Model Context Protocol · Google Tag Manager API v2
An MCP server that connects Claude to your GTM containers — read, audit, create, version and publish tags, triggers and variables without ever opening the Tag Manager UI. Embedded OAuth login. Status: LIVE.
MCP GTM B2 TECH is a Model Context Protocol server that gives Claude real access to your containers — not a chatbot that guesses, but typed calls against the Google Tag Manager API v2.
Install or audit a Meta Pixel, a Google Ads conversion tag or GA4; wire click, form and scroll triggers; publish a new version — all by chatting with Claude. The Google login is OAuth2, embedded in the flow.
Account → Container → Workspace (branch) → create_version (commit) → publish (deploy). Every edit happens in a workspace; optimistic concurrency via each entity's fingerprint.
Multi-tenant deploy at mcp-gtm.vercel.app — encrypted tokens in Supabase, cache in Upstash, and we are the OAuth 2.1 Authorization Server. Same stack as the Meta Ads, Google Ads, Instagram and Cloudflare MCPs.
27 tools grouped by function — from auth to publish, from the install snippet to editing tags, triggers and variables. Everything below is already implemented and live.
publicId (GTM-XXXX).kind ∈ tag/trigger/variable).fingerprint.parameter array + an extra escape hatch.fingerprint).confirm).confirm).confirm).From nothing to published in one conversation: create_container → get_container_snippet → tags and triggers → create_version → publish_version.
Publishing a container changes your production site. So every write goes through explicit guardrails — you're always in control of what goes live.
Edits stay in the workspace
Every write happens in a draft. Your site only changes when you freeze a version and publish it — never before.
Destructive ops need confirm=true
delete_element, disable_builtin_variables and publish_version. Without confirm, the tool returns a preview and executes nothing.
preview=true = dry-run
Returns the exact payload that would be sent, without calling the API. Check before running for real.
fingerprint conflict guard
Optimistic concurrency: a stale fingerprint returns a 409-style conflict error telling you to re-read — nobody silently overwrites someone else's change.
Tenant is never an argument
Locally it's the single stored credential; in production the tenant is derived from the embedded Authorization Server's access token. No tool accepts "which client".
Tokens encrypted at rest
Refresh tokens with AES-256-GCM in Supabase, default-deny RLS and a server-side-only service key. gtm_token_status shows exactly which scopes are active.
Two paths: hosted (recommended, zero setup) and local stdio (for single-tenant devs). Both end in the same place — Claude operating your account.
Add the MCP server as a connector in Claude and log in. Nothing to install; we handle the OAuth and the tokens.
https://mcp-gtm.vercel.app/api/mcp. In Claude Code, use the command below.# Claude Code claude mcp add --transport http \ gtm https://mcp-gtm.vercel.app/api/mcp
/mcp.gtm_token_status to validate the credential and list_accounts to see your GTM accounts. Ready to operate.Run the server on your machine. The refresh token lives in a local 0600 file; you use your own GCP OAuth client.
python -m venv venv
venv/bin/pip install -e ".[dev]"
cp .env.example .env.local.env.local: GOOGLE_OAUTH_CLIENT_ID, GOOGLE_OAUTH_CLIENT_SECRET and NGROK_URL (the redirect URI is ${NGROK_URL}/oauth/callback on the GCP OAuth client).PYTHONPATH=src venv/bin/python \
-m mcp_gtm
# in Claude: gtm_login → gtm_submit_callbackStill have a question? Write to bruno@b2tech.io.
publish_version runs with confirm=true. Destructive actions without confirm return only a preview, and preview=true returns the exact payload without calling the API.create_version (commit) → publish (deploy). You edit in a workspace, freeze it into an immutable version, and only then publish.fingerprint, and a stale fingerprint returns a 409-style conflict error telling you to re-read before writing — nobody silently overwrites someone else's change.0600 file on your machine (single-tenant).mcp-gtm.vercel.app) is the fast path: zero setup, just add it as a connector in Claude and log in. Local stdio is single-tenant, for devs who want everything on their own machine with the refresh token in a 0600 file.Tags, triggers, variables, versions and environments — from nothing to a published container, with embedded OAuth and publish only with confirm=true. Free and live.
27 tools · embedded OAuth2 · multi-tenant on Vercel