Skip to main content
Glama
purpleax

Fastly NGWAF MCP Server

by purpleax
OverviewSchemaRelated ServersScoreDiscussions
JavaScript
Remote

set_credentials

Configure API credentials for the Fastly Next-Gen Web Application Firewall to enable security management through AI assistants.

Instructions

Set Fastly NGWAF API credentials (email and access token)

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
emailYesYour Fastly NGWAF email address
tokenYesYour Fastly NGWAF API access token

Implementation Reference

  • server.js:847-860 (handler)
    MCP tool handler for 'set_credentials': instantiates FastlyNGWAFClient, sets credentials via client.setCredentials(), tests connection with testConnection(), and prepares result with success/validation info.
    case 'set_credentials':
    client = new FastlyNGWAFClient();
    result = client.setCredentials(typedArgs.email, typedArgs.token);
    // Test the connection to validate the credentials
    try {
        const connectionTest = await client.testConnection();
        result.message = `Credentials set and validated successfully. Access to ${connectionTest.corporationsCount} corporations.`;
        result.email = connectionTest.email;
    }
    catch (error) {
        result.success = false;
        result.error = error.message;
    }
    break;
  • server.js:398-408 (schema)
    Tool definition including name, description, and input schema (JSON Schema object with required email and token strings). Used for registration in ListTools response.
        name: 'set_credentials',
    description: 'Set Fastly NGWAF API credentials (email and access token)',
    inputSchema: {
        type: 'object',
        properties: {
            email: { type: 'string', description: 'Your Fastly NGWAF email address' },
            token: { type: 'string', description: 'Your Fastly NGWAF API access token' },
        },
        required: ['email', 'token'],
    },
},
  • server.js:24-29 (helper)
    FastlyNGWAFClient.setCredentials method: stores email/token instance properties and sets axios default headers for authentication.
    setCredentials(email, token) {
    this.email = email;
    this.token = token;
    this.api.defaults.headers.common['x-api-user'] = email;
    this.api.defaults.headers.common['x-api-token'] = token;
    return { success: true, authenticated: true };
  • server.js:814-816 (registration)
    Registers the list tools handler which returns the tools array containing 'set_credentials' definition.
    server.setRequestHandler(ListToolsRequestSchema, async () => {
    return { tools };
});

Tool Definition Quality

C2.9/5.0
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It states the tool sets credentials but doesn't cover critical aspects like whether this is a one-time setup, if it overwrites existing credentials, authentication requirements, rate limits, or error handling. This leaves significant gaps for a mutation tool.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence with zero waste, front-loading the key action and resource. It is appropriately sized for a simple tool with two parameters.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity as a mutation operation with no annotations and no output schema, the description is incomplete. It fails to address behavioral traits, return values, or error conditions, making it inadequate for safe and effective use by an AI agent.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 100% description coverage, clearly documenting both parameters (email and token). The description adds minimal value by restating the parameters without providing additional context like format examples or validation rules, aligning with the baseline for high schema coverage.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('Set') and the resource ('Fastly NGWAF API credentials'), specifying the exact credentials (email and access token). It distinguishes from siblings like 'test_connection' or 'set_context' by focusing on credential configuration, though it doesn't explicitly contrast with them.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives, prerequisites (e.g., needing credentials from Fastly), or exclusions. It lacks context for usage relative to siblings like 'test_connection' or other setup tools.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/purpleax/FastlyMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server