REST and MCP server

Control your Obsidian vault programmatically. This plugin turns all Obsidian CLI commands into a local HTTP API and MCP server, letting you automate your workflow from scripts, tools, and AI assistants.

Why use this plugin?

• Automate note-taking: Create, read, search, and modify notes from any script or tool
• Connect AI assistants: Let Claude, ChatGPT, or other AI tools interact with your vault via MCP
• Build integrations: Hook Obsidian into your existing workflow with standard HTTP requests
• Stay secure: Localhost-only by default, API key authentication, granular command controls

Requirements

• Obsidian desktop app (v1.4.0 or later)
• Obsidian CLI enabled in Obsidian: Settings > General > Advanced > Command line interface

Installation

Community plugins (recommended)

1. In Obsidian, go to Settings → Community plugins.
2. Disable Restricted mode if it's enabled.
3. Select Browse, search for REST and MCP server, install it, then enable it.

You can also browse the catalog on the Obsidian Community website.

Manual installation

If the plugin isn't listed in the community catalog yet (or you want a specific version):

1. Download main.js, manifest.json, and styles.css from the latest release.
2. Copy them into <Vault>/.obsidian/plugins/cli-rest-mcp/.
3. Reload Obsidian and enable REST and MCP server in Settings → Community plugins.

BRAT (bleeding edge)

BRAT (Beta Reviewers Auto-update Tool) installs plugins straight from a GitHub repo and keeps them updated automatically. Use this if you want the latest commits — things might break.

1. Install Obsidian42 - BRAT from Settings → Community plugins → Browse and enable it.
2. Run BRAT: Add a beta plugin for testing from the command palette.
3. Paste https://github.com/dsebastien/obsidian-cli-rest.
4. Select the latest version and confirm.
5. Enable REST and MCP server in Settings → Community plugins.

Once enabled, the server starts automatically on http://127.0.0.1:27124.

Quick start

Copy your API key from Settings > REST and MCP server > Security, then start making requests:

# List all files in your vault
curl -H "Authorization: Bearer YOUR_API_KEY" \
  http://127.0.0.1:27124/api/v1/cli/files

# Search your vault
curl -H "Authorization: Bearer YOUR_API_KEY" \
  "http://127.0.0.1:27124/api/v1/cli/search?query=meeting+notes"

# Create a new note
curl -X POST \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"params": {"name": "My Note", "content": "Hello world"}}' \
  http://127.0.0.1:27124/api/v1/cli/create

# Read today's daily note
curl -H "Authorization: Bearer YOUR_API_KEY" \
  http://127.0.0.1:27124/api/v1/cli/daily/read

# Append to your daily note
curl -X POST \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"params": {"content": "- Task from my script"}}' \
  http://127.0.0.1:27124/api/v1/cli/daily/append

What you can do

The plugin exposes all CLI commands organized into categories:

Two ways to connect

REST API

Standard HTTP endpoints at /api/v1/cli/*. Use from any language or tool that can make HTTP requests.

GET  /api/v1/cli/files           # Read-only commands use GET
POST /api/v1/cli/create          # Write commands use POST
DELETE /api/v1/cli/delete        # Delete commands use DELETE

CLI colons become slashes in URLs: property:set becomes /api/v1/cli/property/set.

MCP server

An MCP endpoint at /mcp for AI assistant integration. Uses the Code Mode pattern — just 2 tools (search and execute) enable progressive discovery of all commands, keeping the tool count fixed regardless of how many CLI commands exist.

• search — Discover commands by name, description, or category
• execute — Run any CLI command by name

Configure your MCP client with:

• URL: http://127.0.0.1:27124/mcp
• Transport: StreamableHTTP
• Auth: Bearer token (your API key)

Security

The plugin is designed with security in mind:

• Localhost only by default — only your machine can reach the server
• API key authentication — auto-generated 64-character key, required for all CLI commands
• Dangerous commands disabled — commands like eval, restart, and devtools are blocked unless you explicitly opt in
• Per-command blocklist — block specific commands you don't want accessible
• No shell injection — CLI commands use execFile, not exec

To expose the server on your network, change the bind address to 0.0.0.0 in settings. An API key is enforced in this mode.

Configuration

All settings are accessible from Settings > REST and MCP server.

Documentation

• User guide — Setup, usage, configuration, and troubleshooting
• API reference — Endpoints, request/response formats, status codes
• MCP integration — Setting up AI assistant connections
• Command reference — All supported commands

Support

• Issues: GitHub Issues
• Author: Sebastien Dubois

License

MIT License — see LICENSE for details.