InvGate Service Desk

96 tools. 33 can modify or destroy data without limits.

5 destructive tools with no built-in limits. Policy required.

Last updated:

33 can modify or destroy data
63 read-only
96 tools total

Community server · catalogue entry verified 30/06/2026

How to control InvGate Service Desk ↓

What InvGate Service Desk exposes to your agents

Read (63) Write / Execute (28) Destructive / Financial (5)
Critical Risk

The most dangerous InvGate Service Desk tools

33 of InvGate Service Desk's 96 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control InvGate Service Desk

PolicyLayer is an MCP gateway — it sits between your AI agents and InvGate Service Desk, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "cancel_incident": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "accept_incident_approval": {
    "limits": [
      {
        "counter": "accept_incident_approval_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "find_users": {
    "limits": [
      {
        "counter": "find_users_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register InvGate Service Desk — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON INVGATE SERVICE DESK →

Instant setup, no code required.

All 96 InvGate Service Desk tools

WRITE 28 tools
Write accept_incident_approval Accept an approval. Write accept_incident_solution Accept the solution of a request, with a rating. Write add_incident_approval_voter Add a voter to an approval. Write add_incident_collaborator Request collaboration from one or more users on a request. Write add_incident_comment Add a reply/comment to a request. Write add_incident_observer Add one or more users as observers of a request. Write create_incident Create a new request (ticket). Write create_incident_spontaneous_approval Create a spontaneous approval on a request. Write create_kb_article Create a Knowledge Base article. Write link_incident Link a request to one or more other requests. Write link_incident_to_external_entity Link a request to an external entity. Write log_time Log time on a request (from/to are epoch timestamps; from defaults to Write promote_incident_to_major Promote a request to a major incident. Write reassign_incident Reassign a request to a help desk and/or agent. Write reject_incident Reject a request. Write reject_incident_approval Reject an approval. Write reject_incident_solution Reject the solution of a request, with a comment. Write relate_incident_to_cis_by_keyword Relate a request to every CI that matches a keyword. Write reopen_incident Reopen a request. Write request_incident_custom_approval Request a custom approval (by template) on a request. Write set_incident_custom_field Set the value(s) of a custom field on a request. Write set_incident_waiting_for_agent Set a request to waiting for agent. Write set_incident_waiting_for_customer Set a request to waiting for customer. Write set_incident_waiting_for_date Set a request to waiting until a date (epoch timestamp). Write set_incident_waiting_for_external_entity Set a request to waiting for an external entity. Write set_incident_waiting_for_incident Set a request to waiting for another request. Write update_incident Change attributes of a request. Write update_kb_article Update a Knowledge Base article (author_id required by the API).
READ 63 tools
Read find_users Search users by username, email, phone number or employee number. Read get_breaking_news Get a single Breaking News announcement by ID. Read get_breaking_news_status Get the updates of a Breaking News announcement. Read get_cis_by_id Get CIs by their internal IDs and inventory source ID. Read get_custom_field_config Get the configuration of a custom field by UID. Read get_custom_field_list_config Get the configuration of a list-type custom field. Read get_custom_field_list_options Get the options of a list-type custom field. Read get_custom_field_tree_options Get the options structure of a tree-type custom field. Read get_incident Get a single incident (request) by its ID. Read get_incident_comments Get the replies/comments of a given incident. Read get_kb_article_attachments List the attachments of a Knowledge Base article. Read get_kb_articles_by_ids Get Knowledge Base articles by their IDs. Read get_kb_categories_by_ids Get Knowledge Base categories by their IDs. Read get_linked_assets_counters Get counters of linked assets from a given starting point. Read get_linked_cis_counters Get counters of incidents per status for CIs from a given starting point. Read get_starting_fields_by_category List the custom fields applicable to a category at request creation. Read get_user Get a single user by ID. Read get_user_groups Get the groups, companies, helpdesks and locations for the given users. Read get_workflow_field_list_values Get current values of a list-type field in a workflow instance. Read get_workflow_initial_fields List the initial fields needed to create a request from a workflow. Read get_workflow_process Get workflow process info with version history (or one by ID). Read list_breaking_news List all Breaking News announcements. Read list_breaking_news_statuses List the possible statuses of Breaking News (or one by ID). Read list_breaking_news_types List the importance types of Breaking News (or one by ID). Read list_categories List incident categories. Hierarchical via parent_category_id. Supports search. Read list_companies List active companies, optionally filtered by ID, name or external ID. Read list_company_groups List the user groups related to a company. Read list_company_members List the members of a company (optionally check one user). Read list_company_observers List companies and their observers (optionally filtered by IDs). Read list_custom_field_types List supported custom field types (type code -> description). Read list_custom_fields List all active custom field definitions. Read list_custom_fields_by_category List the custom fields related to a category. Read list_group_members List the members of a group (optionally check one user's membership). Read list_groups List active groups, or one in particular by ID or name. Read list_helpdesk_levels List active help desk levels, or one in particular by ID. Read list_helpdesk_observers List help desks and their observers (optionally filtered by IDs). Read list_helpdesks List active help desks, or one in particular by ID or name. Read list_helpdesks_and_levels List help desks together with their levels, or one by ID. Read list_incident_types List incident types (e.g. Incident, Service Request, Problem, Change). Read list_incidents_by_agent List incidents assigned to an agent (by id, email or username). Read list_incidents_by_asset List the requests related to an asset. Read list_incidents_by_cis List the requests linked to CIs (by source ID and CI IDs). Read list_incidents_by_customer List open incidents from a customer (by id, email or username). Read list_incidents_by_helpdesk List open incidents in a help desk (or several help desk IDs). Read list_incidents_by_status List open incidents matching a status (or several status IDs). Read list_kb_articles List Knowledge Base articles with their properties. Read list_kb_articles_by_category List articles in a category (visibility: 1=public). Read list_kb_categories List all Knowledge Base categories. Read list_level_observers List help desk levels and their observers (optionally filtered by IDs). Read list_location_members List the members of a location (optionally check one user). Read list_location_observers List locations and their observers (optionally filtered by IDs). Read list_locations List active locations, or one in particular by ID. Read list_priorities List incident priorities (e.g. Low, Medium, High, Urgent, Critical). Read list_requests_related_to_assets List the requests related to assets (by source ID and asset IDs). Read list_shared_custom_fields List all active shared custom field definitions. Read list_sources List incident sources (e.g. Portal, Email, Phone, API). Read list_statuses List incident statuses. Read list_time_tracking List time tracking entries for a request or within a date interval Read list_time_tracking_categories List time tracking categories (or one by ID), including cost_per_hour. Read list_trigger_executions List each time a specific trigger was executed. Read list_triggers List the automation triggers, or one in particular by ID. Read list_users List users, optionally filtered to specific IDs. Read search_kb_articles Search Knowledge Base articles by keywords (relevance-ranked).

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about InvGate Service Desk

Can an AI agent delete data through the InvGate Service Desk MCP server? +

Yes. The InvGate Service Desk server exposes 5 destructive tools including cancel_incident, cancel_incident_approval, delete_incident_custom_field. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through InvGate Service Desk? +

The InvGate Service Desk server has 28 write tools including accept_incident_approval, accept_incident_solution, add_incident_approval_voter. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach InvGate Service Desk.

How many tools does the InvGate Service Desk MCP server expose? +

96 tools across 3 categories: Destructive, Read, Write. 63 are read-only. 33 can modify, create, or delete data.

How do I enforce a policy on InvGate Service Desk? +

Register the InvGate Service Desk MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every InvGate Service Desk tool call.

Deterministic rules across all 96 InvGate Service Desk tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

96 InvGate Service Desk tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.