igniral-mcp-server 1.0.4

package/dist/utils/error-handler.js

@@ -0,0 +1,123 @@
+/**
+ * Error Handler
+ *
+ * Maps HTTP error responses from Igniral's backend into clear,
+ * actionable messages for the AI agent. Includes instructions on
+ * whether to retry, modify input, or ask the user for help.
+ */
+/**
+ * Translates an API error response into an instructional message
+ * for the AI agent.
+ *
+ * @param response The failed API response
+ * @param context  Description of what was being attempted (e.g., "creating application")
+ * @returns A formatted error message with guidance for the agent
+ */
+export function handleApiError(response, context) {
+    const status = response.status;
+    const serverMessage = response.error || "Unknown error";
+    switch (status) {
+        case 400:
+            return [
+                `❌ Error ${context}: Bad Request.`,
+                `Server message: ${serverMessage}`,
+                ``,
+                `This usually means the subscription limit was reached.`,
+                `Tell the user they need to upgrade their plan. Do NOT retry this request.`,
+            ].join("\n");
+        case 401:
+            return [
+                `❌ Error ${context}: Authentication failed.`,
+                `Server message: ${serverMessage}`,
+                ``,
+                `The Agent API Key credentials are invalid, revoked, or the token could not be obtained.`,
+                `Tell the user to verify their IGNIRAL_CLIENT_ID and IGNIRAL_CLIENT_SECRET in the .env file.`,
+                `They can generate new credentials from the Igniral Dashboard → Agent API Keys.`,
+                `Do NOT retry — this requires the user to fix their credentials.`,
+            ].join("\n");
+        case 403:
+            return [
+                `❌ Error ${context}: Access denied.`,
+                `Server message: ${serverMessage}`,
+                ``,
+                `The Agent API Key does not have the required permissions,`,
+                `or the associated user account has been suspended.`,
+                `Tell the user to check their Agent API Key configuration in the Dashboard. Do NOT retry.`,
+            ].join("\n");
+        case 404:
+            return [
+                `❌ Error ${context}: Resource not found.`,
+                `Server message: ${serverMessage}`,
+                ``,
+                `The specified resource (applicationId or endpointId) does not exist`,
+                `or does not belong to the current user.`,
+                `Verify the ID is correct. You can use igniral_list_applications to check existing apps.`,
+            ].join("\n");
+        case 409:
+            return [
+                `❌ Error ${context}: Conflict — resource already exists.`,
+                `Server message: ${serverMessage}`,
+                ``,
+                `A resource with that name, subdomain, or endpoint path already exists.`,
+                `Try a different name or path and retry the request.`,
+            ].join("\n");
+        case 429:
+            return [
+                `🛑 FATAL Error ${context}: Too many requests.`,
+                `Server message: ${serverMessage}`,
+                ``,
+                `The rate limit has been exceeded. You MUST stop immediately.`,
+                `Do NOT retry. Do NOT call any other Igniral tools.`,
+                `Tell the user to wait a few minutes before trying again.`,
+            ].join("\n");
+        case 500:
+        case 502:
+        case 503:
+            return [
+                `❌ Error ${context}: Server error (${status}).`,
+                `Server message: ${serverMessage}`,
+                ``,
+                `The Igniral backend is experiencing issues.`,
+                `Ask the user to try again later. Do NOT retry automatically.`,
+            ].join("\n");
+        case 0:
+            return [
+                `❌ Error ${context}: Network error.`,
+                `Details: ${serverMessage}`,
+                ``,
+                `Could not connect to the Igniral API. This could be a network issue`,
+                `or the API server might be down.`,
+                `Tell the user to check their internet connection and IGNIRAL_API_URL configuration.`,
+            ].join("\n");
+        default:
+            return [
+                `❌ Error ${context}: Unexpected error (HTTP ${status}).`,
+                `Server message: ${serverMessage}`,
+                ``,
+                `An unexpected error occurred. Tell the user about this error`,
+                `and ask them to try again later.`,
+            ].join("\n");
+    }
+}
+/**
+ * Formats a Zod validation error into a helpful message for the agent.
+ */
+export function handleValidationError(error) {
+    if (error && typeof error === "object" && "issues" in error) {
+        const issues = error.issues;
+        const details = issues
+            .map((i) => `  • ${i.path.join(".")}: ${i.message}`)
+            .join("\n");
+        return [
+            `❌ Validation Error: The parameters you provided are invalid.`,
+            ``,
+            `Issues:`,
+            details,
+            ``,
+            `Please fix these issues and try again with corrected values.`,
+        ].join("\n");
+    }
+    const message = error instanceof Error ? error.message : "Unknown validation error";
+    return `❌ Validation Error: ${message}. Please check the parameters and try again.`;
+}
+//# sourceMappingURL=error-handler.js.map

package/dist/utils/error-handler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"error-handler.js","sourceRoot":"","sources":["../../src/utils/error-handler.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH;;;;;;;GAOG;AACH,MAAM,UAAU,cAAc,CAC5B,QAAqB,EACrB,OAAe;IAEf,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;IAC/B,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,IAAI,eAAe,CAAC;IAExD,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,GAAG;YACN,OAAO;gBACL,WAAW,OAAO,gBAAgB;gBAClC,mBAAmB,aAAa,EAAE;gBAClC,EAAE;gBACF,wDAAwD;gBACxD,2EAA2E;aAC5E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEf,KAAK,GAAG;YACN,OAAO;gBACL,WAAW,OAAO,0BAA0B;gBAC5C,mBAAmB,aAAa,EAAE;gBAClC,EAAE;gBACF,yFAAyF;gBACzF,6FAA6F;gBAC7F,gFAAgF;gBAChF,iEAAiE;aAClE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEf,KAAK,GAAG;YACN,OAAO;gBACL,WAAW,OAAO,kBAAkB;gBACpC,mBAAmB,aAAa,EAAE;gBAClC,EAAE;gBACF,2DAA2D;gBAC3D,oDAAoD;gBACpD,0FAA0F;aAC3F,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEf,KAAK,GAAG;YACN,OAAO;gBACL,WAAW,OAAO,uBAAuB;gBACzC,mBAAmB,aAAa,EAAE;gBAClC,EAAE;gBACF,qEAAqE;gBACrE,yCAAyC;gBACzC,yFAAyF;aAC1F,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEf,KAAK,GAAG;YACN,OAAO;gBACL,WAAW,OAAO,uCAAuC;gBACzD,mBAAmB,aAAa,EAAE;gBAClC,EAAE;gBACF,wEAAwE;gBACxE,qDAAqD;aACtD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEf,KAAK,GAAG;YACN,OAAO;gBACL,kBAAkB,OAAO,sBAAsB;gBAC/C,mBAAmB,aAAa,EAAE;gBAClC,EAAE;gBACF,8DAA8D;gBAC9D,oDAAoD;gBACpD,0DAA0D;aAC3D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEf,KAAK,GAAG,CAAC;QACT,KAAK,GAAG,CAAC;QACT,KAAK,GAAG;YACN,OAAO;gBACL,WAAW,OAAO,mBAAmB,MAAM,IAAI;gBAC/C,mBAAmB,aAAa,EAAE;gBAClC,EAAE;gBACF,6CAA6C;gBAC7C,8DAA8D;aAC/D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEf,KAAK,CAAC;YACJ,OAAO;gBACL,WAAW,OAAO,kBAAkB;gBACpC,YAAY,aAAa,EAAE;gBAC3B,EAAE;gBACF,qEAAqE;gBACrE,kCAAkC;gBAClC,qFAAqF;aACtF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEf;YACE,OAAO;gBACL,WAAW,OAAO,4BAA4B,MAAM,IAAI;gBACxD,mBAAmB,aAAa,EAAE;gBAClC,EAAE;gBACF,8DAA8D;gBAC9D,kCAAkC;aACnC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,KAAc;IAClD,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,QAAQ,IAAI,KAAK,EAAE,CAAC;QAC5D,MAAM,MAAM,GAAI,KAAgE,CAAC,MAAM,CAAC;QACxF,MAAM,OAAO,GAAG,MAAM;aACnB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC;aACnD,IAAI,CAAC,IAAI,CAAC,CAAC;QACd,OAAO;YACL,8DAA8D;YAC9D,EAAE;YACF,SAAS;YACT,OAAO;YACP,EAAE;YACF,8DAA8D;SAC/D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC;IAED,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,0BAA0B,CAAC;IACpF,OAAO,uBAAuB,OAAO,8CAA8C,CAAC;AACtF,CAAC"}

package/dist/utils/response-wrapper.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Response Wrapper
+ *
+ * Wraps raw API responses in instructional text that helps the AI agent
+ * understand results and take appropriate next actions.
+ * This is the "trick" that makes MCP effective — the agent reads plain
+ * text, not raw JSON.
+ */
+/**
+ * Wraps a successful application creation response.
+ */
+export declare function wrapApplicationCreated(data: Record<string, unknown>): string;
+/**
+ * Wraps a successful endpoint creation response.
+ */
+export declare function wrapEndpointCreated(data: Record<string, unknown>): string;
+/**
+ * Wraps a successful schema generation (Tool 1) response.
+ */
+export declare function wrapGenerationComplete(data: Record<string, unknown>): string;
+/**
+ * Wraps a list of applications response.
+ */
+export declare function wrapApplicationList(data: Record<string, unknown>): string;
+//# sourceMappingURL=response-wrapper.d.ts.map

package/dist/utils/response-wrapper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"response-wrapper.d.ts","sourceRoot":"","sources":["../../src/utils/response-wrapper.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAgB5E;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAqBzE;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAe5E;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC5B,MAAM,CA2BR"}

package/dist/utils/response-wrapper.js

@@ -0,0 +1,98 @@
+/**
+ * Response Wrapper
+ *
+ * Wraps raw API responses in instructional text that helps the AI agent
+ * understand results and take appropriate next actions.
+ * This is the "trick" that makes MCP effective — the agent reads plain
+ * text, not raw JSON.
+ */
+/**
+ * Wraps a successful application creation response.
+ */
+export function wrapApplicationCreated(data) {
+    const id = data.id || "unknown";
+    const name = data.name || "unknown";
+    const subdomain = data.subdomain || "none";
+    return [
+        `✅ Success. Application created.`,
+        ``,
+        `• Application ID: ${id}`,
+        `• Name: ${name}`,
+        `• Subdomain: ${subdomain}`,
+        ``,
+        `You now have the applicationId needed to create endpoints.`,
+        `Use the igniral_create_dynamic_endpoint tool to add API endpoints to this application.`,
+        `Ask the user what data/resources their application should manage (e.g., users, products, orders).`,
+    ].join("\n");
+}
+/**
+ * Wraps a successful endpoint creation response.
+ */
+export function wrapEndpointCreated(data) {
+    const id = data.id || "unknown";
+    const path = data.endpointPath || "unknown";
+    const methods = Array.isArray(data.allowedMethods)
+        ? data.allowedMethods.join(", ")
+        : "unknown";
+    const visibility = data.visibility || "PRIVATE";
+    const securityPolicy = data.securityPolicy || "NONE";
+    return [
+        `✅ Success. Dynamic endpoint created.`,
+        ``,
+        `• Endpoint ID: ${id}`,
+        `• Path: ${path}`,
+        `• Methods: ${methods}`,
+        `• Visibility: ${visibility}`,
+        `• Security Policy: ${securityPolicy}`,
+        ``,
+        `Ask the user if they want to create another endpoint for this application,`,
+        `or if the application is ready for use.`,
+    ].join("\n");
+}
+/**
+ * Wraps a successful schema generation (Tool 1) response.
+ */
+export function wrapGenerationComplete(data) {
+    const applicationId = data.applicationId || "unknown";
+    const applicationName = data.applicationName || "unknown";
+    return [
+        `✅ Success. Application fully generated.`,
+        ``,
+        `• Application ID: ${applicationId}`,
+        `• Application Name: ${applicationName}`,
+        ``,
+        `The application was created with all endpoints, roles, and permissions automatically.`,
+        `You do NOT need to call create_application or create_endpoint — everything is already set up.`,
+        ``,
+        `Show this information to the user and ask if they would like to make any modifications.`,
+    ].join("\n");
+}
+/**
+ * Wraps a list of applications response.
+ */
+export function wrapApplicationList(data) {
+    // The API returns a Page object with content array
+    const content = data.content || [];
+    if (content.length === 0) {
+        return [
+            `ℹ️ The user has no applications yet.`,
+            ``,
+            `You can help them create one using:`,
+            `• igniral_generate_schema_from_prompt — for automatic generation from a description`,
+            `• igniral_create_application — for manual step-by-step creation`,
+        ].join("\n");
+    }
+    const appLines = content.map((app, i) => {
+        const status = app.status ? "🟢 Active" : "🔴 Inactive";
+        const privacy = app.private ? "🔒 Private" : "🌐 Public";
+        return `${i + 1}. ${app.name} (ID: ${app.id}) — ${status} | ${privacy}`;
+    });
+    return [
+        `📋 User's applications (${content.length} total):`,
+        ``,
+        ...appLines,
+        ``,
+        `To add endpoints to an existing application, use igniral_create_dynamic_endpoint with the application ID.`,
+    ].join("\n");
+}
+//# sourceMappingURL=response-wrapper.js.map

package/dist/utils/response-wrapper.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"response-wrapper.js","sourceRoot":"","sources":["../../src/utils/response-wrapper.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,IAA6B;IAClE,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,SAAS,CAAC;IAChC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,SAAS,CAAC;IACpC,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC;IAE3C,OAAO;QACL,iCAAiC;QACjC,EAAE;QACF,qBAAqB,EAAE,EAAE;QACzB,WAAW,IAAI,EAAE;QACjB,gBAAgB,SAAS,EAAE;QAC3B,EAAE;QACF,4DAA4D;QAC5D,wFAAwF;QACxF,mGAAmG;KACpG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAA6B;IAC/D,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,SAAS,CAAC;IAChC,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,IAAI,SAAS,CAAC;IAC5C,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC;QAChD,CAAC,CAAE,IAAI,CAAC,cAA2B,CAAC,IAAI,CAAC,IAAI,CAAC;QAC9C,CAAC,CAAC,SAAS,CAAC;IACd,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,SAAS,CAAC;IAChD,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,IAAI,MAAM,CAAC;IAErD,OAAO;QACL,sCAAsC;QACtC,EAAE;QACF,kBAAkB,EAAE,EAAE;QACtB,WAAW,IAAI,EAAE;QACjB,cAAc,OAAO,EAAE;QACvB,iBAAiB,UAAU,EAAE;QAC7B,sBAAsB,cAAc,EAAE;QACtC,EAAE;QACF,4EAA4E;QAC5E,yCAAyC;KAC1C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,IAA6B;IAClE,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,IAAI,SAAS,CAAC;IACtD,MAAM,eAAe,GAAG,IAAI,CAAC,eAAe,IAAI,SAAS,CAAC;IAE1D,OAAO;QACL,yCAAyC;QACzC,EAAE;QACF,qBAAqB,aAAa,EAAE;QACpC,uBAAuB,eAAe,EAAE;QACxC,EAAE;QACF,uFAAuF;QACvF,+FAA+F;QAC/F,EAAE;QACF,yFAAyF;KAC1F,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CACjC,IAA6B;IAE7B,mDAAmD;IACnD,MAAM,OAAO,GAAI,IAAI,CAAC,OAAqC,IAAI,EAAE,CAAC;IAElE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO;YACL,sCAAsC;YACtC,EAAE;YACF,qCAAqC;YACrC,qFAAqF;YACrF,iEAAiE;SAClE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE;QACtC,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,aAAa,CAAC;QACxD,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,WAAW,CAAC;QACzD,OAAO,GAAG,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,IAAI,SAAS,GAAG,CAAC,EAAE,OAAO,MAAM,MAAM,OAAO,EAAE,CAAC;IAC1E,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,2BAA2B,OAAO,CAAC,MAAM,UAAU;QACnD,EAAE;QACF,GAAG,QAAQ;QACX,EAAE;QACF,2GAA2G;KAC5G,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC"}

package/dist/validation/schemas.d.ts

@@ -0,0 +1,147 @@
+/**
+ * Zod validation schemas for all MCP tool inputs.
+ *
+ * These schemas validate the parameters that the AI agent sends
+ * BEFORE forwarding requests to the Igniral backend.
+ * This prevents hallucinated or malformed data from reaching the API.
+ */
+import { z } from "zod";
+/**
+ * Tool 1: igniral_generate_schema_from_prompt
+ * Validates the natural language prompt for auto-generation.
+ */
+export declare const generateSchemaInput: z.ZodObject<{
+    prompt: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    prompt: string;
+}, {
+    prompt: string;
+}>;
+/**
+ * Tool 2: igniral_create_application
+ * Validates application creation parameters.
+ * Maps to ApplicationRequest DTO in json-elements.
+ */
+export declare const createApplicationInput: z.ZodObject<{
+    name: z.ZodString;
+    description: z.ZodString;
+    version: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+    subdomain: z.ZodOptional<z.ZodString>;
+    aiGeneratedContext: z.ZodOptional<z.ZodString>;
+    isPrivate: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+}, "strip", z.ZodTypeAny, {
+    name: string;
+    description: string;
+    version: string;
+    isPrivate: boolean;
+    subdomain?: string | undefined;
+    aiGeneratedContext?: string | undefined;
+}, {
+    name: string;
+    description: string;
+    version?: string | undefined;
+    subdomain?: string | undefined;
+    aiGeneratedContext?: string | undefined;
+    isPrivate?: boolean | undefined;
+}>;
+/**
+ * Tool 3: igniral_create_dynamic_endpoint
+ * Validates endpoint creation parameters.
+ * Maps to DynamicEndpointRequest DTO in json-elements.
+ */
+export declare const createEndpointInput: z.ZodEffects<z.ZodObject<{
+    applicationId: z.ZodString;
+    endpointPath: z.ZodString;
+    allowedMethods: z.ZodArray<z.ZodEnum<["GET", "POST", "PUT", "DELETE"]>, "many">;
+    schemaDefinition: z.ZodEffects<z.ZodRecord<z.ZodString, z.ZodUnknown>, Record<string, unknown>, Record<string, unknown>>;
+    type: z.ZodDefault<z.ZodOptional<z.ZodEnum<["JSON", "FILE"]>>>;
+    visibility: z.ZodDefault<z.ZodOptional<z.ZodEnum<["PUBLIC", "PRIVATE"]>>>;
+    securityPolicy: z.ZodDefault<z.ZodOptional<z.ZodEnum<["NONE", "OWNER_ONLY", "CLAIM_FILTER"]>>>;
+    securityConfig: z.ZodOptional<z.ZodObject<{
+        claimFilterRules: z.ZodArray<z.ZodObject<{
+            payloadPath: z.ZodString;
+            claimName: z.ZodString;
+        }, "strip", z.ZodTypeAny, {
+            payloadPath: string;
+            claimName: string;
+        }, {
+            payloadPath: string;
+            claimName: string;
+        }>, "many">;
+    }, "strip", z.ZodTypeAny, {
+        claimFilterRules: {
+            payloadPath: string;
+            claimName: string;
+        }[];
+    }, {
+        claimFilterRules: {
+            payloadPath: string;
+            claimName: string;
+        }[];
+    }>>;
+    endpointDocumentation: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    type: "JSON" | "FILE";
+    applicationId: string;
+    endpointPath: string;
+    allowedMethods: ("POST" | "GET" | "PUT" | "DELETE")[];
+    schemaDefinition: Record<string, unknown>;
+    visibility: "PUBLIC" | "PRIVATE";
+    securityPolicy: "NONE" | "OWNER_ONLY" | "CLAIM_FILTER";
+    securityConfig?: {
+        claimFilterRules: {
+            payloadPath: string;
+            claimName: string;
+        }[];
+    } | undefined;
+    endpointDocumentation?: string | undefined;
+}, {
+    applicationId: string;
+    endpointPath: string;
+    allowedMethods: ("POST" | "GET" | "PUT" | "DELETE")[];
+    schemaDefinition: Record<string, unknown>;
+    type?: "JSON" | "FILE" | undefined;
+    visibility?: "PUBLIC" | "PRIVATE" | undefined;
+    securityPolicy?: "NONE" | "OWNER_ONLY" | "CLAIM_FILTER" | undefined;
+    securityConfig?: {
+        claimFilterRules: {
+            payloadPath: string;
+            claimName: string;
+        }[];
+    } | undefined;
+    endpointDocumentation?: string | undefined;
+}>, {
+    type: "JSON" | "FILE";
+    applicationId: string;
+    endpointPath: string;
+    allowedMethods: ("POST" | "GET" | "PUT" | "DELETE")[];
+    schemaDefinition: Record<string, unknown>;
+    visibility: "PUBLIC" | "PRIVATE";
+    securityPolicy: "NONE" | "OWNER_ONLY" | "CLAIM_FILTER";
+    securityConfig?: {
+        claimFilterRules: {
+            payloadPath: string;
+            claimName: string;
+        }[];
+    } | undefined;
+    endpointDocumentation?: string | undefined;
+}, {
+    applicationId: string;
+    endpointPath: string;
+    allowedMethods: ("POST" | "GET" | "PUT" | "DELETE")[];
+    schemaDefinition: Record<string, unknown>;
+    type?: "JSON" | "FILE" | undefined;
+    visibility?: "PUBLIC" | "PRIVATE" | undefined;
+    securityPolicy?: "NONE" | "OWNER_ONLY" | "CLAIM_FILTER" | undefined;
+    securityConfig?: {
+        claimFilterRules: {
+            payloadPath: string;
+            claimName: string;
+        }[];
+    } | undefined;
+    endpointDocumentation?: string | undefined;
+}>;
+export type GenerateSchemaInput = z.infer<typeof generateSchemaInput>;
+export type CreateApplicationInput = z.infer<typeof createApplicationInput>;
+export type CreateEndpointInput = z.infer<typeof createEndpointInput>;
+//# sourceMappingURL=schemas.d.ts.map

package/dist/validation/schemas.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"schemas.d.ts","sourceRoot":"","sources":["../../src/validation/schemas.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB;;;GAGG;AACH,eAAO,MAAM,mBAAmB;;;;;;EAK9B,CAAC;AAEH;;;;GAIG;AACH,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;EAgBjC,CAAC;AAgBH;;;;GAIG;AACH,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAkC7B,CAAC;AAGJ,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AACtE,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAC5E,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC"}

package/dist/validation/schemas.js

@@ -0,0 +1,81 @@
+/**
+ * Zod validation schemas for all MCP tool inputs.
+ *
+ * These schemas validate the parameters that the AI agent sends
+ * BEFORE forwarding requests to the Igniral backend.
+ * This prevents hallucinated or malformed data from reaching the API.
+ */
+import { z } from "zod";
+/**
+ * Tool 1: igniral_generate_schema_from_prompt
+ * Validates the natural language prompt for auto-generation.
+ */
+export const generateSchemaInput = z.object({
+    prompt: z
+        .string()
+        .min(10, "Prompt must be at least 10 characters to generate a meaningful application")
+        .max(2000, "Prompt must be under 2000 characters"),
+});
+/**
+ * Tool 2: igniral_create_application
+ * Validates application creation parameters.
+ * Maps to ApplicationRequest DTO in json-elements.
+ */
+export const createApplicationInput = z.object({
+    name: z
+        .string()
+        .min(1, "Application name is required")
+        .max(100, "Application name must be under 100 characters"),
+    description: z
+        .string()
+        .min(1, "Application description is required")
+        .max(500, "Application description must be under 500 characters"),
+    version: z.string().optional().default("v1"),
+    subdomain: z
+        .string()
+        .regex(/^[a-z0-9-]+$/, "Subdomain must contain only lowercase letters, numbers, and hyphens")
+        .optional(),
+    aiGeneratedContext: z.string().optional(),
+    isPrivate: z.boolean().optional().default(true),
+});
+/**
+ * Security config for CLAIM_FILTER policy.
+ */
+const securityConfigSchema = z.object({
+    claimFilterRules: z
+        .array(z.object({
+        payloadPath: z.string().min(1, "payloadPath is required"),
+        claimName: z.string().min(1, "claimName is required"),
+    }))
+        .min(1, "At least one claim filter rule is required"),
+});
+/**
+ * Tool 3: igniral_create_dynamic_endpoint
+ * Validates endpoint creation parameters.
+ * Maps to DynamicEndpointRequest DTO in json-elements.
+ */
+export const createEndpointInput = z
+    .object({
+    applicationId: z.string().min(1, "applicationId is required"),
+    endpointPath: z
+        .string()
+        .min(1, "endpointPath is required")
+        .regex(/^\/[a-z0-9-/]+$/, "endpointPath must start with / and contain only lowercase letters, numbers, hyphens, and slashes"),
+    allowedMethods: z
+        .array(z.enum(["GET", "POST", "PUT", "DELETE"]))
+        .min(1, "At least one HTTP method is required"),
+    schemaDefinition: z.record(z.unknown()).refine((schema) => schema["type"] !== undefined || schema["$schema"] !== undefined, "schemaDefinition must be a valid JSON Schema with at least a 'type' or '$schema' property"),
+    type: z.enum(["JSON", "FILE"]).optional().default("JSON"),
+    visibility: z.enum(["PUBLIC", "PRIVATE"]).optional().default("PRIVATE"),
+    securityPolicy: z
+        .enum(["NONE", "OWNER_ONLY", "CLAIM_FILTER"])
+        .optional()
+        .default("NONE"),
+    securityConfig: securityConfigSchema.optional(),
+    endpointDocumentation: z.string().optional(),
+})
+    .refine((data) => data.securityPolicy !== "CLAIM_FILTER" || data.securityConfig != null, {
+    message: "securityConfig with claimFilterRules is required when securityPolicy is CLAIM_FILTER",
+    path: ["securityConfig"],
+});
+//# sourceMappingURL=schemas.js.map

package/dist/validation/schemas.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"schemas.js","sourceRoot":"","sources":["../../src/validation/schemas.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB;;;GAGG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1C,MAAM,EAAE,CAAC;SACN,MAAM,EAAE;SACR,GAAG,CAAC,EAAE,EAAE,4EAA4E,CAAC;SACrF,GAAG,CAAC,IAAI,EAAE,sCAAsC,CAAC;CACrD,CAAC,CAAC;AAEH;;;;GAIG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC7C,IAAI,EAAE,CAAC;SACJ,MAAM,EAAE;SACR,GAAG,CAAC,CAAC,EAAE,8BAA8B,CAAC;SACtC,GAAG,CAAC,GAAG,EAAE,+CAA+C,CAAC;IAC5D,WAAW,EAAE,CAAC;SACX,MAAM,EAAE;SACR,GAAG,CAAC,CAAC,EAAE,qCAAqC,CAAC;SAC7C,GAAG,CAAC,GAAG,EAAE,sDAAsD,CAAC;IACnE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IAC5C,SAAS,EAAE,CAAC;SACT,MAAM,EAAE;SACR,KAAK,CAAC,cAAc,EAAE,qEAAqE,CAAC;SAC5F,QAAQ,EAAE;IACb,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACzC,SAAS,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;CAChD,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IACpC,gBAAgB,EAAE,CAAC;SAChB,KAAK,CACJ,CAAC,CAAC,MAAM,CAAC;QACP,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,yBAAyB,CAAC;QACzD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,uBAAuB,CAAC;KACtD,CAAC,CACH;SACA,GAAG,CAAC,CAAC,EAAE,4CAA4C,CAAC;CACxD,CAAC,CAAC;AAEH;;;;GAIG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC;KACjC,MAAM,CAAC;IACN,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,2BAA2B,CAAC;IAC7D,YAAY,EAAE,CAAC;SACZ,MAAM,EAAE;SACR,GAAG,CAAC,CAAC,EAAE,0BAA0B,CAAC;SAClC,KAAK,CACJ,iBAAiB,EACjB,kGAAkG,CACnG;IACH,cAAc,EAAE,CAAC;SACd,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC;SAC/C,GAAG,CAAC,CAAC,EAAE,sCAAsC,CAAC;IACjD,gBAAgB,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,MAAM,CAC5C,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,SAAS,IAAI,MAAM,CAAC,SAAS,CAAC,KAAK,SAAS,EAC3E,2FAA2F,CAC5F;IACD,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC;IACzD,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;IACvE,cAAc,EAAE,CAAC;SACd,IAAI,CAAC,CAAC,MAAM,EAAE,YAAY,EAAE,cAAc,CAAC,CAAC;SAC5C,QAAQ,EAAE;SACV,OAAO,CAAC,MAAM,CAAC;IAClB,cAAc,EAAE,oBAAoB,CAAC,QAAQ,EAAE;IAC/C,qBAAqB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAC7C,CAAC;KACD,MAAM,CACL,CAAC,IAAI,EAAE,EAAE,CACP,IAAI,CAAC,cAAc,KAAK,cAAc,IAAI,IAAI,CAAC,cAAc,IAAI,IAAI,EACvE;IACE,OAAO,EACL,sFAAsF;IACxF,IAAI,EAAE,CAAC,gBAAgB,CAAC;CACzB,CACF,CAAC"}

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "igniral-mcp-server",
+  "version": "1.0.4",
+  "description": "Igniral MCP Server — Model Context Protocol bridge for AI agents to interact with Igniral's backend APIs",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "type": "module",
+  "bin": {
+    "igniral-mcp-server": "dist/index.js"
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "npm run build",
+    "start": "node dist/index.js",
+    "dev": "tsx src/index.ts",
+    "inspect": "npx @modelcontextprotocol/inspector tsx src/index.ts"
+  },
+  "keywords": [
+    "mcp",
+    "igniral",
+    "ai",
+    "api",
+    "model-context-protocol",
+    "claude",
+    "cursor"
+  ],
+  "author": "Igniral",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/igniral/igniral-mcp-server.git"
+  },
+  "homepage": "https://github.com/igniral/igniral-mcp-server#readme",
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.12.1",
+    "zod": "^3.24.4",
+    "eventsource": "^3.0.7"
+  },
+  "devDependencies": {
+    "typescript": "^5.8.3",
+    "tsx": "^4.19.4",
+    "@types/node": "^22.15.3",
+    "@types/eventsource": "^1.1.15"
+  }
+}