310 tools from the Mcp Api MCP Server, categorised by risk level.
View the Mcp Api policy →checkChangePasswordUsingIdWithId Check to see if the user must obtain a Trust Token Id in order to complete a change password request. When a user has enabled Two-Factor authentica... lookupIdentityProviderWithId Retrieves the identity provider for the given domain. A 200 response code indicates the domain is managed by a registered identity provider. A 404 ... retrieveActionWithId Retrieves a single action log (the log of a user action that was taken on a user previously) for the given Id. retrieveAPIKeyWithId Retrieves an authentication API key for the given Id. retrieveApplication Retrieves all the applications that are currently inactive. OR Retrieves the application for the given Id or all the applications if the Id is null. retrieveApplicationWithId Retrieves the application for the given Id or all the applications if the Id is null. retrieveAuditLogWithId Retrieves a single audit log for the given Id. retrieveConnectorWithId Retrieves the connector with the given Id. retrieveConsentWithId Retrieves the Consent for the given Id. retrieveDailyActiveReportWithId Retrieves the daily active user report between the two instants. If you specify an application Id, it will only return the daily active counts for ... retrieveDeviceUserCode Retrieve a user_code that is part of an in-progress Device Authorization Grant. This API is useful if you want to build your own login workflow to... retrieveEmailTemplate Retrieves the email template for the given Id. If you don't specify the Id, this will return all the email templates. retrieveEmailTemplatePreviewWithId Creates a preview of the email template provided in the request. This allows you to preview an email template that hasn't been saved to the databas... 2/5 retrieveEmailTemplateWithId Retrieves the email template for the given Id. If you don't specify the Id, this will return all the email templates. retrieveEntityGrantWithId Retrieves an Entity Grant for the given Entity and User/Entity. retrieveEntityTypeWithId Retrieves the Entity Type for the given Id. retrieveEntityWithId Retrieves the Entity for the given Id. retrieveEventLogWithId Retrieves a single event log for the given Id. retrieveFamiliesWithId Retrieves all the families that a user belongs to. retrieveFamilyMembersByFamilyIdWithId Retrieves all the members of a family by the unique Family Id. retrieveFormFieldWithId Retrieves the form field with the given Id. retrieveFormWithId Retrieves the form with the given Id. retrieveGroupWithId Retrieves the group for the given Id. retrieveIdentityProviderByTypeWithId Retrieves one or more identity provider for the given type. For types such as Google, Facebook, Twitter and LinkedIn, only a single identity provi... retrieveIdentityProviderLink Retrieve all Identity Provider users (links) for the user. Specify the optional identityProviderId to retrieve links for a particular IdP. OR Retri... retrieveIdentityProviderWithId Retrieves the identity provider for the given Id or all the identity providers if the Id is null. retrieveIPAccessControlListWithId Retrieves the IP Access Control List with the given Id. retrieveJsonWebKeySetWithId Returns public keys used by FusionAuth to cryptographically verify JWTs using the JSON Web Key format. retrieveJwtPublicKey Retrieves the Public Key configured for verifying the JSON Web Tokens (JWT) issued by the Login API by the Application Id. OR Retrieves the Public ... retrieveKeysWithId Retrieves all the keys. retrieveKeyWithId Retrieves the key for the given Id. retrieveLambdasByTypeWithId Retrieves all the lambdas for the provided type. retrieveLambdaWithId Retrieves the lambda for the given Id. retrieveMessageTemplate Retrieves the message template for the given Id. If you don't specify the Id, this will return all the message templates. retrieveMessageTemplatePreviewWithId Creates a preview of the message template provided in the request, normalized to a given locale. retrieveMessageTemplateWithId Retrieves the message template for the given Id. If you don't specify the Id, this will return all the message templates. retrieveMessengerWithId Retrieves the messenger with the given Id. retrieveMonthlyActiveReportWithId Retrieves the monthly active user report between the two instants. If you specify an application Id, it will only return the monthly active counts ... retrieveOauthConfigurationWithId Retrieves the Oauth2 configuration for the application for the given Application Id. retrieveOAuthScopeWithId Retrieves a custom OAuth scope. retrieveOpenIdConfigurationWithId Returns the well known OpenID Configuration JSON document retrievePasswordValidationRulesWithId Retrieves the password validation rules for a specific tenant. This method requires a tenantId to be provided through the use of a Tenant scoped A... retrievePasswordValidationRulesWithTenantIdWithId Retrieves the password validation rules for a specific tenant. This API does not require an API key. retrievePendingChildrenWithId Retrieves all the children for the given parent email address. retrievePendingLinkWithId Retrieve a pending identity provider link. This is useful to validate a pending link and retrieve meta-data about the identity provider link. retrieveReactorMetricsWithId Retrieves the FusionAuth Reactor metrics. retrieveRefreshTokenByIdWithId Retrieves a single refresh token by unique Id. This is not the same thing as the string value of the refresh token. If you have that, you already h... retrieveRefreshTokensWithId Retrieves the refresh tokens that belong to the user with the given Id. retrieveRegistrationReportWithId Retrieves the registration report between the two instants. If you specify an application Id, it will only return the registration counts for that ... retrieveRegistrationWithId Retrieves the user registration for the user with the given Id and the given application Id. retrieveReportLogin Retrieves the login report between the two instants for a particular user by login Id, using specific loginIdTypes. If you specify an application i... retrieveStatus Retrieves the FusionAuth system status using an API key. Using an API key will cause the response to include the product version, health checks and... retrieveSystemHealthWithId Retrieves the FusionAuth system health. This API will return 200 if the system is healthy, and 500 if the system is un-healthy. retrieveTenantWithId Retrieves the tenant for the given Id. retrieveThemeWithId Retrieves the theme for the given Id. retrieveTotalReportWithId Retrieves the totals report. This contains all the total counts for each application and the global registration count. retrieveTwoFactorRecoveryCodesWithId Retrieve two-factor recovery codes for a user. retrieveTwoFactorStatusWithId Retrieve a user's two-factor status. This can be used to see if a user will need to complete a two-factor challenge to complete a login, and optio... retrieveUser Retrieves the user for the given Id. This method does not use an API key, instead it uses a JSON Web Token (JWT) for authentication. OR Retrieves t... retrieveUserAction Retrieves the user action for the given Id. If you pass in null for the Id, this will return all the user actions. OR Retrieves all the user action... retrieveUserActioning Retrieves all the actions for the user with the given Id that are currently inactive. An inactive action means one that is time based and has been ... retrieveUserActionReason Retrieves the user action reason for the given Id. If you pass in null for the Id, this will return all the user action reasons. retrieveUserActionReasonWithId Retrieves the user action reason for the given Id. If you pass in null for the Id, this will return all the user action reasons. retrieveUserActionWithId Retrieves the user action for the given Id. If you pass in null for the Id, this will return all the user actions. retrieveUserChangePassword Check to see if the user must obtain a Trust Request Id in order to complete a change password request. When a user has enabled Two-Factor authenti... retrieveUserCommentsWithId Retrieves all the comments for the user with the given Id. retrieveUserConsentsWithId Retrieves all the consents for a User. retrieveUserConsentWithId Retrieve a single User consent by Id. retrieveUserInfoFromAccessTokenWithId Call the UserInfo endpoint to retrieve User Claims from the access token issued by FusionAuth. retrieveUserRecentLogin Retrieves the last number of login records for a user. OR Retrieves the last number of login records. retrieveUserWithId Retrieves the user for the given Id. retrieveVersionWithId Retrieves the FusionAuth version string. retrieveWebAuthnCredentialsForUserWithId Retrieves all WebAuthn credentials for the given user. retrieveWebAuthnCredentialWithId Retrieves the WebAuthn credential for the given Id. retrieveWebhook Retrieves the webhook for the given Id. If you pass in null for the Id, this will return all the webhooks. retrieveWebhookAttemptLogWithId Retrieves a single webhook attempt log for the given Id. retrieveWebhookEventLogWithId Retrieves a single webhook event log for the given Id. retrieveWebhookWithId Retrieves the webhook for the given Id. If you pass in null for the Id, this will return all the webhooks. searchApplicationsWithId Searches applications with the specified criteria and pagination. searchAuditLogsWithId Searches the audit logs with the specified criteria and pagination. searchConsentsWithId Searches consents with the specified criteria and pagination. searchEmailTemplatesWithId Searches email templates with the specified criteria and pagination. searchEntitiesByIdsWithId Retrieves the entities for the given Ids. If any Id is invalid, it is ignored. searchEntitiesWithId Searches entities with the specified criteria and pagination. 2/5 searchEntityGrantsWithId Searches Entity Grants with the specified criteria and pagination. searchEntityTypesWithId Searches the entity types with the specified criteria and pagination. searchEventLogsWithId Searches the event logs with the specified criteria and pagination. searchGroupMembersWithId Searches group members with the specified criteria and pagination. searchGroupsWithId Searches groups with the specified criteria and pagination. searchIdentityProvidersWithId Searches identity providers with the specified criteria and pagination. searchIPAccessControlListsWithId Searches the IP Access Control Lists with the specified criteria and pagination. searchKeysWithId Searches keys with the specified criteria and pagination. searchLambdasWithId Searches lambdas with the specified criteria and pagination. searchLoginRecordsWithId Searches the login records with the specified criteria and pagination. searchTenantsWithId Searches tenants with the specified criteria and pagination. searchThemesWithId Searches themes with the specified criteria and pagination. searchUserCommentsWithId Searches user comments with the specified criteria and pagination. searchUsersByIdsWithId Retrieves the users for the given Ids. If any Id is invalid, it is ignored. searchUsersByQueryWithId Retrieves the users for the given search criteria and pagination. 2/5 searchWebhookEventLogsWithId Searches the webhook event logs with the specified criteria and pagination. searchWebhooksWithId Searches webhooks with the specified criteria and pagination. validateDeviceWithId Validates the end-user provided user_code from the user-interaction of the Device Authorization Grant. If you build your own activation form you sh... validateJWTWithId Validates the provided JWT (encoded JWT string) to ensure the token is valid. A valid access token is properly signed and not expired. <p> This API... verifyIdentityWithId Administratively verify a user identity. verifyUserRegistrationWithId Confirms a user's registration. The request body will contain the verificationId. You may also be required to send a one-time use code based upon... actionUserWithId Takes an action on a user. The user being actioned is called the "actionee" and the user taking the action is called the "actioner". Both user ids ... 2/5 activateReactorWithId Activates the FusionAuth Reactor using a license Id and optionally a license text (for air-gapped deployments) 2/5 approveDeviceWithId Approve a device grant. 2/5 commentOnUserWithId Adds a comment to the user's account. 2/5 completeVerifyIdentityWithId Completes verification of an identity using verification codes from the Verify Start API. 2/5 completeWebAuthnAssertionWithId Complete a WebAuthn authentication ceremony by validating the signature against the previously generated challenge without logging the user in 2/5 completeWebAuthnLoginWithId Complete a WebAuthn authentication ceremony by validating the signature against the previously generated challenge and then login the user in 2/5 completeWebAuthnRegistrationWithId Complete a WebAuthn registration ceremony by validating the client request and saving the new credential 2/5 createAPIKey Creates an API key. You can optionally specify a unique Id for the key, if not provided one will be generated. an API key can only be created with ... 3/5 createAPIKeyWithId Creates an API key. You can optionally specify a unique Id for the key, if not provided one will be generated. an API key can only be created with ... 3/5 createApplication Creates an application. You can optionally specify an Id for the application, if not provided one will be generated. 3/5 createApplicationRole Creates a new role for an application. You must specify the Id of the application you are creating the role for. You can optionally specify an Id f... 3/5 createApplicationRoleWithId Creates a new role for an application. You must specify the Id of the application you are creating the role for. You can optionally specify an Id f... 3/5 createApplicationWithId Creates an application. You can optionally specify an Id for the application, if not provided one will be generated. 3/5 createAuditLogWithId Creates an audit log with the message and user name (usually an email). Audit logs should be written anytime you make changes to the FusionAuth dat... 2/5 createConnector Creates a connector. You can optionally specify an Id for the connector, if not provided one will be generated. 2/5 createConnectorWithId Creates a connector. You can optionally specify an Id for the connector, if not provided one will be generated. 2/5 createConsent Creates a user consent type. You can optionally specify an Id for the consent type, if not provided one will be generated. 2/5 createConsentWithId Creates a user consent type. You can optionally specify an Id for the consent type, if not provided one will be generated. 2/5 createEmailTemplate Creates an email template. You can optionally specify an Id for the template, if not provided one will be generated. 2/5 createEmailTemplateWithId Creates an email template. You can optionally specify an Id for the template, if not provided one will be generated. 2/5 createEntity Creates an Entity. You can optionally specify an Id for the Entity. If not provided one will be generated. 2/5 createEntityType Creates a Entity Type. You can optionally specify an Id for the Entity Type, if not provided one will be generated. 2/5 createEntityTypePermission Creates a new permission for an entity type. You must specify the Id of the entity type you are creating the permission for. You can optionally spe... 2/5 createEntityTypePermissionWithId Creates a new permission for an entity type. You must specify the Id of the entity type you are creating the permission for. You can optionally spe... 2/5 createEntityTypeWithId Creates a Entity Type. You can optionally specify an Id for the Entity Type, if not provided one will be generated. 2/5 createEntityWithId Creates an Entity. You can optionally specify an Id for the Entity. If not provided one will be generated. 2/5 createFamily Creates a family with the user Id in the request as the owner and sole member of the family. You can optionally specify an Id for the family, if no... 2/5 createFamilyWithId Creates a family with the user Id in the request as the owner and sole member of the family. You can optionally specify an Id for the family, if no... 2/5 createForm Creates a form. You can optionally specify an Id for the form, if not provided one will be generated. 2/5 createFormField Creates a form field. You can optionally specify an Id for the form, if not provided one will be generated. 3/5 createFormFieldWithId Creates a form field. You can optionally specify an Id for the form, if not provided one will be generated. 3/5 createFormWithId Creates a form. You can optionally specify an Id for the form, if not provided one will be generated. 2/5 createGroup Creates a group. You can optionally specify an Id for the group, if not provided one will be generated. 2/5 createGroupMembersWithId Creates a member in a group. 2/5 createGroupWithId Creates a group. You can optionally specify an Id for the group, if not provided one will be generated. 2/5 createIdentityProvider Creates an identity provider. You can optionally specify an Id for the identity provider, if not provided one will be generated. 2/5 createIdentityProviderWithId Creates an identity provider. You can optionally specify an Id for the identity provider, if not provided one will be generated. 2/5 createIntrospect Inspect an access token issued as the result of the Client Credentials Grant. OR Inspect an access token issued as the result of the User based gra... 2/5 createIPAccessControlList Creates an IP Access Control List. You can optionally specify an Id on this create request, if one is not provided one will be generated. 2/5 createIPAccessControlListWithId Creates an IP Access Control List. You can optionally specify an Id on this create request, if one is not provided one will be generated. 2/5 createLambda Creates a Lambda. You can optionally specify an Id for the lambda, if not provided one will be generated. 3/5 createLambdaWithId Creates a Lambda. You can optionally specify an Id for the lambda, if not provided one will be generated. 3/5 createLogout The Logout API is intended to be used to remove the refresh token and access token cookies if they exist on the client and revoke the refresh token... 2/5 createMessageTemplate Creates an message template. You can optionally specify an Id for the template, if not provided one will be generated. 2/5 createMessageTemplateWithId Creates an message template. You can optionally specify an Id for the template, if not provided one will be generated. 2/5 createMessenger Creates a messenger. You can optionally specify an Id for the messenger, if not provided one will be generated. 2/5 createMessengerWithId Creates a messenger. You can optionally specify an Id for the messenger, if not provided one will be generated. 2/5 createOAuthScope Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for. You can optionally ... 2/5 createOAuthScopeWithId Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for. You can optionally ... 2/5 createTenant Creates a tenant. You can optionally specify an Id for the tenant, if not provided one will be generated. 3/5 createTenantWithId Creates a tenant. You can optionally specify an Id for the tenant, if not provided one will be generated. 3/5 createTheme Creates a Theme. You can optionally specify an Id for the theme, if not provided one will be generated. 2/5 createThemeWithId Creates a Theme. You can optionally specify an Id for the theme, if not provided one will be generated. 2/5 createToken Exchange User Credentials for a Token. If you will be using the Resource Owner Password Credential Grant, you will make a request to the Token endp... 2/5 createUser Creates a user. You can optionally specify an Id for the user, if not provided one will be generated. 3/5 createUserAction Creates a user action. This action cannot be taken on a user until this call successfully returns. Anytime after that the user action can be applie... 2/5 createUserActionReason Creates a user reason. This user action reason cannot be used when actioning a user until this call completes successfully. Anytime after that the ... 3/5 createUserActionReasonWithId Creates a user reason. This user action reason cannot be used when actioning a user until this call completes successfully. Anytime after that the ... 3/5 createUserActionWithId Creates a user action. This action cannot be taken on a user until this call successfully returns. Anytime after that the user action can be applie... 2/5 createUserChangePassword Changes a user's password using their access token (JWT) instead of the changePasswordId A common use case for this method will be if you want to a... 3/5 createUserConsent Creates a single User consent. 2/5 createUserConsentWithId Creates a single User consent. 2/5 createUserLinkWithId Link an external user from a 3rd party identity provider to a FusionAuth user. 3/5 createUserVerifyEmail Administratively verify a user's email address. Use this method to bypass email verification for the user. The request body will contain the userI... 2/5 createUserWithId Creates a user. You can optionally specify an Id for the user, if not provided one will be generated. 3/5 createWebhook Creates a webhook. You can optionally specify an Id for the webhook, if not provided one will be generated. 3/5 createWebhookWithId Creates a webhook. You can optionally specify an Id for the webhook, if not provided one will be generated. 3/5 enableTwoFactorWithId Enable two-factor authentication for a user. 4/5 exchangeRefreshTokenForJWTWithId Exchange a refresh token for a new JWT. 2/5 generateKey Generate a new RSA or EC key pair or an HMAC secret. 3/5 generateKeyWithId Generate a new RSA or EC key pair or an HMAC secret. 3/5 generateTwoFactorRecoveryCodesWithId Generate two-factor recovery codes for a user. Generating two-factor recovery codes will invalidate any existing recovery codes. 2/5 generateTwoFactorSecretUsingJWTWithId Generate a Two Factor secret that can be used to enable Two Factor authentication for a User. The response will contain both the secret and a Base3... 2/5 identityProviderLoginWithId Handles login via third-parties including Social login, external OAuth and OpenID Connect, and other login systems. 2/5 importKey Import an existing RSA or EC key pair or an HMAC secret. 3/5 importKeyWithId Import an existing RSA or EC key pair or an HMAC secret. 3/5 importRefreshTokensWithId Bulk imports refresh tokens. This request performs minimal validation and runs batch inserts of refresh tokens with the expectation that each token... 3/5 importUsersWithId Bulk imports users. This request performs minimal validation and runs batch inserts of users with the expectation that each user does not yet exist... 3/5 importWebAuthnCredentialWithId Import a WebAuthn credential 3/5 issueJWTWithId Issue a new access token (JWT) for the requested Application after ensuring the provided JWT is valid. A valid access token is properly signed and ... 2/5 loginPingWithId Sends a ping to FusionAuth indicating that the user was automatically logged into an application. When using FusionAuth's SSO or your own, you shou... 2/5 loginPingWithRequestWithId Sends a ping to FusionAuth indicating that the user was automatically logged into an application. When using FusionAuth's SSO or your own, you shou... 2/5 loginWithId Authenticates a user to FusionAuth. This API optionally requires an API key. See <code>Application.loginConfiguration.requireAuthentication</code>. 3/5 modifyActionWithId Modifies a temporal user action by changing the expiration of the action and optionally adding a comment to the action. 2/5 passwordlessLoginWithId Complete a login request using a passwordless code 3/5 patchAPIKeyWithId Updates an API key with the given Id. 3/5 patchApplicationRoleWithId Updates, via PATCH, the application role with the given Id for the application. 3/5 patchApplicationWithId Updates, via PATCH, the application with the given Id. 3/5 patchConnectorWithId Updates, via PATCH, the connector with the given Id. 2/5 patchConsentWithId Updates, via PATCH, the consent with the given Id. 2/5 patchEmailTemplateWithId Updates, via PATCH, the email template with the given Id. 2/5 patchEntityTypePermissionWithId Patches the permission with the given Id for the entity type. 2/5 patchEntityTypeWithId Updates, via PATCH, the Entity Type with the given Id. 2/5 patchEntityWithId Updates, via PATCH, the Entity with the given Id. 2/5 patchFormFieldWithId Patches the form field with the given Id. 3/5 patchFormWithId Patches the form with the given Id. 2/5 patchGroupWithId Updates, via PATCH, the group with the given Id. 2/5 patchIdentityProviderWithId Updates, via PATCH, the identity provider with the given Id. 2/5 patchIntegrationsWithId Updates, via PATCH, the available integrations. 3/5 patchIPAccessControlListWithId Update the IP Access Control List with the given Id. 2/5 patchLambdaWithId Updates, via PATCH, the lambda with the given Id. 3/5 patchMessageTemplateWithId Updates, via PATCH, the message template with the given Id. 2/5 patchMessengerWithId Updates, via PATCH, the messenger with the given Id. 2/5 patchOAuthScopeWithId Updates, via PATCH, the custom OAuth scope with the given Id for the application. 2/5 patchRegistrationWithId Updates, via PATCH, the registration for the user with the given Id and the application defined in the request. 3/5 patchSystemConfigurationWithId Updates, via PATCH, the system configuration. 2/5 patchTenantWithId Updates, via PATCH, the tenant with the given Id. 3/5 patchThemeWithId Updates, via PATCH, the theme with the given Id. 2/5 patchUserActionReasonWithId Updates, via PATCH, the user action reason with the given Id. 3/5 patchUserActionWithId Updates, via PATCH, the user action with the given Id. 2/5 patchUserConsentWithId Updates, via PATCH, a single User consent by Id. 2/5 patchUserWithId Updates, via PATCH, the user with the given Id. 3/5 patchWebhookWithId Patches the webhook with the given Id. 3/5 reconcileJWTWithId Reconcile a User to FusionAuth using JWT issued from another Identity Provider. 2/5 register Registers a user for an application. If you provide the User and the UserRegistration object on this request, it will create the user as well as re... 3/5 registerWithId Registers a user for an application. If you provide the User and the UserRegistration object on this request, it will create the user as well as re... 3/5 sendEmailWithId Send an email using an email template Id. You can optionally provide <code>requestData</code> to access key value pairs in the email template. 2/5 sendFamilyRequestEmailWithId Sends out an email to a parent that they need to register and create a family or need to log in and add a child to their existing family. 2/5 sendPasswordlessCodeWithId Send a passwordless authentication code in an email to complete login. 3/5 sendTwoFactorCodeForEnableDisableWithId Send a Two Factor authentication code to assist in setting up Two Factor authentication or disabling. 2/5 sendTwoFactorCodeForLoginUsingMethodWithId Send a Two Factor authentication code to allow the completion of Two Factor authentication. 2/5 sendVerifyIdentityWithId Send a verification code using the appropriate transport for the identity type being verified. 2/5 twoFactorLoginWithId Complete login using a 2FA challenge 3/5 updateAPIKeyWithId Updates an API key with the given Id. 3/5 updateApplicationRoleWithId Updates the application role with the given Id for the application. 3/5 updateApplicationWithId Updates the application with the given Id. OR Reactivates the application with the given Id. 3/5 updateConnectorWithId Updates the connector with the given Id. 2/5 updateConsentWithId Updates the consent with the given Id. 2/5 updateEmailTemplateWithId Updates the email template with the given Id. 2/5 updateEntityTypePermissionWithId Updates the permission with the given Id for the entity type. 2/5 updateEntityTypeWithId Updates the Entity Type with the given Id. 2/5 updateEntityWithId Updates the Entity with the given Id. 2/5 updateFormFieldWithId Updates the form field with the given Id. 3/5 updateFormWithId Updates the form with the given Id. 2/5 updateGroupMembersWithId Creates a member in a group. 2/5 updateGroupWithId Updates the group with the given Id. 2/5 updateIdentityProviderWithId Updates the identity provider with the given Id. 2/5 updateIntegrationsWithId Updates the available integrations. 3/5 updateIPAccessControlListWithId Updates the IP Access Control List with the given Id. 2/5 updateKeyWithId Updates the key with the given Id. 3/5 updateLambdaWithId Updates the lambda with the given Id. 3/5 updateMessageTemplateWithId Updates the message template with the given Id. 2/5 updateMessengerWithId Updates the messenger with the given Id. 2/5 updateOAuthScopeWithId Updates the OAuth scope with the given Id for the application. 2/5 updateRegistrationWithId Updates the registration for the user with the given Id and the application defined in the request. 3/5 updateSystemConfigurationWithId Updates the system configuration. 2/5 updateTenantWithId Updates the tenant with the given Id. 3/5 updateThemeWithId Updates the theme with the given Id. 2/5 updateUserActionReasonWithId Updates the user action reason with the given Id. 3/5 updateUserActionWithId Updates the user action with the given Id. OR Reactivates the user action with the given Id. 2/5 updateUserConsentWithId Updates a single User consent by Id. 2/5 updateUserFamilyWithId Updates a family with a given Id. OR Adds a user to an existing family. The family Id must be specified. 2/5 updateUserVerifyEmail Re-sends the verification email to the user. If the Application has configured a specific email template this will be used instead of the tenant co... 2/5 updateUserVerifyRegistration Re-sends the application registration verification email to the user. OR Generate a new Application Registration Verification Id to be used with th... 2/5 updateUserWithId Updates the user with the given Id. OR Reactivates the user with the given Id. 3/5 updateWebhookWithId Updates the webhook with the given Id. 3/5 upsertEntityGrantWithId Creates or updates an Entity Grant. This is when a User/Entity is granted permissions to an Entity. 2/5 vendJWTWithId It's a JWT vending machine! Issue a new access token (JWT) with the provided claims in the request. This JWT is not scoped to a tenant or user, it... 2/5 cancelActionWithId Cancels the user action. 4/5 changePasswordWithId Changes a user's password using the change password Id. This usually occurs after an email has been sent to the user and they clicked on a link to ... 5/5 deleteAPIKeyWithId Deletes the API key for the given Id. 4/5 deleteApplicationRoleWithId Hard deletes an application role. This is a dangerous operation and should not be used in most circumstances. This permanently removes the given ro... 5/5 deleteApplicationWithId Hard deletes an application. This is a dangerous operation and should not be used in most circumstances. This will delete the application, any regi... 4/5 deleteConnectorWithId Deletes the connector for the given Id. 4/5 deleteConsentWithId Deletes the consent for the given Id. 4/5 deleteEmailTemplateWithId Deletes the email template for the given Id. 4/5 deleteEntityGrantWithId Deletes an Entity Grant for the given User or Entity. 4/5 deleteEntityTypePermissionWithId Hard deletes a permission. This is a dangerous operation and should not be used in most circumstances. This permanently removes the given permissio... 4/5 deleteEntityTypeWithId Deletes the Entity Type for the given Id. 4/5 deleteEntityWithId Deletes the Entity for the given Id. 4/5 deleteFormFieldWithId Deletes the form field for the given Id. 4/5 deleteFormWithId Deletes the form for the given Id. 4/5 deleteGroupMembersWithId Removes users as members of a group. 4/5 deleteGroupWithId Deletes the group for the given Id. 4/5 deleteIdentityProviderWithId Deletes the identity provider for the given Id. 4/5 deleteIPAccessControlListWithId Deletes the IP Access Control List for the given Id. 4/5 deleteJwtRefresh Revokes refresh tokens using the information in the JSON body. The handling for this method is the same as the revokeRefreshToken method and is bas... 5/5 deleteKeyWithId Deletes the key for the given Id. 4/5 deleteLambdaWithId Deletes the lambda for the given Id. 4/5 deleteMessageTemplateWithId Deletes the message template for the given Id. 4/5 deleteMessengerWithId Deletes the messenger for the given Id. 4/5 deleteOAuthScopeWithId Hard deletes a custom OAuth scope. OAuth workflows that are still requesting the deleted OAuth scope may fail depending on the application's unknow... 4/5 deleteTenantWithId Deletes the tenant based on the given request (sent to the API as JSON). This permanently deletes all information, metrics, reports and data associ... 5/5 deleteThemeWithId Deletes the theme for the given Id. 4/5 deleteUserActionReasonWithId Deletes the user action reason for the given Id. 4/5 deleteUserActionWithId Deletes the user action for the given Id. This permanently deletes the user action and also any history and logs of the action being applied to any... 4/5 deleteUserBulk Deletes the users with the given Ids, or users matching the provided JSON query or queryString. The order of preference is Ids, query and then quer... 5/5 deleteUserLinkWithId Remove an existing link that has been made from a 3rd party identity provider to a FusionAuth user. 4/5 deleteUserRegistrationWithId Deletes the user registration for the given user and application along with the given JSON body that contains the event information. OR Deletes the... 4/5 deleteUserTwoFactorWithId Disable two-factor authentication for a user using a JSON body rather than URL parameters. OR Disable two-factor authentication for a user. 5/5 deleteUserWithId Deletes the user based on the given request (sent to the API as JSON). This permanently deletes all information, metrics, reports and data associat... 4/5 deleteWebAuthnCredentialWithId Deletes the WebAuthn credential for the given Id. 4/5 deleteWebhookWithId Deletes the webhook for the given Id. 4/5 forgotPasswordWithId Begins the forgot password sequence, which kicks off an email to the user so that they can reset their password. 4/5 reindexWithId Requests Elasticsearch to delete and rebuild the index for FusionAuth users or entities. Be very careful when running this request as it will incr... 4/5 removeUserFromFamilyWithId Removes a user from the family with the given Id. 4/5 revokeRefreshTokenByIdWithId Revokes a single refresh token by the unique Id. The unique Id is not sensitive as it cannot be used to obtain another JWT. 4/5 revokeUserConsentWithId Revokes a single User consent by Id. 4/5 startIdentityProviderLoginWithId Begins a login request for a 3rd party login that requires user interaction such as HYPR. 3/5 startPasswordlessLoginWithId Start a passwordless login request by generating a passwordless code. This code can be sent to the User using the Send Passwordless Code API or usi... 3/5 startTwoFactorLoginWithId Start a Two-Factor login request by generating a two-factor identifier. This code can then be sent to the Two Factor Send API (/api/two-factor/sen... 4/5 startVerifyIdentityWithId Start a verification of an identity by generating a code. This code can be sent to the User using the Verify Send API Verification Code API or usin... 3/5 startWebAuthnLoginWithId Start a WebAuthn authentication ceremony by generating a new challenge for the user 3/5 startWebAuthnRegistrationWithId Start a WebAuthn registration ceremony by generating a new challenge for the user 3/5 The Mcp Api MCP server exposes 310 tools across 4 categories: Read, Write, Destructive, Execute.
Use Intercept, the open-source MCP proxy. Write YAML rules for each tool — rate limits, argument validation, or deny rules — then run Intercept in front of the Mcp Api server.
Mcp Api tools are categorised as Read (105), Write (159), Destructive (40), Execute (6). Each category has a recommended default policy.
Open source. One binary. Zero dependencies.
npx -y @policylayer/intercept