Skip to main content
Glama
hostinger

hostinger-api-mcp

Official
by hostinger
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Remote

domains_enableDomainLockV1

Enable domain lock to prevent unauthorized transfers. Secure your domain by locking it against transfer attempts.

Instructions

Enable domain lock for the domain.

When domain lock is enabled, the domain cannot be transferred to another registrar without first disabling the lock.

Use this endpoint to secure domains against unauthorized transfers.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
domainYesDomain name

Implementation Reference

  • src/core/tools/domains.ts:153-176 (schema)
    Schema/definition for the domains_enableDomainLockV1 tool. It's a PUT to /api/domains/v1/portfolio/{domain}/domain-lock, requires only 'domain' as input.
    {
  "name": "domains_enableDomainLockV1",
  "description": "Enable domain lock for the domain.\n\nWhen domain lock is enabled,\nthe domain cannot be transferred to another registrar without first disabling the lock.\n\nUse this endpoint to secure domains against unauthorized transfers.",
  "method": "PUT",
  "path": "/api/domains/v1/portfolio/{domain}/domain-lock",
  "inputSchema": {
    "type": "object",
    "properties": {
      "domain": {
        "type": "string",
        "description": "Domain name"
      }
    },
    "required": [
      "domain"
    ]
  },
  "security": [
    {
      "apiToken": []
    }
  ],
  "group": "domains"
},
  • src/servers/domains.ts:1-7 (registration)
    Server registration: the domains tool list (including domains_enableDomainLockV1) is imported from core/tools/domains and registered with the MCP server.
    #!/usr/bin/env node
// Auto-generated entry for group: domains
import { startServer } from '../core/runtime.js';
import tools from '../core/tools/domains.js';

startServer({ name: 'hostinger-domains-mcp', version: '0.1.41', tools });
  • src/core/runtime.js:1879-1999 (handler)
    Handler/execution logic: domains_enableDomainLockV1 is not a custom tool, so it flows through executeApiCall(). The method is PUT (not GET/DELETE), so params are sent as JSON body. The {domain} path param is substituted from the input, and the request is sent to /api/domains/v1/portfolio/{domain}/domain-lock with Bearer token auth.
    async executeApiCall(tool, params) {
  // Get method and path from tool
  const method = tool.method;
  let path = tool.path;

  // Clone params to avoid modifying the original
  const requestParams = { ...params };

  // Replace path parameters with values from params
  Object.entries(requestParams).forEach(([key, value]) => {
    const placeholder = `{${key}}`;
    if (path.includes(placeholder)) {
      path = path.replace(placeholder, encodeURIComponent(String(value)));
      delete requestParams[key]; // Remove used parameter
    }
  });

  // Build the full URL
  const baseUrl = this.baseUrl.endsWith("/") ? this.baseUrl : `${this.baseUrl}/`;
  const cleanPath = path.startsWith("/") ? path.slice(1) : path;
  const url = new URL(cleanPath, baseUrl).toString();

  this.log('debug', `API Request: ${method} ${url}`);

  try {
    // Configure the request
    const config = {
      method: method.toLowerCase(),
      url,
      headers: { ...this.headers },
      timeout: 60000, // 60s
      validateStatus: function (status) {
        return status < 500; // Resolve only if the status code is less than 500
      }
    };
  
    const bearerToken = process.env['API_TOKEN'] || process.env['APITOKEN']; // APITOKEN for backwards compatibility
    if (bearerToken) {
      config.headers['Authorization'] = `Bearer ${bearerToken}`;
    } else {
      this.log('error', `Bearer Token environment variable not found: API_TOKEN`);
    }

    // Add parameters based on request method
    if (["GET", "DELETE"].includes(method)) {
      // For GET/DELETE, send params as query string
      config.params = { ...(config.params || {}), ...requestParams };
    } else {
      // For POST/PUT/PATCH, send params as JSON body
      config.data = requestParams;
      config.headers["Content-Type"] = "application/json";
    }

    this.log('debug', "Request config:", {
      url: config.url,
      method: config.method,
      params: config.params,
      headers: Object.keys(config.headers)
    });

    // Execute the request
    const response = await axios(config);
    this.log('debug', `Response status: ${response.status}`);

    return response.data;

  } catch (error) {
    const errorMessage = error instanceof Error ? error.message : String(error);
    this.log('error', `API request failed: ${errorMessage}`);

    if (axios.isAxiosError(error)) {
      const responseData = error.response?.data;
      const responseStatus = error.response?.status;

      this.log('error', 'API Error Details:', {
        status: responseStatus,
        data: typeof responseData === 'object' ? JSON.stringify(responseData) : responseData
      });

      // Rethrow with more context for better error handling
      const detailedError = new Error(`API request failed with status ${responseStatus}: ${errorMessage}`);
      detailedError.response = error.response;
      throw detailedError;
    }

    throw error;
  }
}

/**
 * Log messages with appropriate level
 * Only sends to MCP if we're connected
 */
log(level, message, data) {
  // Always log to stderr for visibility
  console.error(`[${level.toUpperCase()}] ${message}${data ? ': ' + JSON.stringify(data) : ''}`);

  // Only try to send via MCP if we're in debug mode or it's important
  if (this.debug || level !== 'debug') {
    try {
      // Only send if server exists and is connected
      if (this.server && this.server.isConnected) {
        this.server.sendLoggingMessage({
          level,
          data: `[MCP Server] ${message}${data ? ': ' + JSON.stringify(data) : ''}`
        });
      }
    } catch (e) {
      // If logging fails, log to stderr
      console.error('Failed to send log via MCP:', e.message);
    }
  }
}

/**
 * Create and configure Express app with shared middleware
 */
createApp() {
  const app = express();
  app.use(express.json());
  app.use(cors());

Tool Definition Quality

A4/5.0
Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description carries full burden. It discloses the key behavioral consequence (domain cannot be transferred) but does not mention prerequisites, idempotency, or side effects. The disclosure is adequate but not comprehensive.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is three short sentences, front-loading the action. Every sentence adds value: action, effect, recommendation. No fluff.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a simple single-parameter tool with no output schema, the description covers purpose, effect, and usage recommendation. It omits error conditions or domain prerequisites, but is largely complete for typical use.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% with a clear description of the 'domain' parameter. The tool description adds no additional semantic information beyond what is in the schema, so it meets the baseline.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('Enable domain lock for the domain') and explains its effect (prevents transfer without disabling). This distinguishes it from the sibling disableDomainLockV1, as it focuses on enabling security.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly says 'Use this endpoint to secure domains against unauthorized transfers,' providing a clear when-to-use context. It does not explicitly mention when not to use or alternatives, but the context is sufficient for decision-making.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/hostinger/api-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server