Parallels RAS MCP Server

Instructions

Implementation Reference

• src/tools/infrastructure.ts:219-238 (handler)

  The main handler and registration for 'ras_infra_get_vdi_templates' tool. It registers the tool with the MCP server and implements an inline async handler that makes a GET request to '/api/infrastructure/vdi/template', returns JSON stringified data, and includes error handling with sanitiseError.
  server.registerTool( "ras_infra_get_vdi_templates", { title: "VDI Templates", description: "List VDI templates, their status, and configuration. Templates define the " + "base image and settings for provisioned VDI desktops. Use this to check " + "template versions, maintenance mode status, or provisioning settings.", annotations: READ_ONLY_ANNOTATIONS, inputSchema: {}, }, async () => { try { const data = await rasClient.get("/api/infrastructure/vdi/template"); return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] }; } catch (err) { return { content: [{ type: "text" as const, text: sanitiseError(err, "Failed to retrieve VDI templates") }], isError: true }; } } );
• src/client.ts:128-166 (helper)

  The rasClient.get() method used by the handler to make authenticated GET requests to the RAS API. Handles lazy authentication, automatic retry on 401 errors, and request timeouts.
  async get(path: string): Promise<unknown> { // Ensure we have a valid session if (!this.authToken) { await this.login(); } const fetchOptions = { method: "GET" as const, headers: { ...this.headers, auth_token: this.authToken!, }, signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS), }; let response = await fetch(`${this.baseUrl}${path}`, fetchOptions); // Token may have expired — re-authenticate once and retry if (response.status === 401) { await this.login(); response = await fetch(`${this.baseUrl}${path}`, { ...fetchOptions, headers: { ...this.headers, auth_token: this.authToken!, }, signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS), }); } if (!response.ok) { const body = await response.text(); throw new Error( `RAS API error (HTTP ${response.status}) on ${path}: ${body.substring(0, 300)}` ); } return response.json(); }
• src/client.ts:43-54 (helper)

  The sanitiseError helper function used by the handler to sanitize error messages by removing auth tokens, passwords, and truncating long responses to avoid leaking internal details.
  function sanitiseError(err: unknown, context: string): string { const raw = err instanceof Error ? err.message : String(err); // Remove anything that looks like a token or password value let sanitised = raw .replace(/auth_token[=:]\s*\S+/gi, "auth_token=[REDACTED]") .replace(/password[=:]\s*\S+/gi, "password=[REDACTED]"); // Truncate excessively long API response bodies if (sanitised.length > 500) { sanitised = sanitised.substring(0, 500) + "... (truncated)"; } return `${context}: ${sanitised}`; }
• src/tools/infrastructure.ts:11-17 (schema)

  The READ_ONLY_ANNOTATIONS constant used in the tool schema to define tool behavior annotations (readOnlyHint, destructiveHint, idempotentHint, openWorldHint).
  /** Shared annotations for all read-only infrastructure tools. */ const READ_ONLY_ANNOTATIONS = { readOnlyHint: true, destructiveHint: false, idempotentHint: true, openWorldHint: true, } as const;