Build with AI

Available tools

The AIC MCP Server exposes 40+ tools organized into functional categories. You don’t need to know the individual tool names. Just describe what you want in natural language and your AI agent selects the right tool automatically.

For a full list of every tool and its parameters, refer to the AIC MCP Server README.

Category What you can do

Managed Objects

CRUD operations on users, roles, groups, organizations, custom types, and schema definitions.

Themes

Create, update, and manage login and account page themes.

Logging

Query and analyze authentication and activity logs.

ESVs

Manage environment secrets and variables.

Feature Management

Inspect and enable optional IDM and platform features.

AM Journeys

Manage authentication journeys, nodes, and scripts.

OIDC Applications

CRUD operations on OAuth 2.0 / OIDC application configurations.

Agent Skills

Pre-built skills that extend your AI assistant for operational tasks like auditing MCP usage.

Tools are only available in Sandbox and Development PingOne Advanced Identity Cloud tenants.

Managed objects

Create, read, update, and delete any managed object type in your environment, including users, roles, groups, organizations, and custom types. You can also define new object types, modify schemas, and manage custom relationship properties.

Example prompts:

  • "Find all users with admin in their username"

  • "Create a new developer role"

  • "What fields are required for alpha_user?"

  • "Add a custom_manager relationship to alpha_user"

Themes

Customize the appearance of login and account pages. Create new themes, update colors and logos, and set the default theme for a realm.

Example prompts:

  • "Create a theme called Corporate Brand with primary color #0066cc"

  • "Show me all themes in the alpha realm"

  • "Set the new theme as default"

Logging

Query and analyze authentication and activity logs. Filter by time range, log source, and content to quickly find relevant events.

Example prompts:

  • "Show me failed login attempts in the last hour"

  • "Find all logs for transaction abc-123"

  • "What log sources are available?"

ESVs (Environment Secrets and Variables)

Manage environment variables used for configuration across your tenant. Query, create, update, and delete variables.

Example prompts:

  • "List all environment variables"

  • "Create a new variable esv-api-key"

  • "What is the value of esv-database-url?"

Feature management

Inspect and enable optional IDM and platform features in your PingOne Advanced Identity Cloud environment.

Feature install operations are one-way and cannot be undone from these tools.

Example prompts:

  • "What features are available?"

  • "Is AI Agents enabled?"

  • "Install the groups feature"

AM Journeys

Manage authentication journeys, including creating and updating complete journey trees, configuring individual nodes, and working with Scripted Decision Node scripts.

AM Journey tools are not available when using Docker because they require browser-based PKCE authentication, which is incompatible with the Device Code Flow used in containers.

Example prompts:

  • "Show me the Login journey"

  • "Create a new MFA journey"

  • "Add a scripted decision node to the registration flow"

  • "List all scripts in the alpha realm"

  • "Set Login as the default journey"

OIDC Applications

OIDC Application tools are not available when using Docker because they require browser-based PKCE authentication, which is incompatible with the Device Code Flow used in containers.

Create, read, update, and delete OAuth 2.0 / OpenID Connect application configurations in your tenant. Use these tools to register new OIDC clients, update redirect URIs, manage grant types, and inspect existing application settings.

Example prompts:

  • "List all OIDC applications"

  • "Create a new public OIDC client called my-spa with redirect URI http://localhost:3000/callback"

  • "Show me the configuration for the my-app client"

  • "Update the redirect URIs for client xyz"

  • "What grant types are configured for my-app?"

Agent Skills

The AIC MCP Server repository ships agent skills that extend your AI assistant’s ability to work with the MCP server. Once installed, your agent can take on operational tasks without needing explicit instructions.

Skill What it does Try it

monitor-usage

Audits MCP server activity in PingOne Advanced Identity Cloud logs: authentication events, user-attributed actions, and API traffic.

"Show me what’s been done via the MCP server today"

Install agent skills

Clone the AIC MCP Server repository and copy the skills from .claude/skills/ to your agent’s skills directory. Refer to your agent’s documentation for the correct location.

Once installed, verify by asking your agent "What skills do you have?" You should see monitor-usage in the list.