Skip to main content

Documentation Index

Fetch the complete documentation index at: https://api-docs.tiro.ooo/llms.txt

Use this file to discover all available pages before exploring further.

Overview

auth_status returns information about the current authentication state, including the authentication method, user identity, and granted scopes. This tool requires no parameters and no specific scope. Primary Use Cases:
  • Verify that authentication is configured correctly
  • Debug permission issues when other tools return authorization errors
  • Confirm which scopes are available before making tool calls
Key Features:
  • No parameters required
  • No scope required
  • Returns complete authentication context

Parameters

This tool takes no parameters.

Request Example

{}

Response Format

Success Response

{
  "authenticated": true,
  "authMethod": "api_key",
  "userId": "user_abc123",
  "teamId": "team_xyz789",
  "clientId": "client_001",
  "scopes": [
    "mcp:notes:read",
    "mcp:notes:write",
    "mcp:folders:read"
  ]
}
Field Descriptions:
FieldTypeDescription
authenticatedbooleanAlways true when this tool returns successfully
authMethodstringAuthentication method used: jwt or api_key
userIdstringThe authenticated user’s ID
teamIdstring | nullThe team ID (present when using a team API key)
clientIdstringThe client application ID
scopesstring[]List of granted permission scopes

Understanding Scopes

The scopes array indicates which tools you have permission to use:
ScopeGrants Access To
mcp:notes:readlist_notes, search_notes, get_note, get_note_transcript, list_document_templates, get_document_template, get_share_link
mcp:notes:writecreate_share_link, delete_share_link
mcp:folders:readsearch_user_folders, search_team_folders

Usage Examples

Debugging Permission Errors

If a tool call returns a 403 Forbidden error, use auth_status to check your scopes: 
// 1. Call auth_status
{}

// 2. Check the response
{
  "authenticated": true,
  "authMethod": "api_key",
  "userId": "user_abc123",
  "teamId": null,
  "clientId": "client_001",
  "scopes": ["mcp:notes:read"]
}
In this example, the key only has mcp:notes:read scope. To use write tools like create_share_link, you need an API key with mcp:notes:write scope.

Verifying API Key Type

Check teamId to determine if you are using a user-based or team API key:
  • User-based key: teamId is null
  • Team key: teamId contains a team identifier
This is important because team folder tools require a team API key.

Common Errors

Invalid or Expired Credentials

Solution: Verify your API key or JWT token is correct and has not expired. Generate a new key if needed.

Best Practices

When initializing your MCP client, call auth_status first to confirm connectivity and verify available scopes. This catches configuration issues early before making other tool calls.
When a tool returns an unexpected authorization error, auth_status is the fastest way to diagnose the issue. Check whether the required scope is in the scopes array and whether the correct API key type is being used.