Add API credential and allowed origin GET calls to mcp

Author: jillingk

README.md

@@ -30,7 +30,12 @@ The [Adyen Model Context Protocol (MCP) server](https://docs.adyen.com/developme
    - List all webhooks - GET [`/merchants/{merchantId}/webhooks`](https://docs.adyen.com/api-explorer/Management/3/get/merchants/(merchantId)/webhooks)
    - Get a webhook - GET [`/companies/{companyId}/webhooks/{webhookId}`](https://docs.adyen.com/api-explorer/Management/3/get/companies/(companyId)/webhooks/(webhookId))
    - Get a webhook - GET [`/merchants/{merchantId}/webhooks/{webhookId}`](https://docs.adyen.com/api-explorer/Management/3/get/merchants/(merchantId)/webhooks/(webhookId))
-
+7. Management API - API Credentials
+   - List all API Credentials - GET [`/companies/{companyId}/apiCredentials`](https://docs.adyen.com/api-explorer/Management/3/get/companies/(companyId)/apiCredentials)
+   - List all API Credentials - GET [`/merchants/{merchantId}/apiCredentials`](https://docs.adyen.com/api-explorer/Management/3/get/merchants/(merchantId)/apiCredentials)
+8. Management API - Allowed Origins
+    - List all allowed origins - GET [`/companies/{companyId}/apiCredentials/{apiCredentialId}/allowedOrigins`](https://docs.adyen.com/api-explorer/Management/3/get/companies/(companyId)/apiCredentials/(apiCredentialId)/allowedOrigins)
+    - List all allowed origins - GET [`/merchants/{merchantId}/apiCredentials/{apiCredentialId}/allowedOrigins`](https://docs.adyen.com/api-explorer/Management/3/get/merchants/(merchantId)/apiCredentials/(apiCredentialId)/allowedOrigins)
 
 ### Usage
 * Run the MCP server via `npx` with the following command:
@@ -75,6 +80,7 @@ Example usage in `.vscode`:
 * Management API — Terminal settings read
 * Management API — Terminal settings read and write
 * Management API — Webhooks read
+* Management API — API credentials read
 
 Adyen recommends creating a new webservice user and generating a new API key for the purpose of this application.
 Only use the new user’s API key for the MCP application and limit the roles to match the tools you'll be using. 

typescript/README.md

@@ -28,11 +28,15 @@ The Adyen Model Context Protocol server allows you to integrate with Adyen APIs
 6. Management API - Webhooks
    - List all webhooks
    - Get a webhook
-7. Configuration API - Account Holders
+7. Management API - API Credentials
+   - Get a list of API Credentials
+8. Management API - Allowed Origins
+    - Get a list of allowed origins
+9. Configuration API - Account Holders
    - Get account holder details and its capability settings.
-8. Legal entity management API - Legal entities and onboarding links
-   - Get legal entity details and its KYC information. 
-   - Create an onboarding link for a legal entity. 
+10. Legal entity management API - Legal entities and onboarding links
+    - Get legal entity details and its KYC information. 
+    - Create an onboarding link for a legal entity. 
 
 ### Usage
 To run to the MCP server via `npx` you can execute:
@@ -60,6 +64,7 @@ npx -y @adyen/mcp --adyenApiKey=YOUR_ADYEN_API_KEY --env=LIVE --livePrefix=YOUR_
 * Management API — Terminal settings read
 * Management API — Terminal settings read and write
 * Management API — Webhooks read
+* Management API — API credentials read
 
 Adyen recommends creating a new webservice user and generating a new API key for the purpose of this application.
 Only use the new user’s API key for the MCP application and limit the roles to match the tools you'll be using. 

typescript/eslint.config.js typescript/eslint.config.mjstypescript/eslint.config.js renamed to typescript/eslint.config.mjs

@@ -5,7 +5,6 @@
   "engines": {
     "node": ">=18"
   },
-  "type": "module",
   "author": "Adyen",
   "bin": {
     "mcp": "./dist/index.js"

typescript/package.json

@@ -0,0 +1,79 @@
+import { z } from 'zod';
+import { Client, ManagementAPI } from '@adyen/api-library';
+import { Tool } from '../../types.js';
+
+const listAllMerchantAllowedOriginsRequestObject = z.object({
+  merchantId: z
+    .string()
+    .describe('The unique identifier of the merchant account.'),
+  apiCredentialId: z
+    .string()
+    .describe('Unique identifier of the API credential.'),
+});
+
+const listAllMerchantAllowedOrigins = async (
+  client: Client,
+  {
+    merchantId,
+    apiCredentialId,
+  }: z.infer<typeof listAllMerchantAllowedOriginsRequestObject>,
+) => {
+  const managementAPI = new ManagementAPI(client);
+  try {
+    return await managementAPI.AllowedOriginsMerchantLevelApi.listAllowedOrigins(
+      merchantId,
+      apiCredentialId,
+    );
+  } catch (e) {
+    return (
+      'Failed to list all api credential configurations on merchant account. Error: ' +
+      JSON.stringify(e)
+    );
+  }
+};
+
+export const listAllMerchantAllowedOriginsTool: Tool = {
+  name: 'list_all_merchant_allowed_origins',
+  description:
+    'Returns the list of allowed origins for the API credential identified in the path.',
+  arguments: listAllMerchantAllowedOriginsRequestObject,
+  invoke: listAllMerchantAllowedOrigins,
+};
+
+const listAllCompanyAllowedOriginsRequestObject = z.object({
+  companyId: z
+    .string()
+    .describe('The unique identifier of the company account.'),
+  apiCredentialId: z
+    .string()
+    .describe('Unique identifier of the API credential.'),
+});
+
+const listAllCompanyAllowedOrigins = async (
+  client: Client,
+  {
+    companyId,
+    apiCredentialId,
+  }: z.infer<typeof listAllCompanyAllowedOriginsRequestObject>,
+) => {
+  const managementAPI = new ManagementAPI(client);
+  try {
+    return await managementAPI.AllowedOriginsCompanyLevelApi.listAllowedOrigins(
+      companyId,
+      apiCredentialId,
+    );
+  } catch (e) {
+    return (
+      'Failed to list all api credential configurations on company account. Error: ' +
+      JSON.stringify(e)
+    );
+  }
+};
+
+export const listAllCompanyAllowedOriginsTool: Tool = {
+  name: 'list_all_company_allowed_origins',
+  description:
+    'Returns the list of allowed origins for the API credential identified in the path.',
+  arguments: listAllCompanyAllowedOriginsRequestObject,
+  invoke: listAllCompanyAllowedOrigins,
+};

typescript/src/tools/management/allowedOrigins/index.ts

@@ -0,0 +1,97 @@
+import { z } from 'zod';
+import { Client, ManagementAPI } from '@adyen/api-library';
+import { Tool } from '../../types.js';
+
+const listAllMerchantApiCredentialsRequestObject = z.object({
+  merchantId: z
+    .string()
+    .describe('The unique identifier of the merchant account.'),
+  pageSize: z
+    .number()
+    .optional()
+    .describe(
+      'The number of items to have on a page, maximum 100. The default is 10 items on a page.',
+    ),
+  pageNumber: z
+    .number()
+    .optional()
+    .describe('The number of the page to fetch.'),
+});
+
+const listAllMerchantApiCredentials = async (
+  client: Client,
+  {
+    merchantId,
+    pageSize,
+    pageNumber,
+  }: z.infer<typeof listAllMerchantApiCredentialsRequestObject>,
+) => {
+  const managementAPI = new ManagementAPI(client);
+  try {
+    return await managementAPI.APICredentialsMerchantLevelApi.listApiCredentials(
+      merchantId,
+      pageNumber,
+      pageSize,
+    );
+  } catch (e) {
+    return (
+      'Failed to list all api credential configurations on merchant account. Error: ' +
+      JSON.stringify(e)
+    );
+  }
+};
+
+export const listAllMerchantApiCredentialsTool: Tool = {
+  name: 'list_all_merchant_api_credentials',
+  description:
+    'Returns the list of API credentials for the merchant account. The list is grouped into pages as defined by the query parameters.',
+  arguments: listAllMerchantApiCredentialsRequestObject,
+  invoke: listAllMerchantApiCredentials,
+};
+
+const listAllCompanyApiCredentialsRequestObject = z.object({
+  companyId: z
+    .string()
+    .describe('The unique identifier of the company account.'),
+  pageSize: z
+    .number()
+    .optional()
+    .describe(
+      'The number of items to have on a page, maximum 100. The default is 10 items on a page.',
+    ),
+  pageNumber: z
+    .number()
+    .optional()
+    .describe('The number of the page to fetch.'),
+});
+
+const listAllCompanyApiCredentials = async (
+  client: Client,
+  {
+    companyId,
+    pageNumber,
+    pageSize,
+  }: z.infer<typeof listAllCompanyApiCredentialsRequestObject>,
+) => {
+  const managementAPI = new ManagementAPI(client);
+  try {
+    return await managementAPI.APICredentialsCompanyLevelApi.listApiCredentials(
+      companyId,
+      pageNumber,
+      pageSize,
+    );
+  } catch (e) {
+    return (
+      'Failed to list all api credential configurations on company account. Error: ' +
+      JSON.stringify(e)
+    );
+  }
+};
+
+export const listAllCompanyApiCredentialsTool: Tool = {
+  name: 'list_all_company_api_credentials',
+  description:
+    'Returns the list of API credentials for the company account. The list is grouped into pages as defined by the query parameters.',
+  arguments: listAllCompanyApiCredentialsRequestObject,
+  invoke: listAllCompanyApiCredentials,
+};

typescript/src/tools/management/apiCredentials/index.ts

@@ -27,6 +27,14 @@ import {
   listAllCompanyWebhooksTool,
   listAllMerchantWebhooksTool,
 } from './management/webhooks/index.js';
+import {
+  listAllCompanyApiCredentialsTool,
+  listAllMerchantApiCredentialsTool,
+} from './management/apiCredentials/index.js';
+import {
+  listAllCompanyAllowedOriginsTool,
+  listAllMerchantAllowedOriginsTool,
+} from './management/allowedOrigins/index.js';
 
 export const tools: Tool[] = [
   createPaymentLinkTool,
@@ -47,4 +55,8 @@ export const tools: Tool[] = [
   getCompanyWebhookTool,
   listAllMerchantWebhooksTool,
   getMerchantWebhookTool,
+  listAllCompanyApiCredentialsTool,
+  listAllMerchantApiCredentialsTool,
+  listAllCompanyAllowedOriginsTool,
+  listAllMerchantAllowedOriginsTool,
 ];