Admina MCP Server

get_identities

Retrieve and filter organizational identities by status, department, type, keyword, and more. Supports pagination, sorting, and advanced criteria to locate specific users or groups.

Instructions

Return a list of identities. Can be filtered by the status, department and type. Can also search by the email or name by keyword

Input Schema

TableJSON Schema

Name	Required	Description
`limit`	No	Maximum number of items to return per page
`cursor`	No	Cursor for pagination
`keyword`	No	Filter results by username, identityId, department name, email or displayName (prefix search)
`statuses`	No	Filter results by status. Accepts multiple options.
`types`	No	Filter results by employee type. Accepts multiple options.
`managementTypes`	No	Filter results by management type. Accepts multiple options.
`departments`	No	Filter results by departments. Accepts multiple options.
`companies`	No	Filter results by companies. Accepts multiple options.
`locations`	No	Filter results by locations. Accepts multiple options.
`identityIds`	No	Filter results by identityIds. Accepts multiple options.
`peopleIds`	No	Filter results by peopleIds. Accepts multiple options.
`excludeIds`	No	Exclude identities by id. Accepts multiple options.
`alertTypes`	No	Filter results by alert type. Accepts multiple options.
`expands`	No	Expand other datasets when fetching identities. Accepts multiple options.
`sortBy`	No	Sort results by a specific field.
`sortOrder`	No	Sort results in ascending or descending order.
`contractStartRange`	No	Filter results by contract start date range. Format: YYYY-MM-DD:YYYY-MM-DD, separated by a colon.
`contractEndRange`	No	Filter results by contract end date range. Format: YYYY-MM-DD:YYYY-MM-DD, separated by a colon.
`suspensionStartRange`	No	Filter results by suspension start date range. Format: YYYY-MM-DD:YYYY-MM-DD, separated by a colon.
`suspensionEndRange`	No	Filter results by suspension end date range. Format: YYYY-MM-DD:YYYY-MM-DD, separated by a colon.
`createdAtRange`	No	Filter results by created date range. Format: YYYY-MM-DD:YYYY-MM-DD, separated by a colon.
`updatedAtRange`	No	Filter results by updated date range. Format: YYYY-MM-DD:YYYY-MM-DD, separated by a colon.
`serviceCountFrom`	No	Filter results by minimum service count.
`serviceCountTo`	No	Filter results by maximum service count.
`managerId`	No	Filter results by managerId.
`serviceId`	No	Filter results by serviceId.
`customFields`	No	Filter results by custom fields. For date fields, use date range format: YYYY-MM-DD:YYYY-MM-DD
`hasHRM`	No	Filter results by HRM (employee master) linkage. When true, returns only UIDs with HRM linkage.
`haveAssignedDevice`	No	Filter results by identities that have at least one assigned device.
`haveSaasAccount`	No	Filter results by identities that have at least one SaaS account.
`includeActiveInternalOnly`	No	When true, limits results to active employees with internal management (ACTIVE status, MANAGED/SYSTEM types only).

Implementation Reference

src/tools/getIdentities.ts:108-112 (handler)
The main handler function for get_identities. It gets an API client, converts filters to URL query params, and makes a GET API call to the /identity endpoint.
```
export async function getIdentities(filters: IdentityFilters) {
  const client = getClient();
  const queryParams = filtersToParams(filters);
  return client.makeApiCall("/identity", queryParams);
}
```

src/tools/getIdentities.ts:28-104 (schema)

IdentityFiltersSchema defines the input schema for get_identities: supports filtering by keyword, statuses, types, managementTypes, departments, companies, locations, identityIds, peopleIds, alertTypes, expands, sorting, date ranges, service counts, customFields, booleans, etc.

export const IdentityFiltersSchema = z.object({
  limit: z.number().optional().describe("Maximum number of items to return per page"),
  cursor: z.string().optional().describe("Cursor for pagination"),
  keyword: z
    .string()
    .optional()
    .describe("Filter results by username, identityId, department name, email or displayName (prefix search)"),
  statuses: z
    .array(z.enum(["active", "on_leave", "draft", "preactive", "retired", "untracked", "archived"]))
    .optional()
    .describe("Filter results by status. Accepts multiple options."),
  types: z.array(z.string()).optional().describe("Filter results by employee type. Accepts multiple options."),
  managementTypes: z
    .array(z.enum(["managed", "external", "system", "unknown", "unregistered"]))
    .optional()
    .describe("Filter results by management type. Accepts multiple options."),
  departments: z.array(z.string()).optional().describe("Filter results by departments. Accepts multiple options."),
  companies: z.array(z.string()).optional().describe("Filter results by companies. Accepts multiple options."),
  locations: z.array(z.string()).optional().describe("Filter results by locations. Accepts multiple options."),
  identityIds: z.array(z.string()).optional().describe("Filter results by identityIds. Accepts multiple options."),
  peopleIds: z.array(z.number()).optional().describe("Filter results by peopleIds. Accepts multiple options."),
  excludeIds: z.array(z.string()).optional().describe("Exclude identities by id. Accepts multiple options."),
  alertTypes: z.array(AlertTypeEnum).optional().describe("Filter results by alert type. Accepts multiple options."),
  expands: z
    .array(IdentityExpandEnum)
    .optional()
    .describe("Expand other datasets when fetching identities. Accepts multiple options."),
  sortBy: IdentitySortByEnum.optional().describe("Sort results by a specific field."),
  sortOrder: z.enum(["ASC", "DESC"]).optional().describe("Sort results in ascending or descending order."),
  contractStartRange: z
    .string()
    .optional()
    .describe("Filter results by contract start date range. Format: YYYY-MM-DD:YYYY-MM-DD, separated by a colon."),
  contractEndRange: z
    .string()
    .optional()
    .describe("Filter results by contract end date range. Format: YYYY-MM-DD:YYYY-MM-DD, separated by a colon."),
  suspensionStartRange: z
    .string()
    .optional()
    .describe("Filter results by suspension start date range. Format: YYYY-MM-DD:YYYY-MM-DD, separated by a colon."),
  suspensionEndRange: z
    .string()
    .optional()
    .describe("Filter results by suspension end date range. Format: YYYY-MM-DD:YYYY-MM-DD, separated by a colon."),
  createdAtRange: z
    .string()
    .optional()
    .describe("Filter results by created date range. Format: YYYY-MM-DD:YYYY-MM-DD, separated by a colon."),
  updatedAtRange: z
    .string()
    .optional()
    .describe("Filter results by updated date range. Format: YYYY-MM-DD:YYYY-MM-DD, separated by a colon."),
  serviceCountFrom: z.number().int().optional().describe("Filter results by minimum service count."),
  serviceCountTo: z.number().int().optional().describe("Filter results by maximum service count."),
  managerId: z.string().optional().describe("Filter results by managerId."),
  serviceId: z.string().optional().describe("Filter results by serviceId."),
  customFields: z
    .record(z.string(), z.string())
    .optional()
    .describe("Filter results by custom fields. For date fields, use date range format: YYYY-MM-DD:YYYY-MM-DD"),
  hasHRM: z
    .boolean()
    .optional()
    .describe("Filter results by HRM (employee master) linkage. When true, returns only UIDs with HRM linkage."),
  haveAssignedDevice: z
    .boolean()
    .optional()
    .describe("Filter results by identities that have at least one assigned device."),
  haveSaasAccount: z.boolean().optional().describe("Filter results by identities that have at least one SaaS account."),
  includeActiveInternalOnly: z
    .boolean()
    .optional()
    .describe(
      "When true, limits results to active employees with internal management (ACTIVE status, MANAGED/SYSTEM types only).",
    ),
});

src/index.ts:160-165 (registration)

Tool registration in the ListToolsRequestSchema handler: defines the tool name 'get_identities', description, and inputSchema referencing IdentityFiltersSchema.

{
  name: "get_identities",
  description:
    "Return a list of identities. Can be filtered by the status, department and type. Can also search by the email or name by keyword",
  inputSchema: zodToJsonSchema(IdentityFiltersSchema),
},

src/index.ts:307-307 (registration)
Tool handler mapping in toolHandlers: maps 'get_identities' string to a function that parses input with IdentityFiltersSchema and calls getIdentities().
```
get_identities: async (input) => getIdentities(IdentityFiltersSchema.parse(input)),
```

src/common/helper.ts:1-19 (helper)

The filtersToParams helper function converts a filters object into URLSearchParams, used by getIdentities to build query parameters for the API call.

export function filtersToParams(filters: Record<string, any>): URLSearchParams {
  const queryParams = new URLSearchParams();

  Object.entries(filters).forEach(([key, value]) => {
    if (value !== undefined && value !== null && !(Array.isArray(value) && value.length === 0)) {
      if (Array.isArray(value) && value.length > 0) {
        // Append each array value separately to generate format: key=value1&key=value2
        value.forEach((item) => {
          queryParams.append(key, String(item));
        });
      } else if (typeof value === "boolean") {
        queryParams.append(key, value.toString());
      } else {
        queryParams.append(key, String(value));
      }
    }
  });
  return queryParams;
}

Tool Definition Quality

B3.3/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description bears full responsibility for disclosing behavioral traits. It only describes basic read functionality but fails to mention pagination, sorting, or performance implications. The tool has 31 parameters, yet the description provides minimal behavioral context.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is two sentences with no fluff. The main purpose is front-loaded in the first sentence. Every word adds value, making it concise and well-structured.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (31 parameters, no output schema), the description is too brief. It does not explain pagination or the structure of returned identities. While the schema covers parameters, the description lacks completeness for agents to fully understand the tool's output and behavior.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema already documents all parameters. The description adds minimal value beyond summarizing a subset of filters (status, department, type, keyword). Baseline score of 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states 'Return a list of identities' with a specific verb and resource. It also mentions filtering and search capabilities, which helps distinguish it from sibling tools like get_identity (singular) and get_identities_stats.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies usage for listing identities with optional filters, but it does not explicitly state when to use this tool versus alternatives (e.g., get_identity for a single identity). No when-not-to-use guidance is provided.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/moneyforward-i/admina-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server