JFrog MCP Server

Official

Overview Schema Related Servers Score Discussions

jfrog_replace_permission_resource

Replace a specific resource type within a permission target in JFrog MCP Server. Update actions and patterns for users or groups to manage access permissions effectively.

Instructions

Replace a specific resource type within a permission target

Input Schema

TableJSON Schema

Name	Required	Description
`name`	Yes	The name of the permission target
`resource`	Yes
`resourceType`	Yes	The type of resource to replace

Implementation Reference

tools/permissions.ts:140-157 (handler)

Core handler function that sends a PUT request to the JFrog API to replace the specified permission resource and parses the response based on resource type.

export async function replacePermissionResource(
  name: string, 
  resourceType: "artifact" | "release_bundle" | "build",
  resource: z.infer<typeof ArtifactResourceSchema> | z.infer<typeof ReleaseBundleResourceSchema> | z.infer<typeof BuildResourceSchema>
) {
  const response = await jfrogRequest(`/access/api/v2/permissions/${name}/${resourceType}`, {
    method: "PUT",
    body: resource
  });
  switch (resourceType) {
  case "artifact":
    return ArtifactResourceSchema.parse(response);
  case "release_bundle":
    return ReleaseBundleResourceSchema.parse(response);
  case "build":
    return BuildResourceSchema.parse(response);
  }
}

tools/permissions.ts:259-271 (registration)

Tool registration object that defines the MCP tool 'jfrog_replace_permission_resource', including input schema, description, and handler wrapper.

const replacePermissionResourceTool = {
  name: "jfrog_replace_permission_resource",
  description: "Replace a specific resource type within a permission target",
  inputSchema: zodToJsonSchema(z.object({
    name: z.string().describe("The name of the permission target"),
    resourceType: z.enum(["artifact", "release_bundle", "build"]).describe("The type of resource to replace"),
    resource: z.union([ArtifactResourceSchema, ReleaseBundleResourceSchema, BuildResourceSchema])
  })),
  //outputSchema: zodToJsonSchema(z.union([ArtifactResourceSchema, ReleaseBundleResourceSchema, BuildResourceSchema])),
  handler: async (args: any) => {
    return await replacePermissionResource(args.name, args.resourceType, args.resource);
  }
};

tools/permissions.ts:288-298 (registration)

The replacePermissionResourceTool is included in the PermissionsTools array, which collects all permission-related tools.

export const PermissionsTools = [
  listPermissionTargetsTool,
  getPermissionTargetTool,
  createPermissionTargetTool,
  updatePermissionTargetTool,
  deletePermissionTargetTool,
  getPermissionResourceTool,
  updatePermissionResourceTool,
  replacePermissionResourceTool,
  deletePermissionResourceTool
];

tools/index.ts:13-23 (registration)

PermissionsTools (containing jfrog_replace_permission_resource) is spread into the main global tools array for final registration.

export const tools =[
  ...RepositoryTools,
  ...BuildsTools,
  ...RuntimeTools,
  ...AccessTools,
  ...AQLTools,
  ...CatalogTools,
  ...CurationTools,
  ...PermissionsTools,
  ...ArtifactSecurityTools,
];

tools/permissions.ts:6-54 (schema)

Zod schemas defining the structure of permission resources (ArtifactResourceSchema, ReleaseBundleResourceSchema, BuildResourceSchema) used in the tool's input and output.

const ResourceTargetSchema = z.object({
  include_patterns: z.array(z.string()),
  exclude_patterns: z.array(z.string())
});

const ResourceActionsSchema = z.object({
  users: z.record(z.array(z.enum([
    "READ",
    "WRITE",
    "ANNOTATE",
    "DELETE",
    "DISTRIBUTE",
    "MANAGE"
  ]))),
  groups: z.record(z.array(z.enum([
    "READ",
    "WRITE",
    "ANNOTATE",
    "DELETE",
    "DISTRIBUTE",
    "MANAGE"
  ]))).default({}).describe("The actions that the group can perform on the resource")
});

const ArtifactResourceSchema = z.object({
  actions: ResourceActionsSchema,
  targets: z.record(ResourceTargetSchema)
});

const ReleaseBundleResourceSchema = z.object({
  actions: ResourceActionsSchema,
  targets: z.record(ResourceTargetSchema)
});

const BuildResourceSchema = z.object({
  actions: ResourceActionsSchema,
  targets: z.record(ResourceTargetSchema)
});

const PermissionTargetSchema = z.object({
  name: z.string(),
  resources: z.object({
    artifact: ArtifactResourceSchema.optional(),
    release_bundle: ReleaseBundleResourceSchema.optional(),
    build: BuildResourceSchema.optional()
  }),
  created_by: z.string().optional(),
  modified_by: z.string().optional()
});

Tool Definition Quality

C2.7/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries full burden. It mentions 'replace' but doesn't clarify behavioral aspects like whether this is a destructive operation, what permissions are required, if it's idempotent, or how it differs from update/delete operations. This leaves significant gaps for a mutation tool.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence with no wasted words. It's front-loaded with the core action and target, making it easy to parse quickly.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a mutation tool with no annotations, no output schema, and incomplete parameter documentation, the description is insufficient. It doesn't explain what 'replace' means operationally, what happens to existing data, or what the tool returns, leaving the agent with critical gaps in understanding.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 67%, with two parameters (name, resourceType) described and one (resource) lacking description. The description adds no additional parameter context beyond the schema, such as explaining the resource structure or resourceType enum values. Baseline 3 is appropriate as the schema provides moderate coverage.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose3/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description states the action ('replace') and target ('specific resource type within a permission target'), which is clear but somewhat vague. It doesn't specify what 'replace' entails operationally or distinguish it from sibling tools like jfrog_update_permission_resource or jfrog_delete_permission_resource, leaving ambiguity about when to use each.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No guidance is provided on when to use this tool versus alternatives. With siblings like jfrog_update_permission_resource and jfrog_delete_permission_resource, the description offers no context for choosing between them, such as whether this tool fully overwrites resources or handles specific scenarios.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Related Tools

jfrog_update_permission_resourceC
@jfrog/mcp-jfrog
jfrog_delete_permission_resourceC
@jfrog/mcp-jfrog
jfrog_get_permission_resourceC
@jfrog/mcp-jfrog
jfrog_update_permission_targetC
@jfrog/mcp-jfrog
jfrog_create_permission_targetC
@jfrog/mcp-jfrog
jfrog_delete_permission_targetC
@jfrog/mcp-jfrog

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jfrog/mcp-jfrog'

If you have feedback or need assistance with the MCP directory API, please join our Discord server