PI API MCP Server

Overview Schema Related Servers Score Discussions

authenticate

Authenticate with the PI API to securely access and manage PI Dashboard resources including categories and charts through the MCP server.

Instructions

Guide for authenticating with the PI API

Input Schema

TableJSON Schema

Name	Required	Description	Default
No arguments

Implementation Reference

build/index.js:350-390 (registration)

Registration of the 'authenticate' tool including its inline handler function. This tool serves as a guide, checking if already authenticated and providing instructions for token-based or credentials-based authentication.

server.tool("authenticate", "Guide for authenticating with the PI API", {}, async () => {
    try {
        // Check if already authenticated successfully
        if (authToken && await verifyConnection()) {
            return {
                content: [{
                        type: "text",
                        text: "✅ You are already authenticated and your token is valid. You can use the API without further authentication."
                    }]
            };
        }
        // Check if API URL is set
        if (!apiUrlSet) {
            return {
                isError: true,
                content: [{
                        type: "text",
                        text: "API URL not set. Please set the API URL first using the set-api-url tool."
                    }]
            };
        }
        return {
            content: [{
                    type: "text",
                    text: "Authentication options:\n\n" +
                        "1. If you have a token (strongly preferred):\n" +
                        "   - Use the keep-session-alive tool with your token\n" +
                        "   - This will verify and set your token in one step\n\n" +
                        "2. If you don't have a token (last resort):\n" +
                        "   - Use the authenticate-with-credentials tool\n" +
                        "   - Format: authenticate-with-credentials with \"username password\""
                }]
        };
    }
    catch (error) {
        return {
            isError: true,
            content: [{ type: "text", text: `Error during authentication guide: ${getErrorMessage(error)}` }]
        };
    }
});

build/index.js:144-162 (helper)

Helper function verifyConnection() used by the authenticate tool to check if the current authentication is valid.

async function verifyConnection() {
    if (!apiUrlSet || !API_BASE_URL) {
        return false;
    }
    if (!authToken) {
        return false;
    }
    try {
        // Try a lightweight request to verify the connection
        await authenticatedRequest("/tokens/keepAlive", "POST");
        connectionVerified = true;
        return true;
    }
    catch (error) {
        logError(`Connection verification failed: ${getErrorMessage(error)}`);
        connectionVerified = false;
        return false;
    }
}

build/index.js:57-125 (helper)

Core helper function for making authenticated API requests, used throughout including by verifyConnection which supports the authenticate tool.

async function authenticatedRequest(endpoint, method = "GET", body = null, queryParams = {}) {
    if (!apiUrlSet) {
        throw new Error("API URL not set. Please set the API URL using the set-api-url tool.");
    }
    if (!authToken) {
        throw new Error("Not authenticated. Please authenticate first.");
    }
    // Build URL with query parameters
    let url = `${API_BASE_URL}${endpoint}`;
    // Add orgId if available
    if (orgId !== null) {
        queryParams.orgId = orgId.toString();
    }
    // Add query parameters if any
    if (Object.keys(queryParams).length > 0) {
        const queryString = Object.entries(queryParams)
            .map(([key, value]) => `${encodeURIComponent(key)}=${encodeURIComponent(value)}`)
            .join("&");
        url = `${url}?${queryString}`;
    }
    logInfo(`Making ${method} request to ${url}`);
    const headers = {
        "Authorization": `bearer ${authToken}`,
        "Content-Type": "application/json"
    };
    const options = {
        method,
        headers
    };
    if (body !== null && ["POST", "PUT"].includes(method)) {
        options.body = JSON.stringify(body);
        logInfo(`Request body: ${JSON.stringify(body)}`);
    }
    try {
        const response = await fetch(url, options);
        if (!response.ok) {
            const errorText = await response.text();
            logError(`API request failed with status ${response.status}: ${errorText}`);
            throw new Error(`API request failed with status ${response.status}: ${response.statusText}`);
        }
        // Check if the response is JSON or binary
        const contentType = response.headers.get("content-type") || "";
        if (contentType.includes("application/json")) {
            const jsonData = await response.json();
            logInfo(`Received JSON response: ${JSON.stringify(jsonData).substring(0, 200)}...`);
            return jsonData;
        }
        else if (contentType.includes("text/csv")) {
            // For binary/file responses, return a base64 encoded string
            const buffer = await response.arrayBuffer();
            const base64 = Buffer.from(buffer).toString("base64");
            logInfo(`Received binary response of type ${contentType}, length: ${base64.length}`);
            return {
                contentType,
                data: base64
            };
        }
        else {
            // Otherwise, return as text
            const text = await response.text();
            logInfo(`Received text response: ${text.substring(0, 200)}...`);
            return text;
        }
    }
    catch (error) {
        logError(`API request error: ${getErrorMessage(error)}`);
        throw error;
    }
}

Tool Definition Quality

B3.1/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden for behavioral disclosure. 'Guide for authenticating' suggests this might be informational or instructional rather than performing actual authentication, but this isn't clarified. The description doesn't reveal whether this tool returns credentials, initiates sessions, provides documentation, or has any side effects like creating tokens or sessions.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is extremely concise at just 5 words, front-loading the core purpose without any wasted language. Every word earns its place by specifying what the tool does ('authenticating'), for what system ('PI API'), and its nature ('Guide'). No unnecessary elaboration or repetition exists.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity of authentication operations and the absence of both annotations and output schema, the description is insufficiently complete. Authentication tools typically involve credentials, tokens, sessions, or configuration - none of which are addressed. The description doesn't explain what the tool actually returns or accomplishes, leaving significant gaps for an agent to understand its function.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The tool has 0 parameters with 100% schema description coverage, so the baseline is 4. The description appropriately doesn't discuss parameters since none exist, and the schema fully documents this absence. No additional parameter information is needed or provided.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description 'Guide for authenticating with the PI API' clearly states the tool's purpose as providing authentication guidance for a specific API. It uses the verb 'authenticating' with the resource 'PI API', making the intent understandable. However, it doesn't distinguish itself from sibling 'authenticate-with-credentials', leaving some ambiguity about when to use each tool.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. With sibling tools like 'authenticate-with-credentials' and 'check-connection' available, there's no indication whether this tool is for initial setup, session management, or troubleshooting. The description lacks any context about prerequisites or when this tool should be invoked.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/mingzilla/pi-api-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server