Returns a summary of all Infomaniak organizations and products you have access to. Best called first in a session.

Suggest which Infomaniak tools to use for a given intent expressed in natural language. Lightweight keyword matching against tool names and descriptions.

Returns the full definition of a specific tool — description, annotations, input parameters and output shape.

Scan an Infomaniak organization for actionable issues: products expiring soon, products in maintenance, locked products, ongoing operations.

Bulk-read every domain owned by an account: number of DNS records and DNSSEC status per zone. Useful for spot-checking large fleets.

List the destructive actions taken in the current session, most recent first. Each entry includes whether it can be reversed via infomaniak_undo.

Reverse a destructive action recorded in the session history (when reversible). Two-phase commit: returns a plan first, then applies the undo on the second call.

Get the identity of the currently-authenticated Infomaniak user: name, email, language, country, timezone, current_account_id (= the organization being managed by default), and the full security posture (2FA status, recovery email, validated phone, trusted devices, last login). Use this first to confirm which user + account the MCP is acting on behalf of. Manager-private — requires SASESSION cookie.

Security posture report for the current user: 2FA status & method, recovery email, validated phone, Yubikey, remaining rescue codes, last login timestamp, password age, and the list of trusted (auth-paired) devices with their last connection IP and time. Useful as a periodic security review or pre-action sanity check. Manager-private.

Provision a complete website end-to-end: web site + MariaDB database + DNS A record. Two-phase commit at the workflow level. The plan lists every step that will run; on apply, each step is executed and reported in order so you can see partial completion if anything fails mid-way.

Lists all Infomaniak organizations (accounts) the current token has technical access to.

Full organization detail: legal entity, billing address(es), VAT, locale, timezone, logo URLs, support tier (premium=2), 2FA-required policy, your role (owner/admin/billing/user), user/owner counts, tags. Manager-private.

List the teams (with owners + user/product counts) AND the tags (with products carrying each tag) of an organization, in a single call. Both are useful to understand how an org partitions access and labels its products. Manager-private.

Lists web hostings (classic + Node.js) for a given Infomaniak organization. Use infomaniak_list_organizations first to discover account IDs.

List every domain owned by an Infomaniak organization, with creation and expiration dates.

Get detailed information about a domain (DNS management status, DNSSEC, IDN, errors).

Full domain detail including auth_code (EPP transfer code), transfer_status, trade_status, termination state, glue records, TLD/registry info, attached service (web hosting), DNS detail, DNS health diagnostic, owner (registrant), associated products on the domain AND its subdomains, and the DNS logs API URL. Accepts either domain_id or FQDN. Manager-private.

Locate a domain (e.g. broz.be) in the Infomaniak account tree. Returns {account_id, hosting_id, site_id, hosting_label, full site object}. Use this BEFORE any tool that requires hosting_id + site_id (get_certificate, request_certificate, list_databases, etc.) when you only know the domain name. Significantly cheaper than calling list_hostings + list_sites manually because it short-circuits on the first match.

Lists all sites on a given web hosting (with applications attached).

Creates a new site on an Infomaniak web hosting. Two-phase commit: first call returns a plan with a confirmation_token, second call (same params + token) actually creates the site.

Delete a site from an Infomaniak web hosting. Two-phase commit: first call returns a plan with the site preview + token, second call (same params + token) actually deletes. WARNING: this also wipes the site directory on the FTP backend after a short grace period.

List the FQDNs (main + aliases) bound to a web hosting site. The site responds to all of them via the same Apache vhost / DocumentRoot — adding an alias is how you serve more domains from a single WordPress install without provisioning a new site. Manager-private.

Bind one or more additional FQDNs (including wildcards like *.example.com) to a web hosting site. Lets the site's Apache vhost / DocumentRoot serve those new domains too — no new site provisioning required. Two-phase commit. Asynchronous: returns a progress_id; the alias appears in infomaniak_list_site_aliases after a few seconds of provisioning. Manager-private.

Remove one alias FQDN from a web hosting site (the main FQDN cannot be removed). Two-phase commit. After this, the site's Apache vhost will no longer respond to the alias. Manager-private.

Return the full SSL certificate detail for one site on a web hosting: provisioning state (installed, updating, error, …), type (free/paid/custom) and sub-type (lets_encrypt, …), issuer + organization, validity flags (is_valid, is_expired, is_selfsigned), issue and expiry timestamps, SHA-256 fingerprint, main FQDN in IDN form, ACME identifier errors and the timestamp of the last issuance attempt.

Request a new SSL certificate (or re-issue / renew an existing one) for a site on a web hosting. Two-phase commit. Three types supported: free (Let's Encrypt, no extra fields), paid (Sectigo, requires certificate_id), custom (BYO PEM, requires certificate + private_key). Returns an operation_uuid; poll infomaniak_get_certificate to track progress.

Delete the SSL certificate of a site (the site will fall back to no HTTPS or Infomaniak's default cert until a new one is requested). Two-phase commit. The plan pulls the current certificate status so the caller can see what is about to be removed.

List every MariaDB database attached to a web hosting (with disk usage and any running operations).

Get the full detail of a specific database (disk usage, application, permissions, backups).

Create a new MariaDB database on a web hosting. Two-phase commit. Goes through the manager-private API because the public one silently no-ops on database POSTs.

Delete a MariaDB database. Two-phase commit, manager-private API. WARNING: the database content (tables, rows) is wiped and cannot be recovered without an Infomaniak backup.

List the MariaDB-level user accounts attached to a web hosting (each has its own password and a permissions array listing the databases they can read/write/administer). For WordPress sites the user account has the same name as its database and is marked protected: true.

Fetch the detail of a single MariaDB-level user (applications, permissions, link to phpMyAdmin).

List the FTP / SSH users that have access to a web hosting (with environment and SSH flag).

Create a new FTP / SSH user on a web hosting. Two-phase commit. Connection types: ftp (SFTP-only, no shell) or ssh (full shell + FTP). The password follows Infomaniak's default policy.

Revoke a hosting user (FTP / SSH access). Two-phase commit. Existing files are not deleted.

List every DNS record on a zone managed by Infomaniak. Use the root domain (e.g. 'example.com'), not a subdomain.

Create a DNS record on an Infomaniak-managed zone. Two-phase commit: first call returns a plan + token, second call (same params + token) actually creates the record.

Update one or more fields of a DNS record. Two-phase commit: first call shows current vs proposed values + token; second call (same params + token) applies the update.

Delete a DNS record from an Infomaniak-managed zone. Two-phase commit: first call returns a plan with a preview of the record to delete + token, second call (same params + token) actually deletes.

Unified DNSSEC management for a domain: check (read state + KSK/DS records), enable (publish DS record at registry), or disable (remove DS record). enable and disable use a two-phase commit: the first call returns a plan + confirmation_token (TTL ~60s), the second call applies the change. Replaces the v0.9 trio dnssec_check / dnssec_enable / dnssec_disable with no loss of capability.

List every mail hosting (a.k.a. email_hosting) attached to an Infomaniak organization.

List every mailbox on a given mail hosting.

Read mailbox metadata in one call. Pick any subset of {aliases, signatures, backups} via the fields argument; the tool hits only the corresponding endpoints in parallel. Replaces the v0.9 trio get_mailbox_aliases / get_mailbox_signatures / get_mailbox_backups with no loss of capability.

Full mail hosting detail with diagnostic_dns (MX/SPF/DKIM/DMARC health check), quotas (mailboxes + redirections + per-mailbox disk), admin user, parent kSuite link, FQDN list, and team access flag. Use this for mail-config sanity checks. Manager-private.

Full mailbox detail: auto-responder (vacation reply) state + content, aliases, redirections, IMAP/POP3 last login, password age, size on disk, trusted devices count, DKIM signature flag, SMTP ban status, Gmail-style filtering (commercials/social_networks), authorized/blocked senders, attached users + teams. Useful for mailbox audits and onboarding flows. Manager-private.

Create a new mailbox on a mail hosting. Two-phase commit: plan + token first, then apply with token. The password never appears in the plan output.

Delete a mailbox. Two-phase commit. WARNING: this also deletes all stored emails for that mailbox.

Add a new alias to an existing mailbox. Two-phase commit. The alias will receive emails delivered to the underlying mailbox.

List every server-side redirection rule on a mail hosting.

Create a server-side mail redirection. Two-phase commit. Emails received at name@ will be forwarded to every address in targets.

Delete a mail redirection. Two-phase commit.

List every kDrive the account has access to.

List files and subfolders of a kDrive root or a specific folder. Supports pagination.

Full kDrive detail: name, total size (bytes), used size, creation/update timestamps, maintenance flag. Useful for storage usage monitoring. Manager-private — distinct from the existing infomaniak_list_drives which hits the public Bearer API.

List the users with access to a kDrive. Useful for access audits — who can touch what's in this drive. Manager-private.

List the items currently in the kDrive trash bin (files and folders). Each item shows when it was deleted and when added to the drive. Use this to audit what's pending hard-deletion. Manager-private.

List the Infomaniak AI products the account owns. If empty, the user has not subscribed to any AI plan; subscribe at https://www.infomaniak.com/en/hosting/ai-tools.

List the public catalogue of LLM/STT/embedding models hosted by Infomaniak (Mixtral, Llama variants, Whisper, …). Useful to know what to target with the OpenAI-compatible chat endpoint.

List the VPS (Cloud Server, Jelastic-managed) products of an organization. Returns id, customer_name, internal_name (the server hostname), location, cloud_version, managed/lite flags, billing. Use this before infomaniak_get_vps_full to find the id of a specific server. Manager-private.

Full VPS / Cloud Server detail: location (datacenter), managed/lite flags, IPv4 + IPv6, CPU/RAM/perf, bandwidth + traffic, disk usage (total/assigned/used/database), website/hosting counts, MySQL version + database type, PHP versions, firewall config, premium support contacts (email/url/emergency), migration history. Use after infomaniak_list_vps to drill into one server. Manager-private.

List Node.js applications running on a hosting_3 (Cloud Server Node.js) container. Each Infomaniak Node.js hosting runs a single app, so this typically returns one entry. Returns the vhost_route_id needed for every other Node.js tool, and the FQDNs serving the app. Manager-private endpoint — requires SASESSION + CSRF cookies (set INFOMANIAK_AUTH_MODE=auto).

Get full configuration of a Node.js application: Node version, listen port, start_command, build_command, public IPs (v4 + v6), SSL status, primary FQDN, preview URL, directory on disk, and disk usage. Manager-private — requires SASESSION + CSRF cookies.

Get the live status of a Node.js application — Running or Stopped. Cheap call, safe to poll. Manager-private — requires SASESSION + CSRF cookies.

List the FQDNs (domain names) serving a Node.js application. Returns the primary FQDN plus the automatic preview URL (xxx.preview.hosting-ik.com). Manager-private.

List the recent jobs that ran for a Node.js app (builds, restarts, etc.) with their status and a JWT-protected log_stream endpoint per job. Manager-private.

Get credentials to consume the LIVE stdout/stderr stream of a Node.js application. Returns a one-shot JWT (valid ~1h) and the endpoint URL on manager-logs-01.hosting-ik.com. The stream itself is Server-Sent Events: consume with curl -N -H 'Authorization: Bearer <jwt>' <endpoint>. To fetch a single snapshot, kill the curl after a few lines. Manager-private.

Get a screenshot of the running Node.js app as a base64 JPEG data URL. Useful to visually confirm the app is alive without HTTP-probing. Set refresh=true to force a fresh screenshot. Manager-private.

Start, stop, restart, or build a Node.js application. Two-phase commit: first call returns a plan + token, second call (with the token + same args) applies. stop causes downtime until next start. build triggers a build job and returns its log_stream so you can tail the output. Manager-private.

List Swiss Backup subscriptions on an Infomaniak organization (Acronis-based managed backup).

List the short URLs created by your account on Infomaniak's url-shortener service.

Return the current consumption and limit of your account's short-URL quota.

Create a new short URL pointing to a long target. Two-phase commit. Use infomaniak_short_urls_quota first if you're not sure you have headroom.

Escape hatch: call ANY Infomaniak public API endpoint (api.infomaniak.com) when no dedicated tool exists. GET runs immediately. POST/PUT/PATCH/DELETE follow the two-phase commit pattern. Manager-private (/proxy/...) endpoints are NOT reachable through this tool — use a typed tool instead.