account_add_access_key
Add an access key to a NEAR account, granting full access or function call permission for a specified contract.
Instructions
Add an access key to an account. This can be used to grant full access to an account, or allow the specified account to have specific function call access to a contract.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| accountId | Yes | ||
| networkId | No | mainnet | |
| accessKeyArgs | Yes |
Implementation Reference
- src/services.ts:1437-1550 (registration)Registration of the 'account_add_access_key' MCP tool via mcp.tool() with its name, description, and input schema.
'account_add_access_key', noLeadingWhitespace` Add an access key to an account. This can be used to grant full access to an account, or allow the specified account to have specific function call access to a contract.`, { accountId: z.string(), networkId: z.enum(['testnet', 'mainnet']).default('mainnet'), accessKeyArgs: z.object({ permission: z.union([ z.object({ type: z.literal('FullAccess'), publicKey: z.string().describe('The public key of the access key.'), }), z.object({ type: z.literal('FunctionCall'), publicKey: z.string().describe('The public key of the access key.'), FunctionCall: z.object({ contractId: z.string(), allowance: z .union([ z.number().describe('The amount of NEAR tokens (in NEAR)'), z.bigint().describe('The amount in yoctoNEAR'), ]) .default(NearToken.parse_yocto_near('1').as_near()) .describe('The allowance of the function call access key.'), methodNames: z.array(z.string()), }), }), ]), }), }, async (args, _) => { const connection = await connect({ networkId: args.networkId, keyStore: keystore, nodeUrl: getEndpointsByNetwork(args.networkId)[0]!, }); const accountResult: Result<Account, Error> = await getAccount( args.accountId, connection, ); if (!accountResult.ok) { return { content: [{ type: 'text', text: `Error: ${accountResult.error}` }], }; } const account = accountResult.value; const addAccessKeyResult: Result<FinalExecutionOutcome, Error> = await (async () => { try { switch (args.accessKeyArgs.permission.type) { case 'FullAccess': return { ok: true, value: await account.addKey( args.accessKeyArgs.permission.publicKey, ), }; case 'FunctionCall': const allowance = typeof args.accessKeyArgs.permission.FunctionCall .allowance === 'number' ? NearToken.parse_near( args.accessKeyArgs.permission.FunctionCall.allowance.toString(), ).as_yocto_near() : args.accessKeyArgs.permission.FunctionCall.allowance; return { ok: true, value: await account.addKey( args.accessKeyArgs.permission.publicKey, args.accessKeyArgs.permission.FunctionCall.contractId, args.accessKeyArgs.permission.FunctionCall.methodNames, allowance, ), }; } } catch (e) { return { ok: false, error: new Error(e as string) }; } })(); if (!addAccessKeyResult.ok) { return { content: [ { type: 'text', text: `Error: ${addAccessKeyResult.error}\n\nFailed to add access key to account ${args.accountId}`, }, ], }; } return { content: [ { type: 'text', text: `Add access key transaction result: ${stringify_bigint({ final_execution_status: addAccessKeyResult.value.final_execution_status, status: addAccessKeyResult.value.status, transaction_outcome: addAccessKeyResult.value.transaction_outcome, receipts_outcome: addAccessKeyResult.value.receipts_outcome, })}`, }, { type: 'text', text: `Access key added: ${args.accessKeyArgs.permission.publicKey}`, }, ], }; }, ); - src/services.ts:1441-1467 (schema)Input schema validation for account_add_access_key: accountId, networkId, and accessKeyArgs with a discriminated union for FullAccess vs FunctionCall permissions.
{ accountId: z.string(), networkId: z.enum(['testnet', 'mainnet']).default('mainnet'), accessKeyArgs: z.object({ permission: z.union([ z.object({ type: z.literal('FullAccess'), publicKey: z.string().describe('The public key of the access key.'), }), z.object({ type: z.literal('FunctionCall'), publicKey: z.string().describe('The public key of the access key.'), FunctionCall: z.object({ contractId: z.string(), allowance: z .union([ z.number().describe('The amount of NEAR tokens (in NEAR)'), z.bigint().describe('The amount in yoctoNEAR'), ]) .default(NearToken.parse_yocto_near('1').as_near()) .describe('The allowance of the function call access key.'), methodNames: z.array(z.string()), }), }), ]), }), }, - src/services.ts:1468-1550 (handler)Handler function that executes the tool logic: connects to the NEAR network, gets the account, and adds either a FullAccess key or a FunctionCall access key based on the permission type.
async (args, _) => { const connection = await connect({ networkId: args.networkId, keyStore: keystore, nodeUrl: getEndpointsByNetwork(args.networkId)[0]!, }); const accountResult: Result<Account, Error> = await getAccount( args.accountId, connection, ); if (!accountResult.ok) { return { content: [{ type: 'text', text: `Error: ${accountResult.error}` }], }; } const account = accountResult.value; const addAccessKeyResult: Result<FinalExecutionOutcome, Error> = await (async () => { try { switch (args.accessKeyArgs.permission.type) { case 'FullAccess': return { ok: true, value: await account.addKey( args.accessKeyArgs.permission.publicKey, ), }; case 'FunctionCall': const allowance = typeof args.accessKeyArgs.permission.FunctionCall .allowance === 'number' ? NearToken.parse_near( args.accessKeyArgs.permission.FunctionCall.allowance.toString(), ).as_yocto_near() : args.accessKeyArgs.permission.FunctionCall.allowance; return { ok: true, value: await account.addKey( args.accessKeyArgs.permission.publicKey, args.accessKeyArgs.permission.FunctionCall.contractId, args.accessKeyArgs.permission.FunctionCall.methodNames, allowance, ), }; } } catch (e) { return { ok: false, error: new Error(e as string) }; } })(); if (!addAccessKeyResult.ok) { return { content: [ { type: 'text', text: `Error: ${addAccessKeyResult.error}\n\nFailed to add access key to account ${args.accountId}`, }, ], }; } return { content: [ { type: 'text', text: `Add access key transaction result: ${stringify_bigint({ final_execution_status: addAccessKeyResult.value.final_execution_status, status: addAccessKeyResult.value.status, transaction_outcome: addAccessKeyResult.value.transaction_outcome, receipts_outcome: addAccessKeyResult.value.receipts_outcome, })}`, }, { type: 'text', text: `Access key added: ${args.accessKeyArgs.permission.publicKey}`, }, ], }; }, );