# How to integrate Doppler secretops MCP with Mastra AI ```json { "title": "How to integrate Doppler secretops MCP with Mastra AI", "toolkit": "Doppler secretops", "toolkit_slug": "doppler_secretops", "framework": "Mastra AI", "framework_slug": "mastra-ai", "url": "https://composio.dev/toolkits/doppler_secretops/framework/mastra-ai", "markdown_url": "https://composio.dev/toolkits/doppler_secretops/framework/mastra-ai.md", "updated_at": "2026-05-12T10:09:34.971Z" } ``` ## Introduction This guide walks you through connecting Doppler secretops to Mastra AI using the Composio tool router. By the end, you'll have a working Doppler secretops agent that can list all recent config changes for project x, rollback staging config to previous version, clone production config to a new branch through natural language commands. This guide will help you understand how to give your Mastra AI agent real control over a Doppler secretops account through Composio's Doppler secretops MCP server. Before we dive in, let's take a quick look at the key ideas and tools involved. ## Also integrate Doppler secretops with - [OpenAI Agents SDK](https://composio.dev/toolkits/doppler_secretops/framework/open-ai-agents-sdk) - [Claude Agent SDK](https://composio.dev/toolkits/doppler_secretops/framework/claude-agents-sdk) - [Claude Code](https://composio.dev/toolkits/doppler_secretops/framework/claude-code) - [Claude Cowork](https://composio.dev/toolkits/doppler_secretops/framework/claude-cowork) - [Codex](https://composio.dev/toolkits/doppler_secretops/framework/codex) - [OpenClaw](https://composio.dev/toolkits/doppler_secretops/framework/openclaw) - [Hermes](https://composio.dev/toolkits/doppler_secretops/framework/hermes-agent) - [CLI](https://composio.dev/toolkits/doppler_secretops/framework/cli) - [Google ADK](https://composio.dev/toolkits/doppler_secretops/framework/google-adk) - [LangChain](https://composio.dev/toolkits/doppler_secretops/framework/langchain) - [Vercel AI SDK](https://composio.dev/toolkits/doppler_secretops/framework/ai-sdk) - [LlamaIndex](https://composio.dev/toolkits/doppler_secretops/framework/llama-index) - [CrewAI](https://composio.dev/toolkits/doppler_secretops/framework/crew-ai) ## TL;DR Here's what you'll learn: - Set up your environment so Mastra, OpenAI, and Composio work together - Create a Tool Router session in Composio that exposes Doppler secretops tools - Connect Mastra's MCP client to the Composio generated MCP URL - Fetch Doppler secretops tool definitions and attach them as a toolset - Build a Mastra agent that can reason, call tools, and return structured results - Run an interactive CLI where you can chat with your Doppler secretops agent ## What is Mastra AI? Mastra AI is a TypeScript framework for building AI agents with tool support. It provides a clean API for creating agents that can use external services through MCP. Key features include: - MCP Client: Built-in support for Model Context Protocol servers - Toolsets: Organize tools into logical groups - Step Callbacks: Monitor and debug agent execution - OpenAI Integration: Works with OpenAI models via @ai-sdk/openai ## What is the Doppler secretops MCP server, and what's possible with it? The Doppler secretops MCP server is an implementation of the Model Context Protocol that connects your AI agent and assistants like Claude, Cursor, etc directly to your Doppler secretops account. It provides structured and secure access to your secrets management platform, so your agent can perform actions like auditing activity logs, managing environment configs, rolling back changes, and automating config cloning on your behalf. - Fetch activity and config logs: Quickly retrieve detailed activity logs and config change histories to monitor changes and track security events across your Doppler workspace. - Rollback and restore configurations: Direct your agent to roll back a config to a previous version, helping you easily undo unwanted or risky changes with confidence. - Clone and create branch configs: Automate the cloning of config branches or create new branch configs for different environments and projects, streamlining your secrets management workflows. - Config locking and deletion: Secure your critical configs by locking them against unwanted changes or safely deleting obsolete configurations as part of environment cleanup. - Retrieve detailed config metadata: Instantly get comprehensive details for any specific config, including project and environment context, to support debugging and compliance tasks. ## Supported Tools | Tool slug | Name | Description | |---|---|---| | `DOPPLER_SECRETOPS_ACTIVITY_LOGS_LIST` | Activity Logs List | Tool to list workplace activity logs. Use when you need to fetch recent activity logs. | | `DOPPLER_SECRETOPS_ACTIVITY_LOGS_RETRIEVE` | Retrieve Activity Log | Tool to retrieve a single activity log entry by id. Use when you have a valid Activity Log id. | | `DOPPLER_SECRETOPS_CONFIG_LOGS_GET` | Retrieve Config Log Entry | Tool to retrieve a specific config log entry. Use when needing details of a single config log; call after specifying project, config, and log identifiers. | | `DOPPLER_SECRETOPS_CONFIG_LOGS_LIST` | Config Logs List | Tool to list config change logs for a specific config. Use when you need the audit trail for a config after confirming its identity. | | `DOPPLER_SECRETOPS_CONFIG_LOGS_ROLLBACK` | Config Logs Rollback | Tool to rollback a config to a selected log version. Use when needing to undo a specific change by its log ID, after confirming project, config, and log ID. | | `DOPPLER_SECRETOPS_CONFIGS_CLONE` | Clone Config | Tool to clone a branch config including all its secrets. Use after confirming the source config details. | | `DOPPLER_SECRETOPS_CONFIGS_CREATE` | Create Branch Config | Tool to create a branch config. Use when you need to programmatically establish a new branch-based configuration for a specified project and environment. Use after selecting the target project and environment. | | `DOPPLER_SECRETOPS_CONFIGS_DELETE` | Configs Delete | Tool to delete a config permanently. Use when you need to remove a config that is no longer needed. | | `DOPPLER_SECRETOPS_CONFIGS_GET` | Get Config Details | Tool to fetch a config's details. Use when you need metadata for a specific config after specifying the project and config names. Example: "Get details for config 'staging-config' in project 'proj-123'." | | `DOPPLER_SECRETOPS_CONFIGS_LOCK` | Lock Config | Tool to lock a config. Use when you need to prevent a config from being renamed or deleted after confirming the project and config names. Example: "Lock config 'staging-config' in project 'proj-123' after finalizing environment setup." | | `DOPPLER_SECRETOPS_CONFIGS_UNLOCK` | Unlock Config | Tool to unlock a config. Use when you need to allow renaming or deletion of a previously locked config. Example: "Unlock config 'staging-config' in project 'proj-123'." | | `DOPPLER_SECRETOPS_CONFIGS_UPDATE` | Update Config | Tool to modify an existing config. Use when you need to rename a config after confirming project and config names. | | `DOPPLER_SECRETOPS_DYNAMIC_SECRETS_REVOKE_LEASE` | Revoke Dynamic Secret Lease | Tool to revoke a dynamic secret lease. Use when you need to invalidate an active lease by its ID after confirming the config and dynamic secret identifiers. | | `DOPPLER_SECRETOPS_ENVIRONMENTS_CREATE` | Create Environment | Tool to create a new environment. Use when you need to programmatically create an environment for a specified project. | | `DOPPLER_SECRETOPS_ENVIRONMENTS_DELETE` | Environments Delete | Tool to delete an environment. Use when you need to remove an environment from a project after confirming it's no longer in use. | | `DOPPLER_SECRETOPS_ENVIRONMENTS_GET` | Get Environment Details | Tool to retrieve an environment. Use when you need metadata for a specific environment after specifying the project and environment slug. | | `DOPPLER_SECRETOPS_ENVIRONMENTS_LIST` | List Environments | Tool to list environments in a Doppler project. Use when you need environment metadata for a specific project after providing the project slug. | | `DOPPLER_SECRETOPS_ENVIRONMENTS_RENAME` | Rename Environment | Tool to rename an environment. Use when you need to update an environment's display name after confirming project and environment identifiers. | | `DOPPLER_SECRETOPS_GROUPS_DELETE_MEMBER` | Remove Group Member | Tool to remove a member from a group. Use after confirming the group slug and member identifiers. | | `DOPPLER_SECRETOPS_INTEGRATIONS_LIST` | Integrations List | Tool to list all external integrations. Use when you need to retrieve all configured external integrations after authentication. | | `DOPPLER_SECRETOPS_INVITES_LIST` | Invites List | Tool to list open workplace invites. Use when you need to retrieve all pending invitations for the current Doppler workplace after authenticating. | | `DOPPLER_SECRETOPS_PROJECT_MEMBERS_DELETE` | Remove Project Member | Tool to remove a member from a project. Use after confirming project slug, member type, and slug. Example: "Delete member 'jdoe' of type 'users' from project 'my-project-slug'." | | `DOPPLER_SECRETOPS_PROJECT_MEMBERS_GET` | Get Project Member | Tool to retrieve a project member by type and slug. Use after confirming project slug, member type, and slug. | | `DOPPLER_SECRETOPS_PROJECT_PERMISSIONS_LIST` | Project Permissions List | Tool to list project-level permissions. Use when you need to fetch all available permissions for projects after authentication. | | `DOPPLER_SECRETOPS_PROJECT_ROLES_GET` | Get Project Role | Tool to retrieve a project role. Use when you need details of a specific project role after authenticating. | | `DOPPLER_SECRETOPS_PROJECTS_CREATE` | Create Project | Tool to create a project. Use when you need to programmatically initialize a new Doppler project after authentication. | | `DOPPLER_SECRETOPS_PROJECTS_DELETE` | Projects Delete | Tool to delete a project permanently. Use after confirming irreversible removal. | | `DOPPLER_SECRETOPS_PROJECTS_LIST` | List Projects | Tool to list Doppler projects. Use when you need to retrieve all projects with optional pagination. | | `DOPPLER_SECRETOPS_SECRETS_UPDATE` | Update Secrets | Tool to update secrets in a config. Use when you need to change secret values for deployments. | ## Supported Triggers None listed. ## Creating MCP Server - Stand-alone vs Composio SDK The Doppler secretops MCP server is an implementation of the Model Context Protocol that connects your AI agent to Doppler secretops. It provides structured and secure access so your agent can perform Doppler secretops operations on your behalf through a secure, permission-based interface. With Composio's managed implementation, you don't have to create your own developer app. For production, if you're building an end product, we recommend using your own credentials. The managed server helps you prototype fast and go from 0-1 faster. ## Step-by-step Guide ### 1. Prerequisites Before starting, make sure you have: - Node.js 18 or higher - A Composio account with an active API key - An OpenAI API key - Basic familiarity with TypeScript ### 1. Getting API Keys for OpenAI and Composio OpenAI API Key - Go to the [OpenAI dashboard](https://platform.openai.com/settings/organization/api-keys) and create an API key. - You need credits or a connected billing setup to use the models. - Store the key somewhere safe. Composio API Key - Log in to the [Composio dashboard](https://dashboard.composio.dev?utm_source=toolkits&utm_medium=framework_docs). - Go to Settings and copy your API key. - This key lets your Mastra agent talk to Composio and reach Doppler secretops through MCP. ### 2. Install dependencies Install the required packages. What's happening: - @composio/core is the Composio SDK for creating MCP sessions - @mastra/core provides the Agent class - @mastra/mcp is Mastra's MCP client - @ai-sdk/openai is the model wrapper for OpenAI - dotenv loads environment variables from .env ```bash npm install @composio/core @mastra/core @mastra/mcp @ai-sdk/openai dotenv ``` ### 3. Set up environment variables Create a .env file in your project root. What's happening: - COMPOSIO_API_KEY authenticates your requests to Composio - COMPOSIO_USER_ID tells Composio which user this session belongs to - OPENAI_API_KEY lets the Mastra agent call OpenAI models ```bash COMPOSIO_API_KEY=your_composio_api_key_here COMPOSIO_USER_ID=your_user_id_here OPENAI_API_KEY=your_openai_api_key_here ``` ### 4. Import libraries and validate environment What's happening: - dotenv/config auto loads your .env so process.env.* is available - openai gives you a Mastra compatible model wrapper - Agent is the Mastra agent that will call tools and produce answers - MCPClient connects Mastra to your Composio MCP server - Composio is used to create a Tool Router session ```typescript import "dotenv/config"; import { openai } from "@ai-sdk/openai"; import { Agent } from "@mastra/core/agent"; import { MCPClient } from "@mastra/mcp"; import { Composio } from "@composio/core"; import * as readline from "readline"; import type { AiMessageType } from "@mastra/core/agent"; const openaiAPIKey = process.env.OPENAI_API_KEY; const composioAPIKey = process.env.COMPOSIO_API_KEY; const composioUserID = process.env.COMPOSIO_USER_ID; if (!openaiAPIKey) throw new Error("OPENAI_API_KEY is not set"); if (!composioAPIKey) throw new Error("COMPOSIO_API_KEY is not set"); if (!composioUserID) throw new Error("COMPOSIO_USER_ID is not set"); const composio = new Composio({ apiKey: composioAPIKey as string, }); ``` ### 5. Create a Tool Router session for Doppler secretops What's happening: - create spins up a short-lived MCP HTTP endpoint for this user - The toolkits array contains "doppler_secretops" for Doppler secretops access - session.mcp.url is the MCP URL that Mastra's MCPClient will connect to ```typescript async function main() { const session = await composio.create( composioUserID as string, { toolkits: ["doppler_secretops"], }, ); const composioMCPUrl = session.mcp.url; console.log("Doppler secretops MCP URL:", composioMCPUrl); ``` ### 6. Configure Mastra MCP client and fetch tools What's happening: - MCPClient takes an id for this client and a list of MCP servers - The headers property includes the x-api-key for authentication - getTools fetches the tool definitions exposed by the Doppler secretops toolkit ```typescript const mcpClient = new MCPClient({ id: composioUserID as string, servers: { nasdaq: { url: new URL(composioMCPUrl), requestInit: { headers: session.mcp.headers, }, }, }, timeout: 30_000, }); console.log("Fetching MCP tools from Composio..."); const composioTools = await mcpClient.getTools(); console.log("Number of tools:", Object.keys(composioTools).length); ``` ### 7. Create the Mastra agent What's happening: - Agent is the core Mastra agent - name is just an identifier for logging and debugging - instructions guide the agent to use tools instead of only answering in natural language - model uses openai("gpt-5") to configure the underlying LLM ```typescript const agent = new Agent({ name: "doppler_secretops-mastra-agent", instructions: "You are an AI agent with Doppler secretops tools via Composio.", model: "openai/gpt-5", }); ``` ### 8. Set up interactive chat interface What's happening: - messages keeps the full conversation history in Mastra's expected format - agent.generate runs the agent with conversation history and Doppler secretops toolsets - maxSteps limits how many tool calls the agent can take in a single run - onStepFinish is a hook that prints intermediate steps for debugging ```typescript let messages: AiMessageType[] = []; console.log("Chat started! Type 'exit' or 'quit' to end.\n"); const rl = readline.createInterface({ input: process.stdin, output: process.stdout, prompt: "> ", }); rl.prompt(); rl.on("line", async (userInput: string) => { const trimmedInput = userInput.trim(); if (["exit", "quit", "bye"].includes(trimmedInput.toLowerCase())) { console.log("\nGoodbye!"); rl.close(); process.exit(0); } if (!trimmedInput) { rl.prompt(); return; } messages.push({ id: crypto.randomUUID(), role: "user", content: trimmedInput, }); console.log("\nAgent is thinking...\n"); try { const response = await agent.generate(messages, { toolsets: { doppler_secretops: composioTools, }, maxSteps: 8, }); const { text } = response; if (text && text.trim().length > 0) { console.log(`Agent: ${text}\n`); messages.push({ id: crypto.randomUUID(), role: "assistant", content: text, }); } } catch (error) { console.error("\nError:", error); } rl.prompt(); }); rl.on("close", async () => { console.log("\nSession ended."); await mcpClient.disconnect(); process.exit(0); }); } main().catch((err) => { console.error("Fatal error:", err); process.exit(1); }); ``` ## Complete Code ```typescript import "dotenv/config"; import { openai } from "@ai-sdk/openai"; import { Agent } from "@mastra/core/agent"; import { MCPClient } from "@mastra/mcp"; import { Composio } from "@composio/core"; import * as readline from "readline"; import type { AiMessageType } from "@mastra/core/agent"; const openaiAPIKey = process.env.OPENAI_API_KEY; const composioAPIKey = process.env.COMPOSIO_API_KEY; const composioUserID = process.env.COMPOSIO_USER_ID; if (!openaiAPIKey) throw new Error("OPENAI_API_KEY is not set"); if (!composioAPIKey) throw new Error("COMPOSIO_API_KEY is not set"); if (!composioUserID) throw new Error("COMPOSIO_USER_ID is not set"); const composio = new Composio({ apiKey: composioAPIKey as string }); async function main() { const session = await composio.create(composioUserID as string, { toolkits: ["doppler_secretops"], }); const composioMCPUrl = session.mcp.url; const mcpClient = new MCPClient({ id: composioUserID as string, servers: { doppler_secretops: { url: new URL(composioMCPUrl), requestInit: { headers: session.mcp.headers, }, }, }, timeout: 30_000, }); const composioTools = await mcpClient.getTools(); const agent = new Agent({ name: "doppler_secretops-mastra-agent", instructions: "You are an AI agent with Doppler secretops tools via Composio.", model: "openai/gpt-5", }); let messages: AiMessageType[] = []; const rl = readline.createInterface({ input: process.stdin, output: process.stdout, prompt: "> ", }); rl.prompt(); rl.on("line", async (input: string) => { const trimmed = input.trim(); if (["exit", "quit"].includes(trimmed.toLowerCase())) { rl.close(); return; } messages.push({ id: crypto.randomUUID(), role: "user", content: trimmed }); const { text } = await agent.generate(messages, { toolsets: { doppler_secretops: composioTools }, maxSteps: 8, }); if (text) { console.log(`Agent: ${text}\n`); messages.push({ id: crypto.randomUUID(), role: "assistant", content: text }); } rl.prompt(); }); rl.on("close", async () => { await mcpClient.disconnect(); process.exit(0); }); } main(); ``` ## Conclusion You've built a Mastra AI agent that can interact with Doppler secretops through Composio's Tool Router. You can extend this further by: - Adding other toolkits like Gmail, Slack, or GitHub - Building a web-based chat interface around this agent - Using multiple MCP endpoints to enable cross-app workflows ## How to build Doppler secretops MCP Agent with another framework - [OpenAI Agents SDK](https://composio.dev/toolkits/doppler_secretops/framework/open-ai-agents-sdk) - [Claude Agent SDK](https://composio.dev/toolkits/doppler_secretops/framework/claude-agents-sdk) - [Claude Code](https://composio.dev/toolkits/doppler_secretops/framework/claude-code) - [Claude Cowork](https://composio.dev/toolkits/doppler_secretops/framework/claude-cowork) - [Codex](https://composio.dev/toolkits/doppler_secretops/framework/codex) - [OpenClaw](https://composio.dev/toolkits/doppler_secretops/framework/openclaw) - [Hermes](https://composio.dev/toolkits/doppler_secretops/framework/hermes-agent) - [CLI](https://composio.dev/toolkits/doppler_secretops/framework/cli) - [Google ADK](https://composio.dev/toolkits/doppler_secretops/framework/google-adk) - [LangChain](https://composio.dev/toolkits/doppler_secretops/framework/langchain) - [Vercel AI SDK](https://composio.dev/toolkits/doppler_secretops/framework/ai-sdk) - [LlamaIndex](https://composio.dev/toolkits/doppler_secretops/framework/llama-index) - [CrewAI](https://composio.dev/toolkits/doppler_secretops/framework/crew-ai) ## Related Toolkits - [Supabase](https://composio.dev/toolkits/supabase) - Supabase is an open-source backend platform offering scalable Postgres databases, authentication, storage, and real-time APIs. It lets developers build modern apps without managing infrastructure. - [Codeinterpreter](https://composio.dev/toolkits/codeinterpreter) - Codeinterpreter is a Python-based coding environment with built-in data analysis and visualization. It lets you instantly run scripts, plot results, and prototype solutions inside supported platforms. - [GitHub](https://composio.dev/toolkits/github) - GitHub is a code hosting platform for version control and collaborative software development. It streamlines project management, code review, and team workflows in one place. - [Ably](https://composio.dev/toolkits/ably) - Ably is a real-time messaging platform for live chat and data sync in modern apps. It offers global scale and rock-solid reliability for seamless, instant experiences. - [Abuselpdb](https://composio.dev/toolkits/abuselpdb) - Abuselpdb is a central database for reporting and checking IPs linked to malicious online activity. Use it to quickly identify and report suspicious or abusive IP addresses. - [Alchemy](https://composio.dev/toolkits/alchemy) - Alchemy is a blockchain development platform offering APIs and tools for Ethereum apps. It simplifies building and scaling Web3 projects with robust infrastructure. - [Algolia](https://composio.dev/toolkits/algolia) - Algolia is a hosted search API that powers lightning-fast, relevant search experiences for web and mobile apps. It helps developers deliver instant, typo-tolerant, and scalable search without complex infrastructure. - [Anchor browser](https://composio.dev/toolkits/anchor_browser) - Anchor browser is a developer platform for AI-powered web automation. It transforms complex browser actions into easy API endpoints for streamlined web interaction. - [Apiflash](https://composio.dev/toolkits/apiflash) - Apiflash is a website screenshot API for programmatically capturing web pages. It delivers high-quality screenshots on demand for automation, monitoring, or reporting. - [Apiverve](https://composio.dev/toolkits/apiverve) - Apiverve delivers a suite of powerful APIs that simplify integration for developers. It's designed for reliability and scalability so you can build faster, smarter applications without the integration headache. - [Appcircle](https://composio.dev/toolkits/appcircle) - Appcircle is an enterprise-grade mobile CI/CD platform for building, testing, and publishing mobile apps. It streamlines mobile DevOps so teams ship faster and with more confidence. - [Appdrag](https://composio.dev/toolkits/appdrag) - Appdrag is a cloud platform for building websites, APIs, and databases with drag-and-drop tools and code editing. It accelerates development and iteration by combining hosting, database management, and low-code features in one place. - [Appveyor](https://composio.dev/toolkits/appveyor) - AppVeyor is a cloud-based continuous integration service for building, testing, and deploying applications. It helps developers automate and streamline their software delivery pipelines. - [Backendless](https://composio.dev/toolkits/backendless) - Backendless is a backend-as-a-service platform for mobile and web apps, offering database, file storage, user authentication, and APIs. It helps developers ship scalable applications faster without managing server infrastructure. - [Baserow](https://composio.dev/toolkits/baserow) - Baserow is an open-source no-code database platform for building collaborative data apps. It makes it easy for teams to organize data and automate workflows without writing code. - [Bench](https://composio.dev/toolkits/bench) - Bench is a benchmarking tool for automated performance measurement and analysis. It helps you quickly evaluate, compare, and track your systems or workflows. - [Better stack](https://composio.dev/toolkits/better_stack) - Better Stack is a monitoring, logging, and incident management solution for apps and services. It helps teams ensure application reliability and performance with real-time insights. - [Bitbucket](https://composio.dev/toolkits/bitbucket) - Bitbucket is a Git-based code hosting and collaboration platform for teams. It enables secure repository management and streamlined code reviews. - [Blazemeter](https://composio.dev/toolkits/blazemeter) - Blazemeter is a continuous testing platform for web and mobile app performance. It empowers teams to automate and analyze large-scale tests with ease. - [Blocknative](https://composio.dev/toolkits/blocknative) - Blocknative delivers real-time mempool monitoring and transaction management for public blockchains. Instantly track pending transactions and optimize blockchain interactions with live data. ## Frequently Asked Questions ### What are the differences in Tool Router MCP and Doppler secretops MCP? With a standalone Doppler secretops MCP server, the agents and LLMs can only access a fixed set of Doppler secretops tools tied to that server. However, with the Composio Tool Router, agents can dynamically load tools from Doppler secretops and many other apps based on the task at hand, all through a single MCP endpoint. ### Can I use Tool Router MCP with Mastra AI? Yes, you can. Mastra AI fully supports MCP integration. You get structured tool calling, message history handling, and model orchestration while Tool Router takes care of discovering and serving the right Doppler secretops tools. ### Can I manage the permissions and scopes for Doppler secretops while using Tool Router? Yes, absolutely. You can configure which Doppler secretops scopes and actions are allowed when connecting your account to Composio. You can also bring your own OAuth credentials or API configuration so you keep full control over what the agent can do. ### How safe is my data with Composio Tool Router? All sensitive data such as tokens, keys, and configuration is fully encrypted at rest and in transit. Composio is SOC 2 Type 2 compliant and follows strict security practices so your Doppler secretops data and credentials are handled as safely as possible. --- [See all toolkits](https://composio.dev/toolkits) ยท [Composio docs](https://docs.composio.dev/llms.txt)