authbox

Overview Schema Related Servers Score Discussions

proxy_authenticated_request

Make authenticated HTTP requests by injecting stored credentials securely without exposing them to agents. Use this tool to access services while maintaining credential confidentiality.

Instructions

Make an authenticated HTTP request through Auth Box. The stored credential is injected into the request without exposing it to the agent. This is the preferred method for using credentials.

Input Schema

TableJSON Schema

Name	Required	Description
`service_name`	Yes	Name of the service whose credential to use for authentication
`method`	Yes	HTTP method
`url`	Yes	Full URL to send the request to
`headers`	No	Additional HTTP headers (auth headers are injected automatically)
`body`	No	Request body (for POST/PUT/PATCH)

Implementation Reference

packages/mcp-protocol/src/server.ts:303-370 (handler)

Handler function for 'proxy_authenticated_request' tool. Evaluates policies and calls bridge.proxyRequest.

private async toolProxyRequest(
  session: MCPSession,
  policies: AgentPolicy[],
  args: Record<string, unknown>,
): Promise<ToolCallResult> {
  const serviceName = args.service_name as string;

  const request: AccessRequest = {
    agentId: session.agentId,
    action: 'proxy',
  };

  const decision = this.policyEngine.evaluate(policies, request);

  // Handle step-up approval for proxy requests
  if (!decision.allowed && decision.pendingApprovalId) {
    const approved = await this.policyEngine.requestApproval(
      decision.pendingApprovalId,
      request,
    );
    if (!approved) {
      decision.reason = 'Step-up approval denied by user';
      await this.logAccess(session, 'proxy_request', serviceName, decision);
      return {
        content: [{ type: 'text', text: 'Access denied: step-up approval was denied by the user' }],
        isError: true,
      };
    }
    decision.allowed = true;
    decision.reason = 'Step-up approval granted by user';
  }

  await this.logAccess(session, 'proxy_request', serviceName, decision);

  if (!decision.allowed) {
    return {
      content: [{ type: 'text', text: `Access denied: ${decision.reason}` }],
      isError: true,
    };
  }

  const proxyReq: ProxyRequest = {
    method: args.method as string,
    url: args.url as string,
    headers: args.headers as Record<string, string> | undefined,
    body: args.body as string | undefined,
  };

  try {
    const response = await this.bridge.proxyRequest(session.userId, serviceName, proxyReq);

    return {
      content: [{
        type: 'text',
        text: JSON.stringify({
          status: response.status,
          headers: response.headers,
          body: response.body,
        }),
      }],
    };
  } catch (err) {
    return {
      content: [{ type: 'text', text: `Proxy request failed: ${err instanceof Error ? err.message : 'Unknown error'}` }],
      isError: true,
    };
  }
}

packages/mcp-protocol/src/tools.ts:28-60 (schema)

Tool definition and input schema for 'proxy_authenticated_request'.

{
  name: 'proxy_authenticated_request',
  description:
    'Make an authenticated HTTP request through Auth Box. The stored credential is injected into the request without exposing it to the agent. This is the preferred method for using credentials.',
  inputSchema: {
    type: 'object',
    properties: {
      service_name: {
        type: 'string',
        description: 'Name of the service whose credential to use for authentication',
      },
      method: {
        type: 'string',
        enum: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE'],
        description: 'HTTP method',
      },
      url: {
        type: 'string',
        description: 'Full URL to send the request to',
      },
      headers: {
        type: 'object',
        additionalProperties: { type: 'string' },
        description: 'Additional HTTP headers (auth headers are injected automatically)',
      },
      body: {
        type: 'string',
        description: 'Request body (for POST/PUT/PATCH)',
      },
    },
    required: ['service_name', 'method', 'url'],
  },
},

packages/mcp-protocol/src/server.ts:230-231 (registration)
Registration of the tool within the handleToolCall method switch statement.
```
case 'proxy_authenticated_request':
  return this.toolProxyRequest(session, policies, args);
```

Tool Definition Quality

A3.8/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, description carries burden. Explains critical security behavior (credential injection without exposure) but omits error handling, timeout behavior, and response structure expected from an HTTP proxy tool.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Three sentences, zero waste. Front-loaded with purpose, followed by security mechanism, then usage preference. Every sentence earns its place.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Reasonably complete for a proxy tool with good schema coverage, but omits workflow context (e.g., use list_available_services to discover valid service_name values) and lacks output schema guidance.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Despite 100% schema coverage (baseline 3), description adds value by explaining how service_name relates to stored credential injection and clarifying that auth headers are automatic, reinforcing the schema descriptions.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

States specific action ('Make an authenticated HTTP request') and mechanism ('through Auth Box'). Distinguishes from siblings implicitly (execution vs. management), though could explicitly contrast with get_credential.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Explicitly states 'This is the preferred method for using credentials,' providing clear selection guidance. Implies security rationale ('without exposing it to the agent'), though doesn't map full workflow with list_available_services.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/MARUCIE/authbox'

If you have feedback or need assistance with the MCP directory API, please join our Discord server