Postman

Official

by postmanlabs

Overview Schema Related Servers Score Discussions

TypeScript

Hybrid

publishMock

Publish a mock server to update its access control to public, enabling external access.

Instructions

Publishes a mock server. Publishing a mock server sets its Access Control configuration setting to public.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`mockId`	Yes	The mock's ID.

Implementation Reference

src/tools/publishMock.ts:18-44 (handler)

The handler function that executes the publishMock tool logic. It sends a POST request to /mocks/{mockId}/publish to set the mock server's Access Control to public.

export async function handler(
  args: z.infer<typeof parameters>,
  extra: { client: PostmanAPIClient; headers?: IsomorphicHeaders; serverContext?: ServerContext }
): Promise<CallToolResult> {
  try {
    const endpoint = `/mocks/${args.mockId}/publish`;
    const query = new URLSearchParams();
    const url = query.toString() ? `${endpoint}?${query.toString()}` : endpoint;
    const options: any = {
      headers: extra.headers,
    };
    const result = await extra.client.post(url, options);
    return {
      content: [
        {
          type: 'text',
          text: `${typeof result === 'string' ? result : JSON.stringify(result, null, 2)}`,
        },
      ],
    };
  } catch (e: unknown) {
    if (e instanceof McpError) {
      throw e;
    }
    throw asMcpError(e);
  }
}

src/tools/publishMock.ts:1-16 (schema)

The schema definition for publishMock: exports method='publishMock', description, Zod parameters (mockId string), and annotations.

import { z } from 'zod';
import { PostmanAPIClient } from '../clients/postman.js';
import { IsomorphicHeaders, CallToolResult } from '@modelcontextprotocol/sdk/types.js';
import { ServerContext, asMcpError, McpError } from './utils/toolHelpers.js';

export const method = 'publishMock';
export const description =
  'Publishes a mock server. Publishing a mock server sets its **Access Control** configuration setting to public.';
export const parameters = z.object({ mockId: z.string().describe("The mock's ID.") });
export const annotations = {
  title:
    'Publishes a mock server. Publishing a mock server sets its **Access Control** configuration setting to public.',
  readOnlyHint: false,
  destructiveHint: false,
  idempotentHint: false,
};

src/index.ts:97-148 (registration)

The loadAllTools() function dynamically loads all tool modules (including publishMock) from the tools directory. Tools are imported and registered iteratively in the main run() function.

async function loadAllTools(): Promise<ToolModule[]> {
  const __filename = fileURLToPath(import.meta.url);
  const __dirname = dirname(__filename);
  const generatedToolsDir = join(__dirname, './tools');

  const tools: ToolModule[] = [];

  // Load generated tools from ./tools/*.js
  try {
    log('info', 'Loading tools from directory', { toolsDir: generatedToolsDir });
    const files = await readdir(generatedToolsDir);
    const toolFiles = files.filter((file) => file.endsWith('.js'));
    log('debug', 'Discovered tool files', { count: toolFiles.length });

    const importResults = await Promise.allSettled(
      toolFiles.map(async (file) => {
        const toolPath = join(generatedToolsDir, file);
        const toolModule = await import(pathToFileURL(toolPath).href);
        return { toolModule, file };
      })
    );

    for (const result of importResults) {
      if (result.status === 'rejected') {
        log('error', 'Failed to load tool module', {
          error: String(result.reason?.message || result.reason),
        });
        continue;
      }
      const { toolModule, file } = result.value;
      if (
        toolModule.method &&
        toolModule.description &&
        toolModule.parameters &&
        toolModule.handler
      ) {
        tools.push(toolModule as ToolModule);
        log('info', 'Loaded tool', { method: toolModule.method, file });
      } else {
        log('warn', 'Tool module missing required exports; skipping', { file });
      }
    }
  } catch (error: any) {
    log('error', 'Failed to read tools directory', {
      toolsDir: generatedToolsDir,
      error: String(error?.message || error),
    });
  }

  log('info', 'Tool loading completed', { totalLoaded: tools.length });
  return tools;
}

src/enabledResources.ts:79-261 (registration)

publishMock is listed in the 'full' (line 85) and 'minimal' (line 189) enabled resources arrays, controlling which tool sets include it.

  // Mocks
  'createMock',
  'deleteMock',
  'getMock',
  'getMocks',
  'updateMock',
  'publishMock',
  'unpublishMock',

  // Monitors
  'createMonitor',
  'deleteMonitor',
  'getMonitor',
  'getMonitors',
  'updateMonitor',
  'runMonitor',

  // Specs
  'createSpec',
  'deleteSpec',
  'getSpec',
  'getAllSpecs',
  'getSpecDefinition',
  'updateSpecProperties',
  'createSpecFile',
  'getSpecFile',
  'getSpecFiles',
  'updateSpecFile',

  // Workspaces
  'createWorkspace',
  'deleteWorkspace',
  'getWorkspace',
  'getWorkspaces',
  'updateWorkspace',
  'getWorkspaceGlobalVariables',
  'updateWorkspaceGlobalVariables',
  'getWorkspaceTags',
  'updateWorkspaceTags',

  // PAN (Private API Network)
  'listPrivateNetworkWorkspaces',
  'listPrivateNetworkAddRequests',
  'removeWorkspaceFromPrivateNetwork',
  'addWorkspaceToPrivateNetwork',
  'respondPrivateNetworkAddRequest',

  // // Documentation
  'publishDocumentation',
  'unpublishDocumentation',

  // Tasks and Status
  'getAsyncSpecTaskStatus',
  'getStatusOfAnAsyncApiTask',

  // User and Tags
  'getAuthenticatedUser',
  'getTaggedEntities',

  // Code Generation
  'getCodeGenerationInstructions',

  // Transfer
  'transferCollectionFolders',
  'transferCollectionResponses',
  'transferCollectionResponses',

  // 'asyncMergePullCollectionFork' skipped
  // 'asyncMergePullCollectionTaskStatus' skipped

  // Duplicate Collection
  'duplicateCollection',
  'getDuplicateCollectionTaskStatus',
  'deleteApiCollectionComment',
  'deleteSpecFile',
  'getEnabledTools',
  'searchPostmanElementsInPublicNetwork',
  'searchPostmanElementsInPrivateNetwork',

  // Analytics
  'getAnalyticsData',
  'getAnalyticsMetadata',
] as const;

const minimal = [
  'createCollection',
  'createEnvironment',
  'createMock',
  'createSpec',
  'createSpecFile',
  'createWorkspace',
  'generateCollection',
  'generateSpecFromCollection',
  'getAllSpecs',
  'getAuthenticatedUser',
  'getCollection',
  'getCollections',
  'getEnvironment',
  'getEnvironments',
  'getGeneratedCollectionSpecs',
  'getMock',
  'getMocks',
  'getSpec',
  'getSpecCollections',
  'getSpecDefinition',
  'getSpecFile',
  'getSpecFiles',
  'getTaggedEntities',
  'getWorkspace',
  'getWorkspaces',
  'publishMock',
  'putCollection',
  'putEnvironment',
  'syncCollectionWithSpec',
  'syncSpecWithCollection',
  'updateMock',
  'updateSpecFile',
  'updateSpecProperties',
  'updateWorkspace',
  'createCollectionRequest',
  'createCollectionResponse',
  'duplicateCollection',
  'getDuplicateCollectionTaskStatus',
  'runCollection',
  'getEnabledTools',
  'updateCollectionRequest',
] as const;

const code = [
  'getCodeGenerationInstructions',
  'getWorkspace',
  'getWorkspaces',
  'searchPostmanElementsInPublicNetwork',
  'getCollectionRequest',
  'getCollectionResponse',
  'getCollectionFolder',
  'getAuthenticatedUser',
  'getCollection',
  'getEnvironment',
  'getEnvironments',
  'searchPostmanElementsInPrivateNetwork',
] as const;

const excludedFromGeneration = [
  'runCollection',
  'getEnabledTools',
  'getCodeGenerationInstructions',
  'getCollectionMap',
  'getCollection',
  'searchPostmanElementsInPublicNetwork',
  'searchPostmanElementsInPrivateNetwork',
] as const;

/**
 * Subtools are tools that are grouped under a parent tool orchestrator.
 * Each subtool is defined with:
 * - orchestrator: The main tool that will be exposed (the index.ts file)
 * - subtools: Array of tools that will be placed in the orchestrator's folder
 *
 * Example structure for 'getCollection':
 * tools/
 *   getCollection/
 *     index.ts          <- orchestrator (handles routing logic)
 *     getCollection.ts  <- subtool (the actual API call)
 *     getCollectionMap.ts <- subtool (the map variant)
 */
const subtools = {
  getCollection: {
    orchestrator: 'getCollection',
    subtools: ['getCollection', 'getCollectionMap'],
  },
} as const;

const templated = ['getCollections', 'getWorkspaces'] as const;

export const enabledResources = {
  full,
  minimal,
  code,
  excludedFromGeneration,
  subtools,
  templated,
};

Tool Definition Quality

A3.6/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations indicate readOnlyHint=false (write operation) and destructiveHint=false (not destructive). The description adds that the tool modifies access control to public, which is consistent. However, it does not disclose whether the action is reversible, what permissions are required, or any side effects beyond the access control change.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is two sentences, concise and front-loaded. It efficiently communicates the tool's purpose and the key behavioral impact without unnecessary words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a simple tool with one parameter and no output schema, the description adequately covers what the tool does and its effect. Missing details like return values or error conditions are tolerable given the low complexity.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage for parameters is 100%; the single parameter 'mockId' is already described in the schema as 'The mock's ID.' The description adds no additional meaning or constraints beyond that.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool publishes a mock server and specifies the exact effect: setting the Access Control configuration to public. This distinguishes it from siblings like updateMock, which likely handles other mock updates.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description does not provide explicit guidance on when to use this tool versus alternatives such as updateMock. It omits when not to publish or any prerequisites, leaving the agent to infer usage from context.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/postmanlabs/postman-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server