--- title: "Sentry (MCP)" description: "Connect Sentry's hosted MCP server so OpenSRE can query issues, events, traces, releases, and Seer root-cause analysis during investigations" --- OpenSRE connects to Sentry's hosted [Model Context Protocol (MCP)](https://mcp.sentry.dev) server, exposing Sentry's products — issues, events, traces, replays, releases, monitors, and Seer AI root-cause analysis — as tools the agent can call while investigating an incident. This is distinct from the [Sentry issue integration](/sentry), which is a narrow REST client used for issue and event lookup. Use the MCP integration when you want the agent to explore Sentry data directly, including Seer-assisted debugging. ## Tools | Tool | What it does | | --- | --- | | `list_sentry_tools` | List the tools the connected Sentry MCP server exposes | | `call_sentry_tool` | Call a named Sentry MCP tool (e.g. look up an issue, fetch a trace, run Seer root-cause analysis) | The agent typically calls `list_sentry_tools` first to discover what is available for your organization, then `call_sentry_tool` with the chosen tool name and arguments. ## Prerequisites - A Sentry account (hosted SaaS, or self-hosted via the `SENTRY_MCP_HOST` override) - A Sentry **user auth token** created in your account settings. The required scopes depend on the skills you use: - `org:read` — read-only inspection of issues, events, traces, releases, monitors (default) - `event:write`, `team:write`, `project:write` — for triage and project-management skills ## Setup ### Option 1: Interactive CLI ```bash opensre integrations setup ``` Select **Sentry (MCP)** when prompted, then paste your user auth token. The setup uses the hosted Streamable HTTP transport; keep the default URL unless you run self-hosted Sentry. To run a local server instead, set `SENTRY_MCP_MODE=stdio` via environment variables (see below). ### Option 2: Environment variables Add to your `.env`: ```bash SENTRY_MCP_MODE=streamable-http SENTRY_MCP_URL=https://mcp.sentry.dev/mcp SENTRY_MCP_AUTH_TOKEN=your_sentry_user_auth_token SENTRY_MCP_HOST= # optional, self-hosted Sentry host SENTRY_MCP_ORGANIZATION_SLUG= # optional, scope to one organization SENTRY_MCP_PROJECT_SLUG= # optional, scope to one project SENTRY_MCP_SKILLS= # optional, comma-separated skill filter ``` | Variable | Default | Description | | --- | --- | --- | | `SENTRY_MCP_AUTH_TOKEN` | — | **Required** (hosted). Sentry user auth token | | `SENTRY_MCP_URL` | `https://mcp.sentry.dev/mcp` | MCP server URL | | `SENTRY_MCP_MODE` | `streamable-http` | Transport: `streamable-http`, `sse`, or `stdio` | | `SENTRY_MCP_HOST` | — | Self-hosted Sentry hostname (e.g. `sentry.example.com`) | | `SENTRY_MCP_ORGANIZATION_SLUG` | — | Scope tools to a specific organization | | `SENTRY_MCP_PROJECT_SLUG` | — | Scope tools to a specific project | | `SENTRY_MCP_SKILLS` | — | Comma-separated skill filter (`inspect`, `seer`, `triage`, `project-management`) | | `SENTRY_MCP_COMMAND` | — | Command to launch a local MCP server (`stdio` mode only) | | `SENTRY_MCP_ARGS` | — | Arguments for the local MCP command (`stdio` mode only) | To run a local Sentry MCP server instead of the hosted endpoint, use `stdio` mode: ```bash SENTRY_MCP_MODE=stdio SENTRY_MCP_COMMAND=npx SENTRY_MCP_ARGS=@sentry/mcp-server@latest SENTRY_MCP_AUTH_TOKEN=your_sentry_user_auth_token ``` The `search_events` and `search_issues` tools translate natural-language queries and require an `OPENAI_API_KEY` in the MCP server's environment. The rest of the MCP server works without it, so you can skip this if you do not need those tools. ### Option 3: Persistent store ```json { "version": 1, "integrations": [ { "id": "sentry-mcp-prod", "service": "sentry_mcp", "status": "active", "credentials": { "url": "https://mcp.sentry.dev/mcp", "mode": "streamable-http", "auth_token": "your_sentry_user_auth_token", "organization_slug": "my-org" } } ] } ``` ## Verify ```bash opensre integrations verify sentry_mcp ``` A successful check connects to the MCP server and reports how many tools it discovered. If it fails, the most common cause is a missing or invalid user auth token — confirm the token has at least `org:read` scope and that outbound HTTPS to `mcp.sentry.dev` is allowed.