HiveAuth MCP Server

Instructions

Implementation Reference

• src/tools/revokeCredential.ts:8-76 (handler)

  The core handler function that executes the revoke_credential tool. It validates and sanitizes the input using the schema, makes a POST request to the HiveAuth /api/revoke endpoint with credentialId, statusListIndex, and reason, handles the response to format success details or error, and returns a CallToolResult.

  export async function revokeCredential(args: any): Promise<CallToolResult> {
    // Validate and sanitize input
    const validation = validateAndSanitizeInput(RevokeCredentialInputSchema, args, 'revoke_credential');
    
    if (!validation.success) {
      return createValidationErrorResult(validation.error!);
    }
  
    const data = validation.data!;
    const { credentialId, statusListIndex, reason } = data;
  
    const HIVEAUTH_API_BASE_URL = process.env.HIVEAUTH_API_BASE_URL || 'http://localhost:3000';
    const REVOKE_ENDPOINT = `${HIVEAUTH_API_BASE_URL}/api/revoke`;
  
    try {
      const response = await fetch(REVOKE_ENDPOINT, {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json',
        },
        body: JSON.stringify({ 
          credentialId, 
          statusListIndex,
          reason
        }),
      });
  
      if (!response.ok) {
        const errorData = await response.json().catch(() => ({ message: response.statusText }));
        throw new Error(`Failed to revoke credential: ${errorData.message}`);
      }
  
      const result = await response.json();
  
      const details = [
        `• Credential ID: ${credentialId}`,
        `• Status List Index: ${statusListIndex}`,
        `• Revocation Status: ✅ Successfully revoked`,
        `• Status List Updated: ${result.statusListCredential ? '✅ Yes' : '❌ No'}`
      ];
  
      if (result.statusListCredential?.id) {
        details.push(`• Updated Status List ID: ${result.statusListCredential.id}`);
      }
  
      return {
        content: [
          {
            type: 'text',
            text: `Credential Revocation Result:\n\n${details.join('\n')}`
          },
          {
            type: 'text',
            text: `\`\`\`json\n${JSON.stringify(result, null, 2)}\n\`\`\``
          }
        ]
      };
    } catch (error: any) {
      return {
        content: [
          {
            type: 'text',
            text: `Failed to revoke credential: ${error.message}`
          }
        ],
        isError: true
      };
    }
  }

• src/schemas/toolSchemas.ts:109-113 (schema)

  Zod input schema for the revoke_credential tool defining required credentialId (string), statusListIndex (non-negative integer), and optional reason (string). Referenced in TOOL_SCHEMAS.revoke_credential.

  export const RevokeCredentialInputSchema = z.object({
    credentialId: z.string().min(1, 'Credential ID is required'),
    statusListIndex: z.number().int().min(0, 'Status list index must be a non-negative integer'),
    reason: z.string().optional().describe('Reason for revocation')
  });

• src/utils/schemaConverter.ts:31-35 (registration)

  Tool definition entry in TOOL_DEFINITIONS array used by createMCPTools() to generate the MCP Tool object with name, description, and JSON Schema-converted input schema for listTools.

  {
    name: 'revoke_credential',
    description: 'Revoke a verifiable credential using W3C Status List 2021 specification. Updates the credential status in the bitstring status list.',
    inputSchema: TOOL_SCHEMAS.revoke_credential
  },

• src/index.ts:92-93 (registration)

  Handler dispatch registration in the main CallToolRequest switch statement, calling the revokeCredential function with arguments.

  case 'revoke_credential':
    return await revokeCredential(args);

• src/index.ts:23-23 (registration)

  Import statement for the revokeCredential handler function used in the MCP server index.

  import { revokeCredential } from './tools/revokeCredential.js';