PingOne Advanced Identity Cloud MCP Server

Official

Overview Schema Related Servers Score Discussions

Patch Managed Object

patchManagedObject

Update specific fields of a managed object in PingOne Advanced Identity Cloud using JSON Patch operations to modify user attributes, group memberships, or other identity data.

Instructions

Update specific fields of a managed object in PingOne AIC using JSON Patch operations

Input Schema

TableJSON Schema

Name	Required	Description
`objectType`	Yes	Managed object type (e.g., alpha_user, bravo_user, alpha_role, bravo_role, alpha_group, bravo_group, alpha_organization, bravo_organization). Use listManagedObjects to discover all available types.
`objectId`	Yes	The object's unique identifier (_id)
`revision`	Yes	The current revision (_rev) of the object, obtained from getManagedObject
`operations`	Yes	Array of JSON Patch operations to apply to the object

Implementation Reference

src/tools/managedObjects/patchManagedObject.ts:49-78 (handler)

The toolFunction handler for patchManagedObject. It sends a PATCH request to /openidm/managed/{objectType}/{objectId} with JSON Patch operations, using If-Match header for revision-based concurrency control.

async toolFunction({
  objectType,
  objectId,
  revision,
  operations
}: {
  objectType: string;
  objectId: string;
  revision: string;
  operations: Array<{ operation: string; field: string; value?: any }>;
}) {
  const url = `https://${aicBaseUrl}/openidm/managed/${objectType}/${objectId}`;

  try {
    const { data, response } = await makeAuthenticatedRequest(url, SCOPES, {
      method: 'PATCH',
      headers: {
        'If-Match': revision
      },
      body: JSON.stringify(operations)
    });

    const patchedObject = data as any;
    const successMessage = `Patched managed object ${objectId}. New revision: ${patchedObject._rev}`;

    return createToolResponse(formatSuccess(successMessage, response));
  } catch (error: any) {
    return createToolResponse(`Failed to patch managed object: ${error.message}`);
  }
}

src/tools/managedObjects/patchManagedObject.ts:32-48 (schema)

The inputSchema for patchManagedObject defining objectType, objectId, revision, and operations (array of JSON Patch operations with operation/field/value).

inputSchema: {
  objectType: z
    .string()
    .min(1)
    .describe(
      `Managed object type (e.g., ${EXAMPLE_TYPES_STRING}). Use listManagedObjects to discover all available types.`
    ),
  objectId: safePathSegmentSchema.describe("The object's unique identifier (_id)"),
  revision: z
    .string()
    .min(1)
    .refine((val) => val.trim().length > 0, {
      message: 'Revision cannot be empty or whitespace'
    })
    .describe('The current revision (_rev) of the object, obtained from getManagedObject'),
  operations: z.array(patchOperationSchema).describe('Array of JSON Patch operations to apply to the object')
},

src/tools/managedObjects/patchManagedObject.ts:13-21 (schema)

Zod schema for a JSON Patch operation (add/remove/replace/move/copy/test) with field path and optional value.

const patchOperationSchema = z.object({
  operation: z.enum(['add', 'remove', 'replace', 'move', 'copy', 'test']).describe('The patch operation type'),
  field: z
    .string()
    .describe(
      "The field path to modify using JSON Pointer format (e.g., '/fieldName'). Call getManagedObjectSchema to discover available fields."
    ),
  value: z.any().optional().describe('The value for the operation (required for add/replace/test operations)')
});

src/tools/managedObjects/patchManagedObject.ts:23-31 (registration)

The tool registration object (name: 'patchManagedObject', title, description, scopes, annotations) exported as patchManagedObjectTool.

export const patchManagedObjectTool = {
  name: 'patchManagedObject',
  title: 'Patch Managed Object',
  description: 'Update specific fields of a managed object in PingOne AIC using JSON Patch operations',
  scopes: SCOPES,
  annotations: {
    destructiveHint: false,
    openWorldHint: true
  },

src/tools/managedObjects/index.ts:7-7 (registration)
Re-exports patchManagedObjectTool from the managedObjects tool index.
```
export { patchManagedObjectTool } from './patchManagedObject.js';
```

Tool Definition Quality

A3.7/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations include destructiveHint=false (non-destructive) and openWorldHint=true. The description's 'Update specific fields' aligns with non-destructive behavior but adds no further details on authentication, rate limits, or side effects beyond what annotations provide.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, front-loaded sentence that efficiently conveys the tool's purpose with no redundant words or extraneous information.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

The description lacks details on return values, error conditions, or side effects (though openWorldHint hints at them). Given no output schema and four parameters, more context would be helpful, but the schema descriptions partially compensate.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, with each parameter having clear descriptions (e.g., objectType lists examples and suggests listManagedObjects). The tool description adds no additional parameter information beyond the schema, so baseline score of 3 applies.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states 'Update specific fields of a managed object in PingOne AIC using JSON Patch operations', specifying the verb (update), resource (managed object), and method (JSON Patch). It distinguishes from sibling tools like patchManagedObjectDefinition and patchManagedObjectRelationship.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description does not explicitly state when to use this tool versus alternatives. Some guidance is embedded in parameter descriptions (e.g., using listManagedObjects to discover types), but no direct comparison with siblings like updateJourney or other patch tools.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/pingidentity/aic-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server