Parallels RAS MCP Server

Instructions

Implementation Reference

• src/tools/site-settings.ts:154-173 (registration)

  Tool registration and handler for ras_site_get_tenant_broker. Registers the tool with title, description, annotations, and empty inputSchema. Handler makes GET request to /api/site-settings/tenant-broker/status and returns JSON data.

  server.registerTool(
    "ras_site_get_tenant_broker",
    {
      title: "Tenant Broker Status",
      description:
        "Get tenant broker status and join information. The tenant broker enables " +
        "multi-tenant RAS deployments. Use this to verify tenant broker connectivity " +
        "or check join status for managed sites.",
      annotations: READ_ONLY_ANNOTATIONS,
      inputSchema: {},
    },
    async () => {
      try {
        const data = await rasClient.get("/api/site-settings/tenant-broker/status");
        return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] };
      } catch (err) {
        return { content: [{ type: "text" as const, text: sanitiseError(err, "Failed to retrieve tenant broker status") }], isError: true };
      }
    }
  );

• src/tools/site-settings.ts:165-172 (handler)

  Handler function that executes the ras_site_get_tenant_broker tool logic. Calls rasClient.get() to retrieve tenant broker status from the RAS API, with error handling using sanitiseError.

  async () => {
    try {
      const data = await rasClient.get("/api/site-settings/tenant-broker/status");
      return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] };
    } catch (err) {
      return { content: [{ type: "text" as const, text: sanitiseError(err, "Failed to retrieve tenant broker status") }], isError: true };
    }
  }

• src/client.ts:128-166 (helper)

  RasClient.get() method used by the handler to make authenticated GET requests to the RAS API. Handles authentication, automatic retry on 401, and request timeouts.

  async get(path: string): Promise<unknown> {
    // Ensure we have a valid session
    if (!this.authToken) {
      await this.login();
    }
  
    const fetchOptions = {
      method: "GET" as const,
      headers: {
        ...this.headers,
        auth_token: this.authToken!,
      },
      signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS),
    };
  
    let response = await fetch(`${this.baseUrl}${path}`, fetchOptions);
  
    // Token may have expired — re-authenticate once and retry
    if (response.status === 401) {
      await this.login();
      response = await fetch(`${this.baseUrl}${path}`, {
        ...fetchOptions,
        headers: {
          ...this.headers,
          auth_token: this.authToken!,
        },
        signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS),
      });
    }
  
    if (!response.ok) {
      const body = await response.text();
      throw new Error(
        `RAS API error (HTTP ${response.status}) on ${path}: ${body.substring(0, 300)}`
      );
    }
  
    return response.json();
  }

• src/client.ts:43-54 (helper)

  sanitiseError() helper function used to format error messages, removing sensitive data like auth tokens and passwords before returning error responses.

  function sanitiseError(err: unknown, context: string): string {
    const raw = err instanceof Error ? err.message : String(err);
    // Remove anything that looks like a token or password value
    let sanitised = raw
      .replace(/auth_token[=:]\s*\S+/gi, "auth_token=[REDACTED]")
      .replace(/password[=:]\s*\S+/gi, "password=[REDACTED]");
    // Truncate excessively long API response bodies
    if (sanitised.length > 500) {
      sanitised = sanitised.substring(0, 500) + "... (truncated)";
    }
    return `${context}: ${sanitised}`;
  }