@postman/postman-mcp-server 2.6.1 → 2.7.1

package/dist/src/index.js

@@ -10,6 +10,7 @@ import { enabledResources } from './enabledResources.js';
 import { PostmanAPIClient } from './clients/postman.js';
 import { SERVER_NAME, APP_VERSION } from './constants.js';
 import { env } from './env.js';
+import { createTemplateRenderer } from './tools/utils/templateRenderer.js';
 const SUPPORTED_REGIONS = {
     us: 'https://api.postman.com',
     eu: 'https://api.eu.postman.com',
@@ -143,6 +144,10 @@ async function run() {
         serverType: useCode ? 'code' : useFull ? 'full' : 'minimal',
         availableTools: tools.map((t) => t.method),
     };
+    const __filename = fileURLToPath(import.meta.url);
+    const __dirname = dirname(__filename);
+    const viewsDir = join(__dirname, './views');
+    const renderTemplate = createTemplateRenderer(viewsDir);
     const client = new PostmanAPIClient(apiKey, undefined, serverContext);
     log('info', 'Registering tools with McpServer');
     for (const tool of tools) {
@@ -168,6 +173,12 @@ async function run() {
                     toolName,
                     durationMs,
                 });
+                if (result.content?.[0]?.type === 'text') {
+                    const rendered = renderTemplate(toolName, result.content[0].text);
+                    if (rendered) {
+                        return { content: [{ type: 'text', text: rendered }] };
+                    }
+                }
                 return result;
             }
             catch (error) {

package/dist/src/tools/createCollection.js

@@ -778,7 +778,7 @@ export const parameters = z.object({
         .optional(),
 });
 export const annotations = {
-    title: 'Creates a collection using the [Postman Collection v2.1.0 schema format](https://schema.postman.com/collection/json/v2.1.0/draft-07/docs/index.html).\n\n**Note:**\n\nIf you do not include the \\`workspace\\` query parameter, the system creates the collection in the oldest personal Internal workspace you own.\n',
+    title: 'Creates a collection using the [Postman Collection v2.1.0 schema format](https://schema.postman.com/collection/json/v2.1.0/draft-07/docs/index.html).',
     readOnlyHint: false,
     destructiveHint: false,
     idempotentHint: false,

package/dist/src/tools/createCollectionComment.js

@@ -25,7 +25,7 @@ export const parameters = z.object({
         .optional(),
 });
 export const annotations = {
-    title: 'Creates a comment on a collection. To create a reply on an existing comment, include the \\`threadId\\` property in the request body.\n\n**Note:**\n\nThis endpoint accepts a max of 10,000 characters.\n',
+    title: 'Creates a comment on a collection. To create a reply on an existing comment, include the \\`threadId\\` property in the request body.',
     readOnlyHint: false,
     destructiveHint: false,
     idempotentHint: false,

package/dist/src/tools/createCollectionFolder.js

@@ -12,7 +12,7 @@ export const parameters = z.object({
     folder: z.string().describe('The ID of a folder in which to create the folder.').optional(),
 });
 export const annotations = {
-    title: 'Creates a folder in a collection. For a complete list of properties, refer to the **Folder** entry in the [Postman Collection Format documentation](https://schema.postman.com/collection/json/v2.1.0/draft-07/docs/index.html).\n\nYou can use this endpoint to to import requests and responses into a newly-created folder. To do this, include the \\`requests\\` field and the list of request objects in the request body. For more information, see the provided example.\n\n**Note:**\n\nIt is recommended that you pass the \\`name\\` property in the request body. If you do not, the system uses a null value. As a result, this creates a folder with a blank name.\n',
+    title: 'Creates a folder in a collection. For a complete list of properties, refer to the **Folder** entry in the [Postman Collection Format documentation](https://schema.postman.com/collection/json/v2.1.0/draft-07/docs/index.html).',
     readOnlyHint: false,
     destructiveHint: false,
     idempotentHint: false,

package/dist/src/tools/createCollectionRequest.js

@@ -10,7 +10,7 @@ export const parameters = z.object({
         .describe('The folder ID in which to create the request. By default, the system will create the request at the collection level.')
         .optional(),
     name: z.string().describe('Name of the request').optional(),
-    description: z.string().nullable().optional(),
+    description: z.string().nullable().describe("The request's description.").optional(),
     method: z
         .enum([
         'GET',
@@ -30,55 +30,87 @@ export const parameters = z.object({
         'VIEW',
     ])
         .nullable()
+        .describe("The request's HTTP method.")
         .optional(),
-    url: z.string().nullable().optional(),
+    url: z.string().nullable().describe("The request's URL.").optional(),
     headerData: z
         .array(z.object({
-        key: z.string().optional(),
-        value: z.string().optional(),
-        description: z.string().nullable().optional(),
+        key: z.string().describe("The header's key.").optional(),
+        value: z.string().describe("The header's value.").optional(),
+        description: z.string().nullable().describe("The header's description.").optional(),
     }))
+        .describe("The request's headers.")
         .optional(),
     queryParams: z
         .array(z.object({
-        key: z.string().optional(),
-        value: z.string().optional(),
-        description: z.string().nullable().optional(),
-        enabled: z.boolean().optional(),
+        key: z.string().describe("The query parameter's key.").optional(),
+        value: z.string().describe("The query parameter's value.").optional(),
+        description: z
+            .string()
+            .nullable()
+            .describe("The query parameter's description.")
+            .optional(),
+        enabled: z.boolean().describe('If true, the query parameter is enabled.').optional(),
     }))
+        .describe("The request's query parameters.")
+        .optional(),
+    dataMode: z
+        .enum(['raw', 'urlencoded', 'formdata', 'binary', 'graphql'])
+        .nullable()
+        .describe("The request body's data mode.")
         .optional(),
-    dataMode: z.enum(['raw', 'urlencoded', 'formdata', 'binary', 'graphql']).nullable().optional(),
     data: z
         .array(z.object({
-        key: z.string().optional(),
-        value: z.string().optional(),
-        description: z.string().nullable().optional(),
-        enabled: z.boolean().optional(),
-        type: z.enum(['text', 'file']).optional(),
-        uuid: z.string().optional(),
+        key: z.string().describe("The form data's key.").optional(),
+        value: z.string().describe("The form data's value.").optional(),
+        description: z.string().nullable().describe("The form data's description.").optional(),
+        enabled: z.boolean().describe('If true, the form data entry is enabled.').optional(),
+        type: z.enum(['text', 'file']).describe("The form data's type.").optional(),
+        uuid: z.string().describe("The form data entry's unique identifier.").optional(),
     }))
         .nullable()
+        .describe("The request body's form data.")
         .optional(),
-    rawModeData: z.string().nullable().optional(),
+    rawModeData: z.string().nullable().describe("The request body's raw mode data.").optional(),
     graphqlModeData: z
-        .object({ query: z.string().optional(), variables: z.string().optional() })
+        .object({
+        query: z.string().describe('The GraphQL query.').optional(),
+        variables: z.string().describe('The GraphQL query variables, in JSON format.').optional(),
+    })
         .nullable()
+        .describe("The request body's GraphQL mode data.")
         .optional(),
     dataOptions: z
         .object({
-        raw: z.record(z.string(), z.unknown()).optional(),
-        urlencoded: z.record(z.string(), z.unknown()).optional(),
-        params: z.record(z.string(), z.unknown()).optional(),
-        binary: z.record(z.string(), z.unknown()).optional(),
-        graphql: z.record(z.string(), z.unknown()).optional(),
+        raw: z
+            .object({ language: z.string().describe("The raw mode data's language type.").optional() })
+            .catchall(z.unknown())
+            .describe('Options for the `raw` data mode.')
+            .optional(),
+        urlencoded: z
+            .record(z.string(), z.unknown())
+            .describe('Options for the `urlencoded` data mode.')
+            .optional(),
+        params: z
+            .record(z.string(), z.unknown())
+            .describe('Options for the `params` data mode.')
+            .optional(),
+        binary: z
+            .record(z.string(), z.unknown())
+            .describe('Options for the `binary` data mode.')
+            .optional(),
+        graphql: z
+            .record(z.string(), z.unknown())
+            .describe('Options for the `graphql` data mode.')
+            .optional(),
     })
         .nullable()
+        .describe("Additional configurations and options set for the request body's various data modes.")
         .optional(),
     auth: z
         .object({
         type: z
             .enum([
-            'noauth',
             'basic',
             'bearer',
             'apikey',
@@ -91,98 +123,228 @@ export const parameters = z.object({
             'edgegrid',
             'jwt',
             'asap',
+            'noauth',
         ])
-            .optional(),
+            .describe('The authorization type.'),
         apikey: z
-            .array(z.object({
-            key: z.string().optional(),
-            value: z.unknown().optional(),
-            type: z.enum(['string', 'boolean', 'number', 'array', 'object', 'any']).optional(),
-        }))
+            .array(z
+            .object({
+            key: z.string().describe("The auth method's key value."),
+            value: z
+                .union([z.string(), z.array(z.record(z.string(), z.unknown()))])
+                .describe("The key's value.")
+                .optional(),
+            type: z
+                .enum(['string', 'boolean', 'number', 'array', 'object', 'any'])
+                .describe("The value's type.")
+                .optional(),
+        })
+            .describe('Information about the supported Postman [authorization type](https://learning.postman.com/docs/sending-requests/authorization/authorization-types/).'))
+            .describe("The API key's authentication information.")
             .optional(),
-        bearer: z
-            .array(z.object({
-            key: z.string().optional(),
-            value: z.unknown().optional(),
-            type: z.enum(['string', 'boolean', 'number', 'array', 'object', 'any']).optional(),
-        }))
+        awsv4: z
+            .array(z
+            .object({
+            key: z.string().describe("The auth method's key value."),
+            value: z
+                .union([z.string(), z.array(z.record(z.string(), z.unknown()))])
+                .describe("The key's value.")
+                .optional(),
+            type: z
+                .enum(['string', 'boolean', 'number', 'array', 'object', 'any'])
+                .describe("The value's type.")
+                .optional(),
+        })
+            .describe('Information about the supported Postman [authorization type](https://learning.postman.com/docs/sending-requests/authorization/authorization-types/).'))
+            .describe('The attributes for AWS Signature authentication.')
             .optional(),
         basic: z
-            .array(z.object({
-            key: z.string().optional(),
-            value: z.unknown().optional(),
-            type: z.enum(['string', 'boolean', 'number', 'array', 'object', 'any']).optional(),
-        }))
+            .array(z
+            .object({
+            key: z.string().describe("The auth method's key value."),
+            value: z
+                .union([z.string(), z.array(z.record(z.string(), z.unknown()))])
+                .describe("The key's value.")
+                .optional(),
+            type: z
+                .enum(['string', 'boolean', 'number', 'array', 'object', 'any'])
+                .describe("The value's type.")
+                .optional(),
+        })
+            .describe('Information about the supported Postman [authorization type](https://learning.postman.com/docs/sending-requests/authorization/authorization-types/).'))
+            .describe('The attributes for Basic Auth.')
             .optional(),
-        digest: z
-            .array(z.object({
-            key: z.string().optional(),
-            value: z.unknown().optional(),
-            type: z.enum(['string', 'boolean', 'number', 'array', 'object', 'any']).optional(),
-        }))
+        bearer: z
+            .array(z
+            .object({
+            key: z.string().describe("The auth method's key value."),
+            value: z
+                .union([z.string(), z.array(z.record(z.string(), z.unknown()))])
+                .describe("The key's value.")
+                .optional(),
+            type: z
+                .enum(['string', 'boolean', 'number', 'array', 'object', 'any'])
+                .describe("The value's type.")
+                .optional(),
+        })
+            .describe('Information about the supported Postman [authorization type](https://learning.postman.com/docs/sending-requests/authorization/authorization-types/).'))
+            .describe('The attributes for Bearer Token authentication.')
             .optional(),
-        oauth1: z
-            .array(z.object({
-            key: z.string().optional(),
-            value: z.unknown().optional(),
-            type: z.enum(['string', 'boolean', 'number', 'array', 'object', 'any']).optional(),
-        }))
+        digest: z
+            .array(z
+            .object({
+            key: z.string().describe("The auth method's key value."),
+            value: z
+                .union([z.string(), z.array(z.record(z.string(), z.unknown()))])
+                .describe("The key's value.")
+                .optional(),
+            type: z
+                .enum(['string', 'boolean', 'number', 'array', 'object', 'any'])
+                .describe("The value's type.")
+                .optional(),
+        })
+            .describe('Information about the supported Postman [authorization type](https://learning.postman.com/docs/sending-requests/authorization/authorization-types/).'))
+            .describe('The attributes for Digest access authentication.')
             .optional(),
-        oauth2: z
-            .array(z.object({
-            key: z.string().optional(),
-            value: z.unknown().optional(),
-            type: z.enum(['string', 'boolean', 'number', 'array', 'object', 'any']).optional(),
-        }))
+        edgegrid: z
+            .array(z
+            .object({
+            key: z.string().describe("The auth method's key value."),
+            value: z
+                .union([z.string(), z.array(z.record(z.string(), z.unknown()))])
+                .describe("The key's value.")
+                .optional(),
+            type: z
+                .enum(['string', 'boolean', 'number', 'array', 'object', 'any'])
+                .describe("The value's type.")
+                .optional(),
+        })
+            .describe('Information about the supported Postman [authorization type](https://learning.postman.com/docs/sending-requests/authorization/authorization-types/).'))
+            .describe('The attributes for Akamai Edgegrid authentication.')
             .optional(),
         hawk: z
-            .array(z.object({
-            key: z.string().optional(),
-            value: z.unknown().optional(),
-            type: z.enum(['string', 'boolean', 'number', 'array', 'object', 'any']).optional(),
-        }))
-            .optional(),
-        awsv4: z
-            .array(z.object({
-            key: z.string().optional(),
-            value: z.unknown().optional(),
-            type: z.enum(['string', 'boolean', 'number', 'array', 'object', 'any']).optional(),
-        }))
+            .array(z
+            .object({
+            key: z.string().describe("The auth method's key value."),
+            value: z
+                .union([z.string(), z.array(z.record(z.string(), z.unknown()))])
+                .describe("The key's value.")
+                .optional(),
+            type: z
+                .enum(['string', 'boolean', 'number', 'array', 'object', 'any'])
+                .describe("The value's type.")
+                .optional(),
+        })
+            .describe('Information about the supported Postman [authorization type](https://learning.postman.com/docs/sending-requests/authorization/authorization-types/).'))
+            .describe('The attributes for Hawk authentication.')
             .optional(),
         ntlm: z
-            .array(z.object({
-            key: z.string().optional(),
-            value: z.unknown().optional(),
-            type: z.enum(['string', 'boolean', 'number', 'array', 'object', 'any']).optional(),
-        }))
+            .array(z
+            .object({
+            key: z.string().describe("The auth method's key value."),
+            value: z
+                .union([z.string(), z.array(z.record(z.string(), z.unknown()))])
+                .describe("The key's value.")
+                .optional(),
+            type: z
+                .enum(['string', 'boolean', 'number', 'array', 'object', 'any'])
+                .describe("The value's type.")
+                .optional(),
+        })
+            .describe('Information about the supported Postman [authorization type](https://learning.postman.com/docs/sending-requests/authorization/authorization-types/).'))
+            .describe('The attributes for NTLM authentication.')
             .optional(),
-        edgegrid: z
-            .array(z.object({
-            key: z.string().optional(),
-            value: z.unknown().optional(),
-            type: z.enum(['string', 'boolean', 'number', 'array', 'object', 'any']).optional(),
-        }))
+        oauth1: z
+            .array(z
+            .object({
+            key: z.string().describe("The auth method's key value."),
+            value: z
+                .union([z.string(), z.array(z.record(z.string(), z.unknown()))])
+                .describe("The key's value.")
+                .optional(),
+            type: z
+                .enum(['string', 'boolean', 'number', 'array', 'object', 'any'])
+                .describe("The value's type.")
+                .optional(),
+        })
+            .describe('Information about the supported Postman [authorization type](https://learning.postman.com/docs/sending-requests/authorization/authorization-types/).'))
+            .describe('The attributes for OAuth1 authentication.')
+            .optional(),
+        oauth2: z
+            .array(z
+            .object({
+            key: z.string().describe("The auth method's key value."),
+            value: z
+                .union([z.string(), z.array(z.record(z.string(), z.unknown()))])
+                .describe("The key's value.")
+                .optional(),
+            type: z
+                .enum(['string', 'boolean', 'number', 'array', 'object', 'any'])
+                .describe("The value's type.")
+                .optional(),
+        })
+            .describe('Information about the supported Postman [authorization type](https://learning.postman.com/docs/sending-requests/authorization/authorization-types/).'))
+            .describe('The attributes for OAuth2 authentication.')
             .optional(),
         jwt: z
-            .array(z.object({
-            key: z.string().optional(),
-            value: z.unknown().optional(),
-            type: z.enum(['string', 'boolean', 'number', 'array', 'object', 'any']).optional(),
-        }))
+            .array(z
+            .object({
+            key: z.string().describe("The auth method's key value."),
+            value: z
+                .union([z.string(), z.array(z.record(z.string(), z.unknown()))])
+                .describe("The key's value.")
+                .optional(),
+            type: z
+                .enum(['string', 'boolean', 'number', 'array', 'object', 'any'])
+                .describe("The value's type.")
+                .optional(),
+        })
+            .describe('Information about the supported Postman [authorization type](https://learning.postman.com/docs/sending-requests/authorization/authorization-types/).'))
+            .describe('The attributes for JWT authentication.')
             .optional(),
         asap: z
-            .array(z.object({
-            key: z.string().optional(),
-            value: z.unknown().optional(),
-            type: z.enum(['string', 'boolean', 'number', 'array', 'object', 'any']).optional(),
-        }))
+            .array(z
+            .object({
+            key: z.string().describe("The auth method's key value."),
+            value: z
+                .union([z.string(), z.array(z.record(z.string(), z.unknown()))])
+                .describe("The key's value.")
+                .optional(),
+            type: z
+                .enum(['string', 'boolean', 'number', 'array', 'object', 'any'])
+                .describe("The value's type.")
+                .optional(),
+        })
+            .describe('Information about the supported Postman [authorization type](https://learning.postman.com/docs/sending-requests/authorization/authorization-types/).'))
+            .describe('The attributes for ASAP authentication.')
             .optional(),
     })
         .nullable()
+        .describe("The request's authentication information.")
+        .optional(),
+    events: z
+        .array(z.object({
+        listen: z.enum(['test', 'prerequest']).describe('The event type.'),
+        script: z
+            .object({
+            id: z.string().describe("The script's ID.").optional(),
+            type: z
+                .string()
+                .describe('The type of script. For example, `text/javascript`.')
+                .optional(),
+            exec: z
+                .array(z.string().nullable())
+                .describe('A list of script strings, where each line represents a line of code. Separate lines makes it easy to track script changes.')
+                .optional(),
+        })
+            .describe('Information about the Javascript code that can be used to to perform setup or teardown operations in a response.')
+            .optional(),
+    }))
+        .describe('A list of scripts configured to run when specific events occur.')
         .optional(),
 });
 export const annotations = {
-    title: 'Creates a request in a collection. For a complete list of properties, refer to the **Request** entry in the [Postman Collection Format documentation](https://schema.postman.com/collection/json/v2.1.0/draft-07/docs/index.html).\n\n**Note:**\n\nIt is recommended that you pass the \\`name\\` property in the request body. If you do not, the system uses a null value. As a result, this creates a request with a blank name.\n',
+    title: 'Creates a request in a collection. For a complete list of properties, refer to the **Request** entry in the [Postman Collection Format documentation](https://schema.postman.com/collection/json/v2.1.0/draft-07/docs/index.html).',
     readOnlyHint: false,
     destructiveHint: false,
     idempotentHint: false,
@@ -219,6 +381,8 @@ export async function handler(args, extra) {
             bodyPayload.dataOptions = args.dataOptions;
         if (args.auth !== undefined)
             bodyPayload.auth = args.auth;
+        if (args.events !== undefined)
+            bodyPayload.events = args.events;
         const options = {
             body: JSON.stringify(bodyPayload),
             contentType: ContentType.Json,