Skip to main content
Glama
I4cTime

qring-mcp

by I4cTime
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Local

validate_secret

Verify API keys and secrets by testing them against target services like OpenAI, Stripe, or GitHub. Uses provider auto-detection or manual specification without logging secret values.

Instructions

Test if a secret is actually valid with its target service (e.g., OpenAI, Stripe, GitHub). Uses provider auto-detection based on key prefixes, or accepts an explicit provider name. Never logs the secret value.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
keyYesThe secret key name
providerNoForce a specific provider (openai, stripe, github, aws, http)
scopeNoScope: global or project
projectPathNoProject root path for project-scoped secrets

Implementation Reference

  • src/core/validate.ts:233-256 (handler)
    The core logic for validating a secret, which delegates to the appropriate provider based on the value or options provided.
    export async function validateSecret(
  value: string,
  opts?: { provider?: string; validationUrl?: string },
): Promise<ValidationResult> {
  const provider = opts?.provider
    ? registry.get(opts.provider)
    : registry.detectProvider(value);

  if (!provider) {
    return {
      valid: false,
      status: "unknown",
      message: "No provider detected — set a provider in the manifest or secret metadata",
      latencyMs: 0,
      provider: "none",
    };
  }

  if (provider.name === "http" && opts?.validationUrl) {
    return (provider as any).validate(value, opts.validationUrl);
  }

  return provider.validate(value);
}
  • src/mcp/server.ts:879-898 (registration)
    Registration of the 'validate_secret' tool in the MCP server, defining its input schema and using the 'validateSecret' function.
    server.tool(
  "validate_secret",
  "Test if a secret is actually valid with its target service (e.g., OpenAI, Stripe, GitHub). Uses provider auto-detection based on key prefixes, or accepts an explicit provider name. Never logs the secret value.",
  {
    key: z.string().describe("The secret key name"),
    provider: z.string().optional().describe("Force a specific provider (openai, stripe, github, aws, http)"),
    scope: scopeSchema,
    projectPath: projectPathSchema,
  },
  async (params) => {
    const value = getSecret(params.key, opts(params));
    if (value === null) return text(`Secret "${params.key}" not found`, true);

    const envelope = getEnvelope(params.key, opts(params));
    const provHint = params.provider ?? envelope?.envelope.meta.provider;

    const result = await validateSecret(value, { provider: provHint });
    return text(JSON.stringify(result, null, 2));
  },
);
  • src/mcp/server.ts:882-887 (schema)
    The schema definition for the 'validate_secret' tool, specifying parameters like key, provider, scope, and projectPath.
    {
  key: z.string().describe("The secret key name"),
  provider: z.string().optional().describe("Force a specific provider (openai, stripe, github, aws, http)"),
  scope: scopeSchema,
  projectPath: projectPathSchema,
},
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/I4cTime/quantum_ring'

If you have feedback or need assistance with the MCP directory API, please join our Discord server