pulsemcp-cms-admin-mcp-server 0.9.17 → 0.9.26

package/node_modules/@pulsemcp/mcp-elicitation/build/config.js

@@ -0,0 +1,41 @@
+const DEFAULT_TTL_MS = 5 * 60 * 1000; // 5 minutes
+const DEFAULT_POLL_INTERVAL_MS = 5 * 1000; // 5 seconds
+const MIN_POLL_INTERVAL_MS = 1000; // 1 second minimum to prevent tight loops
+/**
+ * Parses a positive integer from a string, returning the default if invalid.
+ */
+function parsePositiveInt(value, defaultValue) {
+    if (!value)
+        return defaultValue;
+    const parsed = parseInt(value, 10);
+    return Number.isNaN(parsed) || parsed < 0 ? defaultValue : parsed;
+}
+/**
+ * Reads elicitation configuration from environment variables.
+ *
+ * Environment variables:
+ *   ELICITATION_ENABLED              - "true" (default) or "false"
+ *   ELICITATION_REQUEST_URL          - POST endpoint for HTTP fallback
+ *   ELICITATION_POLL_URL             - GET endpoint for HTTP fallback polling
+ *   ELICITATION_TTL_MS               - Request TTL in milliseconds (default: 300000)
+ *   ELICITATION_POLL_INTERVAL_MS     - Poll interval in milliseconds (default: 5000, min: 1000)
+ *   ELICITATION_SESSION_ID           - Session identifier for HTTP fallback `_meta`
+ *   ELICITATION_PREFER_HTTP_FALLBACK - "true" forces HTTP fallback over native elicitation
+ *                                      when both are available. Default: "false".
+ */
+export function readElicitationConfig(env = process.env) {
+    const enabledRaw = env.ELICITATION_ENABLED;
+    const enabled = enabledRaw === undefined ? true : enabledRaw.toLowerCase() !== 'false';
+    const preferHttpFallbackRaw = env.ELICITATION_PREFER_HTTP_FALLBACK;
+    const preferHttpFallback = preferHttpFallbackRaw !== undefined && preferHttpFallbackRaw.toLowerCase() === 'true';
+    const pollIntervalMs = Math.max(MIN_POLL_INTERVAL_MS, parsePositiveInt(env.ELICITATION_POLL_INTERVAL_MS, DEFAULT_POLL_INTERVAL_MS));
+    return {
+        enabled,
+        requestUrl: env.ELICITATION_REQUEST_URL,
+        pollUrl: env.ELICITATION_POLL_URL,
+        ttlMs: parsePositiveInt(env.ELICITATION_TTL_MS, DEFAULT_TTL_MS),
+        pollIntervalMs,
+        sessionId: env.ELICITATION_SESSION_ID,
+        preferHttpFallback,
+    };
+}

package/node_modules/@pulsemcp/mcp-elicitation/build/elicitation.d.ts

@@ -0,0 +1,24 @@
+import type { ElicitationConfig, ElicitationRequestedSchema, ElicitationResult, RequestConfirmationOptions } from './types.js';
+/**
+ * Requests user confirmation through the best available mechanism.
+ *
+ * Decision tree (default):
+ * 1. If elicitation is disabled (`ELICITATION_ENABLED=false`), returns `accept` immediately.
+ * 2. If the client supports native elicitation, uses `server.elicitInput()`.
+ * 3. If HTTP fallback URLs are configured, posts to the external endpoint and polls.
+ * 4. Otherwise, throws an error indicating no elicitation mechanism is available.
+ *
+ * When `cfg.preferHttpFallback` is true (set via `ELICITATION_PREFER_HTTP_FALLBACK=true`)
+ * AND both fallback URLs are configured, tier 3 runs before tier 2. This is intended for
+ * headless agent runtimes that falsely advertise elicitation capability but cannot actually
+ * surface the prompt to a user.
+ *
+ * @param options - Configuration for the confirmation request.
+ * @param config - Elicitation config (defaults to reading from env vars).
+ * @returns The user's response.
+ */
+export declare function requestConfirmation(options: RequestConfirmationOptions, config?: ElicitationConfig): Promise<ElicitationResult>;
+/**
+ * Creates a simple boolean confirmation schema for common "are you sure?" prompts.
+ */
+export declare function createConfirmationSchema(title?: string, description?: string): ElicitationRequestedSchema;

package/node_modules/@pulsemcp/mcp-elicitation/build/elicitation.js

@@ -0,0 +1,175 @@
+import { randomUUID } from 'node:crypto';
+import { readElicitationConfig } from './config.js';
+/**
+ * The set of action values recognized by the elicitation protocol.
+ * Includes 'pending' for completeness, though it is filtered before
+ * reaching the validation check in pollElicitationStatus.
+ */
+const VALID_ELICITATION_ACTIONS = new Set(['pending', 'accept', 'decline', 'cancel', 'expired']);
+/**
+ * Checks whether the connected client supports native form elicitation.
+ */
+function clientSupportsElicitation(server) {
+    const caps = server.getClientCapabilities();
+    if (!caps?.elicitation) {
+        return false;
+    }
+    // If elicitation is declared at all (even empty {}), form mode is supported
+    // per the MCP spec's backward compatibility rules.
+    return true;
+}
+/**
+ * Attempts native elicitation via the MCP SDK's `server.elicitInput()`.
+ */
+async function nativeElicit(server, message, requestedSchema) {
+    const params = {
+        mode: 'form',
+        message,
+        requestedSchema,
+    };
+    const result = await server.elicitInput(params);
+    // Fail-safe: validate the action even from native elicitation.
+    // The TypeScript type says 'accept' | 'decline' | 'cancel', but at runtime
+    // the MCP client could return any string over the wire.
+    if (!VALID_ELICITATION_ACTIONS.has(result.action)) {
+        console.warn(`[elicitation] Unrecognized native elicitation action "${result.action}". ` +
+            `Treating as "decline" (fail-safe).`);
+        return { action: 'decline' };
+    }
+    return {
+        action: result.action,
+        content: result.content ?? undefined,
+    };
+}
+/**
+ * Posts an elicitation request to the HTTP fallback endpoint.
+ */
+async function postElicitationRequest(config, message, requestedSchema, meta) {
+    const response = await fetch(config.requestUrl, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+            mode: 'form',
+            message,
+            requestedSchema,
+            _meta: meta,
+        }),
+    });
+    if (!response.ok) {
+        const body = await response.text().catch(() => '');
+        throw new Error(`Elicitation POST failed: ${response.status} ${response.statusText}${body ? ` - ${body}` : ''}`);
+    }
+    const data = (await response.json());
+    return data;
+}
+/**
+ * Polls the HTTP fallback endpoint until the request is resolved or expires.
+ */
+async function pollElicitationStatus(config, requestId, expiresAt) {
+    const pollUrl = config.pollUrl.endsWith('/')
+        ? `${config.pollUrl}${requestId}`
+        : `${config.pollUrl}/${requestId}`;
+    while (Date.now() < expiresAt) {
+        const response = await fetch(pollUrl, {
+            method: 'GET',
+            headers: { 'Content-Type': 'application/json' },
+        });
+        if (!response.ok) {
+            const body = await response.text().catch(() => '');
+            throw new Error(`Elicitation poll failed: ${response.status} ${response.statusText}${body ? ` - ${body}` : ''}`);
+        }
+        const data = (await response.json());
+        if (data.action !== 'pending') {
+            // Fail-safe: only allow recognized action values through.
+            // Unrecognized actions are treated as 'decline' to prevent
+            // unintended execution of protected operations.
+            if (!VALID_ELICITATION_ACTIONS.has(data.action)) {
+                console.warn(`[elicitation] Unrecognized poll action "${data.action}" for request ${requestId}. ` +
+                    `Treating as "decline" (fail-safe).`);
+                return { action: 'decline' };
+            }
+            return {
+                action: data.action,
+                content: data.content ?? undefined,
+            };
+        }
+        // Wait before polling again
+        await new Promise((resolve) => setTimeout(resolve, config.pollIntervalMs));
+    }
+    return { action: 'expired' };
+}
+/**
+ * Runs the HTTP fallback flow: POST a request, then poll until resolved or expired.
+ */
+async function httpFallbackElicit(cfg, options) {
+    const clientRequestId = randomUUID();
+    const expiresAt = Date.now() + cfg.ttlMs;
+    const meta = {
+        'com.pulsemcp/request-id': clientRequestId,
+        'com.pulsemcp/expires-at': new Date(expiresAt).toISOString(),
+        ...(cfg.sessionId && { 'com.pulsemcp/session-id': cfg.sessionId }),
+        ...options.meta,
+    };
+    const postResponse = await postElicitationRequest(cfg, options.message, options.requestedSchema, meta);
+    // Use the server-provided requestId if available, otherwise fall back to the client-generated one
+    const requestId = postResponse.requestId || clientRequestId;
+    return pollElicitationStatus(cfg, requestId, expiresAt);
+}
+/**
+ * Requests user confirmation through the best available mechanism.
+ *
+ * Decision tree (default):
+ * 1. If elicitation is disabled (`ELICITATION_ENABLED=false`), returns `accept` immediately.
+ * 2. If the client supports native elicitation, uses `server.elicitInput()`.
+ * 3. If HTTP fallback URLs are configured, posts to the external endpoint and polls.
+ * 4. Otherwise, throws an error indicating no elicitation mechanism is available.
+ *
+ * When `cfg.preferHttpFallback` is true (set via `ELICITATION_PREFER_HTTP_FALLBACK=true`)
+ * AND both fallback URLs are configured, tier 3 runs before tier 2. This is intended for
+ * headless agent runtimes that falsely advertise elicitation capability but cannot actually
+ * surface the prompt to a user.
+ *
+ * @param options - Configuration for the confirmation request.
+ * @param config - Elicitation config (defaults to reading from env vars).
+ * @returns The user's response.
+ */
+export async function requestConfirmation(options, config) {
+    const cfg = config ?? readElicitationConfig();
+    // Tier 1: Disabled — skip confirmation entirely
+    if (!cfg.enabled) {
+        return { action: 'accept' };
+    }
+    const httpFallbackAvailable = Boolean(cfg.requestUrl && cfg.pollUrl);
+    // Opt-in: prefer HTTP fallback over native elicitation when both are available.
+    if (cfg.preferHttpFallback && httpFallbackAvailable) {
+        return httpFallbackElicit(cfg, options);
+    }
+    // Tier 2: Native elicitation
+    if (clientSupportsElicitation(options.server)) {
+        return nativeElicit(options.server, options.message, options.requestedSchema);
+    }
+    // Tier 3: HTTP fallback
+    if (httpFallbackAvailable) {
+        return httpFallbackElicit(cfg, options);
+    }
+    // Tier 4: No mechanism available
+    throw new Error('Elicitation is enabled but no mechanism is available. ' +
+        'Either the client must support native elicitation, or ' +
+        'ELICITATION_REQUEST_URL and ELICITATION_POLL_URL must be configured for HTTP fallback.');
+}
+/**
+ * Creates a simple boolean confirmation schema for common "are you sure?" prompts.
+ */
+export function createConfirmationSchema(title = 'Confirm', description) {
+    return {
+        type: 'object',
+        properties: {
+            confirm: {
+                type: 'boolean',
+                title,
+                ...(description ? { description } : {}),
+            },
+        },
+        required: ['confirm'],
+    };
+}

package/node_modules/@pulsemcp/mcp-elicitation/build/index.d.ts

@@ -0,0 +1,3 @@
+export { requestConfirmation, createConfirmationSchema } from './elicitation.js';
+export { readElicitationConfig } from './config.js';
+export type { ElicitationConfig, ElicitationFieldSchema, ElicitationMeta, ElicitationPollResponse, ElicitationPostResponse, ElicitationRequestedSchema, ElicitationResult, MCPServerLike, RequestConfirmationOptions, } from './types.js';

package/node_modules/@pulsemcp/mcp-elicitation/build/index.js

@@ -0,0 +1,2 @@
+export { requestConfirmation, createConfirmationSchema } from './elicitation.js';
+export { readElicitationConfig } from './config.js';

package/node_modules/@pulsemcp/mcp-elicitation/build/types.d.ts

@@ -0,0 +1,114 @@
+/**
+ * Minimal interface for the MCP server, avoiding direct dependency on
+ * @modelcontextprotocol/sdk Server type to prevent cross-package type
+ * mismatches in monorepo setups with multiple SDK installations.
+ */
+export interface MCPServerLike {
+    getClientCapabilities(): {
+        elicitation?: unknown;
+    } | undefined;
+    elicitInput(params: unknown): Promise<{
+        action: 'accept' | 'decline' | 'cancel';
+        content?: Record<string, string | number | boolean | string[]>;
+    }>;
+}
+/**
+ * Vendor metadata for PulseMCP elicitation requests.
+ * Uses reverse-DNS prefix `com.pulsemcp/` per MCP spec conventions.
+ */
+export interface ElicitationMeta {
+    'com.pulsemcp/request-id'?: string;
+    'com.pulsemcp/tool-name'?: string;
+    'com.pulsemcp/context'?: string;
+    'com.pulsemcp/session-id'?: string;
+    'com.pulsemcp/expires-at'?: string;
+}
+/**
+ * Schema for a single field in a form elicitation request.
+ * Maps to PrimitiveSchemaDefinition in the MCP spec.
+ */
+export interface ElicitationFieldSchema {
+    type: 'string' | 'number' | 'integer' | 'boolean';
+    title?: string;
+    description?: string;
+    default?: string | number | boolean;
+    minLength?: number;
+    maxLength?: number;
+    format?: 'email' | 'uri' | 'date' | 'date-time';
+    enum?: string[];
+    minimum?: number;
+    maximum?: number;
+}
+/**
+ * Schema for the form presented to users during elicitation.
+ */
+export interface ElicitationRequestedSchema {
+    type: 'object';
+    properties: Record<string, ElicitationFieldSchema>;
+    required?: string[];
+}
+/**
+ * Configuration for the elicitation system.
+ * Read from environment variables at initialization.
+ */
+export interface ElicitationConfig {
+    /** Whether elicitation is enabled at all. Default: true (reads from ELICITATION_ENABLED env var). */
+    enabled: boolean;
+    /** POST endpoint for creating approval requests (HTTP fallback). */
+    requestUrl?: string;
+    /** Base URL for polling approval status (HTTP fallback). */
+    pollUrl?: string;
+    /** TTL for elicitation requests in milliseconds. Default: 5 minutes. */
+    ttlMs: number;
+    /** Poll interval in milliseconds. Default: 5 seconds. */
+    pollIntervalMs: number;
+    /** Session identifier included as `com.pulsemcp/session-id` in `_meta` of HTTP fallback requests. */
+    sessionId?: string;
+    /**
+     * When true, prefer HTTP fallback (Tier 3) over native elicitation (Tier 2)
+     * when both are available. Default: false.
+     *
+     * Useful for headless agent runtimes (e.g., Claude Code under Agent Orchestrator)
+     * that advertise the `elicitation` client capability but have no real interactive
+     * user — native `elicitInput()` calls auto-cancel without ever surfacing a prompt.
+     * Forcing the HTTP fallback routes the request to an external approval UI instead.
+     */
+    preferHttpFallback?: boolean;
+}
+/**
+ * The result of an elicitation request.
+ */
+export interface ElicitationResult {
+    action: 'accept' | 'decline' | 'cancel' | 'expired';
+    content?: Record<string, string | number | boolean | string[]>;
+}
+/**
+ * HTTP fallback response from the polling endpoint.
+ */
+export interface ElicitationPollResponse {
+    action: 'pending' | 'accept' | 'decline' | 'cancel' | 'expired';
+    content?: Record<string, string | number | boolean | string[]> | null;
+    _meta?: {
+        'com.pulsemcp/request-id'?: string;
+        'com.pulsemcp/responded-at'?: string | null;
+    };
+}
+/**
+ * HTTP fallback response from the POST request endpoint.
+ */
+export interface ElicitationPostResponse {
+    requestId: string;
+}
+/**
+ * Options passed to the requestConfirmation function.
+ */
+export interface RequestConfirmationOptions {
+    /** The MCP server instance (needed for native elicitation). */
+    server: MCPServerLike;
+    /** Human-readable message explaining what needs confirmation. */
+    message: string;
+    /** Schema for the form fields to present. */
+    requestedSchema: ElicitationRequestedSchema;
+    /** Optional vendor metadata. */
+    meta?: ElicitationMeta;
+}

package/node_modules/@pulsemcp/mcp-elicitation/build/types.js

@@ -0,0 +1 @@
+export {};

package/node_modules/@pulsemcp/mcp-elicitation/package.json

@@ -0,0 +1,28 @@
+{
+  "name": "@pulsemcp/mcp-elicitation",
+  "version": "1.1.0",
+  "description": "Elicitation support library for PulseMCP MCP servers - provides native elicitation with HTTP fallback",
+  "type": "module",
+  "main": "build/index.js",
+  "types": "build/index.d.ts",
+  "scripts": {
+    "build": "tsc",
+    "test": "vitest run",
+    "lint": "eslint . --ext .ts,.tsx",
+    "lint:fix": "eslint . --ext .ts,.tsx --fix",
+    "format": "prettier --write .",
+    "format:check": "prettier --check ."
+  },
+  "keywords": [
+    "mcp",
+    "elicitation",
+    "pulsemcp"
+  ],
+  "author": "PulseMCP",
+  "license": "MIT",
+  "devDependencies": {
+    "@types/node": "^24.10.12",
+    "typescript": "^5.7.3",
+    "vitest": "^3.2.3"
+  }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pulsemcp-cms-admin-mcp-server",
-  "version": "0.9.17",
+  "version": "0.9.26",
   "description": "Local implementation of PulseMCP CMS Admin MCP server",
   "mcpName": "com.pulsemcp.servers/pulsemcp-cms-admin",
   "main": "build/index.js",
@@ -13,8 +13,13 @@
     "build/**/*.d.ts",
     "shared/**/*.js",
     "shared/**/*.d.ts",
+    "node_modules/@pulsemcp/mcp-elicitation/**/*.js",
+    "node_modules/@pulsemcp/mcp-elicitation/package.json",
     "README.md"
   ],
+  "bundledDependencies": [
+    "@pulsemcp/mcp-elicitation"
+  ],
   "scripts": {
     "build": "tsc && npm run build:integration",
     "build:integration": "tsc -p tsconfig.integration.json",
@@ -31,6 +36,7 @@
   },
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.29.0",
+    "@pulsemcp/mcp-elicitation": "file:../../../libs/elicitation",
     "zod": "^3.24.1"
   },
   "devDependencies": {

package/shared/elicitation-config.d.ts

@@ -0,0 +1,61 @@
+import { type ElicitationConfig } from '@pulsemcp/mcp-elicitation';
+/**
+ * pulsemcp-cms-admin elicitation configuration.
+ *
+ * Layers:
+ * 1. Base elicitation config from @pulsemcp/mcp-elicitation
+ * 2. DANGEROUSLY_SKIP_ELICITATIONS override (must be explicitly "true" to bypass all elicitation)
+ * 3. Per-action override: PULSEMCP_CMS_ADMIN_ELICITATION_DESTRUCTIVE
+ *
+ * Destructive elicitation gates the `tenants_destructive` tool group only
+ * (delete_tenant, delete_api_key). All other write tools in the server are
+ * not gated by elicitation.
+ */
+export interface CmsAdminElicitationConfig {
+    /** Base elicitation config from the shared library */
+    base: ElicitationConfig;
+    /** Whether to elicit confirmation for destructive operations (delete_tenant, delete_api_key) */
+    destructiveElicitationEnabled: boolean;
+}
+/**
+ * Check whether DANGEROUSLY_SKIP_ELICITATIONS is explicitly set to "true".
+ */
+export declare function isDangerouslySkipElicitations(env?: Record<string, string | undefined>): boolean;
+/**
+ * Check whether HTTP fallback elicitation URLs are configured.
+ */
+export declare function hasHttpElicitationFallback(env?: Record<string, string | undefined>): boolean;
+/**
+ * Read the full pulsemcp-cms-admin elicitation configuration from environment variables.
+ *
+ * Environment variables:
+ *   DANGEROUSLY_SKIP_ELICITATIONS                 - Must be explicitly "true" to bypass all elicitation.
+ *   PULSEMCP_CMS_ADMIN_ELICITATION_DESTRUCTIVE    - Override for destructive operations (default: follows base enabled state)
+ *
+ * Plus all standard elicitation env vars (ELICITATION_REQUEST_URL, etc.)
+ */
+export declare function readCmsAdminElicitationConfig(env?: Record<string, string | undefined>): CmsAdminElicitationConfig;
+/**
+ * Result of the elicitation safety check.
+ */
+export type ElicitationSafetyResult = {
+    safe: true;
+    reason: 'dangerously_skip' | 'http_fallback';
+} | {
+    safe: false;
+    reason: 'no_elicitation_configured';
+};
+/**
+ * Check whether the elicitation configuration is safe to start the server when
+ * destructive tools are enabled.
+ *
+ * The server is "safe" if either:
+ * - DANGEROUSLY_SKIP_ELICITATIONS=true is explicitly set (operator opted out), or
+ * - HTTP fallback URLs are configured (so elicitation will be reachable).
+ *
+ * Native MCP elicitation support cannot be detected at startup (it requires an
+ * active client connection), so callers relying solely on native elicitation
+ * should also configure HTTP fallback URLs.
+ */
+export declare function checkElicitationSafety(env?: Record<string, string | undefined>): ElicitationSafetyResult;
+//# sourceMappingURL=elicitation-config.d.ts.map

package/shared/elicitation-config.js

@@ -0,0 +1,69 @@
+import { readElicitationConfig } from '@pulsemcp/mcp-elicitation';
+/**
+ * Parse a boolean environment variable with a default.
+ * Accepts "true"/"false" (case-insensitive). Unset = default.
+ */
+function parseBooleanEnv(value, defaultValue) {
+    if (value === undefined)
+        return defaultValue;
+    return value.toLowerCase() !== 'false';
+}
+/**
+ * Check whether DANGEROUSLY_SKIP_ELICITATIONS is explicitly set to "true".
+ */
+export function isDangerouslySkipElicitations(env = process.env) {
+    return env.DANGEROUSLY_SKIP_ELICITATIONS?.toLowerCase() === 'true';
+}
+/**
+ * Check whether HTTP fallback elicitation URLs are configured.
+ */
+export function hasHttpElicitationFallback(env = process.env) {
+    return !!(env.ELICITATION_REQUEST_URL?.trim() && env.ELICITATION_POLL_URL?.trim());
+}
+/**
+ * Read the full pulsemcp-cms-admin elicitation configuration from environment variables.
+ *
+ * Environment variables:
+ *   DANGEROUSLY_SKIP_ELICITATIONS                 - Must be explicitly "true" to bypass all elicitation.
+ *   PULSEMCP_CMS_ADMIN_ELICITATION_DESTRUCTIVE    - Override for destructive operations (default: follows base enabled state)
+ *
+ * Plus all standard elicitation env vars (ELICITATION_REQUEST_URL, etc.)
+ */
+export function readCmsAdminElicitationConfig(env = process.env) {
+    // Map DANGEROUSLY_SKIP_ELICITATIONS to the base library's enabled flag.
+    // The cms-admin server does not use ELICITATION_ENABLED — the only way to disable
+    // destructive elicitation is via DANGEROUSLY_SKIP_ELICITATIONS=true.
+    const dangerouslySkip = isDangerouslySkipElicitations(env);
+    const base = readElicitationConfig({
+        ...env,
+        ELICITATION_ENABLED: dangerouslySkip ? 'false' : 'true',
+    });
+    const destructiveElicitationEnabled = base.enabled
+        ? parseBooleanEnv(env.PULSEMCP_CMS_ADMIN_ELICITATION_DESTRUCTIVE, true)
+        : false;
+    return {
+        base,
+        destructiveElicitationEnabled,
+    };
+}
+/**
+ * Check whether the elicitation configuration is safe to start the server when
+ * destructive tools are enabled.
+ *
+ * The server is "safe" if either:
+ * - DANGEROUSLY_SKIP_ELICITATIONS=true is explicitly set (operator opted out), or
+ * - HTTP fallback URLs are configured (so elicitation will be reachable).
+ *
+ * Native MCP elicitation support cannot be detected at startup (it requires an
+ * active client connection), so callers relying solely on native elicitation
+ * should also configure HTTP fallback URLs.
+ */
+export function checkElicitationSafety(env = process.env) {
+    if (isDangerouslySkipElicitations(env)) {
+        return { safe: true, reason: 'dangerously_skip' };
+    }
+    if (hasHttpElicitationFallback(env)) {
+        return { safe: true, reason: 'http_fallback' };
+    }
+    return { safe: false, reason: 'no_elicitation_configured' };
+}

package/shared/pulsemcp-admin-client/lib/bulk-update-tenant-servers.d.ts

@@ -0,0 +1,3 @@
+import type { BulkUpdateTenantServersParams, BulkUpdateTenantServersResponse } from '../../types.js';
+export declare function bulkUpdateTenantServers(apiKey: string, baseUrl: string, idOrSlug: number | string, params: BulkUpdateTenantServersParams): Promise<BulkUpdateTenantServersResponse>;
+//# sourceMappingURL=bulk-update-tenant-servers.d.ts.map

package/shared/pulsemcp-admin-client/lib/bulk-update-tenant-servers.js

@@ -0,0 +1,41 @@
+import { adminFetch } from './admin-fetch.js';
+export async function bulkUpdateTenantServers(apiKey, baseUrl, idOrSlug, params) {
+    const url = new URL(`/api/tenants/${idOrSlug}/servers/bulk_update`, baseUrl);
+    const body = {};
+    if (params.add_server_identifiers && params.add_server_identifiers.length > 0) {
+        body.add_server_identifiers = params.add_server_identifiers;
+    }
+    if (params.remove_server_identifiers && params.remove_server_identifiers.length > 0) {
+        body.remove_server_identifiers = params.remove_server_identifiers;
+    }
+    if (params.restore_association_ids && params.restore_association_ids.length > 0) {
+        body.restore_association_ids = params.restore_association_ids;
+    }
+    const response = await adminFetch(url.toString(), {
+        method: 'POST',
+        headers: {
+            'X-API-Key': apiKey,
+            'Content-Type': 'application/json',
+            Accept: 'application/json',
+        },
+        body: JSON.stringify(body),
+    });
+    if (!response.ok) {
+        if (response.status === 401) {
+            throw new Error('Invalid API key');
+        }
+        if (response.status === 403) {
+            throw new Error('User lacks write privileges');
+        }
+        if (response.status === 404) {
+            throw new Error(`Tenant with ID/slug ${idOrSlug} not found`);
+        }
+        if (response.status === 422) {
+            const errorData = (await response.json());
+            const detail = errorData.message || errorData.error_code || 'Unknown error';
+            throw new Error(`Bulk update failed: ${detail}`);
+        }
+        throw new Error(`Failed to bulk-update tenant servers: ${response.status} ${response.statusText}`);
+    }
+    return (await response.json());
+}

package/shared/pulsemcp-admin-client/lib/create-mcp-implementation.js

@@ -88,6 +88,13 @@ export async function createMCPImplementation(apiKey, baseUrl, params) {
     if (params.internal_notes !== undefined) {
         formData.append('mcp_implementation[internal_notes]', params.internal_notes);
     }
+    // Owner tenant linking. Slug wins over id on the Rails side when both are sent.
+    if (params.owner_tenant_slug !== undefined) {
+        formData.append('mcp_implementation[owner_tenant_slug]', params.owner_tenant_slug === null ? '' : params.owner_tenant_slug);
+    }
+    if (params.owner_tenant_id !== undefined) {
+        formData.append('mcp_implementation[owner_tenant_id]', params.owner_tenant_id === null ? '' : params.owner_tenant_id.toString());
+    }
     // Remote endpoints
     // Rails expects nested attributes to use the _attributes suffix for has_many associations
     if (params.remote !== undefined) {

package/shared/pulsemcp-admin-client/lib/delete-api-key.d.ts

@@ -0,0 +1,3 @@
+import type { DeleteApiKeyResponse } from '../../types.js';
+export declare function deleteApiKey(apiKey: string, baseUrl: string, id: number): Promise<DeleteApiKeyResponse>;
+//# sourceMappingURL=delete-api-key.d.ts.map

package/shared/pulsemcp-admin-client/lib/delete-api-key.js

@@ -0,0 +1,25 @@
+import { adminFetch } from './admin-fetch.js';
+export async function deleteApiKey(apiKey, baseUrl, id) {
+    const url = new URL(`/api/api_keys/${id}`, baseUrl);
+    const response = await adminFetch(url.toString(), {
+        method: 'DELETE',
+        headers: {
+            'X-API-Key': apiKey,
+            Accept: 'application/json',
+        },
+    });
+    if (!response.ok) {
+        if (response.status === 401) {
+            throw new Error('Invalid API key');
+        }
+        if (response.status === 403) {
+            throw new Error('User lacks write privileges');
+        }
+        if (response.status === 422) {
+            const errorData = (await response.json().catch(() => ({})));
+            throw new Error(`Cannot delete API key: ${errorData.errors?.join(', ') || 'validation failed'}`);
+        }
+        throw new Error(`Failed to delete API key: ${response.status} ${response.statusText}`);
+    }
+    return (await response.json());
+}

package/shared/pulsemcp-admin-client/lib/delete-tenant.d.ts

@@ -0,0 +1,3 @@
+import type { DeleteTenantParams, DeleteTenantResponse } from '../../types.js';
+export declare function deleteTenant(apiKey: string, baseUrl: string, params: DeleteTenantParams): Promise<DeleteTenantResponse>;
+//# sourceMappingURL=delete-tenant.d.ts.map