MCP Server for Coroot

create_or_update_role

Define custom roles with specific permissions for fine-grained access control in Coroot's observability platform. Manage user access by creating or updating role configurations.

Instructions

Create or update a user role (admin only).

Defines custom roles with specific permissions for fine-grained access control.

Args: name: Role name permissions: List of permission strings description: Optional role description

Input Schema

TableJSON Schema

Name	Required	Description	Default
`name`	Yes
`permissions`	Yes
`description`	No

Output Schema

TableJSON Schema

Name	Required	Description	Default
No arguments

Implementation Reference

src/mcp_coroot/server.py:2175-2191 (handler)

MCP tool handler function decorated with @mcp.tool(). This is the main entry point for the 'create_or_update_role' tool, which delegates to the implementation helper.

@mcp.tool()
async def create_or_update_role(
    name: str, permissions: list[str], description: str | None = None
) -> dict[str, Any]:
    """
    Create or update a user role (admin only).

    Defines custom roles with specific permissions for fine-grained
    access control.

    Args:
        name: Role name
        permissions: List of permission strings
        description: Optional role description
    """
    return await create_or_update_role_impl(name, permissions, description)

src/mcp_coroot/server.py:2154-2173 (helper)

Internal helper implementation that constructs the role_data dictionary and calls the CorootClient's create_or_update_role method.

async def create_or_update_role_impl(
    name: str, permissions: list[str], description: str | None = None
) -> dict[str, Any]:
    """Implementation for create_or_update_role tool."""
    try:
        client = get_client()
        role_data = {"name": name, "permissions": permissions}
        if description:
            role_data["description"] = description
        result = await client.create_or_update_role(role_data)
        return {
            "success": True,
            "message": "Role created/updated successfully",
            "role": result,
        }
    except ValueError as e:
        return {"success": False, "error": str(e)}
    except Exception as e:
        return {"success": False, "error": f"Unexpected error: {str(e)}"}

src/mcp_coroot/client.py:1616-1627 (helper)

CorootClient method that performs the actual HTTP POST request to the Coroot API endpoint /api/roles to create or update the role.

async def create_or_update_role(self, role_data: dict[str, Any]) -> dict[str, Any]:
    """Create or update a role.

    Args:
        role_data: Role configuration

    Returns:
        Dict containing created/updated role
    """
    response = await self._request("POST", "/api/roles", json=role_data)
    data: dict[str, Any] = response.json()
    return data

Tool Definition Quality

B3.3/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden. It mentions 'admin only' for permissions but doesn't disclose other behavioral traits like whether updates are idempotent, if role names must be unique, what happens on conflicts, rate limits, or response format. For a mutation tool with zero annotation coverage, this leaves significant gaps in understanding the tool's behavior.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is well-structured with a purpose statement followed by parameter explanations. It's front-loaded with the core functionality and uses efficient bullet points for args. Every sentence adds value, though the second sentence could be more tightly integrated with the first.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given 3 parameters with 0% schema coverage, no annotations, but an output schema exists, the description provides adequate parameter semantics but lacks behavioral context for a mutation tool. The output schema means return values are documented elsewhere, but the description should still cover more about the operation's effects and constraints.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so the description must compensate. It adds meaningful context for all 3 parameters: 'name' as role name, 'permissions' as list of permission strings, and 'description' as optional role description. This clarifies purpose beyond basic schema types, though it doesn't specify permission string formats or validation rules.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool creates or updates user roles with custom permissions for access control. It specifies the verb ('create or update'), resource ('user role'), and purpose ('fine-grained access control'), but doesn't explicitly differentiate from sibling tools like 'get_roles' or 'list_users' which are read-only versus this mutation tool.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides some context with '(admin only)' indicating restricted access, but doesn't specify when to use this tool versus alternatives like 'update_project_settings' for project-level permissions or clarify if it's for initial setup versus ongoing maintenance. It implies usage for role management but lacks explicit when/when-not guidance.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jamesbrink/mcp-coroot'

If you have feedback or need assistance with the MCP directory API, please join our Discord server