Sentry MCP

Live

OAUTH 2.0

MONITORING

Monitoring

Let your agent triage Sentry issues, pull stack traces, and resolve errors as the engineer who owns the project.

  • Acts as the engineer. Every issue read and resolve is attributed to the real user, not a shared monitoring bot.
  • Tokens stay vaulted. Sentry OAuth credentials sit in an AES-256 vault, resolved per request, never in the prompt.
  • Scoped before every call. Project and org scopes enforced ahead of each API call, with a 90-day audit trail.
Sentry MCP
agent · Acme Q3
Run
What are the top unresolved errors in the payments service this week?
S
sentry_issues_list
92ms
Sentry agent
3 unresolved issues in payments. TimeoutError (412 events), NullPointer on checkout (88 events), and a rate-limit 429 spike (37 events).
Sources: 3 issues, payments project, last 7 days
sentrymcp
3 issues
18:29
Message Claude...

Tools your monitoring agent reaches for on Sentry, scoped per user.

CALL ANY TOOL
List and inspect issues, pull stack traces and events, and resolve or assign errors, each call scoped to the authenticated engineer's project access.
sentry_issues_list
List issues
Fetch a paginated list of issues for a project, filtered by status, level, or time range.
Parameters
Name
Type
Required
Description
project_slug
string
Required
Project to list issues from
query
string
Optional
Sentry search query, e.g. is:unresolved
stats_period
string
Optional
Time window such as 24h or 7d
sentry_issue_get
Get issue
sentry_events_list
List events
sentry_issue_update
Update issue
sentry_projects_list
List projects
sentry_release_get
Get release
Build your Agent
The same per-user auth pattern wires into every agent framework.
Python · LlamaIndex
import { ScalekitClient } from "@scalekit-sdk/node";
import { ChatOpenAI } from "@langchain/openai";
import { createReactAgent } from "@langchain/langgraph/prebuilt";

const sk = new ScalekitClient(process.env.SCALEKIT_ENV_URL, process.env.SCALEKIT_CLIENT_ID, process.env.SCALEKIT_CLIENT_SECRET);

const { tools } = await sk.tools.listScopedTools("user_123", {
filter: { connectionNames: ["sentrymcp"], toolNames: ["sentry_issues_list", "sentry_issue_get", "sentry_events_list"] },
pageSize: 100,
});

const agent = createReactAgent({ llm: new ChatOpenAI({ model: "gpt-4o" }), tools });
await agent.invoke({ messages: [{ role: "user", content: "Triage unresolved payments errors" }] });
import OpenAI from "openai";
import { ScalekitClient } from "@scalekit-sdk/node";

const openai = new OpenAI();
const sk = new ScalekitClient(process.env.SCALEKIT_ENV_URL, process.env.SCALEKIT_CLIENT_ID, process.env.SCALEKIT_CLIENT_SECRET);

const { tools } = await sk.tools.listScopedTools("user_123", {
filter: { connectionNames: ["sentrymcp"], toolNames: ["sentry_issues_list", "sentry_issue_get", "sentry_events_list"] },
pageSize: 100,
});

const res = await openai.responses.create({
model: "gpt-4o",
input: "Show top unresolved errors in payments",
tools,
});
import Anthropic from "@anthropic-ai/sdk";
import { ScalekitClient } from "@scalekit-sdk/node";

const anthropic = new Anthropic();
const sk = new ScalekitClient(process.env.SCALEKIT_ENV_URL, process.env.SCALEKIT_CLIENT_ID, process.env.SCALEKIT_CLIENT_SECRET);

const { tools } = await sk.tools.listScopedTools("user_123", {
filter: { connectionNames: ["sentrymcp"], toolNames: ["sentry_issues_list", "sentry_issue_get", "sentry_events_list"] },
pageSize: 100,
});

const msg = await anthropic.messages.create({
model: "claude-sonnet-4-6",
max_tokens: 1024,
tools,
messages: [{ role: "user", content: "Resolve the checkout NullPointer issue" }],
});
import { LlmAgent } from "@google/adk/agents";
import { ScalekitClient } from "@scalekit-sdk/node";

const sk = new ScalekitClient(process.env.SCALEKIT_ENV_URL, process.env.SCALEKIT_CLIENT_ID, process.env.SCALEKIT_CLIENT_SECRET);

const { tools } = await sk.tools.listScopedTools("user_123", {
filter: { connectionNames: ["sentrymcp"], toolNames: ["sentry_issues_list", "sentry_issue_get", "sentry_events_list"] },
pageSize: 100,
});

const agent = new LlmAgent({ name: "sentry_agent", model: "gemini-2.0-flash", tools });
await agent.run("List new issues in the latest release");
Try these prompts
Paste any prompt into your agent to start working Sentry issues.
Triage & resolve
Copy the prompt
Copied
What are the top unresolved errors in the payments service this week?
Copy the prompt
Copied
Resolve the checkout NullPointer issue and assign it to me.
Copy the prompt
Copied
Ignore the noisy rate-limit 429 issue in the api project.
Investigate
Copy the prompt
Copied
Pull the latest stack trace for issue PROJ-1421.
Copy the prompt
Copied
Show me events for the TimeoutError over the last 24 hours.
Copy the prompt
Copied
Which release introduced the checkout regression?
Report & recall
Copy the prompt
Copied
List all projects I have access to.
Copy the prompt
Copied
Summarise new issues since the last deploy.
Copy the prompt
Copied
How many events did the payments timeout error get this week?
SEE HOW AUTH WORKS
The engineer authorises Sentry once. Every later agent call uses their token with project scope enforced.
1
Authorize
Your user connects
Sentry MCP
once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access
Who:
user ‘A’
when:
Once per user
access:
Limited to user
2
Store
Their
Sentry MCP
token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection
vault:
encrypted
scope:
per-user
tokens:
auto-refreshed
3
Resolve
When your agent calls a
Sentry MCP
tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs
speed:
~40ms
check:
before every call
seen by:
nobody
4
Audit
Every
Sentry MCP
tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it
history:
90 days
export:
SIEM-ready
logged:
every call
Test other agents
See the same per-user auth pattern across other monitoring connectors.
No items found.
Why Scalekit
Secure your agent's access. Connectors ship in minutes
Other connector libraries treat auth as a demo afterthought. Monitoring data needs real per-user attribution.
01.
Shared tokens break per-user analytics
A shared Sentry token looks fine in a demo. In production every resolve and assign logs as one service account, so you lose track of who acted. Scalekit resolves the real engineer's credential per call.
// shared token
resolve → monitoring_bot

// scalekit
resolve → user_abc ✓
02.
Authentication is not authorization
03.
Multi-tenancy is architectural
04.
Sentry today. Others tomorrow.
“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”
Venu Madhav Kattagoni
Head of Engineering / Von
FAQs
Frequently Asked Questions
Does the agent access Sentry as the user or as a shared key?
As the user. Scalekit resolves the authenticated engineer's own Sentry credential at request time, so every issue read, resolve, and assignment is attributed to them in Sentry's audit log rather than a shared monitoring bot.
Where is the Sentry token stored?
In an AES-256 encrypted vault, namespaced per tenant. Tokens are fetched only at the moment of a tool call, refreshed automatically before expiry, and revocable from a single dashboard, never exposed to the model or the prompt.
Can I limit what the agent is allowed to do in Sentry?
Yes. Pass a toolNames filter to listScopedTools to expose only the actions you want, for example read-only issue listing without resolve or delete. Scalekit also runs a scope check before each API call.
What happens when a user revokes Sentry access?
The credential is invalidated at the next tool call, which fails closed rather than falling back to a shared token. Other users are unaffected, and the revocation is recorded in the audit trail.
Can the agent modify production issues, or only read them?
That is your choice. Expose only sentry_issues_list and sentry_issue_get for a read-only triage agent, or add sentry_issue_update to let it resolve and assign. The write scope is enforced per user, so an engineer can only change issues in projects they already own.
Start in your coding agent
Up and running in one command
Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up
Claude Code REPL
/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack
Cursor Code REPL
# ~/.cursor/mcp.json
{
""mcpServers"": {
""sentrymcp"": {
""url"": ""https://mcp.scalekit.com/sentrymcp"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Codex Code REPL
# ~/.codex/config.toml
[mcp_servers.sentrymcp]
url = ""https://mcp.scalekit.com/sentrymcp""
auth_env = ""SCALEKIT_TOKEN""
Copilot Code REPL
# .vscode/mcp.json
{
""servers"": {
""sentrymcp"": {
""url"": ""https://mcp.scalekit.com/sentrymcp"",
""type"": ""http""
}
}
}