP Servers

Frequently asked questions

Doppler MCP — Projects, secrets & config

mcp-doppler — Doppler MCP Server

What You Can Do

Available Tools

Configuration

Quick Start

Add to Aerostack Workspace

Example Prompts

Direct API Call

Technical Notes

License

Details

Publisher

Tags

More in api connectors

Aerostack Registry

Algolia

Arangodb

Ayrshare

Basecamp

Bigquery

Similar MCP Servers

Frequently asked questions