Magento MCP Server

catalog_get_product

Retrieve full product details using SKU. Access all product information stored in the Magento catalog.

Instructions

Get full product details by SKU.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`params`	No	Action parameters as a JSON object

Implementation Reference

src/actions/catalog.ts:70-83 (handler)

Handler function for catalog.get_product that validates input via CatalogGetProductSchema, creates an API client, and makes a GET request to Magento's /V1/products/{sku} endpoint.

// ── Get Product ───────────────────────────────────────────────────────
{
  name: 'catalog.get_product',
  description: 'Get full product details by SKU.',
  riskTier: RiskTier.Safe,
  requiresAuth: true,
  handler: async (params: Record<string, unknown>, context: ActionContext) => {
    const validated = CatalogGetProductSchema.parse(params);
    const client = context.getClient();
    const storeCode = validated.scope?.store_view_code;
    const result = await client.get(`/V1/products/${encodeURIComponent(validated.sku)}`, undefined, storeCode);
    return result;
  },
},

src/validation/schemas.ts:133-136 (schema)
Zod schema defining input validation: requires a non-empty string 'sku' and optional 'scope' (with store_view_code).
```
export const CatalogGetProductSchema = z.object({
  sku: z.string().min(1),
  scope: StoreScopeSchema.optional(),
});
```

src/index.ts:76-159 (registration)

Registration of all actions (including catalog.get_product) as MCP tools. The tool name is derived by replacing dots with underscores (catalog.get_product -> catalog_get_product).

for (const action of allActions) {
  // Convert dots to underscores for MCP tool names (e.g. "auth.login" -> "auth_login")
  const toolName = action.name.replace(/\./g, '_');

  mcpServer.tool(
    toolName,
    action.description,
    { params: z.record(z.unknown()).optional().describe('Action parameters as a JSON object') },
    async (args) => {
      const params = (args.params || {}) as Record<string, unknown>;

      // Check authentication
      if (action.requiresAuth) {
        const token = sessionStore.getToken(sessionId);
        if (!token) {
          return {
            content: [{ type: 'text' as const, text: JSON.stringify({ error: { code: 'NOT_AUTHENTICATED', message: 'Not authenticated. Call auth_login first.' } }, null, 2) }],
            isError: true,
          };
        }
      }

      // Build action context
      const context: ActionContext = {
        sessionId,
        getToken: () => sessionStore.getToken(sessionId),
        getBaseUrl: () => sessionStore.getBaseUrl(sessionId),
        getDefaultScope: () => sessionStore.getDefaultScope(sessionId),
        getOAuthCredentials: () => sessionStore.getOAuthCredentials(sessionId),
        getClient: () => {
          const baseUrl = sessionStore.getBaseUrl(sessionId);
          const token = sessionStore.getToken(sessionId);
          if (!baseUrl) throw new Error('No active session');
          const client = new MagentoRestClient(baseUrl, token);
          const oauth = sessionStore.getOAuthCredentials(sessionId);
          if (oauth) client.setOAuth(oauth);
          return client;
        },
        username: sessionStore.getUsername(sessionId),
      };

      try {
        const result = await action.handler(params, context);

        // Audit log
        const auditRecord: AuditRecord = {
          timestamp: new Date().toISOString(),
          username: context.username,
          action: action.name,
          scope: context.getDefaultScope(),
          params,
          result_summary: summarizeResult(result),
          plan_id: (params['plan_id'] as string) || null,
          reason: (params['reason'] as string) || null,
        };
        auditLogger.log(auditRecord);

        return {
          content: [{ type: 'text' as const, text: JSON.stringify(result, null, 2) }],
        };
      } catch (err) {
        const errorMessage = err instanceof Error ? err.message : String(err);

        // Audit the error
        const auditRecord: AuditRecord = {
          timestamp: new Date().toISOString(),
          username: context.username,
          action: action.name,
          scope: null,
          params,
          result_summary: `ERROR: ${errorMessage}`,
          plan_id: null,
          reason: null,
        };
        auditLogger.log(auditRecord);

        return {
          content: [{ type: 'text' as const, text: JSON.stringify({ error: errorMessage }, null, 2) }],
          isError: true,
        };
      }
    },
  );
}

src/index.ts:51-61 (registration)

Collection of all action definitions from createCatalogActions (which includes catalog.get_product).

const allActions: ActionDefinition[] = [
  ...createAuthActions(sessionStore),
  ...createScopeActions(sessionStore),
  ...createPromotionsActions(planStore, guardrails, config),
  ...createCatalogActions(planStore, guardrails, idempotencyLedger, config),
  ...createPricingActions(planStore, guardrails, idempotencyLedger, config),
  ...createCmsActions(planStore, guardrails, config),
  ...createSeoActions(planStore, guardrails, config),
  ...createDiagnosticsActions(),
  ...createCacheActions(guardrails, config),
];

Tool Definition Quality

A3.5/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description must disclose behavioral traits. It implies a read-only operation via the verb 'Get' but does not explicitly state safety, idempotency, required permissions, or any side effects. Additional context such as authentication needs or rate limits is missing.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, concise sentence that immediately conveys the tool's purpose. It is front-loaded with the action and resource, with no unnecessary words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

The description is adequate for a simple get-by-ID tool but lacks details about the return format (e.g., 'full product details' is vague) and does not fully specify the parameter structure beyond the implication of SKU. Given the absence of an output schema, more context about the response would improve completeness.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema is generic (a params object with additional properties), but the description adds critical meaning by specifying 'by SKU', indicating that the params object likely requires a 'sku' property. This compensates for the schema's lack of detailed structure. However, it does not specify the exact key name or format.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description 'Get full product details by SKU' clearly states the action (get), the resource (full product details), and the identifier (SKU). It distinguishes itself from sibling tools like catalog_search_products, which is for searching rather than fetching a specific product.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No guidance is provided on when to use this tool versus alternatives like catalog_search_products or when not to use it. The description does not mention prerequisites or context for invocation.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/thomastx05/magento-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server