Skip to content

5.12-a Remote instance (device) read tools (phase 1) #7708

Description

@andypalmi

Parent: #7681 (5.12 Team data and packages)
Tool file: forge/ee/lib/mcp/tools/devices.js (extend)

Read tools for the remote instance (device) resource. Filed in devices.js alongside the existing device tools, following the one-file-per-resource convention (a tool lives in the file for the noun it is about, regardless of the URL's first path segment). The team-data and package tools that previously sat under this issue now live with the team resource in teams.js.

readOnlyHint: true.

Tool Endpoint Scope Annotation
platform_get_remote_instance_audit_log GET /devices/:deviceId/audit-log device:audit-log read
platform_export_remote_instance_audit_log GET /devices/:deviceId/audit-log/export device:audit-log read
platform_get_remote_instance_history GET /devices/:deviceId/history project:history read
platform_list_remote_instance_http_tokens GET /devices/:deviceId/httpTokens device:edit read
platform_list_team_provisioning_tokens GET /teams/:teamId/devices/provisioning team:device:provisioning-token:list read

Design notes:

  • Device history reuses the project:history scope (there is no device-specific history scope). It is plan-gated on feature key projectHistory, which defaults to enabled; a disabled team returns a 404 regardless of the caller's permissions, so the tool surfaces a clear "feature not enabled for this team" message rather than a bare not-found.
  • The HTTP-token list uses device:edit on devices. It is still a read for MCP purposes: annotate readOnlyHint: true and allow-list accordingly.
  • platform_list_team_provisioning_tokens describes device provisioning, so it is filed with the device tools. The summary view omits the token secret (unlike the create route), so it is safe to expose read-only.

Scopes to allow-list (IMPLICIT_TOKEN_SCOPES['user:expert-mcp']) and access-tag (#7445):
device:audit-log (read), project:history (read), team:device:provisioning-token:list (read). device:edit is already present from the shipped device tools.

Tests:

  • Read tools allowed for read-only PAT.
  • Feature-disabled team returns the descriptive gate error for device history.
  • Provisioning-token list never surfaces the token secret.

Metadata

Metadata

Assignees

No one assigned

    Labels

    storyA user-oriented description of a feature

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    Status
    No status

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions