@open-loyalty/mcp-server 1.1.0 → 1.3.3

package/dist/tools/wallet-type.js

@@ -1,15 +1,36 @@
-import { z } from "zod";
-import { apiGet } from "../client/http.js";
-import { WalletTypeSchema, WalletTypeListResponseSchema, } from "../types/schemas/wallet-type.js";
-import { formatApiError } from "../utils/errors.js";
+import axios from "axios";
+import { apiGet, apiPost, apiPut } from "../client/http.js";
+import { WalletTypeSchema, WalletTypeListResponseSchema, WalletTypeCreateResponseSchema, WalletTypeListInputSchema, WalletTypeGetInputSchema, WalletTypeCreateInputSchema, WalletTypeUpdateInputSchema, } from "../types/schemas/wallet-type.js";
+import { formatApiError, OpenLoyaltyError } from "../utils/errors.js";
 import { getStoreCode } from "../config.js";
-export const WalletTypeListInputSchema = {
-    storeCode: z.string().optional().describe("Store code. If not provided, uses the default store code from configuration."),
-};
-export const WalletTypeGetInputSchema = {
-    storeCode: z.string().optional().describe("Store code. If not provided, uses the default store code from configuration."),
-    walletTypeId: z.string().describe("The wallet type ID to retrieve."),
-};
+import { omitUndefined } from "../utils/payload.js";
+// Re-export input schemas for tool registration
+export { WalletTypeListInputSchema, WalletTypeGetInputSchema, WalletTypeCreateInputSchema, WalletTypeUpdateInputSchema, };
+// Helper to check if error is an axios error (more reliable than instanceof)
+function isAxiosError(error) {
+    return axios.isAxiosError(error);
+}
+// Helper to extract error message from axios or regular errors
+function getErrorMessage(error) {
+    if (isAxiosError(error)) {
+        const data = error.response?.data;
+        return data?.message ? String(data.message) : error.message;
+    }
+    if (error instanceof Error) {
+        return error.message;
+    }
+    return String(error);
+}
+// Helper to get HTTP status from error
+function getErrorStatus(error) {
+    if (isAxiosError(error)) {
+        return error.response?.status;
+    }
+    return undefined;
+}
+// =============================================================================
+// HANDLER FUNCTIONS
+// =============================================================================
 export async function walletTypeList(input) {
     const storeCode = getStoreCode(input.storeCode);
     try {
@@ -26,7 +47,7 @@ export async function walletTypeList(input) {
         }));
     }
     catch (error) {
-        throw formatApiError(error, "openloyalty_wallet_type_list");
+        throw formatApiError(error, "ol_wallet_type_list");
     }
 }
 export async function walletTypeGet(input) {
@@ -37,24 +58,234 @@ export async function walletTypeGet(input) {
         return validated;
     }
     catch (error) {
-        throw formatApiError(error, "openloyalty_wallet_type_get");
+        // Check for 404 errors
+        if (getErrorStatus(error) === 404) {
+            throw new OpenLoyaltyError({
+                code: "NOT_FOUND",
+                message: `Wallet type with ID '${input.walletTypeId}' not found`,
+                hint: `Use ol_wallet_type_list() to see available wallet types. ` +
+                    `The walletTypeId may be incorrect or the wallet type may have been deleted.`,
+                relatedTool: "ol_wallet_type_get",
+            });
+        }
+        throw formatApiError(error, "ol_wallet_type_get");
+    }
+}
+export async function walletTypeCreate(input) {
+    const storeCode = getStoreCode(input.storeCode);
+    // Validate required fields
+    if (!input.translations?.en?.name) {
+        throw new OpenLoyaltyError({
+            code: "VALIDATION_ERROR",
+            message: "Missing required field: translations.en.name",
+            hint: "translations.en.name is REQUIRED. Example: { translations: { en: { name: 'Bonus Points' } } }",
+            relatedTool: "ol_wallet_type_create",
+        });
+    }
+    if (!input.unitSingularName || !input.unitPluralName) {
+        throw new OpenLoyaltyError({
+            code: "VALIDATION_ERROR",
+            message: "Missing required fields: unitSingularName and/or unitPluralName",
+            hint: "Both unitSingularName (e.g., 'point') and unitPluralName (e.g., 'points') are REQUIRED.",
+            relatedTool: "ol_wallet_type_create",
+        });
+    }
+    // Validate unitExpiryDate format if provided
+    if (input.unitExpiryDate && !/^\d{2}-\d{2}$/.test(input.unitExpiryDate)) {
+        throw new OpenLoyaltyError({
+            code: "VALIDATION_ERROR",
+            message: `Invalid unitExpiryDate format: '${input.unitExpiryDate}'`,
+            hint: "unitExpiryDate must be in 'MM-DD' format (e.g., '12-31' for December 31st). " +
+                "Do NOT use 'YYYY-MM-DD' format.",
+            relatedTool: "ol_wallet_type_create",
+        });
+    }
+    // Validate unitDaysExpiryAfter is provided (API requires it)
+    if (!input.unitDaysExpiryAfter) {
+        throw new OpenLoyaltyError({
+            code: "VALIDATION_ERROR",
+            message: "Missing required field: unitDaysExpiryAfter",
+            hint: "unitDaysExpiryAfter is REQUIRED. Use 'all_time_active' for never-expiring points, " +
+                "or a number string like '365' for points that expire after N days.",
+            relatedTool: "ol_wallet_type_create",
+        });
+    }
+    // Build payload - API expects { walletType: { ... } }
+    // NOTE: 'active' and 'limits' are NOT accepted at creation time - use update after creation
+    const walletTypePayload = omitUndefined({
+        translations: input.translations,
+        unitSingularName: input.unitSingularName,
+        unitPluralName: input.unitPluralName,
+        code: input.code,
+        allowNegativeBalance: input.allowNegativeBalance,
+        unitExpiryDate: input.unitExpiryDate,
+        unitDaysExpiryAfter: input.unitDaysExpiryAfter,
+        unitDaysActiveCount: input.unitDaysActiveCount,
+        unitYearsActiveCount: input.unitYearsActiveCount,
+        unitDaysLocked: input.unitDaysLocked,
+        allTimeNotLocked: input.allTimeNotLocked,
+    });
+    try {
+        const response = await apiPost(`/${storeCode}/walletType`, { walletType: walletTypePayload });
+        const validated = WalletTypeCreateResponseSchema.parse(response);
+        return {
+            walletTypeId: validated.walletTypeId,
+            name: input.translations.en.name,
+            code: input.code,
+        };
+    }
+    catch (error) {
+        // Check for duplicate code error
+        const errorMsg = getErrorMessage(error);
+        if (errorMsg.toLowerCase().includes("code") && errorMsg.toLowerCase().includes("already")) {
+            throw new OpenLoyaltyError({
+                code: "DUPLICATE_CODE",
+                message: `Wallet type with code '${input.code}' already exists`,
+                hint: `Use a different code value, or use ol_wallet_type_list() to find existing wallet types. ` +
+                    `Each wallet type must have a unique code.`,
+                relatedTool: "ol_wallet_type_create",
+            });
+        }
+        throw formatApiError(error, "ol_wallet_type_create");
     }
 }
+export async function walletTypeUpdate(input) {
+    const storeCode = getStoreCode(input.storeCode);
+    // Validate unitExpiryDate format if provided
+    if (input.unitExpiryDate && !/^\d{2}-\d{2}$/.test(input.unitExpiryDate)) {
+        throw new OpenLoyaltyError({
+            code: "VALIDATION_ERROR",
+            message: `Invalid unitExpiryDate format: '${input.unitExpiryDate}'`,
+            hint: "unitExpiryDate must be in 'MM-DD' format (e.g., '12-31' for December 31st). " +
+                "Do NOT use 'YYYY-MM-DD' format.",
+            relatedTool: "ol_wallet_type_update",
+        });
+    }
+    // Validate interval types if limits provided
+    const validIntervalTypes = ["calendarHours", "calendarDays", "calendarWeeks", "calendarMonths", "calendarYears"];
+    if (input.limits?.points?.interval?.type && !validIntervalTypes.includes(input.limits.points.interval.type)) {
+        throw new OpenLoyaltyError({
+            code: "VALIDATION_ERROR",
+            message: `Invalid interval type: '${input.limits.points.interval.type}'`,
+            hint: `Valid interval types are: ${validIntervalTypes.join(", ")}. ` +
+                `IMPORTANT: Use 'calendarDays' NOT 'days', 'calendarMonths' NOT 'months', etc.`,
+            relatedTool: "ol_wallet_type_update",
+        });
+    }
+    // API requires full wallet type object - fetch existing then merge
+    let existing;
+    try {
+        existing = await apiGet(`/${storeCode}/walletType/${input.walletTypeId}`);
+    }
+    catch (error) {
+        // Check for 404 errors
+        if (getErrorStatus(error) === 404) {
+            throw new OpenLoyaltyError({
+                code: "NOT_FOUND",
+                message: `Wallet type with ID '${input.walletTypeId}' not found`,
+                hint: `Use ol_wallet_type_list() to see available wallet types. ` +
+                    `The walletTypeId may be incorrect or the wallet type may have been deleted.`,
+                relatedTool: "ol_wallet_type_update",
+            });
+        }
+        throw formatApiError(error, "ol_wallet_type_update");
+    }
+    // Build translations - merge with existing
+    const existingTranslations = existing.translations || {};
+    const existingEn = existingTranslations.en || {};
+    const updatedTranslations = {
+        ...existingTranslations,
+        en: {
+            ...existingEn,
+            ...(input.name !== undefined ? { name: input.name } : {}),
+            ...(input.description !== undefined ? { description: input.description } : {}),
+        },
+    };
+    // Build payload with existing values as base
+    const walletTypePayload = {
+        translations: updatedTranslations,
+        unitSingularName: input.unitSingularName ?? existing.unitSingularName,
+        unitPluralName: input.unitPluralName ?? existing.unitPluralName,
+        active: input.active ?? existing.active,
+        allowNegativeBalance: input.allowNegativeBalance ?? existing.allowNegativeBalance,
+        limits: input.limits ?? existing.limits,
+        unitExpiryDate: input.unitExpiryDate ?? existing.unitExpiryDate,
+        unitDaysExpiryAfter: input.unitDaysExpiryAfter ?? existing.unitDaysExpiryAfter,
+        unitDaysActiveCount: input.unitDaysActiveCount ?? existing.unitDaysActiveCount,
+        unitYearsActiveCount: input.unitYearsActiveCount ?? existing.unitYearsActiveCount,
+        unitDaysLocked: input.unitDaysLocked ?? existing.unitDaysLocked,
+        allTimeNotLocked: input.allTimeNotLocked ?? existing.allTimeNotLocked,
+    };
+    try {
+        await apiPut(`/${storeCode}/walletType/${input.walletTypeId}`, { walletType: walletTypePayload });
+    }
+    catch (error) {
+        throw formatApiError(error, "ol_wallet_type_update");
+    }
+}
+// =============================================================================
+// TOOL DEFINITIONS
+// =============================================================================
 export const walletTypeToolDefinitions = [
     {
-        name: "openloyalty_wallet_type_list",
+        name: "ol_wallet_type_list",
         title: "List Point Currencies",
-        description: "List all available wallet types (point currencies). Use this to find walletCode values for tier conditions. Returns walletTypeId, code, and name for each wallet type.",
+        description: "List all available wallet types (point currencies). " +
+            "Use this to find wallet type codes and IDs for other operations. " +
+            "Returns walletTypeId (UUID), code (unique identifier like 'default'), and name for each wallet type. " +
+            "💡 TIP: Most stores have a 'default' wallet type for main loyalty points.",
         readOnly: true,
         inputSchema: WalletTypeListInputSchema,
         handler: walletTypeList,
     },
     {
-        name: "openloyalty_wallet_type_get",
+        name: "ol_wallet_type_get",
         title: "Get Point Currency Details",
-        description: "Get details for a specific wallet type by ID. Returns the full wallet type configuration including currency names.",
+        description: "Get full details for a specific wallet type by ID. " +
+            "Returns configuration including limits, expiry settings, and translations. " +
+            "💡 TIP: Use ol_wallet_type_list() first to find the walletTypeId.",
         readOnly: true,
         inputSchema: WalletTypeGetInputSchema,
         handler: walletTypeGet,
     },
+    {
+        name: "ol_wallet_type_create",
+        title: "Create Point Currency",
+        description: "Create a new wallet type (point currency) for the loyalty program. " +
+            "⚠️ REQUIRED FIELDS (will fail without these): " +
+            "1. translations: { en: { name: 'Currency Name' } } - Name is REQUIRED. " +
+            "2. unitSingularName: 'point' (or 'coin', 'star', etc.) - The singular form. " +
+            "3. unitPluralName: 'points' (or 'coins', 'stars', etc.) - The plural form. " +
+            "4. unitDaysExpiryAfter: 'all_time_active' or number string like '365'. " +
+            "📝 OPTIONAL: " +
+            "• code: Unique identifier (auto-generated if omitted, cannot change later). " +
+            "• allowNegativeBalance: true/false (default: false). " +
+            "• unitExpiryDate: Annual expiry in 'MM-DD' format (e.g., '12-31'). " +
+            "• unitDaysLocked: Days before points become spendable (0 for immediate). " +
+            "⚠️ NOT SUPPORTED AT CREATION: 'active' and 'limits' - use ol_wallet_type_update after creation. " +
+            "⏰ NOTE: New wallets are 'blocked' for ~2 minutes after creation - wait before updating. " +
+            "💡 EXAMPLE: { translations: { en: { name: 'Bonus Points' } }, unitSingularName: 'point', " +
+            "unitPluralName: 'points', unitDaysExpiryAfter: 'all_time_active', code: 'bonus' }",
+        readOnly: false,
+        inputSchema: WalletTypeCreateInputSchema,
+        handler: walletTypeCreate,
+    },
+    {
+        name: "ol_wallet_type_update",
+        title: "Update Point Currency",
+        description: "Update an existing wallet type's configuration. " +
+            "⚠️ IMPORTANT: Only provide fields you want to change - others are preserved. " +
+            "⚠️ CANNOT CHANGE: The 'code' field cannot be modified after creation. " +
+            "📝 UPDATABLE FIELDS: " +
+            "• name/description: Update via the tool parameters (updates translations.en internally). " +
+            "• unitSingularName/unitPluralName: Update the display names. " +
+            "• active: Enable/disable the wallet type. " +
+            "• allowNegativeBalance: Allow/disallow negative balances. " +
+            "• limits: Update earning limits (same format as create). " +
+            "• Expiry settings: unitExpiryDate, unitDaysExpiryAfter, etc. " +
+            "💡 TIP: Use ol_wallet_type_get(walletTypeId) first to see current configuration.",
+        readOnly: false,
+        inputSchema: WalletTypeUpdateInputSchema,
+        handler: walletTypeUpdate,
+    },
 ];

package/dist/tools/webhook.d.ts

@@ -104,7 +104,7 @@ export declare function webhookEvents(input: {
     storeCode?: string;
 }): Promise<WebhookEventTypesResponse>;
 export declare const webhookToolDefinitions: readonly [{
-    readonly name: "openloyalty_webhook_list";
+    readonly name: "ol_webhook_list";
     readonly title: "List Webhook Subscriptions";
     readonly description: "List webhook subscriptions with optional filtering. Returns paginated list of subscriptions with webhookSubscriptionId, eventName, url, and createdAt.";
     readonly readOnly: true;
@@ -117,7 +117,7 @@ export declare const webhookToolDefinitions: readonly [{
     };
     readonly handler: typeof webhookList;
 }, {
-    readonly name: "openloyalty_webhook_create";
+    readonly name: "ol_webhook_create";
     readonly title: "Create Webhook Subscription";
     readonly description: "Create a new webhook subscription to receive event notifications. Returns webhookSubscriptionId on success. Use webhook_events to discover available event types before creating subscriptions.";
     readonly readOnly: false;
@@ -138,7 +138,7 @@ export declare const webhookToolDefinitions: readonly [{
     };
     readonly handler: typeof webhookCreate;
 }, {
-    readonly name: "openloyalty_webhook_get";
+    readonly name: "ol_webhook_get";
     readonly title: "Get Webhook Subscription Details";
     readonly description: "Get full webhook subscription details including headers configuration.";
     readonly readOnly: true;
@@ -148,7 +148,7 @@ export declare const webhookToolDefinitions: readonly [{
     };
     readonly handler: typeof webhookGet;
 }, {
-    readonly name: "openloyalty_webhook_update";
+    readonly name: "ol_webhook_update";
     readonly title: "Update Webhook Subscription";
     readonly description: "Update a webhook subscription. Can update eventName, url, and headers. Returns void on success (204 No Content).";
     readonly readOnly: false;
@@ -170,7 +170,7 @@ export declare const webhookToolDefinitions: readonly [{
     };
     readonly handler: typeof webhookUpdate;
 }, {
-    readonly name: "openloyalty_webhook_delete";
+    readonly name: "ol_webhook_delete";
     readonly title: "Delete Webhook Subscription (Permanent)";
     readonly description: "Delete a webhook subscription. Returns void on success (204 No Content). The subscription will stop receiving events immediately.";
     readonly readOnly: false;
@@ -181,7 +181,7 @@ export declare const webhookToolDefinitions: readonly [{
     };
     readonly handler: typeof webhookDelete;
 }, {
-    readonly name: "openloyalty_webhook_events";
+    readonly name: "ol_webhook_events";
     readonly title: "List Available Webhook Events";
     readonly description: "Get available webhook event types. Returns list of event names that can be used when creating webhook subscriptions. Use this to discover available events before creating subscriptions.";
     readonly readOnly: true;

package/dist/tools/webhook.js

@@ -1,7 +1,68 @@
 import { z } from "zod";
+import { isIP } from "net";
 import { apiGet, apiPost, apiPut, apiDelete } from "../client/http.js";
 import { formatApiError } from "../utils/errors.js";
 import { getStoreCode } from "../config.js";
+/**
+ * Check if an IP address is private, loopback, link-local, or otherwise internal.
+ * Blocks IPv4 and IPv6 private ranges to prevent SSRF attacks.
+ */
+function isPrivateIP(ip) {
+    const normalizedIP = ip.toLowerCase();
+    // IPv4 private/reserved ranges
+    if (normalizedIP.startsWith("10.") || // 10.0.0.0/8 private
+        normalizedIP.startsWith("192.168.") || // 192.168.0.0/16 private
+        normalizedIP.match(/^172\.(1[6-9]|2[0-9]|3[0-1])\./) || // 172.16.0.0/12 private
+        normalizedIP.startsWith("127.") || // 127.0.0.0/8 loopback
+        normalizedIP.startsWith("169.254.") || // 169.254.0.0/16 link-local
+        normalizedIP === "0.0.0.0" || // Unspecified
+        normalizedIP.startsWith("100.64.") || // 100.64.0.0/10 carrier-grade NAT
+        normalizedIP.match(/^100\.(6[4-9]|[7-9][0-9]|1[0-1][0-9]|12[0-7])\./) // 100.64-127.x.x
+    ) {
+        return true;
+    }
+    // IPv6 private/reserved ranges
+    if (normalizedIP === "::1" || // Loopback
+        normalizedIP === "::" || // Unspecified
+        normalizedIP.startsWith("fc") || // fc00::/7 unique local (fc00-fdff)
+        normalizedIP.startsWith("fd") || // fc00::/7 unique local (fc00-fdff)
+        normalizedIP.startsWith("fe80:") || // fe80::/10 link-local
+        normalizedIP.startsWith("::ffff:127.") || // IPv4-mapped loopback
+        normalizedIP.startsWith("::ffff:10.") || // IPv4-mapped private
+        normalizedIP.startsWith("::ffff:192.168.") || // IPv4-mapped private
+        normalizedIP.match(/^::ffff:172\.(1[6-9]|2[0-9]|3[0-1])\./) // IPv4-mapped private
+    ) {
+        return true;
+    }
+    return false;
+}
+/**
+ * Check if a hostname points to an internal DNS name.
+ * Blocks common internal TLDs and patterns.
+ */
+function isInternalHostname(hostname) {
+    const lowerHostname = hostname.toLowerCase();
+    // Block localhost variants
+    if (lowerHostname === "localhost" ||
+        lowerHostname.endsWith(".localhost") ||
+        lowerHostname.endsWith(".local") ||
+        lowerHostname.endsWith(".internal") ||
+        lowerHostname.endsWith(".lan") ||
+        lowerHostname.endsWith(".home") ||
+        lowerHostname.endsWith(".corp") ||
+        lowerHostname.endsWith(".intranet")) {
+        return true;
+    }
+    // Block cloud metadata hostnames
+    if (lowerHostname === "metadata.google.internal" ||
+        lowerHostname === "metadata" ||
+        lowerHostname.endsWith(".metadata") ||
+        lowerHostname === "instance-data" ||
+        lowerHostname.endsWith(".amazonaws.com") && lowerHostname.includes("metadata")) {
+        return true;
+    }
+    return false;
+}
 // SSRF protection: validate webhook URLs are external HTTPS endpoints
 function isValidWebhookUrl(url) {
     try {
@@ -11,24 +72,22 @@ function isValidWebhookUrl(url) {
             return false;
         }
         const hostname = parsed.hostname.toLowerCase();
-        // Block localhost and loopback
-        if (hostname === "localhost" ||
-            hostname === "127.0.0.1" ||
-            hostname === "0.0.0.0" ||
-            hostname === "::1" ||
-            hostname.endsWith(".localhost")) {
+        // Block internal hostnames
+        if (isInternalHostname(hostname)) {
             return false;
         }
-        // Block cloud metadata endpoints
-        if (hostname === "169.254.169.254" || hostname === "metadata.google.internal") {
-            return false;
+        // If hostname is an IP address, validate it directly
+        if (isIP(hostname)) {
+            return !isPrivateIP(hostname);
         }
-        // Block private IP ranges (basic check for common patterns)
-        if (hostname.startsWith("10.") ||
-            hostname.startsWith("192.168.") ||
-            hostname.match(/^172\.(1[6-9]|2[0-9]|3[0-1])\./)) {
+        // Block cloud metadata IP
+        if (hostname === "169.254.169.254") {
             return false;
         }
+        // For DNS hostnames, we can't resolve at validation time (sync function),
+        // but we've blocked common internal patterns above.
+        // Note: Full DNS rebinding protection would require async DNS resolution,
+        // which could be added if this becomes a concern in production.
         return true;
     }
     catch {
@@ -40,14 +99,14 @@ const webhookUrlSchema = z.string()
     .refine(isValidWebhookUrl, "URL must be an external HTTPS endpoint (no localhost, private IPs, or metadata endpoints)");
 // Input Schemas
 export const WebhookListInputSchema = {
-    storeCode: z.string().optional().describe("Store code. If not provided, uses the default store code from configuration."),
+    storeCode: z.string().optional().describe("Store code for multi-tenant routing. DO NOT pass this parameter - the configured default will be used automatically. Only provide a value if the user explicitly asks to work with a different store."),
     page: z.number().optional().describe("Page number (default: 1)."),
     perPage: z.number().optional().describe("Items per page (default: 25)."),
     eventName: z.string().optional().describe("Filter by event name."),
     url: z.string().optional().describe("Filter by URL."),
 };
 export const WebhookCreateInputSchema = {
-    storeCode: z.string().optional().describe("Store code. If not provided, uses the default store code from configuration."),
+    storeCode: z.string().optional().describe("Store code for multi-tenant routing. DO NOT pass this parameter - the configured default will be used automatically. Only provide a value if the user explicitly asks to work with a different store."),
     eventName: z.string().describe("Event name to subscribe to. Use webhook_events to discover available events."),
     url: webhookUrlSchema.describe("HTTPS URL to receive webhook events. Must be an external endpoint (no localhost or private IPs)."),
     headers: z.array(z.object({
@@ -56,11 +115,11 @@ export const WebhookCreateInputSchema = {
     })).optional().describe("Custom headers to include in webhook requests."),
 };
 export const WebhookGetInputSchema = {
-    storeCode: z.string().optional().describe("Store code. If not provided, uses the default store code from configuration."),
+    storeCode: z.string().optional().describe("Store code for multi-tenant routing. DO NOT pass this parameter - the configured default will be used automatically. Only provide a value if the user explicitly asks to work with a different store."),
     webhookSubscriptionId: z.string().describe("The webhook subscription ID (UUID) to retrieve."),
 };
 export const WebhookUpdateInputSchema = {
-    storeCode: z.string().optional().describe("Store code. If not provided, uses the default store code from configuration."),
+    storeCode: z.string().optional().describe("Store code for multi-tenant routing. DO NOT pass this parameter - the configured default will be used automatically. Only provide a value if the user explicitly asks to work with a different store."),
     webhookSubscriptionId: z.string().describe("The webhook subscription ID (UUID) to update."),
     eventName: z.string().optional().describe("Event name to subscribe to."),
     url: webhookUrlSchema.optional().describe("HTTPS URL to receive webhook events. Must be an external endpoint (no localhost or private IPs)."),
@@ -70,11 +129,11 @@ export const WebhookUpdateInputSchema = {
     })).optional().describe("Custom headers to include in webhook requests."),
 };
 export const WebhookDeleteInputSchema = {
-    storeCode: z.string().optional().describe("Store code. If not provided, uses the default store code from configuration."),
+    storeCode: z.string().optional().describe("Store code for multi-tenant routing. DO NOT pass this parameter - the configured default will be used automatically. Only provide a value if the user explicitly asks to work with a different store."),
     webhookSubscriptionId: z.string().describe("The webhook subscription ID (UUID) to delete."),
 };
 export const WebhookEventsInputSchema = {
-    storeCode: z.string().optional().describe("Store code. If not provided, uses the default store code from configuration."),
+    storeCode: z.string().optional().describe("Store code for multi-tenant routing. DO NOT pass this parameter - the configured default will be used automatically. Only provide a value if the user explicitly asks to work with a different store."),
 };
 // Handler functions
 export async function webhookList(input) {
@@ -95,7 +154,7 @@ export async function webhookList(input) {
         return response;
     }
     catch (error) {
-        throw formatApiError(error, "openloyalty_webhook_list");
+        throw formatApiError(error, "ol_webhook_list");
     }
 }
 export async function webhookCreate(input) {
@@ -112,7 +171,7 @@ export async function webhookCreate(input) {
         return response;
     }
     catch (error) {
-        throw formatApiError(error, "openloyalty_webhook_create");
+        throw formatApiError(error, "ol_webhook_create");
     }
 }
 export async function webhookGet(input) {
@@ -122,7 +181,7 @@ export async function webhookGet(input) {
         return response;
     }
     catch (error) {
-        throw formatApiError(error, "openloyalty_webhook_get");
+        throw formatApiError(error, "ol_webhook_get");
     }
 }
 export async function webhookUpdate(input) {
@@ -138,7 +197,7 @@ export async function webhookUpdate(input) {
         await apiPut(`/${storeCode}/webhook/subscription/${input.webhookSubscriptionId}`, { webhookSubscription: payload });
     }
     catch (error) {
-        throw formatApiError(error, "openloyalty_webhook_update");
+        throw formatApiError(error, "ol_webhook_update");
     }
 }
 export async function webhookDelete(input) {
@@ -147,7 +206,7 @@ export async function webhookDelete(input) {
         await apiDelete(`/${storeCode}/webhook/subscription/${input.webhookSubscriptionId}`);
     }
     catch (error) {
-        throw formatApiError(error, "openloyalty_webhook_delete");
+        throw formatApiError(error, "ol_webhook_delete");
     }
 }
 export async function webhookEvents(input) {
@@ -157,13 +216,13 @@ export async function webhookEvents(input) {
         return response;
     }
     catch (error) {
-        throw formatApiError(error, "openloyalty_webhook_events");
+        throw formatApiError(error, "ol_webhook_events");
     }
 }
 // Tool definitions
 export const webhookToolDefinitions = [
     {
-        name: "openloyalty_webhook_list",
+        name: "ol_webhook_list",
         title: "List Webhook Subscriptions",
         description: "List webhook subscriptions with optional filtering. Returns paginated list of subscriptions with webhookSubscriptionId, eventName, url, and createdAt.",
         readOnly: true,
@@ -171,7 +230,7 @@ export const webhookToolDefinitions = [
         handler: webhookList,
     },
     {
-        name: "openloyalty_webhook_create",
+        name: "ol_webhook_create",
         title: "Create Webhook Subscription",
         description: "Create a new webhook subscription to receive event notifications. Returns webhookSubscriptionId on success. Use webhook_events to discover available event types before creating subscriptions.",
         readOnly: false,
@@ -179,7 +238,7 @@ export const webhookToolDefinitions = [
         handler: webhookCreate,
     },
     {
-        name: "openloyalty_webhook_get",
+        name: "ol_webhook_get",
         title: "Get Webhook Subscription Details",
         description: "Get full webhook subscription details including headers configuration.",
         readOnly: true,
@@ -187,7 +246,7 @@ export const webhookToolDefinitions = [
         handler: webhookGet,
     },
     {
-        name: "openloyalty_webhook_update",
+        name: "ol_webhook_update",
         title: "Update Webhook Subscription",
         description: "Update a webhook subscription. Can update eventName, url, and headers. Returns void on success (204 No Content).",
         readOnly: false,
@@ -195,7 +254,7 @@ export const webhookToolDefinitions = [
         handler: webhookUpdate,
     },
     {
-        name: "openloyalty_webhook_delete",
+        name: "ol_webhook_delete",
         title: "Delete Webhook Subscription (Permanent)",
         description: "Delete a webhook subscription. Returns void on success (204 No Content). The subscription will stop receiving events immediately.",
         readOnly: false,
@@ -204,7 +263,7 @@ export const webhookToolDefinitions = [
         handler: webhookDelete,
     },
     {
-        name: "openloyalty_webhook_events",
+        name: "ol_webhook_events",
         title: "List Available Webhook Events",
         description: "Get available webhook event types. Returns list of event names that can be used when creating webhook subscriptions. Use this to discover available events before creating subscriptions.",
         readOnly: true,