// MCP TOOL REFERENCE

KEYID TOOLS

64 tools from the KeyID MCP Server, categorised by risk level.

View the KeyID policy → Token cost: 5,198 tokens →

// ALL 64 KEYID TOOLS

READ 35 tools

Read block_registration_session Mark a signup session blocked and record why the flow could not continue. Read follow_verification_link Follow a verification link directly or from an extracted message link list. Read get_auto_reply Fetch the current auto-reply configuration. Read get_file Download a stored file by key. Returns base64-encoded content. Read get_forwarding Fetch the current forwarding address. Read get_identity Fetch the current KeyID identity, address, phone, and reputation. Read get_message Fetch the full details for a single message. Read get_metrics Fetch usage metrics for the current identity. Read get_page Get details of an agent page by slug. Read get_persona Fetch the synthetic persona used for registrations. Read get_registration Fetch one registration record by ID. Read get_registration_artifacts Fetch the normalized artifacts attached to a signup session in priority order. Read get_registration_session Fetch one signup session, including its latest artifact summary and lease state. Read get_reputation Fetch the current reputation score and factor breakdown. Read get_secret Retrieve a decrypted vault entry by key. Read get_signature Fetch the current email signature. Read get_thread Fetch a thread and all of its messages. Read get_totp_code Generate the current TOTP code for a stored authenticator entry. Read get_verification_codes Read OTP or verification codes from a message, or from the latest matching message. Read get_webhook_deliveries Inspect recent webhook delivery attempts. Read list_contacts List saved contacts for the identity. Read list_crons List cron jobs that fire webhooks on a schedule. Read list_files List files stored for the current agent. Read list_messages List email or SMS messages with search and inbox filters. Read list_page_files List all files in an agent page. Read list_pages List all pages owned by the current agent. Read list_registration_sessions List current and historical signup sessions for this identity. Read list_registrations List saved service registrations. Read list_secrets List vault keys without exposing secret values. Read list_threads List conversation threads for the current identity. Read list_totp_entries List registered authenticator/TOTP entries for the identity. Read list_webhooks List webhook subscriptions for the identity. Read load_browser_state Load the saved browser state for a signup session. Read reply_to_message Reply to a message, optionally as reply-all. Read web_search Search the web via Google. Returns titles, URLs, and snippets. Rate-limited to 100 searches per day.

WRITE 20 tools

Write complete_registration_session Mark a signup session complete after the browser flow succeeds. Write create_cron Register a webhook URL to fire on a cron schedule. Standard 5-field cron: minute hour day month weekday. Write create_or_update_persona Create a persona or update the existing one with explicit overrides. Write create_page Claim a slug and create a new agent page. Slug must be 5+ chars, lowercase alphanumeric with hyphens. Write create_webhook Create a webhook subscription. Write provision_identity Create or reveal the email identity for this MCP session. Write put_secret Create or update a vault entry. Write request_phone_number Assign a phone number to the current KeyID identity. Write save_browser_state Store cookies and browser session state for a signup session in the KeyID vault. Write save_registration Create or update a registration record for an external service. Write send_email Send an email from the current identity. Write set_auto_reply Enable, disable, or edit the auto-reply responder. Write set_forwarding Set or clear the forwarding address. Write set_signature Set or clear the email signature. Write store_file Upload or overwrite a file. Content should be base64-encoded for binary, or plain text (which will be base6... Write update_cron Update a cron job — change schedule, URL, or pause/resume. Write update_message Update message flags such as read or starred state. Write update_page Update page title, description, or published status. Write upload_page_file Upload or update a file in an agent page. Content must be base64-encoded. Allowed types: HTML, CSS, JS, ima... Write upsert_contact Create a contact by email or update one by contact ID.

DESTRUCTIVE 6 tools

Destructive delete_contact Delete a contact by ID. Destructive delete_cron Remove a scheduled webhook. Destructive delete_file Delete a stored file by key. Destructive delete_page Delete a page and all its files. Destructive delete_page_file Delete a single file from an agent page. Destructive delete_secret Delete a vault entry.

EXECUTE 3 tools

Execute start_registration_session Start a signup session that correlates email, SMS, or TOTP artifacts for one service. Execute wait_for_message Poll until a matching inbound message arrives. Execute wait_for_registration_artifact Poll a signup session until an artifact arrives or the session expires, blocks, or times out.

// FAQ

How many tools does the KeyID MCP server have? +

The KeyID MCP server exposes 64 tools across 4 categories: Read, Write, Destructive, Execute.

How do I enforce policies on KeyID tools? +

Route the KeyID server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard — they are enforced on every call before it reaches the server.

What risk categories do KeyID tools fall into? +

KeyID tools are categorised as Read (35), Write (20), Destructive (6), Execute (3). Each category has a recommended default policy.

Let agents act without letting them run wild.

Route your MCP servers through PolicyLayer and every tool call is checked against your policy before it runs — allow, deny, or require approval. Per-identity grants. Full audit log. Live in minutes.

SECURE YOUR MCP →

Free to start. No card required.

4,600+ MCP servers and 31,000+ tools scanned and risk-classified.