zitadel-mcp-server 1.0.0

package/build/tools/index.js

@@ -0,0 +1,44 @@
+/**
+ * Tool registry — aggregates all tools and handlers
+ * Portal tools conditionally included based on config
+ */
+import { USER_TOOLS, USER_HANDLERS } from './users.js';
+import { PROJECT_TOOLS, PROJECT_HANDLERS } from './projects.js';
+import { APPLICATION_TOOLS, APPLICATION_HANDLERS } from './applications.js';
+import { ROLE_TOOLS, ROLE_HANDLERS } from './roles.js';
+import { SERVICE_ACCOUNT_TOOLS, SERVICE_ACCOUNT_HANDLERS } from './service-accounts.js';
+import { ORG_TOOLS, ORG_HANDLERS } from './organizations.js';
+import { UTILITY_TOOLS, UTILITY_HANDLERS } from './utility.js';
+import { PORTAL_TOOLS, PORTAL_HANDLERS } from './portal.js';
+import { isPortalEnabled } from '../utils/config.js';
+export function getTools(config) {
+    const tools = [
+        ...USER_TOOLS,
+        ...PROJECT_TOOLS,
+        ...APPLICATION_TOOLS,
+        ...ROLE_TOOLS,
+        ...SERVICE_ACCOUNT_TOOLS,
+        ...ORG_TOOLS,
+        ...UTILITY_TOOLS,
+    ];
+    if (isPortalEnabled(config)) {
+        tools.push(...PORTAL_TOOLS);
+    }
+    return tools;
+}
+export function getHandlers(config) {
+    const handlers = {
+        ...USER_HANDLERS,
+        ...PROJECT_HANDLERS,
+        ...APPLICATION_HANDLERS,
+        ...ROLE_HANDLERS,
+        ...SERVICE_ACCOUNT_HANDLERS,
+        ...ORG_HANDLERS,
+        ...UTILITY_HANDLERS,
+    };
+    if (isPortalEnabled(config)) {
+        Object.assign(handlers, PORTAL_HANDLERS);
+    }
+    return handlers;
+}
+//# sourceMappingURL=index.js.map

package/build/tools/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/tools/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAChE,OAAO,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AAC5E,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AACvD,OAAO,EAAE,qBAAqB,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AACxF,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAG5D,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAErD,MAAM,UAAU,QAAQ,CAAC,MAAqB;IAC5C,MAAM,KAAK,GAAqB;QAC9B,GAAG,UAAU;QACb,GAAG,aAAa;QAChB,GAAG,iBAAiB;QACpB,GAAG,UAAU;QACb,GAAG,qBAAqB;QACxB,GAAG,SAAS;QACZ,GAAG,aAAa;KACjB,CAAC;IAEF,IAAI,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5B,KAAK,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;IAC9B,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAqB;IAC/C,MAAM,QAAQ,GAAgC;QAC5C,GAAG,aAAa;QAChB,GAAG,gBAAgB;QACnB,GAAG,oBAAoB;QACvB,GAAG,aAAa;QAChB,GAAG,wBAAwB;QAC3B,GAAG,YAAY;QACf,GAAG,gBAAgB;KACpB,CAAC;IAEF,IAAI,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5B,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;IAC3C,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/build/tools/organizations.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Organization tools (2 tools)
+ * Org-level operations via Zitadel Management API v1 + Admin API
+ */
+import type { ToolDefinition, ToolHandler } from '../types/tools.js';
+export declare const ORG_TOOLS: ToolDefinition[];
+export declare const ORG_HANDLERS: Record<string, ToolHandler>;

package/build/tools/organizations.js

@@ -0,0 +1,65 @@
+/**
+ * Organization tools (2 tools)
+ * Org-level operations via Zitadel Management API v1 + Admin API
+ */
+import { z } from 'zod';
+import { textResponse } from '../types/tools.js';
+// ─── Tool Definitions ───────────────────────────────────────────────────────
+export const ORG_TOOLS = [
+    {
+        name: 'zitadel_get_org',
+        description: 'Get details of the current organization (based on the configured ZITADEL_ORG_ID).',
+        inputSchema: { type: 'object', properties: {} },
+        _meta: { readOnly: true, domain: 'organizations' },
+        annotations: { title: 'Get Organization', readOnlyHint: true, destructiveHint: false, idempotentHint: true },
+    },
+    {
+        name: 'zitadel_list_orgs',
+        description: 'List all organizations in the Zitadel instance. Requires IAM-level admin permissions.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                limit: { type: 'number', description: 'Maximum number of results (default: 50)' },
+            },
+        },
+        _meta: { readOnly: true, domain: 'organizations' },
+        annotations: { title: 'List Organizations', readOnlyHint: true, destructiveHint: false, idempotentHint: true },
+    },
+];
+// ─── Handlers ────────────────────────────────────────────────────────────────
+const getOrgHandler = async (_params, ctx) => {
+    const response = await ctx.client.request('/management/v1/orgs/me');
+    const org = response.org;
+    const lines = [
+        `Organization: ${org.name}`,
+        `ID: ${org.id}`,
+        `State: ${org.state?.replace('ORG_STATE_', '') || 'UNKNOWN'}`,
+        `Primary Domain: ${org.primaryDomain || 'N/A'}`,
+        `Created: ${org.details?.creationDate || 'N/A'}`,
+    ];
+    return textResponse(lines.join('\n'));
+};
+const listOrgsHandler = async (params, ctx) => {
+    const input = z.object({
+        limit: z.number().min(1).max(500).default(50),
+    }).parse(params);
+    const response = await ctx.client.request('/admin/v1/orgs/_search', {
+        method: 'POST',
+        body: JSON.stringify({ query: { offset: '0', limit: input.limit } }),
+    });
+    const orgs = response.result || [];
+    if (orgs.length === 0) {
+        return textResponse('No organizations found.');
+    }
+    const lines = orgs.map((o) => {
+        const state = o.state?.replace('ORG_STATE_', '') || 'UNKNOWN';
+        return `- ${o.name} [${state}] ID: ${o.id}`;
+    });
+    return textResponse(`Found ${orgs.length} organization(s):\n\n${lines.join('\n')}`);
+};
+// ─── Export ──────────────────────────────────────────────────────────────────
+export const ORG_HANDLERS = {
+    zitadel_get_org: getOrgHandler,
+    zitadel_list_orgs: listOrgsHandler,
+};
+//# sourceMappingURL=organizations.js.map

package/build/tools/organizations.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"organizations.js","sourceRoot":"","sources":["../../src/tools/organizations.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAGjD,+EAA+E;AAE/E,MAAM,CAAC,MAAM,SAAS,GAAqB;IACzC;QACE,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,mFAAmF;QAChG,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,EAAE,EAAE;QAC/C,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,eAAe,EAAE;QAClD,WAAW,EAAE,EAAE,KAAK,EAAE,kBAAkB,EAAE,YAAY,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE;KAC7G;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,uFAAuF;QACpG,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yCAAyC,EAAE;aAClF;SACF;QACD,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,eAAe,EAAE;QAClD,WAAW,EAAE,EAAE,KAAK,EAAE,oBAAoB,EAAE,YAAY,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE;KAC/G;CACF,CAAC;AAEF,gFAAgF;AAEhF,MAAM,aAAa,GAAgB,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE;IACxD,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CAAiB,wBAAwB,CAAC,CAAC;IACpF,MAAM,GAAG,GAAG,QAAQ,CAAC,GAAG,CAAC;IAEzB,MAAM,KAAK,GAAG;QACZ,iBAAiB,GAAG,CAAC,IAAI,EAAE;QAC3B,OAAO,GAAG,CAAC,EAAE,EAAE;QACf,UAAU,GAAG,CAAC,KAAK,EAAE,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,IAAI,SAAS,EAAE;QAC7D,mBAAmB,GAAG,CAAC,aAAa,IAAI,KAAK,EAAE;QAC/C,YAAY,GAAG,CAAC,OAAO,EAAE,YAAY,IAAI,KAAK,EAAE;KACjD,CAAC;IAEF,OAAO,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,CAAC,CAAC;AAEF,MAAM,eAAe,GAAgB,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;IACzD,MAAM,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC;QACrB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;KAC9C,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAEjB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CACvC,wBAAwB,EACxB;QACE,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC;KACrE,CACF,CAAC;IAEF,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,IAAI,EAAE,CAAC;IACnC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,YAAY,CAAC,yBAAyB,CAAC,CAAC;IACjD,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAa,EAAE,EAAE;QACvC,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,IAAI,SAAS,CAAC;QAC9D,OAAO,KAAK,CAAC,CAAC,IAAI,KAAK,KAAK,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,OAAO,YAAY,CAAC,SAAS,IAAI,CAAC,MAAM,wBAAwB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACtF,CAAC,CAAC;AAEF,gFAAgF;AAEhF,MAAM,CAAC,MAAM,YAAY,GAAgC;IACvD,eAAe,EAAE,aAAa;IAC9B,iBAAiB,EAAE,eAAe;CACnC,CAAC"}

package/build/tools/portal.d.ts

@@ -0,0 +1,10 @@
+/**
+ * App-portal extension tools (2 tools)
+ * Only registered when PORTAL_DATABASE_URL is set
+ *
+ * Inserts into the app-portal `apps` table and orchestrates
+ * cross-system app setup (Zitadel + portal DB)
+ */
+import type { ToolDefinition, ToolHandler } from '../types/tools.js';
+export declare const PORTAL_TOOLS: ToolDefinition[];
+export declare const PORTAL_HANDLERS: Record<string, ToolHandler>;

package/build/tools/portal.js

@@ -0,0 +1,191 @@
+/**
+ * App-portal extension tools (2 tools)
+ * Only registered when PORTAL_DATABASE_URL is set
+ *
+ * Inserts into the app-portal `apps` table and orchestrates
+ * cross-system app setup (Zitadel + portal DB)
+ */
+import { z } from 'zod';
+import postgres from 'postgres';
+import { textResponse, errorResponse } from '../types/tools.js';
+import { logger } from '../utils/logger.js';
+// ─── Tool Definitions ───────────────────────────────────────────────────────
+export const PORTAL_TOOLS = [
+    {
+        name: 'portal_register_app',
+        description: 'Register an application in the app-portal database so it appears in the portal UI. This only creates the portal DB record — use zitadel_create_oidc_app separately if you also need the Zitadel OIDC app.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                slug: { type: 'string', description: 'URL-safe slug (e.g., "proposal-rodeo"). Used as the role key: app:{slug}' },
+                name: { type: 'string', description: 'Display name (e.g., "Proposal Rodeo")' },
+                description: { type: 'string', description: 'Brief description of the application' },
+                appUrl: { type: 'string', description: 'URL where the app is hosted (e.g., "https://proposals.renewalinitiatives.org")' },
+                iconUrl: { type: 'string', description: 'Optional URL to the app icon' },
+            },
+            required: ['slug', 'name', 'appUrl'],
+        },
+        _meta: { readOnly: false, domain: 'portal' },
+        annotations: { title: 'Register App in Portal', readOnlyHint: false, destructiveHint: false, idempotentHint: false },
+    },
+    {
+        name: 'portal_setup_full_app',
+        description: 'One-click app setup: creates a Zitadel project (or uses existing), OIDC application, project role, AND registers the app in the portal database. Returns the .env.local configuration for the new app.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                name: { type: 'string', description: 'Application name (e.g., "Proposal Rodeo")' },
+                slug: { type: 'string', description: 'URL-safe slug (e.g., "proposal-rodeo")' },
+                appUrl: { type: 'string', description: 'URL where the app will be hosted' },
+                description: { type: 'string', description: 'Brief description' },
+                iconUrl: { type: 'string', description: 'Optional icon URL' },
+                projectId: { type: 'string', description: 'Existing project ID. If omitted, a new project is created.' },
+                redirectUris: {
+                    type: 'array',
+                    items: { type: 'string' },
+                    description: 'OAuth redirect URIs. Defaults to ["{appUrl}/api/auth/callback/zitadel"] if omitted.',
+                },
+                devMode: { type: 'boolean', description: 'Enable dev mode for http:// URIs (default: false)' },
+            },
+            required: ['name', 'slug', 'appUrl'],
+        },
+        _meta: { readOnly: false, domain: 'portal' },
+        annotations: { title: 'Full App Setup', readOnlyHint: false, destructiveHint: false, idempotentHint: false },
+    },
+];
+// ─── Helpers ─────────────────────────────────────────────────────────────────
+function getPortalDb(ctx) {
+    if (!ctx.config.portalDatabaseUrl) {
+        throw new Error('PORTAL_DATABASE_URL is not configured');
+    }
+    return postgres(ctx.config.portalDatabaseUrl);
+}
+// ─── Handlers ────────────────────────────────────────────────────────────────
+const portalRegisterAppHandler = async (params, ctx) => {
+    const input = z.object({
+        slug: z.string().min(1).regex(/^[a-z0-9-]+$/, 'Slug must be lowercase letters, numbers, and hyphens only'),
+        name: z.string().min(1),
+        description: z.string().optional(),
+        appUrl: z.string().url(),
+        iconUrl: z.string().url().optional(),
+    }).parse(params);
+    const sql = getPortalDb(ctx);
+    try {
+        // Check slug uniqueness
+        const existing = await sql `SELECT id FROM apps WHERE slug = ${input.slug} LIMIT 1`;
+        if (existing.length > 0) {
+            return errorResponse(`Slug '${input.slug}' already exists in the portal database.`);
+        }
+        const [app] = await sql `
+      INSERT INTO apps (slug, name, description, app_url, icon_url, created_at, updated_at)
+      VALUES (${input.slug}, ${input.name}, ${input.description || ''}, ${input.appUrl}, ${input.iconUrl || null}, NOW(), NOW())
+      RETURNING id, slug, name
+    `;
+        return textResponse(`App registered in portal.\n` +
+            `ID: ${app?.['id']}\n` +
+            `Slug: ${app?.['slug']}\n` +
+            `Name: ${app?.['name']}`);
+    }
+    finally {
+        await sql.end();
+    }
+};
+const portalSetupFullAppHandler = async (params, ctx) => {
+    const input = z.object({
+        name: z.string().min(1),
+        slug: z.string().min(1).regex(/^[a-z0-9-]+$/),
+        appUrl: z.string().url(),
+        description: z.string().optional(),
+        iconUrl: z.string().url().optional(),
+        projectId: z.string().optional(),
+        redirectUris: z.array(z.string()).optional(),
+        devMode: z.boolean().default(false),
+    }).parse(params);
+    const results = [];
+    const config = ctx.client.getConfig();
+    // Step 1: Create or use existing project
+    let projectId = input.projectId || config.projectId;
+    if (!projectId) {
+        logger.info('Creating new Zitadel project', { name: input.name });
+        const project = await ctx.client.request('/management/v1/projects', {
+            method: 'POST',
+            body: JSON.stringify({
+                name: input.name,
+                projectRoleAssertion: true,
+                projectRoleCheck: false,
+            }),
+        });
+        projectId = project.id;
+        results.push(`1. Created project: ${projectId}`);
+    }
+    else {
+        results.push(`1. Using existing project: ${projectId}`);
+    }
+    // Step 2: Create OIDC application
+    const redirectUris = input.redirectUris || [`${input.appUrl}/api/auth/callback/zitadel`];
+    logger.info('Creating OIDC app', { name: input.name, projectId });
+    const app = await ctx.client.request(`/management/v1/projects/${projectId}/apps/oidc`, {
+        method: 'POST',
+        body: JSON.stringify({
+            name: input.name,
+            redirectUris,
+            responseTypes: ['OIDC_RESPONSE_TYPE_CODE'],
+            grantTypes: ['OIDC_GRANT_TYPE_AUTHORIZATION_CODE'],
+            appType: 'OIDC_APP_TYPE_WEB',
+            authMethodType: 'OIDC_AUTH_METHOD_TYPE_NONE',
+            devMode: input.devMode,
+        }),
+    });
+    results.push(`2. Created OIDC app: Client ID = ${app.clientId}`);
+    // Step 3: Create project role for the app
+    const roleKey = `app:${input.slug}`;
+    logger.info('Creating project role', { roleKey, projectId });
+    try {
+        await ctx.client.request(`/management/v1/projects/${projectId}/roles`, {
+            method: 'POST',
+            body: JSON.stringify({ roleKey, displayName: input.name }),
+        });
+        results.push(`3. Created role: ${roleKey}`);
+    }
+    catch (error) {
+        // Role may already exist — that's fine
+        results.push(`3. Role ${roleKey} already exists (skipped)`);
+    }
+    // Step 4: Insert into portal database
+    const sql = getPortalDb(ctx);
+    try {
+        const existing = await sql `SELECT id FROM apps WHERE slug = ${input.slug} LIMIT 1`;
+        if (existing.length > 0) {
+            results.push(`4. App slug '${input.slug}' already in portal DB (skipped)`);
+        }
+        else {
+            await sql `
+        INSERT INTO apps (slug, name, description, app_url, icon_url, created_at, updated_at)
+        VALUES (${input.slug}, ${input.name}, ${input.description || ''}, ${input.appUrl}, ${input.iconUrl || null}, NOW(), NOW())
+      `;
+            results.push(`4. Registered in portal database`);
+        }
+    }
+    finally {
+        await sql.end();
+    }
+    // Step 5: Format env vars
+    const envVars = [
+        `AUTH_ZITADEL_ISSUER=${config.issuer}`,
+        `AUTH_ZITADEL_CLIENT_ID=${app.clientId}`,
+    ].join('\n');
+    return textResponse(`Full app setup complete:\n\n` +
+        `${results.join('\n')}\n\n` +
+        `# .env.local for ${input.name}\n${envVars}\n\n` +
+        `# Reference\n` +
+        `# ZITADEL_PROJECT_ID=${projectId}\n` +
+        `# ZITADEL_ORG_ID=${config.orgId}\n` +
+        `# ZITADEL_APP_ID=${app.appId}\n` +
+        `# Role key: ${roleKey}`);
+};
+// ─── Export ──────────────────────────────────────────────────────────────────
+export const PORTAL_HANDLERS = {
+    portal_register_app: portalRegisterAppHandler,
+    portal_setup_full_app: portalSetupFullAppHandler,
+};
+//# sourceMappingURL=portal.js.map

package/build/tools/portal.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"portal.js","sourceRoot":"","sources":["../../src/tools/portal.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,QAAQ,MAAM,UAAU,CAAC;AAEhC,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEhE,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAE5C,+EAA+E;AAE/E,MAAM,CAAC,MAAM,YAAY,GAAqB;IAC5C;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,2MAA2M;QACxN,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,0EAA0E,EAAE;gBACjH,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,uCAAuC,EAAE;gBAC9E,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sCAAsC,EAAE;gBACpF,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,gFAAgF,EAAE;gBACzH,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,8BAA8B,EAAE;aACzE;YACD,QAAQ,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC;SACrC;QACD,KAAK,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE;QAC5C,WAAW,EAAE,EAAE,KAAK,EAAE,wBAAwB,EAAE,YAAY,EAAE,KAAK,EAAE,eAAe,EAAE,KAAK,EAAE,cAAc,EAAE,KAAK,EAAE;KACrH;IACD;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,wMAAwM;QACrN,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2CAA2C,EAAE;gBAClF,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wCAAwC,EAAE;gBAC/E,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kCAAkC,EAAE;gBAC3E,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,mBAAmB,EAAE;gBACjE,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,mBAAmB,EAAE;gBAC7D,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4DAA4D,EAAE;gBACxG,YAAY,EAAE;oBACZ,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACzB,WAAW,EAAE,qFAAqF;iBACnG;gBACD,OAAO,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,WAAW,EAAE,mDAAmD,EAAE;aAC/F;YACD,QAAQ,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC;SACrC;QACD,KAAK,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE;QAC5C,WAAW,EAAE,EAAE,KAAK,EAAE,gBAAgB,EAAE,YAAY,EAAE,KAAK,EAAE,eAAe,EAAE,KAAK,EAAE,cAAc,EAAE,KAAK,EAAE;KAC7G;CACF,CAAC;AAEF,gFAAgF;AAEhF,SAAS,WAAW,CAAC,GAA+C;IAClE,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;IACD,OAAO,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;AAChD,CAAC;AAED,gFAAgF;AAEhF,MAAM,wBAAwB,GAAgB,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;IAClE,MAAM,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC;QACrB,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,EAAE,2DAA2D,CAAC;QAC1G,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACvB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAClC,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;QACxB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;KACrC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAEjB,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAE7B,IAAI,CAAC;QACH,wBAAwB;QACxB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAA,oCAAoC,KAAK,CAAC,IAAI,UAAU,CAAC;QACnF,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,aAAa,CAAC,SAAS,KAAK,CAAC,IAAI,0CAA0C,CAAC,CAAC;QACtF,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,GAAG,CAAA;;gBAEX,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,WAAW,IAAI,EAAE,KAAK,KAAK,CAAC,MAAM,KAAK,KAAK,CAAC,OAAO,IAAI,IAAI;;KAE3G,CAAC;QAEF,OAAO,YAAY,CACjB,6BAA6B;YAC7B,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI;YACtB,SAAS,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI;YAC1B,SAAS,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,CACzB,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,MAAM,GAAG,CAAC,GAAG,EAAE,CAAC;IAClB,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,yBAAyB,GAAgB,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;IACnE,MAAM,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC;QACrB,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACvB,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC;QAC7C,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;QACxB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAClC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;QACpC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAChC,YAAY,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC5C,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;KACpC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAEjB,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;IAEtC,yCAAyC;IACzC,IAAI,SAAS,GAAG,KAAK,CAAC,SAAS,IAAI,MAAM,CAAC,SAAS,CAAC;IACpD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QAClE,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CACtC,yBAAyB,EACzB;YACE,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,oBAAoB,EAAE,IAAI;gBAC1B,gBAAgB,EAAE,KAAK;aACxB,CAAC;SACH,CACF,CAAC;QACF,SAAS,GAAG,OAAO,CAAC,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,uBAAuB,SAAS,EAAE,CAAC,CAAC;IACnD,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,IAAI,CAAC,8BAA8B,SAAS,EAAE,CAAC,CAAC;IAC1D,CAAC;IAED,kCAAkC;IAClC,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,4BAA4B,CAAC,CAAC;IACzF,MAAM,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;IAElE,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CAClC,2BAA2B,SAAS,YAAY,EAChD;QACE,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,YAAY;YACZ,aAAa,EAAE,CAAC,yBAAyB,CAAC;YAC1C,UAAU,EAAE,CAAC,oCAAoC,CAAC;YAClD,OAAO,EAAE,mBAAmB;YAC5B,cAAc,EAAE,4BAA4B;YAC5C,OAAO,EAAE,KAAK,CAAC,OAAO;SACvB,CAAC;KACH,CACF,CAAC;IACF,OAAO,CAAC,IAAI,CAAC,oCAAoC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;IAEjE,0CAA0C;IAC1C,MAAM,OAAO,GAAG,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;IACpC,MAAM,CAAC,IAAI,CAAC,uBAAuB,EAAE,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC;IAE7D,IAAI,CAAC;QACH,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CACtB,2BAA2B,SAAS,QAAQ,EAC5C;YACE,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC;SAC3D,CACF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,oBAAoB,OAAO,EAAE,CAAC,CAAC;IAC9C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,uCAAuC;QACvC,OAAO,CAAC,IAAI,CAAC,WAAW,OAAO,2BAA2B,CAAC,CAAC;IAC9D,CAAC;IAED,sCAAsC;IACtC,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAA,oCAAoC,KAAK,CAAC,IAAI,UAAU,CAAC;QACnF,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,CAAC,IAAI,CAAC,gBAAgB,KAAK,CAAC,IAAI,kCAAkC,CAAC,CAAC;QAC7E,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,CAAA;;kBAEG,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,WAAW,IAAI,EAAE,KAAK,KAAK,CAAC,MAAM,KAAK,KAAK,CAAC,OAAO,IAAI,IAAI;OAC3G,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;YAAS,CAAC;QACT,MAAM,GAAG,CAAC,GAAG,EAAE,CAAC;IAClB,CAAC;IAED,0BAA0B;IAC1B,MAAM,OAAO,GAAG;QACd,uBAAuB,MAAM,CAAC,MAAM,EAAE;QACtC,0BAA0B,GAAG,CAAC,QAAQ,EAAE;KACzC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEb,OAAO,YAAY,CACjB,8BAA8B;QAC9B,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM;QAC3B,oBAAoB,KAAK,CAAC,IAAI,KAAK,OAAO,MAAM;QAChD,eAAe;QACf,wBAAwB,SAAS,IAAI;QACrC,oBAAoB,MAAM,CAAC,KAAK,IAAI;QACpC,oBAAoB,GAAG,CAAC,KAAK,IAAI;QACjC,eAAe,OAAO,EAAE,CACzB,CAAC;AACJ,CAAC,CAAC;AAEF,gFAAgF;AAEhF,MAAM,CAAC,MAAM,eAAe,GAAgC;IAC1D,mBAAmB,EAAE,wBAAwB;IAC7C,qBAAqB,EAAE,yBAAyB;CACjD,CAAC"}

package/build/tools/projects.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Project management tools (3 tools)
+ * CRUD operations for Zitadel projects via Management API v1
+ */
+import type { ToolDefinition, ToolHandler } from '../types/tools.js';
+export declare const PROJECT_TOOLS: ToolDefinition[];
+export declare const PROJECT_HANDLERS: Record<string, ToolHandler>;

package/build/tools/projects.js

@@ -0,0 +1,109 @@
+/**
+ * Project management tools (3 tools)
+ * CRUD operations for Zitadel projects via Management API v1
+ */
+import { z } from 'zod';
+import { textResponse, zitadelId } from '../types/tools.js';
+import { logger } from '../utils/logger.js';
+// ─── Tool Definitions ───────────────────────────────────────────────────────
+export const PROJECT_TOOLS = [
+    {
+        name: 'zitadel_list_projects',
+        description: 'List all projects in the Zitadel organization.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                limit: { type: 'number', description: 'Maximum number of results (default: 50)' },
+            },
+        },
+        _meta: { readOnly: true, domain: 'projects' },
+        annotations: { title: 'List Projects', readOnlyHint: true, destructiveHint: false, idempotentHint: true },
+    },
+    {
+        name: 'zitadel_get_project',
+        description: 'Get details of a specific project by its ID.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                projectId: { type: 'string', description: 'The project ID' },
+            },
+            required: ['projectId'],
+        },
+        _meta: { readOnly: true, domain: 'projects' },
+        annotations: { title: 'Get Project', readOnlyHint: true, destructiveHint: false, idempotentHint: true },
+    },
+    {
+        name: 'zitadel_create_project',
+        description: 'Create a new project in Zitadel. Projects contain applications, roles, and grants.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                name: { type: 'string', description: 'Project name' },
+                projectRoleAssertion: { type: 'boolean', description: 'Include roles in tokens (default: true)' },
+                projectRoleCheck: { type: 'boolean', description: 'Only allow users with grants to authenticate (default: false)' },
+            },
+            required: ['name'],
+        },
+        _meta: { readOnly: false, domain: 'projects' },
+        annotations: { title: 'Create Project', readOnlyHint: false, destructiveHint: false, idempotentHint: false },
+    },
+];
+// ─── Handlers ────────────────────────────────────────────────────────────────
+function formatProject(p) {
+    const state = p.state?.replace('PROJECT_STATE_', '') || 'UNKNOWN';
+    return `- ${p.name} [${state}] ID: ${p.id}`;
+}
+const listProjectsHandler = async (params, ctx) => {
+    const input = z.object({
+        limit: z.number().min(1).max(500).default(50),
+    }).parse(params);
+    const response = await ctx.client.request('/management/v1/projects/_search', {
+        method: 'POST',
+        body: JSON.stringify({ query: { offset: '0', limit: input.limit } }),
+    });
+    const projects = response.result || [];
+    if (projects.length === 0) {
+        return textResponse('No projects found.');
+    }
+    const lines = projects.map(formatProject);
+    return textResponse(`Found ${projects.length} project(s):\n\n${lines.join('\n')}`);
+};
+const getProjectHandler = async (params, ctx) => {
+    const { projectId } = z.object({ projectId: zitadelId('projectId') }).parse(params);
+    const project = await ctx.client.request(`/management/v1/projects/${projectId}`);
+    const lines = [
+        `Project: ${project.name}`,
+        `ID: ${project.id}`,
+        `State: ${project.state?.replace('PROJECT_STATE_', '') || 'UNKNOWN'}`,
+        `Role Assertion: ${project.projectRoleAssertion ?? 'N/A'}`,
+        `Role Check: ${project.projectRoleCheck ?? 'N/A'}`,
+        `Created: ${project.details?.creationDate || 'N/A'}`,
+    ];
+    return textResponse(lines.join('\n'));
+};
+const createProjectHandler = async (params, ctx) => {
+    const input = z.object({
+        name: z.string().min(1),
+        projectRoleAssertion: z.boolean().default(true),
+        projectRoleCheck: z.boolean().default(false),
+    }).parse(params);
+    logger.info('Creating project', { name: input.name });
+    const response = await ctx.client.request('/management/v1/projects', {
+        method: 'POST',
+        body: JSON.stringify({
+            name: input.name,
+            projectRoleAssertion: input.projectRoleAssertion,
+            projectRoleCheck: input.projectRoleCheck,
+        }),
+    });
+    return textResponse(`Project created successfully.\n` +
+        `Project ID: ${response.id}\n` +
+        `Name: ${input.name}`);
+};
+// ─── Export ──────────────────────────────────────────────────────────────────
+export const PROJECT_HANDLERS = {
+    zitadel_list_projects: listProjectsHandler,
+    zitadel_get_project: getProjectHandler,
+    zitadel_create_project: createProjectHandler,
+};
+//# sourceMappingURL=projects.js.map

package/build/tools/projects.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"projects.js","sourceRoot":"","sources":["../../src/tools/projects.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAE5D,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAE5C,+EAA+E;AAE/E,MAAM,CAAC,MAAM,aAAa,GAAqB;IAC7C;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,gDAAgD;QAC7D,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yCAAyC,EAAE;aAClF;SACF;QACD,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE;QAC7C,WAAW,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,YAAY,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE;KAC1G;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,8CAA8C;QAC3D,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,gBAAgB,EAAE;aAC7D;YACD,QAAQ,EAAE,CAAC,WAAW,CAAC;SACxB;QACD,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE;QAC7C,WAAW,EAAE,EAAE,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE;KACxG;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,oFAAoF;QACjG,WAAW,EAAE;YACX,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE;gBACrD,oBAAoB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,WAAW,EAAE,yCAAyC,EAAE;gBACjG,gBAAgB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,WAAW,EAAE,+DAA+D,EAAE;aACpH;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;QACD,KAAK,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE;QAC9C,WAAW,EAAE,EAAE,KAAK,EAAE,gBAAgB,EAAE,YAAY,EAAE,KAAK,EAAE,eAAe,EAAE,KAAK,EAAE,cAAc,EAAE,KAAK,EAAE;KAC7G;CACF,CAAC;AAEF,gFAAgF;AAEhF,SAAS,aAAa,CAAC,CAAiB;IACtC,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,IAAI,SAAS,CAAC;IAClE,OAAO,KAAK,CAAC,CAAC,IAAI,KAAK,KAAK,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC;AAC9C,CAAC;AAED,MAAM,mBAAmB,GAAgB,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;IAC7D,MAAM,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC;QACrB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;KAC9C,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAEjB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CACvC,iCAAiC,EACjC;QACE,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC;KACrE,CACF,CAAC;IAEF,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,IAAI,EAAE,CAAC;IACvC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,YAAY,CAAC,oBAAoB,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC1C,OAAO,YAAY,CAAC,SAAS,QAAQ,CAAC,MAAM,mBAAmB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACrF,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAgB,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;IAC3D,MAAM,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAEpF,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CAAiB,2BAA2B,SAAS,EAAE,CAAC,CAAC;IAEjG,MAAM,KAAK,GAAG;QACZ,YAAY,OAAO,CAAC,IAAI,EAAE;QAC1B,OAAO,OAAO,CAAC,EAAE,EAAE;QACnB,UAAU,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,IAAI,SAAS,EAAE;QACrE,mBAAmB,OAAO,CAAC,oBAAoB,IAAI,KAAK,EAAE;QAC1D,eAAe,OAAO,CAAC,gBAAgB,IAAI,KAAK,EAAE;QAClD,YAAY,OAAO,CAAC,OAAO,EAAE,YAAY,IAAI,KAAK,EAAE;KACrD,CAAC;IAEF,OAAO,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACxC,CAAC,CAAC;AAEF,MAAM,oBAAoB,GAAgB,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;IAC9D,MAAM,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC;QACrB,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACvB,oBAAoB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;QAC/C,gBAAgB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;KAC7C,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAEjB,MAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IAEtD,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,OAAO,CACvC,yBAAyB,EACzB;QACE,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,oBAAoB,EAAE,KAAK,CAAC,oBAAoB;YAChD,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;SACzC,CAAC;KACH,CACF,CAAC;IAEF,OAAO,YAAY,CACjB,iCAAiC;QACjC,eAAe,QAAQ,CAAC,EAAE,IAAI;QAC9B,SAAS,KAAK,CAAC,IAAI,EAAE,CACtB,CAAC;AACJ,CAAC,CAAC;AAEF,gFAAgF;AAEhF,MAAM,CAAC,MAAM,gBAAgB,GAAgC;IAC3D,qBAAqB,EAAE,mBAAmB;IAC1C,mBAAmB,EAAE,iBAAiB;IACtC,sBAAsB,EAAE,oBAAoB;CAC7C,CAAC"}

package/build/tools/roles.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Role & grant management tools (5 tools)
+ * Project roles and user grants via Zitadel Management API v1
+ */
+import type { ToolDefinition, ToolHandler } from '../types/tools.js';
+export declare const ROLE_TOOLS: ToolDefinition[];
+export declare const ROLE_HANDLERS: Record<string, ToolHandler>;