Parallels RAS MCP Server

Instructions

Implementation Reference

• src/tools/publishing.ts:165-172 (handler)

  Handler function that executes the ras_pub_get_all_items tool. It calls rasClient.get('/api/publishing') to retrieve all published items across all resource types (RDS, VDI, AVD apps and desktops), returns the data as formatted JSON, and handles errors with sanitised messages.
  async () => { try { const data = await rasClient.get("/api/publishing"); return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] }; } catch (err) { return { content: [{ type: "text" as const, text: sanitiseError(err, "Failed to retrieve all published items") }], isError: true }; } }
• src/tools/publishing.ts:154-173 (registration)

  Registration of the ras_pub_get_all_items tool with the MCP server. Defines tool metadata including title, description, read-only annotations, and empty input schema (no parameters required).
  server.registerTool( "ras_pub_get_all_items", { title: "All Published Items", description: "List all published items across all resource types (RDS, VDI, AVD apps " + "and desktops) in a single view. Use this for a complete overview of " + "everything published in the farm, or to search across all resource types.", annotations: READ_ONLY_ANNOTATIONS, inputSchema: {}, }, async () => { try { const data = await rasClient.get("/api/publishing"); return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] }; } catch (err) { return { content: [{ type: "text" as const, text: sanitiseError(err, "Failed to retrieve all published items") }], isError: true }; } } );
• src/client.ts:128-166 (helper)

  The rasClient.get() method used by the handler to make authenticated GET requests to the RAS API. Handles lazy authentication, automatic retry on 401 token expiry, request timeouts, and error handling.
  async get(path: string): Promise<unknown> { // Ensure we have a valid session if (!this.authToken) { await this.login(); } const fetchOptions = { method: "GET" as const, headers: { ...this.headers, auth_token: this.authToken!, }, signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS), }; let response = await fetch(`${this.baseUrl}${path}`, fetchOptions); // Token may have expired — re-authenticate once and retry if (response.status === 401) { await this.login(); response = await fetch(`${this.baseUrl}${path}`, { ...fetchOptions, headers: { ...this.headers, auth_token: this.authToken!, }, signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS), }); } if (!response.ok) { const body = await response.text(); throw new Error( `RAS API error (HTTP ${response.status}) on ${path}: ${body.substring(0, 300)}` ); } return response.json(); }
• src/client.ts:43-54 (helper)

  The sanitiseError() function used by the handler to clean error messages. Strips sensitive information like auth tokens and passwords, truncates excessively long messages, and adds context to errors.
  function sanitiseError(err: unknown, context: string): string { const raw = err instanceof Error ? err.message : String(err); // Remove anything that looks like a token or password value let sanitised = raw .replace(/auth_token[=:]\s*\S+/gi, "auth_token=[REDACTED]") .replace(/password[=:]\s*\S+/gi, "password=[REDACTED]"); // Truncate excessively long API response bodies if (sanitised.length > 500) { sanitised = sanitised.substring(0, 500) + "... (truncated)"; } return `${context}: ${sanitised}`; }