Parallels RAS MCP Server

Instructions

Implementation Reference

• src/tools/site-settings.ts:43-62 (registration)

  Tool registration for 'ras_site_get_connection_settings' with schema (title, description, annotations, inputSchema) and inline handler function. The tool calls the RAS API endpoint '/api/site-settings/connection-and-authentication/connection-settings' and returns JSON-formatted connection and authentication settings.
  server.registerTool( "ras_site_get_connection_settings", { title: "Connection Settings", description: "Get connection and authentication settings, including session timeouts, " + "client connection policies, and authentication methods. Use this to review " + "security posture or troubleshoot client connection issues.", annotations: READ_ONLY_ANNOTATIONS, inputSchema: {}, }, async () => { try { const data = await rasClient.get("/api/site-settings/connection-and-authentication/connection-settings"); return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] }; } catch (err) { return { content: [{ type: "text" as const, text: sanitiseError(err, "Failed to retrieve connection settings") }], isError: true }; } } );
• src/tools/site-settings.ts:54-61 (handler)

  Handler function that executes the tool logic. Makes an authenticated GET request to retrieve connection settings from the RAS API, formats the response as JSON, and handles errors using sanitiseError.
  async () => { try { const data = await rasClient.get("/api/site-settings/connection-and-authentication/connection-settings"); return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] }; } catch (err) { return { content: [{ type: "text" as const, text: sanitiseError(err, "Failed to retrieve connection settings") }], isError: true }; } }
• src/client.ts:128-166 (helper)

  RasClient.get() method that handles authenticated GET requests to the RAS API. Manages lazy authentication, automatic retry on 401 (expired token), request timeouts, and error handling. Called by the tool handler to fetch connection settings.
  async get(path: string): Promise<unknown> { // Ensure we have a valid session if (!this.authToken) { await this.login(); } const fetchOptions = { method: "GET" as const, headers: { ...this.headers, auth_token: this.authToken!, }, signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS), }; let response = await fetch(`${this.baseUrl}${path}`, fetchOptions); // Token may have expired — re-authenticate once and retry if (response.status === 401) { await this.login(); response = await fetch(`${this.baseUrl}${path}`, { ...fetchOptions, headers: { ...this.headers, auth_token: this.authToken!, }, signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS), }); } if (!response.ok) { const body = await response.text(); throw new Error( `RAS API error (HTTP ${response.status}) on ${path}: ${body.substring(0, 300)}` ); } return response.json(); }
• src/client.ts:43-54 (helper)

  sanitiseError() utility function that sanitizes error messages to prevent leaking sensitive information (auth tokens, passwords). Used by the tool handler to provide clean error messages to users.
  function sanitiseError(err: unknown, context: string): string { const raw = err instanceof Error ? err.message : String(err); // Remove anything that looks like a token or password value let sanitised = raw .replace(/auth_token[=:]\s*\S+/gi, "auth_token=[REDACTED]") .replace(/password[=:]\s*\S+/gi, "password=[REDACTED]"); // Truncate excessively long API response bodies if (sanitised.length > 500) { sanitised = sanitised.substring(0, 500) + "... (truncated)"; } return `${context}: ${sanitised}`; }