HiveAuth MCP Server

Instructions

Implementation Reference

• src/tools/verifyCredential.ts:8-83 (handler)

  Core implementation of the verify_credential tool handler. Validates input, calls HiveAuth verification API, formats success/error responses with detailed status and raw JSON output.

  export async function verifyCredential(args: any): Promise<CallToolResult> {
    // Validate and sanitize input
    const validation = validateAndSanitizeInput(VerifyCredentialInputSchema, args, 'verify_credential');
    
    if (!validation.success) {
      return createValidationErrorResult(validation.error!);
    }
  
    const data = validation.data!;
    const { credential } = data;
  
    const HIVEAUTH_API_BASE_URL = process.env.HIVEAUTH_API_BASE_URL || 'http://localhost:3000';
    const VERIFY_ENDPOINT = `${HIVEAUTH_API_BASE_URL}/api/verify`;
  
    try {
      const response = await fetch(VERIFY_ENDPOINT, {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json',
        },
        body: JSON.stringify({ credential }),
      });
  
      if (!response.ok) {
        const errorData = await response.json().catch(() => ({ message: response.statusText }));
        throw new Error(`Failed to verify credential: ${errorData.message}`);
      }
  
      const result = await response.json();
  
      const statusText = result.verified ? '✅ VERIFIED' : '❌ INVALID';
      const details = [];
  
      if (result.verified) {
        details.push('• Signature verification: ✅ Valid');
        details.push('• Issuer verification: ✅ Valid');
        details.push('• Status check: ✅ Not revoked');
        
        if (result.credential?.validFrom) {
          details.push(`• Valid from: ${result.credential.validFrom}`);
        }
        if (result.credential?.validUntil) {
          details.push(`• Valid until: ${result.credential.validUntil}`);
        }
      } else {
        details.push(`• Error: ${result.message || 'Unknown verification error'}`);
        if (result.errors) {
          result.errors.forEach((error: string) => {
            details.push(`• ${error}`);
          });
        }
      }
  
      return {
        content: [
          {
            type: 'text',
            text: `Credential Verification Result: ${statusText}\n\n${details.join('\n')}`
          },
          {
            type: 'text',
            text: `\`\`\`json\n${JSON.stringify(result, null, 2)}\n\`\`\``
          }
        ]
      };
    } catch (error: any) {
      return {
        content: [
          {
            type: 'text',
            text: `Failed to verify credential: ${error.message}`
          }
        ],
        isError: true
      };
    }

• src/schemas/toolSchemas.ts:101-103 (schema)

  Zod input schema for the verify_credential tool, requiring a verifiable credential object.

  export const VerifyCredentialInputSchema = z.object({
    credential: CredentialSchema.describe('The verifiable credential to verify')
  });

• src/utils/schemaConverter.ts:22-24 (registration)

  Registers the 'verify_credential' tool name, description, and input schema reference in TOOL_DEFINITIONS array used by createMCPTools() to generate MCP Tool objects.

  name: 'verify_credential',
  description: 'Verify a verifiable credential for authenticity, integrity, and revocation status. Checks signature, issuer validity, and status list compliance.',
  inputSchema: TOOL_SCHEMAS.verify_credential

• src/index.ts:86-87 (registration)

  Dispatches calls to the 'verify_credential' tool by invoking the verifyCredential handler function.

  case 'verify_credential':
    return await verifyCredential(args);

• src/schemas/toolSchemas.ts:179-179 (schema)

  Maps the tool name 'verify_credential' to its input schema in TOOL_SCHEMAS lookup object.

  verify_credential: VerifyCredentialInputSchema,