The Kiteworks MCP Server is a local, per-user STDIO-based MCP bridge that lets LLM applications securely interact with your Kiteworks instance via the Model Context Protocol (MCP). It ships native binaries for Windows, Linux, and macOS and runs on the user’s machine, connecting LLM clients to Kiteworks through secure OAuth 2.0 authentication with refresh token support. Core capabilities include file management (upload, download, and metadata retrieval), folder operations (navigate hierarchies, create folders, and manage folder structures), and access to current user details and authentication status. The server implements rate limiting for request protection and does not expose credentials or tokens to the LLM; secrets are stored in the OS keychain/credentials store and never handed to the LLM. By default, absolute paths are disallowed for uploads/downloads; you can enable full file-system access with the --insecure-absolute-paths flag. TLS verification protects against MITM attacks and you may provide a Root CA chain via --ca-cert for self-signed or unknown CAs. CLI commands (setup, start, remove, version) control OAuth setup, server startup with optional port and CA options, and credential removal. The README also provides integration examples for Claude Desktop/Claude Code with AWS Bedrock and JSON configuration snippets for VS Code MCP Inspector.