Warden MCP Server

List Org Collections

keychain_list_org_collections

Read-only

List organization-scoped collections by organization ID. Returns collection IDs and names for vault management.

Instructions

List organization-scoped collections for the required organizationId. Use this after discovering an organization to find collection ids; returns safe id/name summaries.

Input Schema

TableJSON Schema

Name	Required	Description
`organizationId`	Yes	Bitwarden organization id; required for org-scoped collection operations.
`search`	No	Optional text filter; empty means no text filter.
`limit`	No	Maximum returned rows (1-500).

Implementation Reference

src/tools/registerTools.ts:897-934 (registration)

MCP tool registration for 'list_org_collections' - defines the input schema (organizationId required, search+limit optional), calls sdk.listOrgCollections(), maps results to id/name/organizationId summaries, and returns structured + text content.

registerTool(
  `${deps.toolPrefix}.list_org_collections`,
  {
    title: 'List Org Collections',
    description:
      'List organization-scoped collections for the required organizationId. Use this after discovering an organization to find collection ids; returns safe id/name summaries.',
    annotations: { readOnlyHint: true },
    inputSchema: {
      organizationId: organizationIdSchema,
      search: searchSchema,
      limit: limitSchema,
    },
    _meta: toolMeta,
  },
  async (input, extra) => {
    const sdk = await deps.getSdk(extra.authInfo);
    const cols = await sdk.listOrgCollections(input);
    const results = cols
      .filter((x) => x && typeof x === 'object')
      .map((x) => {
        const rec = x as Record<string, unknown>;
        return {
          id: rec.id,
          name: rec.name,
          organizationId: rec.organizationId ?? null,
        };
      });
    return {
      structuredContent: { results },
      content: [
        {
          type: 'text',
          text: formatResultsText('org collection(s)', results),
        },
      ],
    };
  },
);

src/sdk/keychainSdk.ts:1186-1206 (handler)

Core handler for listOrgCollections - calls `bw list org-collections --organizationid <id>` via a session, optionally adds --search filter, parses JSON output, and applies limit.

async listOrgCollections(input: {
  organizationId: string;
  search?: string;
  limit?: number;
}): Promise<unknown[]> {
  const { limit } = input;
  const cols = await this.bw.withSession(async (session) => {
    const args: string[] = [
      'list',
      'org-collections',
      '--organizationid',
      input.organizationId,
    ];
    if (input.search) args.push('--search', input.search);
    const { stdout } = await this.bw.runForSession(session, args, {
      timeoutMs: 60_000,
    });
    return this.parseBwJson<unknown[]>(stdout);
  });
  return typeof limit === 'number' ? cols.slice(0, limit) : cols;
}

src/sdk/keychainSdk.ts:186-189 (schema)
TypeScript interface for the input schema used by listOrganizations (the input type for listOrgCollections is defined inline).
```
export interface ListOrganizationsInput {
  search?: string;
  limit?: number;
}
```

src/tools/registerTools.ts:204-213 (helper)

Helper used to format the org collection results into readable text output.

function formatResultsText(label: string, results: unknown[]): string {
  if (textCompatMode === 'structured_json') {
    return JSON.stringify({ results });
  }
  if (results.length === 0) return `Found 0 ${label}.`;
  return [
    `Found ${results.length} ${label}:`,
    ...results.map(formatItemSummary),
  ].join('\n');
}

Tool Definition Quality

A4.2/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

ReadOnlyHint annotation already indicates no mutation. Description adds that it returns 'safe id/name summaries', implying no sensitive data, and clarifies the scope is org-specific. No contradictions.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences with no redundant words. First sentence states purpose and scope, second gives usage guidance and output hint. Highly efficient.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

No output schema, but the description hints at the return format ('safe id/name summaries'). Covers key aspects of org scoping and discovery. Could mention error handling or pagination, but reasonable for a list tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% with descriptions for each parameter (organizationId, search, limit). The description does not add additional parameter semantics beyond what the schema provides, so baseline 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states it lists organization-scoped collections for a required organizationId, specifying the return format as safe id/name summaries. This distinguishes it from sibling tools like keychain_list_collections (likely all collections) and keychain_get_org_collection (single collection).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Explicitly says 'Use this after discovering an organization to find collection ids', providing clear context for when to invoke. Does not explicitly state when not to use, but the context is sufficient given sibling diversity.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/icoretech/warden-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server