> ## Documentation Index
> Fetch the complete documentation index at: https://docs.mcpmanager.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Tool & endpoint reference

> Index of every MCP Manager Admin API operation, grouped by domain. Each operation is exposed as an MCP tool and a REST endpoint from a single definition, so the reference documents both surfaces together, with parameters and the capability each one enforces.

The Admin API exposes **64 operations** across seven domains. Each operation is defined once and generated into both an **MCP tool** and a **REST endpoint**, so every reference entry lists the MCP tool name, the REST method and path, and the capability the operation enforces — the two surfaces never diverge.

<Info>
  **Closed beta.** The MCP Manager Admin API and MCP server are available now to a
  limited set of workspaces through the **MCP Manager Admin API** entitlement
  (`ff-mcpm-admin`), ahead of general availability. If you don't see **Settings →
  MCP & API** in your workspace, it isn't enabled for you yet — ask your MCP Manager
  contact to join the beta.
</Info>

## How to read the reference

Each operation entry shows four things:

* **MCP tool** — the tool name to call from an MCP client (for example `create_inbound_server`).
* **REST** — the HTTP method and path under `/api/v1/mcpm-admin` (for example `POST /api/v1/mcpm-admin/servers`).
* **Capability** — the capability your role must hold, shown as its product label and its exact key (for example *Basic server management* (`basicServerManagement`)). Operations marked *none* are available to any authenticated caller.
* **Parameters** — every input, with its type, whether it's required, its default, and where the REST surface reads it from (path, query, or body).

Read-only operations carry a **Read-only** badge and destructive ones a **Destructive** badge, mirroring the annotations the MCP server sends to clients. List and query operations return **thin results by default** — opt into heavy detail (request/response bodies, full alert context) only for the specific records you need, so responses stay small.

## Operations by domain

| Domain                                                  | Operations | What it covers                                                                       |
| ------------------------------------------------------- | ---------: | ------------------------------------------------------------------------------------ |
| [Account & access tokens](/admin-api/reference/account) |          5 | Confirm identity and capabilities; create, list, and revoke your admin access tokens |
| [Servers](/admin-api/reference/servers)                 |          7 | Create and manage inbound MCP servers and their authentication                       |
| [Identities](/admin-api/reference/identities)           |          7 | Manage the credentials a server authenticates with, and their availability           |
| [Gateways](/admin-api/reference/gateways)               |         17 | Gateways, server assignments and identity schemes, and team provisioning             |
| [People, teams & roles](/admin-api/reference/people)    |         13 | Invite and deactivate users; manage roles, capabilities, and teams                   |
| [Hosts](/admin-api/reference/hosts)                     |         10 | Hosts and their gateway connections, including connection diagnostics                |
| [Logging](/admin-api/reference/logging)                 |          5 | Query call logs and alerts; configure OpenTelemetry forwarding                       |

Every operation enforces the same capability as the equivalent action in the app, so the Admin API can never do more than your role already allows. See [Authentication & access](/admin-api/authentication) for the full access model and the status codes returned when a call is denied, malformed, or fails.

## Browse the domains

<CardGroup cols={2}>
  <Card title="Account & access tokens" icon="key" href="/admin-api/reference/account">
    Identity, capabilities, and admin Personal Access Token management.
  </Card>

  <Card title="Servers" icon="server" href="/admin-api/reference/servers">
    Create, rename, enable, disable, and delete inbound MCP servers.
  </Card>

  <Card title="Identities" icon="fingerprint" href="/admin-api/reference/identities">
    Add, manage, and set the availability of server credentials.
  </Card>

  <Card title="Gateways" icon="network-wired" href="/admin-api/reference/gateways">
    Gateways, server assignments with identity schemes, and team provisioning.
  </Card>

  <Card title="People, teams & roles" icon="users" href="/admin-api/reference/people">
    Users, roles and capabilities, and teams.
  </Card>

  <Card title="Hosts" icon="robot" href="/admin-api/reference/hosts">
    Hosts and their gateway connections, with connection diagnostics.
  </Card>

  <Card title="Logging" icon="file-lines" href="/admin-api/reference/logging">
    Call-log and alert queries and OpenTelemetry configuration.
  </Card>
</CardGroup>

## Further reading

<CardGroup cols={2}>
  <Card title="Account & access tokens" icon="key" href="/admin-api/reference/account">
    The first domain in the reference — start here.
  </Card>

  <Card title="Authentication & access" icon="shield-halved" href="/admin-api/authentication">
    Tokens, the entitlement, capability gating, and error codes.
  </Card>

  <Card title="Connect an agent" icon="plug" href="/admin-api/connect">
    Get a token and register the admin MCP server in your client.
  </Card>

  <Card title="What's coming" icon="road" href="/admin-api/roadmap">
    Operations that are on the way but not in the beta yet.
  </Card>
</CardGroup>
