diff --git a/britive_mcp_tools/tools/application_management_applications.py b/britive_mcp_tools/tools/application_management_applications.py index 771fb2b..e0c0a4f 100644 --- a/britive_mcp_tools/tools/application_management_applications.py +++ b/britive_mcp_tools/tools/application_management_applications.py @@ -48,13 +48,16 @@ def application_management_applications_get(application_id: str): ) -@mcp.tool(name="application_management_applications_list", description="""Use this tool to retrieve a list of all applications available in the Britive tenant. This is typically the first step when identifying applications by name or filtering them based on user input. The results can be used to extract application IDs required for other tools.""") +@mcp.tool( + name="application_management_applications_list", + description="""Use this tool to retrieve a list of all applications available in the Britive tenant. This is typically the first step when identifying applications by name or filtering them based on user input. The results can be used to extract application IDs required for other tools.""", +) def application_management_applications_list(extended: bool = True): # This tool is generated using Britive SDK v4.3.0 """Return a list of applications in the Britive tenant. -:param extended: if True, will return additional details of the applications -:return: List of applications.""" + :param extended: if True, will return additional details of the applications + :return: List of applications.""" try: client = client_wrapper.get_client() @@ -64,22 +67,3 @@ def application_management_applications_list(extended: bool = True): "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " "After the user finishes logging in, ask them to confirm so you can retry this tool." ) - - -@mcp.tool(name="application_management_applications_get", description="""Use this tool to fetch detailed information about a specific application using its application ID. This includes metadata such as the application's nativeId, which is essential for querying permissions or identity associations in other tools.""") -def application_management_applications_get(application_id: str): - # This tool is generated using Britive SDK v4.3.0 - """Return details of the specified application - -:param application_id: The ID of the application. -:return: Details of the application.""" - - try: - client = client_wrapper.get_client() - return client.application_management.applications.get(application_id) - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - diff --git a/britive_mcp_tools/tools/audit_logs_logs.py b/britive_mcp_tools/tools/audit_logs_logs.py index fd45681..3813efd 100644 --- a/britive_mcp_tools/tools/audit_logs_logs.py +++ b/britive_mcp_tools/tools/audit_logs_logs.py @@ -86,72 +86,3 @@ def audit_logs_logs_query( "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " "After the user finishes logging in, ask them to confirm so you can retry this tool." ) - - -@mcp.tool(name="audit_logs_logs_fields", description="""Call this before using query tool as it returns list of fields that can be used in a filter for an audit query.""") -def audit_logs_logs_fields(): - # This tool is generated using Britive SDK v4.3.0 - """Return list of fields that be can used in a filter for an audit query. - -:return: Dict of field keys to field names.""" - - try: - client = client_wrapper.get_client() - return client.audit_logs.logs.fields() - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - - -@mcp.tool(name="audit_logs_logs_operators", description="""Call this before using query tool as it returns the list of operators that can be used in a filter for an audit query.""") -def audit_logs_logs_operators(): - # This tool is generated using Britive SDK v4.3.0 - """Return the list of operators that can be used in a filter for an audit query. - -:return: Dict of operator keys to operator names.""" - - try: - client = client_wrapper.get_client() - return client.audit_logs.logs.operators() - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - - -@mcp.tool(name="audit_logs_logs_query", description="""This is used to retrieve audit log events based on the fields and operators. You need to call the `fields` and `operators` tools before using this tool to ensure you have the correct fields and operators for your query.""") -def audit_logs_logs_query(from_time: datetime.datetime = None, to_time: datetime.datetime = None, filter_expression: str = None, csv: bool = False): - # This tool is generated using Britive SDK v4.3.0 - """Retrieve audit log events. - -`csv` options: - - - True: A CSV string is returned. The caller must persist the CSV string to disk. - - False: A python list of audit events is returned. - -:param from_time: Lower end of the time frame to search. If not provided will default to - 7 days before `to_time`. `from_time` will be interpreted as if in UTC timezone so it is up to the caller to - ensure that the datetime object represents UTC. No timezone manipulation will occur. -:param to_time: Upper end of the time frame to search. If not provided will default to - `datetime.datetime.utcnow()`. `to_time` will be interpreted as if in UTC timezone so it is up to the caller - to ensure that the datetime object represents UTC. No timezone manipulation will occur. -:param filter_expression: The expression used to filter the results. A list of available fields and operators - can be found using `britive.audit_logs.logs.fields` and `britive.audit_logs.logs.operators`, respectively. - Multiple filter expressions must be joined together by `and`. No other join operator is support. - Example: actor.displayName co "bob" and event.displayName eq "application" -:param csv: Will result in a CSV string of the audit events being returned instead of a python list of events. -:return: Either python list of events (dicts) or CSV string. -:raises: ValueError - If from_time is greater than to_time.""" - - try: - client = client_wrapper.get_client() - return client.audit_logs.logs.query(from_time, to_time, filter_expression, csv) - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - diff --git a/britive_mcp_tools/tools/identity_management_service_identities.py b/britive_mcp_tools/tools/identity_management_service_identities.py index 93f3a09..bc660f4 100644 --- a/britive_mcp_tools/tools/identity_management_service_identities.py +++ b/britive_mcp_tools/tools/identity_management_service_identities.py @@ -134,107 +134,3 @@ def identity_management_service_identities_disable( "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " "After the user finishes logging in, ask them to confirm so you can retry this tool." ) - - -@mcp.tool(name="identity_management_service_identities_list", description="""Use this tool **only if the user has confirmed they are referring to service identities**. Do not assume the type of identity.This tool lists all service identities available in the Britive platform. It provides list of details such as identity ID, name, type, and status. Use this tool to get userId based on filter options and use this id in further operations like enabling or disabling a service identity. You can filter the list by name, type, status, and tags to narrow down the results.""") -def identity_management_service_identities_list(filter_expression: str = None, include_tags: bool = False): - # This tool is generated using Britive SDK v4.3.0 - """Provide an optionally filtered list of all service identities. - -:param filter_expression: filter list of users based on name, status, or role. The supported operators - are 'eq' and 'co'. Example: 'name co "Smith"' -:param include_tags: if this is set to true, tags/group memberships are returned. -:return: List of service identity records""" - - try: - client = client_wrapper.get_client() - return client.identity_management.service_identities.list(filter_expression, include_tags) - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - - -@mcp.tool(name="identity_management_service_identities_get", description="""Use this tool **only if the user has confirmed they are referring to service identities**. Do not assume the type of identity.This tool retrieves detailed information about a specific service identity by its ID. It provides comprehensive details including the identity's name, type, status, created date, modified date, last login, token expires on, token expiration in days, type of serviceIdentity type and any associated tags. Use this tool to gather specific information about a service identity before taking actions like enabling or disabling it.""") -def identity_management_service_identities_get(service_identity_id: str): - # This tool is generated using Britive SDK v4.3.0 - """Provide details of the given service_identity. - -:param service_identity_id: The ID of the service identity. -:return: Details of the specified user.""" - - try: - client = client_wrapper.get_client() - return client.identity_management.service_identities.get(service_identity_id) - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - - -@mcp.tool(name="identity_management_service_identities_search", description="""Use this tool **only if the user has confirmed they are referring to service identities**. Do not assume the type of identity.This tool searches for service identities based on a query string. It allows you to find identities by name, type, or other attributes. The search results include basic details such as identity ID, name, type, and status. Use this tool to quickly locate service identities that match specific criteria without needing to list all identities.""") -def identity_management_service_identities_search(search_string: str): - # This tool is generated using Britive SDK v4.3.0 - """Search all user fields for the given `search_string` and returns -a list of matched service identities. - -:param search_string: -:return: List of user records""" - - try: - client = client_wrapper.get_client() - return client.identity_management.service_identities.search(search_string) - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - - -@mcp.tool(name="identity_management_service_identities_enable", description="""Use this tool **only if the user has confirmed they are referring to service identities**. Do not assume the type of identity.Checks the status of the specified service identity. If the status is inactive, prompts the user for confirmation to enable it. If confirmed, it performs the enable action. If the identity is already active, it informs the user and suggests disabling it instead.""") -def identity_management_service_identities_enable(service_identity_id: str = None, service_identity_ids: list = None): - # This tool is generated using Britive SDK v4.3.0 - """Enable the given service identities. - -You can pass in both `service_identity_id` for a single user and `service_identity_ids` to enable multiple -service identities in one call. If both `service_identity_id` and `service_identity_ids` are provided they -will be merged together into one list. - -:param service_identity_id: The ID of the user you wish to enable. -:param service_identity_ids: A list of user IDs that you wish to enable. -:return: if `service_identity_ids` is set will return a list of user records, else returns a user dict""" - - try: - client = client_wrapper.get_client() - return client.identity_management.service_identities.enable(service_identity_id, service_identity_ids) - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - - -@mcp.tool(name="identity_management_service_identities_disable", description="""Use this tool **only if the user has confirmed they are referring to service identities**. Do not assume the type of identity.Checks the status of the specified service identity. If the status is active, prompts the user for confirmation to disable it. If confirmed, it performs the disable action. If the identity is already inactive, it informs the user and suggests enabling it instead.""") -def identity_management_service_identities_disable(service_identity_id: str = None, service_identity_ids: list = None): - # This tool is generated using Britive SDK v4.3.0 - """Disable the given service identities. - -You can pass in both `service_identity_id` for a single service identity and `service_identity_ids` to disable -multiple service identitie at in one call. If both `service_identity_id` and `service_identity_ids` are -provided they will be merged together into one list. - -:param service_identity_id: The ID of the user you wish to disable. -:param service_identity_ids: A list of user IDs that you wish to disable. -:return: if `user_ids` is set will return a list of user records, else returns a user dict""" - - try: - client = client_wrapper.get_client() - return client.identity_management.service_identities.disable(service_identity_id, service_identity_ids) - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - diff --git a/britive_mcp_tools/tools/reports.py b/britive_mcp_tools/tools/reports.py index 0471557..6fca6aa 100644 --- a/britive_mcp_tools/tools/reports.py +++ b/britive_mcp_tools/tools/reports.py @@ -52,7 +52,9 @@ def reports_list(): Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `co`, `gt`, etc. Do not use any other operators or formats. """, ) -def report_run_profile_historical_access(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_profile_historical_access( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -101,7 +103,9 @@ def report_run_profile_historical_access(report_id: str, csv: bool = False, filt - The output of this tool is incomplete until detailed permission info is fetched using the second tool. """, ) -def report_run_permissions_in_profile(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_permissions_in_profile( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -142,7 +146,9 @@ def report_run_permissions_in_profile(report_id: str, csv: bool = False, filter_ Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `co`, `gt`, etc. Do not use any other operators or formats. """, ) -def report_run_tag_membership(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_tag_membership( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -183,7 +189,9 @@ def report_run_tag_membership(report_id: str, csv: bool = False, filter_expressi Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `co`, `gt`, etc. Do not use any other operators or formats. """, ) -def report_run_service_identities_details(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_service_identities_details( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -224,7 +232,9 @@ def report_run_service_identities_details(report_id: str, csv: bool = False, fil Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `sw`, `co`, etc. if having negative context in filter matching then use operator `neq`, `nco` Do not use any other operators or formats. """, ) -def report_run_user_secret_access(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_user_secret_access( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -265,7 +275,9 @@ def report_run_user_secret_access(report_id: str, csv: bool = False, filter_expr Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `sw`, `co`, etc. and if having negative context in filter matching then use operator `neq`, `nco` Do not use any other operators or formats. """, ) -def report_run_secret_last_access(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_secret_last_access( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -368,7 +380,9 @@ def report_run_profiles_assigned_to_service_identities( Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `sw`, `co`, etc. and if having negative context in filter matching then use operator `neq`, `nco` Do not use any other operators or formats. """, ) -def report_run_profile_accessed_tags(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_profile_accessed_tags( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -416,7 +430,9 @@ def report_run_profile_accessed_tags(report_id: str, csv: bool = False, filter_e Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `sw`, `co`, etc. and if having negative context in filter matching then use operator `neq`, `nco` Do not use any other operators or formats. """, ) -def report_run_AI_identities_secret_last_access(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_AI_identities_secret_last_access( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -465,7 +481,9 @@ def report_run_AI_identities_secret_last_access(report_id: str, csv: bool = Fals Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `sw`, `co`, etc. and if having negative context in filter matching then use operator `neq`, `nco` Do not use any other operators or formats. """, ) -def report_run_permission_details(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_permission_details( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -513,7 +531,9 @@ def report_run_permission_details(report_id: str, csv: bool = False, filter_expr Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `sw`, `co`, etc. and if having negative context in filter matching then use operator `neq`, `nco` Do not use any other operators or formats. """, ) -def report_run_resource_historical_access(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_resource_historical_access( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -560,7 +580,9 @@ def report_run_resource_historical_access(report_id: str, csv: bool = False, fil Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `sw`, `co`, etc. and if having negative context in filter matching then use operator `neq`, `nco` Do not use any other operators or formats. """, ) -def report_run_resource_last_access(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_resource_last_access( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -607,7 +629,9 @@ def report_run_resource_last_access(report_id: str, csv: bool = False, filter_ex Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `sw`, `co`, etc. and if having negative context in filter matching then use operator `neq`, `nco` Do not use any other operators or formats. """, ) -def report_run_resources_assigned_to_ai_identities(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_resources_assigned_to_ai_identities( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -654,7 +678,9 @@ def report_run_resources_assigned_to_ai_identities(report_id: str, csv: bool = F Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `sw`, `co`, etc. and if having negative context in filter matching then use operator `neq`, `nco` Do not use any other operators or formats. """, ) -def report_run_resources_assigned_to_all_identities(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_resources_assigned_to_all_identities( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -750,7 +776,9 @@ def report_run_resources_assigned_to_service_identities( Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `sw`, `co`, etc. and if having negative context in filter matching then use operator `neq`, `nco` Do not use any other operators or formats. """, ) -def report_run_resources_assigned_to_tags(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_resources_assigned_to_tags( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -797,7 +825,9 @@ def report_run_resources_assigned_to_tags(report_id: str, csv: bool = False, fil Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `sw`, `co`, etc. and if having negative context in filter matching then use operator `neq`, `nco` Do not use any other operators or formats. """, ) -def report_run_resources_assigned_to_users(report_id: str, csv: bool = False, filter_expression: str = None): +def report_run_resources_assigned_to_users( + report_id: str, csv: bool = False, filter_expression: str = None +): # This tool is generated using Britive SDK v4.3.0 """Run a report. @@ -818,33 +848,6 @@ def report_run_resources_assigned_to_users(report_id: str, csv: bool = False, fi ) -@mcp.tool( - name="reports_list", - description="""List all available reports and their metadata. -Use this tool to: -- Retrieve report names and their `reportId`s. -- Extract available filterable columns for each report. -- Understand which operators (e.g., `eq`, `co`, `gt`) are supported per column. - -You must call this tool before using any `report_run_*` tool to ensure you have the correct `reportId`, column names, and operator support. -No parameters required.""", -) -def reports_list(): - # This tool is generated using Britive SDK v4.3.0 - """Return list of all built-in reports. - - :return: List of reports.""" - - try: - client = client_wrapper.get_client() - return client.reports.list() - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - - @mcp.tool( name="all_reports_run", description="""Run any report by specifying its `reportId` and optional filters. @@ -876,52 +879,3 @@ def all_reports_run(report_id: str, csv: bool = False, filter_expression: str = "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " "After the user finishes logging in, ask them to confirm so you can retry this tool." ) - - -@mcp.tool( - name="report_run_permission_details", - description=""" This tool provides granular details on application permissions for specified application - use this tool after application access tool to get more details on permissions and focus on permissionDefinition - - 1. Use `reports_list` to find the report named 'Permission Details'. - 2. Extract its `reportId` and valid columns/operators. - 3. Call this tool with that `report_id` and optional filters. after the application access tool to have detailed permission information. - - Filterable columns include: `application`, `environment`,`permissionDefinition`,`scope`, `scopeType`, `name`,`applicationStatus`,`environmentStatus`,`type`, `highrisk` - - - Examples: - - User may ask questions such as: - -Show me what permissions are assigned to a role/policy in a `xyz` application - -Show me which roles/policies in a `xyz` application have not been used in the past 30 days. - - - Expected Response Format: - Answer in a structured format (e.g., tables or bullet points). - Include metadata like Application, Environment, account, permissions, permission description, status, etc., when relevant associated with application access. - Apply column-based filters precisely based on the question. - - Do not add any quotes around the values, even if they contain spaces or special characters. The tool will handle them correctly. - Strictly use the operators defined in the `logs_operators` tool, such as `eq`, `sw`, `co`, etc. and if having negative context in filter matching then use operator `neq`, `nco` Do not use any other operators or formats. - """, -) -def report_run_permission_details(report_id: str, csv: bool = False, filter_expression: str = None): - # This tool is generated using Britive SDK v4.3.0 - """Run a report. - - :param report_id: The ID of the report. - :param csv: If True the result will be returned as a CSV string. If False (default) the result will be returned - as a list where each time in the list is a dict representing the row of data. - :param filter_expression: The filter to apply to the report. It is left to the caller to provide a syntactically - correct filter expression string. - :return: CSV string or list.""" - - try: - client = client_wrapper.get_client() - return client.reports.run(report_id, csv, filter_expression) - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) diff --git a/britive_mcp_tools/tools/security_active_sessions.py b/britive_mcp_tools/tools/security_active_sessions.py index 8efb862..af02392 100644 --- a/britive_mcp_tools/tools/security_active_sessions.py +++ b/britive_mcp_tools/tools/security_active_sessions.py @@ -6,90 +6,6 @@ from britive.exceptions import UnauthorizedRequest -@mcp.tool( - name="security_active_sessions_list_users", - description="""Lists all users on the Britive platform with active sessions in applications or resources. Returns user details including userId, name, userType, email, username, countOfProfiles, and lastLogin. Use this tool to search for a user and retrieve their userId, which can be used in follow-up operations such as retrieving the Profile Application ID (papID).""", -) -def security_active_sessions_list_users(search_text: str = None): - # This tool is generated using Britive SDK v4.3.0 - """Retrieve a list of users with active session(s), i.e. checked out profiles. - - :return: List of users with active session(s).""" - - try: - client = client_wrapper.get_client() - return client.security.active_sessions.list_users(search_text) - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - - -@mcp.tool( - name="security_active_sessions_list_user_sessions", - description="""This tool list all active session i.e. checkedout profiles for a user in the Britive platform. It returns details such as papId, profileName, description, transactionId, status, checkedOut, expiration, environmentID, EnvironmentName, accessType, appContainerId, appName, appType as part of applications list. Use this tool once you get userId and from that userId you will get all profiles associated with that user. Use this tool after obtaining the userId to fetch all profiles currently checked out by the user. This is typically used before invoking checkin or checkin_all operations to identify which sessions are active""", -) -def security_active_sessions_list_user_sessions(user_id: str): - # This tool is generated using Britive SDK v4.3.0 - """Retrieve the active sessions (checked out profiles) of a given user. - - :param user_id: The target user's ID. - :return: Dict of the user's active Application and Resources sessions.""" - - try: - client = client_wrapper.get_client() - return client.security.active_sessions.list_user_sessions(user_id) - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - - -@mcp.tool( - name="security_active_sessions_checkin", - description="""This Tool will take userId and list of papID i.e. profile application ID and checkin the profile application ID for the user.It will return a message indicating whether the check-in was successful or if there were any issues.This tool should not be used when a user is asking to checkin all their profiles.That should be the my_access_checkout tool.This tool should be used when the user is asking to checkin another users profiles.""", -) -def security_active_sessions_checkin(user_id: str, profile_ids: list): - # This tool is generated using Britive SDK v4.3.0 - """Checkin one or more active profile sessions for a given user. - - :param user_id: The target user's ID. - :param profile_ids: List of target profile ID(s) to checkin. - :return: None""" - - try: - client = client_wrapper.get_client() - return client.security.active_sessions.checkin(user_id, profile_ids) - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - - -@mcp.tool( - name="security_active_sessions_checkin_all", - description="""This tool checks in all active sessions for a specific user. It requires the userId to identify the user whose sessions should be checked in. The tool will return a message indicating whether the check-in was successful or if there were any issues.""", -) -def security_active_sessions_checkin_all(user_id: str): - # This tool is generated using Britive SDK v4.3.0 - """Checkin all active profiles sessions for a given user. - - :param user_id: The target user's ID - :return: None""" - - try: - client = client_wrapper.get_client() - return client.security.active_sessions.checkin_all(user_id) - except UnauthorizedRequest: - raise UnauthorizedRequest( - "User is not authenticated. Please ask the user to run `pybritive login` in their terminal to log in interactively. " - "After the user finishes logging in, ask them to confirm so you can retry this tool." - ) - - @mcp.tool( name="security_active_sessions_list_users", description="""Lists all users on the Britive platform with active sessions in applications or resources. Returns user details including userId, name, userType, email, username, countOfProfiles, and lastLogin. Use this tool to search for a user and retrieve their userId, which can be used in follow-up operations such as retrieving the Profile Application ID (papID).""",