Joi -> Zod v4 conversion

.env.example

@@ -0,0 +1,131 @@
+# LogicMonitor MCP Server Configuration
+# Copy this file to .env and customize for your deployment
+
+# ============================================================================
+# Server Configuration
+# ============================================================================
+
+# Port for HTTP/HTTPS server (default: 3001)
+PORT=3001
+
+# Host to bind to (default: 0.0.0.0 for all interfaces)
+HOST=0.0.0.0
+
+# Node environment (development, production, test)
+NODE_ENV=development
+
+# ============================================================================
+# Transport Configuration
+# ============================================================================
+
+# Enable STDIO transport (default: true)
+# Used for local AI assistants like Claude Desktop
+ENABLE_STDIO=true
+
+# Enable HTTP/HTTPS transport (default: true)
+# Used for remote/shared deployments
+ENABLE_HTTP=true
+
+# ============================================================================
+# HTTPS Configuration
+# ============================================================================
+
+# Enable HTTPS (default: false)
+# Strongly recommended for production deployments
+HTTPS_ENABLED=false
+
+# HTTPS port (default: 3443)
+HTTPS_PORT=3443
+
+# Path to SSL certificate file (required if HTTPS_ENABLED=true)
+# HTTPS_CERT_PATH=/path/to/cert.pem
+
+# Path to SSL private key file (required if HTTPS_ENABLED=true)
+# HTTPS_KEY_PATH=/path/to/key.pem
+
+# Path to SSL CA certificate file (optional)
+# HTTPS_CA_PATH=/path/to/ca.pem
+
+# ============================================================================
+# Authentication Configuration
+# ============================================================================
+
+# Authentication mode: none | bearer (default: none)
+# - none: No authentication (STDIO only, insecure for HTTP)
+# - bearer: Simple bearer token authentication
+AUTH_MODE=none
+
+# ============================================================================
+# Bearer Token Authentication (AUTH_MODE=bearer)
+# ============================================================================
+
+# Comma-separated list of valid bearer tokens
+# Clients must send: Authorization: Bearer <token>
+# MCP_BEARER_TOKENS=token1,token2,token3
+
+# ============================================================================
+# Credential Mapping (Optional)
+# ============================================================================
+
+# Map authentication identities to LogicMonitor credentials
+# JSON format: {"auth_id": {"account": "lm_account", "token": "lm_token"}}
+# 
+# Credential resolution priority:
+# 1. X-LM-Account + X-LM-Bearer-Token headers (highest priority, per-request)
+# 2. AUTH_CREDENTIAL_MAPPING (maps bearer token/clientId to LM credentials)
+# 3. LM_ACCOUNT + LM_BEARER_TOKEN (default fallback)
+#
+# Examples:
+# - Bearer token mapping: {"token1": {"account": "prod", "token": "xyz"}}
+# - Wildcard default: {"*": {"account": "shared", "token": "default"}}
+#
+# If no match is found, the server falls back to LM_ACCOUNT/LM_BEARER_TOKEN
+# when provided.
+AUTH_CREDENTIAL_MAPPING={}
+
+# ============================================================================
+# LogicMonitor Configuration
+# ============================================================================
+
+# Default LogicMonitor account name
+# Used when no credential mapping is configured
+LM_ACCOUNT=your-account-name
+
+# Default LogicMonitor bearer token
+# Used when no credential mapping is configured
+LM_BEARER_TOKEN=your-bearer-token
+
+# LogicMonitor API timeout in milliseconds (default: 30000)
+LM_API_TIMEOUT_MS=30000
+
+# ============================================================================
+# Security Configuration
+# ============================================================================
+
+# Enable rate limiting (default: false)
+# MCP servers typically serve trusted clients (AI assistants, backend services)
+# Enable this for public deployments or when serving untrusted clients
+# RATE_LIMIT_ENABLED=false
+
+# Rate limit window in milliseconds (default: 60000 = 1 minute)
+# RATE_LIMIT_WINDOW_MS=60000
+
+# Maximum requests per window (default: 100)
+# RATE_LIMIT_MAX_REQUESTS=100
+
+# Session timeout in milliseconds (default: 3600000 = 1 hour)
+SESSION_TIMEOUT_MS=3600000
+
+# ============================================================================
+# Logging Configuration
+# ============================================================================
+
+# Log level: error | warn | info | debug (default: info)
+LOG_LEVEL=info
+
+# Log format: json | simple (default: json)
+LOG_FORMAT=json
+
+# Enable audit logging (default: true)
+# Logs all MCP tool calls with client identity
+AUDIT_LOG_ENABLED=true

.gitignore

@@ -29,6 +29,7 @@ yarn-error.log*
 .cursorrules
 CLAUDE.md
 DESIGN.md
+/docs
 
 .npmignore
 

README.md

@@ -1,7 +1,11 @@
-[![Test Suite](https://github.com/logicmonitor/lm-api-mcp/actions/workflows/test.yml/badge.svg)](https://github.com/logicmonitor/lm-api-mcp/actions/workflows/test.yml)
+[![Test Suite](https://github.com/logicmonitor/logicmonitor-api-mcp/actions/workflows/test.yml/badge.svg)](https://github.com/logicmonitor/logicmonitor-api-mcp/actions/workflows/test.yml)
 
 # LogicMonitor MCP Server
 
+> **⚠️ Community Project Disclaimer**
+> 
+> This is an open-source community project and is **not officially supported by LogicMonitor**. While hosted in the LogicMonitor github organization, support is provided on an "as-is" basis through GitHub issues and community contributions. For questions, bug reports, or feature requests, please open an issue on this repository.
+
 A Model Context Protocol (MCP) server that provides secure access to the LogicMonitor API, enabling AI assistants to manage monitoring infrastructure through natural language commands.
 
 ## Features
@@ -19,7 +23,7 @@ A Model Context Protocol (MCP) server that provides secure access to the LogicMo
 
 - All tools now return the full LogicMonitor API payload (`raw`) together with request metadata so downstream agents never lose fields that the API exposes.
 - When specifying the optional `fields` parameter, only LogicMonitor-supported field names are accepted. Invalid field names trigger a `InvalidParams` error to prevent silent data loss or filtering mistakes.
-- Use `*` (or omit `fields`) to request the complete object. The `docs/swagger.json` file shipped with the project contains the authoritative schema for each resource if you need to look up the available fields.
+-  The `src/schemas/swagger.json` file shipped with the project contains the authoritative schema for each resource if you need to look up the available fields.
 - Responses always include:
   - `items` / `device`, etc. – parsed data objects for convenience
   - `raw` – the exact API payload
@@ -38,17 +42,14 @@ npm install -g logicmonitor-api-mcp
 
 ```bash
 # Clone the repository
-git clone https://github.com/logicmonitor/lm-api-mcp.git
-cd lm-api-mcp
+git clone https://github.com/stevevillardi/logicmonitor-api-mcp.git
+cd logicmonitor-api-mcp
 
 # Install dependencies
 npm install
 
 # Build the project
 npm run build
-
-# Optional: Link globally
-npm link
 ```
 
 ## Configuration
@@ -85,7 +86,7 @@ If installed from source, use the full path:
   "mcpServers": {
     "logicmonitor": {
       "command": "node",
-      "args": ["/path/to/lm-api-mcp/dist/index.js", "--stdio"],
+      "args": ["/path/to/logicmonitor-api-mcp/dist/index.js", "--stdio"],
       "env": {
         "LM_ACCOUNT": "your-account-name",
         "LM_BEARER_TOKEN": "your-bearer-token"
@@ -147,9 +148,49 @@ Then connect without credentials in headers:
 
 When no `X-LM-*` headers are provided, the server falls back to `LM_ACCOUNT` and `LM_BEARER_TOKEN` environment variables that were set when the process started.
 
+### Authentication
+
+The server supports two auth modes (`AUTH_MODE`):
+
+- `none` (default): No MCP client authentication. Only safe for STDIO transport or trusted networks.
+- `bearer`: Static bearer token authentication. Clients send `Authorization: Bearer <token>`.
+
+**LogicMonitor Credentials** are resolved in priority order:
+1. **X-LM-Account + X-LM-Bearer-Token headers** (highest priority, per-request override)
+2. **AUTH_CREDENTIAL_MAPPING** (maps bearer token/clientId to LM credentials)
+3. **LM_ACCOUNT + LM_BEARER_TOKEN** (default fallback)
+
+**Bearer Token Configuration**
+```bash
+AUTH_MODE=bearer
+MCP_BEARER_TOKENS=token1,token2,token3
+
+# Option 1: Use per-request headers (most flexible)
+# Clients send X-LM-Account and X-LM-Bearer-Token headers with each request
+
+# Option 2: Map bearer tokens to LM credentials
+AUTH_CREDENTIAL_MAPPING='{"token1":{"account":"prod","token":"lm-xyz"},"token2":{"account":"dev","token":"lm-abc"}}'
+
+# Option 3: Use default credentials (fallback for all tokens)
+LM_ACCOUNT=default-account
+LM_BEARER_TOKEN=default-lm-token
+
+# Wildcard mapping (applies to any token not explicitly mapped)
+AUTH_CREDENTIAL_MAPPING='{"*":{"account":"shared","token":"lm-default"}}'
+```
+
+**Example: Bearer token with per-request credentials**
+```bash
+curl -H "Authorization: Bearer token1" \
+     -H "X-LM-Account: mycompany" \
+     -H "X-LM-Bearer-Token: my-lm-token" \
+     -H "Content-Type: application/json" \
+     https://your-server:3000/mcp
+```
+
 ## Available Tools
 
-The server provides **10 resource-based tools** that handle all CRUD operations through an `operation` parameter:
+The server provides **resource-based tools** that handle all CRUD operations through an `operation` parameter:
 
 ### Core Resource Tools
 
@@ -231,12 +272,36 @@ Key features:
 - Flexible time ranges (ISO 8601 dates or Unix epochs, defaults to last 24 hours)
 - Formatted output with timestamps and metric values
 
-### Session Utilities
-- `lm_get_session_context` - View stored variables, last results, and recent history
-- `lm_set_session_variable` - Persist custom key/value pairs across tool calls
-- `lm_get_session_variable` - Retrieve stored session values
-- `lm_clear_session_context` - Reset session state
-- `lm_list_session_history` - Inspect recent tool invocations
+#### `lm_session`
+Manage session context and variables using standard CRUD operations:
+
+**Operations:**
+- **list** - Get session history (recent tool calls)
+  - Parameters: `limit` (optional, 1-50)
+- **get** - Get session context or specific variable
+  - Parameters: `key` (optional - if omitted, returns full context), `historyLimit`, `includeResults`
+- **create** - Store a new session variable
+  - Parameters: `key` (required), `value` (required)
+  - Use for storing results for batch operations with applyToPrevious
+- **update** - Update an existing session variable
+  - Parameters: `key` (required), `value` (required)
+- **delete** - Clear session data
+  - Parameters: `scope` (optional: 'variables', 'history', 'results', or 'all')
+
+**Example Usage:**
+```json
+// Store devices for batch operations
+{ "operation": "create", "key": "myDevices", "value": [...] }
+
+// Get a stored variable
+{ "operation": "get", "key": "myDevices" }
+
+// View session history
+{ "operation": "list", "limit": 10 }
+
+// Clear all session data
+{ "operation": "delete", "scope": "all" }
+```
 
 ## Available Prompts
 

SECURITY.md

@@ -15,7 +15,7 @@ We take the security of our software seriously. If you believe you have found a
 
 Please follow these steps to report a vulnerability:
 
-1. **Report security vulnerabilities through the public GitHub issues at [https://github.com/LogicMonitor/lm-api-mcp/issues](https://github.com/LogicMonitor/lm-api-mcp/issues).**
+1. **Report security vulnerabilities through the public GitHub issues at [https://github.com/LogicMonitor/logicmonitor-api-mcp/issues](https://github.com/LogicMonitor/logicmonitor-api-mcp/issues).**
 2. Include the following details:
    - Description of the vulnerability.
    - Steps to reproduce. This is incredibly important for us to be able to reproduce your findings.

THIRD-PARTY-NOTICES.md

@@ -104,7 +104,7 @@ This will generate a detailed report of all packages used in production.
 ## Reporting Issues
 
 If you believe any dependency license information is incorrect or if you have concerns about license compatibility, please open an issue at:
-https://github.com/LogicMonitor/lm-api-mcp/issues
+https://github.com/LogicMonitor/logicmonitor-api-mcp/issues
 
 ---
 

eslint.config.js

@@ -41,6 +41,6 @@ export default [
     }
   },
   {
-    ignores: ['dist/**', 'node_modules/**', '*.js', '*.cjs', '*.mjs']
+    ignores: ['dist/**', 'node_modules/**', '*.js', '*.cjs', '*.mjs', 'src/schemas/generated/**']
   }
 ];

jest.config.js

@@ -11,12 +11,15 @@ export default {
       {
         useESM: true,
         tsconfig: {
+          target: 'ES2022',
           module: 'ESNext',
           moduleResolution: 'node',
           esModuleInterop: true,
+          resolveJsonModule: true,
           rootDir: '.',
           strict: false,
         },
+        diagnostics: false,
       },
     ],
   },

orval.config.ts

@@ -0,0 +1,14 @@
+import { defineConfig } from 'orval';
+
+export default defineConfig({
+  logicmonitor: {
+    input: './src/schemas/swagger.json',
+    output: {
+      target: './src/schemas/generated/logicmonitorSwaggerSchema.ts',
+      client: 'zod',
+      mode: 'single',
+      clean: true,
+    },
+  },
+});
+