Connects Claude to Google Search Console's API with OAuth2 refresh token auth. You get ten tools covering the main GSC workflows: query search analytics for clicks, impressions, CTR, and position data; manage sitemaps (list, submit, delete); inspect URL indexing status; and handle site property administration. Built by crunchtools with security-focused design (credentials as SecretStr, automatic token scrubbing, Pydantic validation). Setup requires a one-time OAuth flow to generate a refresh token, then the server handles access token rotation automatically. Useful when you're building SEO dashboards, automating sitemap submissions, or investigating indexing issues without leaving your chat context.
Public tool metadata for what this MCP can expose to an agent.
GOOGLE_SEARCH_CONSOLE_GET_SITEMAPRetrieves information about a specific sitemap for a site.2 paramsRetrieves information about a specific sitemap for a site.
feedpathstringsite_urlstringGOOGLE_SEARCH_CONSOLE_INSPECT_URLInspects a URL for indexing issues and status in Google Search Console.4 paramsInspects a URL for indexing issues and status in Google Search Console.
urlstringsite_urlstringlanguage_codestringinspection_urlstringGOOGLE_SEARCH_CONSOLE_LIST_SITEMAPSLists all sitemaps for a site in Google Search Console.2 paramsLists all sitemaps for a site in Google Search Console.
site_urlstringsitemap_indexstringGOOGLE_SEARCH_CONSOLE_LIST_SITESLists all sites owned by the authenticated user in Google Search Console.Lists all sites owned by the authenticated user in Google Search Console.
No parameter schema in public metadata yet.
GOOGLE_SEARCH_CONSOLE_SEARCH_ANALYTICS_QUERYQueries Google Search Console for search analytics data including clicks, impressions, CTR, and position metrics.10 paramsQueries Google Search Console for search analytics data including clicks, impressions, CTR, and position metrics.
end_datestringsite_urlstringrow_limitintegerstart_rowintegerdata_statestringdimensionsarraystart_datestringsearch_typestringaggregation_typestringdimension_filter_groupsarrayGOOGLE_SEARCH_CONSOLE_SUBMIT_SITEMAPSubmits a sitemap to Google Search Console for indexing.2 paramsSubmits a sitemap to Google Search Console for indexing.
feedpathstringsite_urlstringSecure MCP server for Google Search Console. Query search analytics (clicks, impressions, CTR, position), manage sitemaps, inspect URL indexing status, and manage site properties.
claude mcp add mcp-google-search-console-crunchtools \
--env GSC_CLIENT_ID=your_client_id \
--env GSC_CLIENT_SECRET=your_client_secret \
--env GSC_REFRESH_TOKEN=your_refresh_token \
-- uvx mcp-google-search-console-crunchtools
pip install mcp-google-search-console-crunchtools
podman run -d -p 8017:8017 \
--env-file ~/.config/mcp-env/mcp-google-search-console.env \
quay.io/crunchtools/mcp-google-search-console \
--transport streamable-http --host 0.0.0.0
This server supports two authentication methods: browser-based OAuth (recommended) and environment variable (fallback).
Browser-based OAuth handles token exchange automatically. When credentials expire, visit the /auth URL and click through Google's consent screen — no manual code exchange needed.
https://www.googleapis.com/auth/webmastershttps://mcp-gsc.example.com/oauth2callback)Create an env file:
cat > ~/.config/mcp-env/mcp-google-search-console.env << 'EOF'
GSC_CLIENT_ID=your_client_id
GSC_CLIENT_SECRET=your_client_secret
GSC_CREDENTIALS_DIR=/data
GSC_OAUTH_REDIRECT_URI=https://mcp-gsc.example.com/oauth2callback
EOF
chmod 600 ~/.config/mcp-env/mcp-google-search-console.env
Start the server with a persistent volume for credentials:
podman run -d -p 8017:8017 \
--env-file ~/.config/mcp-env/mcp-google-search-console.env \
-v mcp-gsc-data:/data:Z \
quay.io/crunchtools/mcp-google-search-console \
--transport streamable-http --host 0.0.0.0
Visit https://mcp-gsc.example.com/auth in your browser. You'll be redirected to Google's consent screen. Grant access and the server will save credentials automatically.
When tokens expire, any tool call will return the /auth URL. Click it to re-authenticate — no container restart needed.
If you prefer static credentials or can't expose a callback URL, set GSC_REFRESH_TOKEN in your env file. See the manual OAuth flow below.
export GSC_CLIENT_ID="your_client_id_here"
export GSC_CLIENT_SECRET="your_client_secret_here"
echo "https://accounts.google.com/o/oauth2/v2/auth?client_id=${GSC_CLIENT_ID}&redirect_uri=http://127.0.0.1&response_type=code&scope=https://www.googleapis.com/auth/webmasters&access_type=offline&prompt=consent"
code= value from the redirect URLcurl -s -X POST https://oauth2.googleapis.com/token \
-d "client_id=${GSC_CLIENT_ID}" \
-d "client_secret=${GSC_CLIENT_SECRET}" \
-d "code=PASTE_CODE_HERE" \
-d "grant_type=authorization_code" \
-d "redirect_uri=http://127.0.0.1" | python3 -m json.tool
refresh_token from the response and add GSC_REFRESH_TOKEN=... to your env file.The server checks for credentials in this order:
GSC_CREDENTIALS_DIR/credentials.json (written by the browser-based flow)GSC_REFRESH_TOKEN (fallback)On each API call, the server exchanges the refresh token for a short-lived access token (~1 hour), cached in memory and refreshed automatically. Updated tokens are persisted to the credentials file for reuse across container restarts.
| Category | Count | Tools |
|---|---|---|
| Sites | 4 | list_sites, get_site, add_site, delete_site |
| Search Analytics | 1 | query_search_analytics |
| Sitemaps | 4 | list_sitemaps, get_sitemap, submit_sitemap, delete_sitemap |
| URL Inspection | 1 | inspect_url |
SecretStr (never logged)0o600 permissions (atomic writes)extra="forbid"See SECURITY.md for the full security design document.
uv sync --all-extras
uv run ruff check src tests
uv run mypy src
uv run pytest -v
gourmand --full .
podman build -f Containerfile .
com.mcparmory/google-search
io.github.pipeworx-io/brave-search
marcopesani/mcp-server-serper
brave/brave-search-mcp-server
com.mcparmory/google-search-console
acamolese/google-search-console-mcp