karrito-mcp 2.0.2 → 3.0.0

package/README.md

@@ -54,7 +54,7 @@ Add to your MCP configuration:
 
 | Variable | Required | Description |
 |----------|----------|-------------|
-| `KARRITO_API_KEY` | For authenticated tools | Your Karrito API key from [Settings > API](https://karrito.shop/settings/api) |
+| `KARRITO_API_KEY` | For authenticated tools | Your Karrito API key from [Settings > Integrations](https://karrito.shop/admin/settings) |
 | `KARRITO_API_URL` | No | Custom API URL (default: `https://karrito.shop`) |
 
 ## Resources (5)
@@ -64,10 +64,10 @@ Static data about Karrito — no authentication required.
 | Resource | URI | Description |
 |----------|-----|-------------|
 | Pricing | `karrito://pricing` | Plans, prices, and features comparison |
-| Features | `karrito://features` | Complete feature list (core, pro, upcoming) |
+| Features | `karrito://features` | Complete feature list (core, pro, lifetime, upcoming) |
 | Niches | `karrito://niches` | All 50 available store niches |
 | Competitors | `karrito://competitors` | 19 competitors compared with Karrito advantages |
-| Currencies | `karrito://currencies` | 6 supported LATAM currencies |
+| Currencies | `karrito://currencies` | 6 supported currencies (DOP, USD, MXN, COP, ARS, BRL) |
 
 ## Tools (30)
 
@@ -75,7 +75,7 @@ Static data about Karrito — no authentication required.
 
 | Tool | Description |
 |------|-------------|
-| `search_catalogs` | Search public catalogs by keyword |
+| `search_catalogs` | Search published catalogs by keyword |
 | `get_niche_info` | Get info about a specific niche |
 
 ### Products (auth required)
@@ -102,7 +102,7 @@ Static data about Karrito — no authentication required.
 |------|-------------|
 | `list_my_orders` | List orders with optional status filter |
 | `get_order` | Get detailed order info |
-| `update_order_status` | Change order status (confirm, ship, deliver, cancel) |
+| `update_order_status` | Change order status (PENDING, CONFIRMED, COMPLETED, CANCELLED) |
 
 ### Store (auth required)
 
@@ -151,55 +151,73 @@ Static data about Karrito — no authentication required.
 | `update_shipping_option` | Update a shipping option |
 | `delete_shipping_option` | Delete a shipping option |
 
-## Usage examples
-
-### Browse public catalogs
+## Order status flow
 
-> "Search for bakery catalogs on Karrito"
+```
+PENDING → CONFIRMED → COMPLETED
+   ↓          ↓
+CANCELLED  CANCELLED
+```
 
-The assistant will use `search_catalogs` with query "bakery" to find matching stores.
+- `PENDING`: New order, not yet confirmed
+- `CONFIRMED`: Order accepted by seller
+- `COMPLETED`: Order delivered/fulfilled (terminal)
+- `CANCELLED`: Order cancelled (terminal)
 
-### Explore niches
+## Usage examples
 
-> "What niches does Karrito support for food businesses?"
+### Browse public catalogs
 
-The assistant will use `get_niche_info` to search food-related niches.
+> "Search for bakery catalogs on Karrito"
 
 ### Manage your catalog
 
 > "List all my products and add a new one called 'Chocolate Cake' at $15"
 
-The assistant will use `list_my_products` and `create_product` (requires `KARRITO_API_KEY`).
-
 ### Manage orders
 
 > "Show me all pending orders and confirm the first one"
 
-The assistant will use `list_my_orders` with status filter and `update_order_status`.
-
 ### Create discounts
 
 > "Create a 20% discount code VERANO20 that expires on December 31"
 
-The assistant will use `create_discount` with the provided parameters.
-
-### Moderate reviews
-
-> "Show me pending reviews and approve the ones with 4+ stars"
-
-The assistant will use `list_reviews` with status "pending" and `moderate_review`.
-
 ### Get analytics
 
 > "How is my store performing? Show me the stats"
 
-The assistant will use `get_analytics` to retrieve store metrics.
-
 ### Compare platforms
 
 > "How does Karrito compare to Shopify and TiendaNube?"
 
-The assistant will read the `karrito://competitors` resource.
+## Changelog
+
+### v3.0.0 (2026-03-23)
+
+**Breaking changes:**
+- Order status values are now UPPERCASE: `PENDING`, `CONFIRMED`, `COMPLETED`, `CANCELLED`
+- Removed `shipped` and `delivered` statuses (use `COMPLETED` instead)
+- `create_shipping_option` no longer accepts `description` or `estimatedDays` (not supported by API)
+- `update_shipping_option` no longer accepts `description` or `estimatedDays`
+
+**Bug fixes:**
+- Fixed `search_catalogs` — was calling non-existent endpoint, now works correctly
+- Fixed `update_order_status` — was sending wrong status enum values
+- Fixed `list_my_orders` status filter — was offering invalid status values
+- Fixed `get_customer` — was returning list instead of individual customer
+- Fixed pricing resource — `removeBranding` was incorrectly marked as Pro (it's Lifetime only)
+- Fixed features resource — "Remove branding" moved from Pro to Lifetime section
+- Fixed currencies resource — added BRL (Brazilian Real), removed CLP (not supported)
+- Fixed auth error message URL — now points to correct page (`/admin/settings`)
+- Fixed order status update URL path (`/orders/:id` instead of `/orders/:id/status`)
+
+**Improvements:**
+- Unified version across all files (was 4 different versions)
+- Centralized auth error handling via shared `auth-guard.ts`
+- Added `lifetime` section to features resource
+- Added `position` field to `update_shipping_option`
+- Added `comparePrice` and `isActive` to `create_product`
+- Better tool descriptions with valid status values documented
 
 ## Development
 

package/dist/index.js

@@ -19,9 +19,12 @@ import { register as registerReviewTools } from './tools/reviews.js';
 import { register as registerCustomerTools } from './tools/customers.js';
 import { register as registerStatsTools } from './tools/stats.js';
 import { register as registerShippingTools } from './tools/shipping.js';
+const VERSION = '3.0.0';
+const TOOLS = 30;
+const RESOURCES = 5;
 const server = new McpServer({
     name: 'karrito',
-    version: '2.0.0',
+    version: VERSION,
 });
 const client = new KarritoApiClient();
 // Register static resources (public, no auth needed)
@@ -77,13 +80,10 @@ async function main() {
         : 'not configured';
     // Verify connection if API key is present
     const { store, latency, error } = await verifyConnection();
-    const VERSION = '2.0.1';
-    const TOOLS = 30;
-    const RESOURCES = 5;
     line('');
     line(`  ${c.green}╔${'═'.repeat(51)}╗${c.reset}`);
     line(`  ${c.green}║${c.reset}                                                   ${c.green}║${c.reset}`);
-    line(`  ${c.green}║${c.reset}   ${c.bold}${c.green}🛒  Karrito MCP Server${c.reset}  ${c.dim}v${VERSION}${c.reset}                  ${c.green}║${c.reset}`);
+    line(`  ${c.green}║${c.reset}   ${c.bold}${c.green}Karrito MCP Server${c.reset}  ${c.dim}v${VERSION}${c.reset}                    ${c.green}║${c.reset}`);
     line(`  ${c.green}║${c.reset}                                                   ${c.green}║${c.reset}`);
     line(`  ${c.green}║${c.reset}   ${c.white}${TOOLS} tools${c.reset}  ${c.dim}•${c.reset}  ${c.white}${RESOURCES} resources${c.reset}                       ${c.green}║${c.reset}`);
     line(`  ${c.green}║${c.reset}   ${c.dim}Manage your entire store from AI${c.reset}                ${c.green}║${c.reset}`);
@@ -93,7 +93,7 @@ async function main() {
         line(`  ${c.green}╠${'═'.repeat(51)}╣${c.reset}`);
         line(`  ${c.green}║${c.reset}                                                   ${c.green}║${c.reset}`);
         line(`  ${c.green}║${c.reset}   ${c.dim}Store${c.reset}     ${c.bold}${c.white}${pad(store.name, 36)}${c.reset}  ${c.green}║${c.reset}`);
-        line(`  ${c.green}║${c.reset}   ${c.dim}Plan${c.reset}      ${pad(store.currency, 37)}  ${c.green}║${c.reset}`);
+        line(`  ${c.green}║${c.reset}   ${c.dim}Currency${c.reset}  ${pad(store.currency, 37)}  ${c.green}║${c.reset}`);
         line(`  ${c.green}║${c.reset}   ${c.dim}Products${c.reset}  ${pad(`${store.productCount} active`, 37)}  ${c.green}║${c.reset}`);
         line(`  ${c.green}║${c.reset}   ${c.dim}Orders${c.reset}    ${pad(`${store.orderCount} total`, 37)}  ${c.green}║${c.reset}`);
         line(`  ${c.green}║${c.reset}   ${c.dim}Status${c.reset}    ${store.isPublished ? `${c.green}● Published${c.reset}` : `${c.yellow}○ Unpublished${c.reset}`}${' '.repeat(store.isPublished ? 26 : 24)}  ${c.green}║${c.reset}`);

package/dist/lib/api-client.d.ts

@@ -9,7 +9,7 @@ export declare class KarritoApiClient {
     constructor(options?: ApiOptions);
     get hasApiKey(): boolean;
     private request;
-    searchCatalogs(query?: string): Promise<unknown>;
+    searchCatalogs(query: string): Promise<unknown>;
     checkSlug(slug: string): Promise<{
         available: boolean;
     }>;

package/dist/lib/api-client.js

@@ -1,4 +1,5 @@
 const BASE_URL = process.env.KARRITO_API_URL ?? 'https://karrito.shop';
+const VERSION = '3.0.0';
 export class KarritoApiClient {
     baseUrl;
     apiKey;
@@ -14,7 +15,7 @@ export class KarritoApiClient {
     async request(path, options = {}) {
         const headers = {
             'Content-Type': 'application/json',
-            'User-Agent': 'karrito-mcp/2.0.0',
+            'User-Agent': `karrito-mcp/${VERSION}`,
         };
         if (this.apiKey) {
             headers['Authorization'] = `Bearer ${this.apiKey}`;
@@ -41,8 +42,7 @@ export class KarritoApiClient {
     }
     // --- Public endpoints (no auth) ---
     async searchCatalogs(query) {
-        const params = query ? `?q=${encodeURIComponent(query)}` : '';
-        return this.request(`/api/v1/stores${params}`);
+        return this.request(`/api/v1/catalogs?q=${encodeURIComponent(query)}`);
     }
     async checkSlug(slug) {
         return this.request(`/api/check-slug?slug=${encodeURIComponent(slug)}`);
@@ -101,7 +101,7 @@ export class KarritoApiClient {
         return this.request(`/api/v1/orders/${id}`);
     }
     async updateOrderStatus(id, status) {
-        return this.request(`/api/v1/orders/${id}/status`, {
+        return this.request(`/api/v1/orders/${id}`, {
             method: 'PUT',
             body: JSON.stringify({ status }),
         });
@@ -143,7 +143,7 @@ export class KarritoApiClient {
         return this.request(`/api/v1/reviews?limit=${limit}&offset=${offset}${statusParam}`);
     }
     async moderateReview(id, status) {
-        return this.request(`/api/v1/reviews/${id}/moderate`, {
+        return this.request(`/api/v1/reviews/${id}`, {
             method: 'PUT',
             body: JSON.stringify({ status }),
         });

package/dist/lib/auth-guard.d.ts

@@ -0,0 +1,12 @@
+import type { KarritoApiClient } from './api-client.js';
+export declare function authError(): {
+    content: {
+        type: "text";
+        text: string;
+    }[];
+    isError: boolean;
+};
+/**
+ * Returns an auth error response if the client has no API key, or null if authenticated.
+ */
+export declare function requireAuth(client: KarritoApiClient): ReturnType<typeof authError> | null;

package/dist/lib/auth-guard.js

@@ -0,0 +1,20 @@
+const AUTH_ERROR_MESSAGE = 'Authentication required. Set the KARRITO_API_KEY environment variable. Generate one at https://karrito.shop/admin/settings (Integrations tab).';
+export function authError() {
+    return {
+        content: [
+            {
+                type: 'text',
+                text: AUTH_ERROR_MESSAGE,
+            },
+        ],
+        isError: true,
+    };
+}
+/**
+ * Returns an auth error response if the client has no API key, or null if authenticated.
+ */
+export function requireAuth(client) {
+    if (!client.hasApiKey)
+        return authError();
+    return null;
+}

package/dist/resources/currencies.js

@@ -1,18 +1,18 @@
 const CURRENCIES_DATA = {
     supported: [
         { code: 'DOP', name: 'Peso dominicano', symbol: 'RD$', country: 'Republica Dominicana', decimalPlaces: 2 },
+        { code: 'USD', name: 'US Dollar', symbol: '$', country: 'United States / International', decimalPlaces: 2 },
         { code: 'MXN', name: 'Peso mexicano', symbol: '$', country: 'Mexico', decimalPlaces: 2 },
         { code: 'COP', name: 'Peso colombiano', symbol: '$', country: 'Colombia', decimalPlaces: 0 },
         { code: 'ARS', name: 'Peso argentino', symbol: '$', country: 'Argentina', decimalPlaces: 2 },
-        { code: 'CLP', name: 'Peso chileno', symbol: '$', country: 'Chile', decimalPlaces: 0 },
-        { code: 'USD', name: 'US Dollar', symbol: '$', country: 'United States / International', decimalPlaces: 2 },
+        { code: 'BRL', name: 'Real brasileno', symbol: 'R$', country: 'Brasil', decimalPlaces: 2 },
     ],
     default: 'DOP',
     notes: 'Currency is set per store. Prices display with the local symbol and formatting. No currency conversion is performed — sellers set prices in their local currency.',
 };
 export function register(server) {
     server.resource('currencies', 'karrito://currencies', {
-        description: 'Supported currencies in Karrito — 6 LATAM currencies with formatting details',
+        description: 'Supported currencies in Karrito — 6 currencies with formatting details',
         mimeType: 'application/json',
     }, async (uri) => ({
         contents: [

package/dist/resources/features.js

@@ -4,7 +4,7 @@ const FEATURES_DATA = {
         { name: 'WhatsApp checkout', description: 'Customers order via WhatsApp message — no payment gateway needed' },
         { name: 'Custom slug', description: 'Your store at karrito.shop/your-name or custom domain' },
         { name: 'Mobile-first', description: 'Optimized for mobile browsers where 90%+ LATAM traffic comes from' },
-        { name: 'Multi-currency', description: 'DOP, MXN, COP, ARS, CLP, USD supported natively' },
+        { name: 'Multi-currency', description: 'DOP, MXN, COP, ARS, BRL, USD supported natively' },
         { name: 'Product variants', description: 'Size, color, flavor — any variant type (Pro+)' },
         { name: 'Categories', description: 'Organize products with drag-and-drop categories' },
         { name: 'Product images', description: 'Up to 5 images per product with automatic optimization' },
@@ -14,10 +14,16 @@ const FEATURES_DATA = {
     pro: [
         { name: 'Analytics dashboard', description: 'Views, clicks, orders, top products, conversion funnel' },
         { name: 'Custom domain', description: 'Use your own domain (e.g., tienda.tudominio.com)' },
-        { name: 'Remove branding', description: 'No "Powered by Karrito" badge' },
         { name: 'Priority support', description: 'WhatsApp support with <4h response time' },
         { name: 'Bulk import', description: 'Import products via CSV' },
         { name: 'Order history', description: 'Track and manage customer orders' },
+        { name: 'Discount codes', description: 'Percentage or fixed amount discount codes' },
+        { name: 'API access', description: 'REST API + MCP server for AI-powered store management' },
+    ],
+    lifetime: [
+        { name: 'Remove branding', description: 'No "Powered by Karrito" badge on your catalog' },
+        { name: 'Dedicated setup', description: 'We help you set up your store and import products' },
+        { name: 'Unlimited everything', description: 'No limits on products, categories, or staff' },
     ],
     upcoming: [
         { name: 'AI product descriptions', description: 'Generate compelling product descriptions with AI' },
@@ -30,7 +36,7 @@ const FEATURES_DATA = {
 };
 export function register(server) {
     server.resource('features', 'karrito://features', {
-        description: 'Complete list of Karrito features — core, pro, and upcoming',
+        description: 'Complete list of Karrito features — core, pro, lifetime, and upcoming',
         mimeType: 'application/json',
     }, async (uri) => ({
         contents: [

package/dist/resources/pricing.js

@@ -21,7 +21,7 @@ const PRICING_DATA = {
             variants: true,
             analytics: true,
             customDomain: true,
-            removeBranding: true,
+            removeBranding: false,
         },
         {
             name: 'Lifetime',
@@ -33,6 +33,7 @@ const PRICING_DATA = {
             analytics: true,
             customDomain: true,
             removeBranding: true,
+            dedicatedSetup: true,
         },
     ],
     commissions: 'Never. 0% on all plans.',

package/dist/tools/catalog.js

@@ -2,7 +2,7 @@ import { z } from 'zod';
 import { NICHES_DATA } from '../resources/niches.js';
 export function register(server, client) {
     // --- search_catalogs (public, no auth) ---
-    server.tool('search_catalogs', 'Search public Karrito catalogs by keyword. No authentication required.', {
+    server.tool('search_catalogs', 'Search public Karrito catalogs by keyword (store name, product, or niche). No authentication required. Returns published stores matching the query.', {
         query: z.string().min(1).max(100).describe('Search query — store name, product, or niche'),
     }, async ({ query }) => {
         try {

package/dist/tools/categories.js

@@ -1,96 +1,53 @@
 import { z } from 'zod';
+import { requireAuth } from '../lib/auth-guard.js';
 export function register(server, client) {
-    // --- list_categories (auth required) ---
-    server.tool('list_categories', 'List categories in your Karrito store. Requires KARRITO_API_KEY environment variable.', {
+    // --- list_categories ---
+    server.tool('list_categories', 'List categories in your Karrito store. Requires KARRITO_API_KEY.', {
         limit: z.number().min(1).max(100).default(50).describe('Max categories to return (1-100)'),
         offset: z.number().min(0).default(0).describe('Pagination offset'),
     }, async ({ limit, offset }) => {
-        if (!client.hasApiKey) {
-            return {
-                content: [
-                    {
-                        type: 'text',
-                        text: 'Authentication required. Set the KARRITO_API_KEY environment variable with your Karrito API key. You can generate one at https://karrito.shop/settings/api',
-                    },
-                ],
-                isError: true,
-            };
-        }
+        const guard = requireAuth(client);
+        if (guard)
+            return guard;
         try {
             const data = await client.listCategories(limit, offset);
-            return {
-                content: [
-                    {
-                        type: 'text',
-                        text: JSON.stringify(data, null, 2),
-                    },
-                ],
-            };
+            return { content: [{ type: 'text', text: JSON.stringify(data, null, 2) }] };
         }
         catch (error) {
             const message = error instanceof Error ? error.message : 'Unknown error';
-            return {
-                content: [{ type: 'text', text: `Error listing categories: ${message}` }],
-                isError: true,
-            };
+            return { content: [{ type: 'text', text: `Error listing categories: ${message}` }], isError: true };
         }
     });
-    // --- create_category (auth required) ---
-    server.tool('create_category', 'Create a new category in your Karrito store. Requires KARRITO_API_KEY environment variable.', {
+    // --- create_category ---
+    server.tool('create_category', 'Create a new category in your Karrito store. Requires KARRITO_API_KEY.', {
         name: z.string().min(1).max(100).describe('Category name'),
         position: z.number().int().min(0).optional().describe('Sort order (lower = first)'),
     }, async ({ name, position }) => {
-        if (!client.hasApiKey) {
-            return {
-                content: [
-                    {
-                        type: 'text',
-                        text: 'Authentication required. Set the KARRITO_API_KEY environment variable with your Karrito API key. You can generate one at https://karrito.shop/settings/api',
-                    },
-                ],
-                isError: true,
-            };
-        }
+        const guard = requireAuth(client);
+        if (guard)
+            return guard;
         try {
             const categoryData = { name };
             if (position !== undefined)
                 categoryData.position = position;
             const data = await client.createCategory(categoryData);
-            return {
-                content: [
-                    {
-                        type: 'text',
-                        text: JSON.stringify(data, null, 2),
-                    },
-                ],
-            };
+            return { content: [{ type: 'text', text: JSON.stringify(data, null, 2) }] };
         }
         catch (error) {
             const message = error instanceof Error ? error.message : 'Unknown error';
-            return {
-                content: [{ type: 'text', text: `Error creating category: ${message}` }],
-                isError: true,
-            };
+            return { content: [{ type: 'text', text: `Error creating category: ${message}` }], isError: true };
         }
     });
-    // --- update_category (auth required) ---
-    server.tool('update_category', 'Update an existing category in your Karrito store. Requires KARRITO_API_KEY environment variable.', {
+    // --- update_category ---
+    server.tool('update_category', 'Update an existing category in your Karrito store. Requires KARRITO_API_KEY.', {
         id: z.string().describe('Category ID to update'),
         name: z.string().min(1).max(100).optional().describe('New category name'),
         position: z.number().int().min(0).optional().describe('New sort order (lower = first)'),
         isActive: z.boolean().optional().describe('Whether the category is active'),
     }, async ({ id, ...updates }) => {
-        if (!client.hasApiKey) {
-            return {
-                content: [
-                    {
-                        type: 'text',
-                        text: 'Authentication required. Set the KARRITO_API_KEY environment variable with your Karrito API key. You can generate one at https://karrito.shop/settings/api',
-                    },
-                ],
-                isError: true,
-            };
-        }
+        const guard = requireAuth(client);
+        if (guard)
+            return guard;
         try {
             const updateData = {};
             for (const [key, value] of Object.entries(updates)) {
@@ -104,55 +61,27 @@ export function register(server, client) {
                 };
             }
             const data = await client.updateCategory(id, updateData);
-            return {
-                content: [
-                    {
-                        type: 'text',
-                        text: JSON.stringify(data, null, 2),
-                    },
-                ],
-            };
+            return { content: [{ type: 'text', text: JSON.stringify(data, null, 2) }] };
         }
         catch (error) {
             const message = error instanceof Error ? error.message : 'Unknown error';
-            return {
-                content: [{ type: 'text', text: `Error updating category: ${message}` }],
-                isError: true,
-            };
+            return { content: [{ type: 'text', text: `Error updating category: ${message}` }], isError: true };
         }
     });
-    // --- delete_category (auth required) ---
-    server.tool('delete_category', 'Delete a category from your Karrito store. Products in this category will become uncategorized. Requires KARRITO_API_KEY environment variable.', {
+    // --- delete_category ---
+    server.tool('delete_category', 'Delete a category from your Karrito store. Products in this category will become uncategorized. Requires KARRITO_API_KEY.', {
         id: z.string().describe('Category ID to delete'),
     }, async ({ id }) => {
-        if (!client.hasApiKey) {
-            return {
-                content: [
-                    {
-                        type: 'text',
-                        text: 'Authentication required. Set the KARRITO_API_KEY environment variable with your Karrito API key. You can generate one at https://karrito.shop/settings/api',
-                    },
-                ],
-                isError: true,
-            };
-        }
+        const guard = requireAuth(client);
+        if (guard)
+            return guard;
         try {
             const data = await client.deleteCategory(id);
-            return {
-                content: [
-                    {
-                        type: 'text',
-                        text: JSON.stringify(data, null, 2),
-                    },
-                ],
-            };
+            return { content: [{ type: 'text', text: JSON.stringify(data, null, 2) }] };
         }
         catch (error) {
             const message = error instanceof Error ? error.message : 'Unknown error';
-            return {
-                content: [{ type: 'text', text: `Error deleting category: ${message}` }],
-                isError: true,
-            };
+            return { content: [{ type: 'text', text: `Error deleting category: ${message}` }], isError: true };
         }
     });
 }

package/dist/tools/customers.js

@@ -1,65 +1,37 @@
 import { z } from 'zod';
-function authError() {
-    return {
-        content: [
-            {
-                type: 'text',
-                text: 'Authentication required. Set the KARRITO_API_KEY environment variable with your Karrito API key. You can generate one at https://karrito.shop/settings/api',
-            },
-        ],
-        isError: true,
-    };
-}
+import { requireAuth } from '../lib/auth-guard.js';
 export function register(server, client) {
-    // --- list_customers (auth required) ---
-    server.tool('list_customers', 'List customers who have placed orders in your Karrito store. Requires KARRITO_API_KEY environment variable.', {
+    // --- list_customers ---
+    server.tool('list_customers', 'List customers who have placed orders in your Karrito store. Requires KARRITO_API_KEY.', {
         limit: z.number().min(1).max(100).default(50).describe('Max customers to return (1-100)'),
         offset: z.number().min(0).default(0).describe('Pagination offset'),
     }, async ({ limit, offset }) => {
-        if (!client.hasApiKey)
-            return authError();
+        const guard = requireAuth(client);
+        if (guard)
+            return guard;
         try {
             const data = await client.listCustomers(limit, offset);
-            return {
-                content: [
-                    {
-                        type: 'text',
-                        text: JSON.stringify(data, null, 2),
-                    },
-                ],
-            };
+            return { content: [{ type: 'text', text: JSON.stringify(data, null, 2) }] };
         }
         catch (error) {
             const message = error instanceof Error ? error.message : 'Unknown error';
-            return {
-                content: [{ type: 'text', text: `Error listing customers: ${message}` }],
-                isError: true,
-            };
+            return { content: [{ type: 'text', text: `Error listing customers: ${message}` }], isError: true };
         }
     });
-    // --- get_customer (auth required) ---
-    server.tool('get_customer', 'Get detailed information about a specific customer including their order history. Requires KARRITO_API_KEY environment variable.', {
+    // --- get_customer ---
+    server.tool('get_customer', 'Get detailed information about a specific customer including their order history. Requires KARRITO_API_KEY.', {
         id: z.string().describe('Customer ID to retrieve'),
     }, async ({ id }) => {
-        if (!client.hasApiKey)
-            return authError();
+        const guard = requireAuth(client);
+        if (guard)
+            return guard;
         try {
             const data = await client.getCustomer(id);
-            return {
-                content: [
-                    {
-                        type: 'text',
-                        text: JSON.stringify(data, null, 2),
-                    },
-                ],
-            };
+            return { content: [{ type: 'text', text: JSON.stringify(data, null, 2) }] };
         }
         catch (error) {
             const message = error instanceof Error ? error.message : 'Unknown error';
-            return {
-                content: [{ type: 'text', text: `Error getting customer: ${message}` }],
-                isError: true,
-            };
+            return { content: [{ type: 'text', text: `Error getting customer: ${message}` }], isError: true };
         }
     });
 }