Skip to main content
Glama

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault
SYNAUTH_URLNoBackend URL (override for self-hosted)https://synauth.fly.dev
SYNAUTH_API_KEYYesYour SynAuth API key (starts with `aa_`)

Capabilities

Features and capabilities supported by this server

CapabilityDetails
tools
{
  "listChanged": false
}
experimental
{}

Tools

Functions exposed to the LLM to take actions

NameDescription
request_approvalA

Request human approval for an AI agent action via Face ID.

Submit any action (email, purchase, booking, contract, data access, social post, system change) for biometric verification by the authorized human. Returns immediately with request ID and initial status — the action may be auto-approved/denied by rules, or pending human review.

Action types: communication, purchase, scheduling, legal, data_access, social, system Risk levels: low, medium, high, critical

Example: Request approval to send an email action_type: "communication" title: "Send quarterly report to john@company.com" risk_level: "low"

Example: Request approval for a $500 purchase action_type: "purchase" title: "Purchase cloud hosting credits" amount: 500.00 risk_level: "medium"

check_approvalA

Check the status of an approval request.

Returns the current status (pending, approved, denied, expired) and full details including timestamps, resolution method, and any deny reason.

Use this after request_approval to see if the human has responded.

wait_for_approvalA

Wait for an approval request to be resolved.

Polls the backend until the request is approved, denied, or expired. Returns the final status. Use this when you need to block until the human responds.

Default timeout is 120 seconds with 3-second polling intervals.

get_approval_historyA

Get history of resolved approval requests.

Returns past approved, denied, and expired requests. Useful for reviewing what actions have been taken and their outcomes.

get_spending_summaryA

Check your current spending against configured limits.

Returns all spending limits that apply to you (agent-specific and global limits), with your current spend, remaining budget, and utilization percentage for each.

Use this BEFORE making purchases or other monetary actions to check if you have budget remaining. This prevents hitting spending limit denials.

Each summary includes: limit_id, period (daily/weekly/monthly), limit amount, spent amount, remaining amount, and utilization percentage.

list_vault_servicesA

List available vault services (stored API credentials).

Shows which services have credentials stored in SynAuth's vault. Each service has allowed hosts that restrict where credentials can be sent. The agent never sees the actual credential values — only service names and metadata.

Use this to discover what API services are available before calling execute_api_call.

execute_api_callA

Make an API call using a credential stored in SynAuth's vault.

This is the core structural enforcement tool: the agent provides the request details, SynAuth requests biometric approval, then executes the call with the stored credential. The agent never sees the raw API key or token.

Flow:

  1. You provide: service name, HTTP method, URL, optional headers and body

  2. SynAuth sends a push notification to the user's iPhone

  3. User approves via Face ID

  4. SynAuth injects the stored credential and makes the HTTP request

  5. Response is returned to you

The URL must match one of the service's allowed hosts (security: prevents credential exfiltration). Each approval is single-use — you cannot re-execute the same approved request.

Example: Call OpenAI API service_name: "openai" method: "POST" url: "https://api.openai.com/v1/chat/completions" headers: {"Content-Type": "application/json"} body: '{"model": "gpt-4", "messages": [{"role": "user", "content": "Hello"}]}'

Prompts

Interactive templates invoked by user choice

NameDescription

No prompts

Resources

Contextual data attached and managed by the client

NameDescription

No resources

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/dennischoubot-glitch/synauth-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server