Parallels RAS MCP Server

Instructions

Implementation Reference

• src/tools/publishing.ts:66-85 (handler)

  Complete implementation of ras_pub_get_avd_apps tool including registration, schema definition, and handler logic. The handler makes an API GET request to /api/publishing/apps/avd to retrieve published Azure Virtual Desktop applications.
  server.registerTool( "ras_pub_get_avd_apps", { title: "Published AVD Apps", description: "List published Azure Virtual Desktop (AVD) applications. AVD apps are " + "delivered from Azure-hosted session hosts. Use this to review AVD app " + "assignments or verify Azure-based application publishing.", annotations: READ_ONLY_ANNOTATIONS, inputSchema: {}, }, async () => { try { const data = await rasClient.get("/api/publishing/apps/avd"); return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] }; } catch (err) { return { content: [{ type: "text" as const, text: sanitiseError(err, "Failed to retrieve published AVD apps") }], isError: true }; } } );
• src/tools/publishing.ts:68-76 (schema)

  Tool schema definition including title, description, read-only annotations, and empty inputSchema (no parameters required).
  { title: "Published AVD Apps", description: "List published Azure Virtual Desktop (AVD) applications. AVD apps are " + "delivered from Azure-hosted session hosts. Use this to review AVD app " + "assignments or verify Azure-based application publishing.", annotations: READ_ONLY_ANNOTATIONS, inputSchema: {}, },
• src/tools/publishing.ts:77-84 (handler)

  The actual handler function that executes the tool logic - fetches AVD apps data from the RAS API and returns it as JSON text, with error handling.
  async () => { try { const data = await rasClient.get("/api/publishing/apps/avd"); return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] }; } catch (err) { return { content: [{ type: "text" as const, text: sanitiseError(err, "Failed to retrieve published AVD apps") }], isError: true }; } }
• src/client.ts:128-166 (helper)

  The rasClient.get() method used by the handler to make authenticated GET requests to the RAS API, handling authentication and automatic retries on 401 errors.
  async get(path: string): Promise<unknown> { // Ensure we have a valid session if (!this.authToken) { await this.login(); } const fetchOptions = { method: "GET" as const, headers: { ...this.headers, auth_token: this.authToken!, }, signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS), }; let response = await fetch(`${this.baseUrl}${path}`, fetchOptions); // Token may have expired — re-authenticate once and retry if (response.status === 401) { await this.login(); response = await fetch(`${this.baseUrl}${path}`, { ...fetchOptions, headers: { ...this.headers, auth_token: this.authToken!, }, signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS), }); } if (!response.ok) { const body = await response.text(); throw new Error( `RAS API error (HTTP ${response.status}) on ${path}: ${body.substring(0, 300)}` ); } return response.json(); }
• src/client.ts:43-54 (helper)

  The sanitiseError() helper function used to sanitize error messages before returning them to prevent leaking sensitive information like auth tokens or passwords.
  function sanitiseError(err: unknown, context: string): string { const raw = err instanceof Error ? err.message : String(err); // Remove anything that looks like a token or password value let sanitised = raw .replace(/auth_token[=:]\s*\S+/gi, "auth_token=[REDACTED]") .replace(/password[=:]\s*\S+/gi, "password=[REDACTED]"); // Truncate excessively long API response bodies if (sanitised.length > 500) { sanitised = sanitised.substring(0, 500) + "... (truncated)"; } return `${context}: ${sanitised}`; }