allocate_licenses
ChatGPTAllocates premium display licenses from the authenticated user's Premium plan to an organization. Premium users have a pool of allocatable licenses (base + purchased extras) that can be distributed across organizations. Requires admin scope and a Premium plan.
assign_license
ChatGPTAssigns a premium license to a display, removing its watermark and making it ad-free. For personal displays the license is taken from the user's free pool. For organization displays the license is taken from the group's allocated slot pool (use allocate_licenses first to give the organization licenses). Each license also adds +30 MB to the display's context storage pool. Requires admin scope. Returns id, name, isPremiumAssigned, badgeMode and freeLicenses.
authenticate
ChatGPTValidates a JWT agent token and caches the resulting identity on the current MCP session so that subsequent protected tool calls succeed without resending the token. Use this only if your client cannot reliably send an Authorization: Bearer header on every request; modern streamable HTTP clients should send the header instead. Do not call this if the session was already auto-authenticated by get_auth_session. Returns authenticated (boolean), sessionBound (whether the identity was cached on this session), userId, name, email, scope and expiresAt (ISO 8601).
broadcast_content
ChatGPTSends HTML content to multiple displays at once. Provide display_ids to target specific displays or set all to true to target all accessible displays. Locked displays are skipped. Returns sent and skipped lists with reasons. Requires content_only scope.
broadcast_to_categories
ChatGPTSends HTML content to every display assigned to one of the selected category IDs. Set include_descendants=true to include subcategories. Set dry_run=true to preview matched profile IDs without sending.
bulk_assign_display_category
ChatGPTBulk adds or removes one category across multiple displays the caller can manage.
claim_display
ChatGPTConverts an unclaimed guest or pending display into a managed personal display owned by the authenticated user. This permanently transfers ownership and counts against the user's display quota. Use this only when the user explicitly wants to adopt an existing hardware or demo display that is already running. For first-time physical setup, prefer pair_by_code instead. Requires admin scope. Returns profileId (the new managed display ID) and name.
clear_display
ChatGPTRemoves the current live content from a display and returns it to its idle/default state. Viewers will immediately see the change. Use this when the user wants to blank or reset a display. This does not delete the display itself — use delete_display for that. Requires authentication with at least content_only scope. Returns id and status ('cleared').
configure_display
ChatGPTUpdates hardware permission, UI settings, and connectivity overrides for a display. Use this when the user wants to enable or disable camera, microphone or geolocation access, toggle the mouse cursor or badge overlay visibility, change the watermark position, or set network connectivity constraints. All parameters except display_id are optional — only provided settings are changed. If the display is online, changes are pushed immediately. Requires admin scope.
create_api_key
ChatGPTCreates a long-lived API key for server-to-server integration without OAuth. The raw key is returned only once — store it securely. The user must explicitly consent to creating the key. Requires admin scope. Supports granular scoping: restrict the key to specific data-slot slugs, specific display IDs, a read/write permission flag, and/or fine-grained capability flags. Returns the raw key (avk_...), keyId, name, scope, permissions, allowedSlotSlugs, allowedDisplayIds, capabilities, and expiration.
create_auth_session
ChatGPTCreates a browser-based login session and returns a loginUrl the user must open to authenticate. Use this as the first step when your client cannot complete OAuth 2.1 with PKCE itself. Do not use this if you already have a valid Bearer token. Returns sessionRequestId (needed for get_auth_session), loginUrl, pollUrl and expiresIn (seconds until the login window closes, default 600). After calling this, instruct the user to open the loginUrl, then poll get_auth_session until status becomes active.
create_display
ChatGPTCreates a personal display WITHOUT pairing it to physical hardware. The display starts offline and uncoupled — this is NOT the normal setup flow. IMPORTANT: Do NOT use this tool for ambiguous requests like 'create a display', 'add a screen', 'set up a display', 'neues Display erstellen', or 'Bildschirm hinzufügen'. Those requests mean physical display onboarding by default. In such cases, instruct the user to open https://display.agentview.de in any web browser on the target screen (there is NO native app — agentView is purely browser-based), ask for the 6-character pairing code, and then call pair_by_code instead. Use create_display ONLY when the user explicitly says they want to pre-provision a display without hardware, create a virtual/headless display, or manage an already-existing profile separately from device setup. Do not call this just to check capacity — use get_account to inspect remainingDisplays first. Requires admin scope; list_displays and send_html only need content_only. Returns a pre-provisioned offline profile (id, name, displayUrl, setupUrl, managedUrl, pairingUrl, pairingExpiresAt, approvalUrl, status) — not the recommended first-time device onboarding flow.
create_display_category
ChatGPTCreates a personal display category. Pass parent_category_id to create a subcategory.
create_org_display
ChatGPTCreates a new display directly within an organization WITHOUT pairing it to physical hardware. The display starts offline and uncoupled. For physical screens, ALWAYS prefer pair_by_code instead — it creates and pairs in one step. Use create_org_display only for administrative pre-provisioning when the screen is not yet available. The display is owned by the organization, not by a personal user. Requires admin scope and manager or higher role in the organization. The organization must have available licenses (use allocate_licenses first if needed).
create_organization
ChatGPTCreates a new organization and makes the authenticated user the owner. Use this when the user wants to set up a shared display fleet. Returns orgId, name, slug, type and yourRole. Requires admin scope.
delete_asset
ChatGPTDeletes one or more assets. Displays referencing deleted assets will show broken images. Requires authentication with at least content_only scope.
delete_data_slot
ChatGPTPermanently deletes a data slot. Display HTML fetching its readUrl will receive 404 after deletion. Cannot be undone. Supply group_id to delete a group slot; omit for personal slots. Requires authentication.
delete_display
ChatGPTPermanently deletes a display and all its associated content. This action cannot be undone. Use this only when the user explicitly confirms they want to remove the display. Requires admin scope. Returns id, name and deleted (boolean true).
delete_organization
ChatGPTPermanently deletes an organization, releasing all its displays and removing all members. Only the owner can delete. This cannot be undone. Requires admin scope.
fetch
ChatGPTRetrieves the full details of a single agentView resource identified by its URI. Use this after search to read the complete content of a discovered resource, or directly when you already know the URI. Public URIs (e.g. agentview://public/status, agentview://public/instructions) require no authentication; private URIs (e.g. agentview://account/me, agentview://display/{id}) require a valid session. Returns uri, type, title, text (human-readable content) and data (structured details).
get_account
ChatGPTReturns the authenticated user's account profile including userId, name, email, plan with feature details, personal display limits, total accessible displays across all organizations, organization memberships summary and points balance. Use this to answer questions about the user's subscription, display quota, organization memberships or plan capabilities. Requires authentication with at least content_only scope. Do not use this to list displays — use list_displays instead.
get_asset
ChatGPTReturns metadata for a single asset including its URL. Use this to verify an asset still exists before referencing it in HTML. Requires authentication with at least content_only scope.
get_auth_session
ChatGPTPolls the status of a login session created by create_auth_session and returns the agent token once the user completes the browser login. Use this after create_auth_session; poll every 2-3 seconds until the status is no longer 'pending'. Do not use this for any other purpose. Returns one of three states: 'pending' (user has not logged in yet — keep polling), 'active' (login succeeded — response includes token as a raw JWT string and tokenExpiresAt as ISO 8601 timestamp), or 'expired' (login window or token timed out — call create_auth_session again). When status is active the current MCP session is automatically authenticated; you can call protected tools immediately.
get_billing_url
ChatGPTReturns a URL to the user's billing and subscription page where they can purchase or manage premium display licenses. Use this when the user wants to buy more licenses, upgrade their plan, or manage their subscription. Present the URL to the user and offer to allocate and assign the new licenses once the purchase is complete. Requires content_only scope.
get_data_slot
ChatGPTReturns the current JSON content and metadata of a data slot by slug. Supply group_id to look up a group slot; omit it for personal slots. The response includes readUrl — the public anonymous URL for display HTML to fetch. Requires authentication.
get_data_slot_usage
ChatGPTLists displays whose IdleHtmlContent embeds a {{slot:<slug>}} placeholder for this data slot (with optional .readUrl / .slug / .label / .key suffix). Use this BEFORE delete_data_slot to know which displays will start returning 404, or before set_data_slot on a structural change to know which displays will pick up the new shape. Scope is restricted to displays the caller can already see in the same scope as the slot. Capped at 50 results; 'truncated' is true if more matches exist. Requires authentication.
get_display
ChatGPTReturns the full details of a single display including its live state, current content, pairing links, screen and viewport facts, touch capability, runtime classification, hardware/UI settings, and the latest reported browser/runtime facts. Use this when you already know the display ID and need its complete state. Do not use this to discover displays — use list_displays first. Requires authentication with at least content_only scope.
get_display_capabilities
ChatGPTReturns resolved display capabilities for a display, including effective network mode plus concrete browser/runtime facts such as screen, viewport, touch/input hints, browser and engine version, platform classification, feature support, known limitations, graphics hints, and a recommended delivery mode. Call this BEFORE generating or sending HTML so your agent can match the content to the real display browser. Requires authentication with at least content_only scope.
get_display_content
ChatGPTReturns the current content state of a display including the active live content file, currentContentDescription, content URL, a live preview link (displayUrl) that can be opened in a browser, idle content and delivery status. Use currentContentDescription first to understand intent; call read_display_html only when raw source access is truly needed. The displayUrl shows exactly what the display renders in real time. Requires authentication with at least content_only scope.
get_license_info
ChatGPTReturns the authenticated user's complete license allocation overview: total premium licenses, personal usage, allocatable licenses, per-organization allocations, and free licenses. Use this to understand available capacity before allocating licenses. Requires content_only scope.
get_organization
ChatGPTReturns full details of a specific organization including its displays, members with roles, allocated slots and remaining capacity. Use this after list_organizations to inspect a specific organization's state. Requires authentication with at least content_only scope and the user must be a member of the organization.
get_pricing
ChatGPTReturns agentView plan pricing, features and upgrade options. Use this when the user asks about pricing, costs, plan differences or what an additional display costs. No authentication required. Returns an array of plans with name, price, included displays and features, plus the per-display add-on price and a link to the pricing page.
get_public_status
ChatGPTReturns the server's public readiness status, version string and discovery URLs. Use this before authenticating to verify the server is reachable and to obtain entry-point URLs. No authentication required. Returns status ('ready'), server name, version, statusUrl and instructionsUrl.
get_storage_quota
ChatGPTReturns the storage-pool snapshot (used / limit / remaining bytes) for the personal scope or a specific group. Data slots and uploaded assets share one quota; call this BEFORE set_data_slot or upload_asset on large payloads to verify the write will fit and avoid a 413 quota_exceeded round-trip. Suppresses raw numbers for narrowly-scoped API keys to avoid leaking org-wide storage state.
get_store_template_details
ChatGPTReturns the full public details of a single store template: localized title, short description, long-form markdown (intro, use cases, audience, setup), category, optional suite (design family), tags, theme, designStyle, placement, features list, preview image URL and store detail path. Use this after search_store_templates picks a candidate so you can explain the template to the user before offering to send it to one of their displays. No authentication required.
get_store_template_install_options
ChatGPTReturns the displays the authenticated user can send a given store template to, plus the data slots the template needs. Call this before send_store_template_to_display so you can (1) show the user which Türschild they can target and (2) gather any per-slot JSON the template consumes (greeting, menu JSON, sensor URL, ...). Requires authentication with at least content_only scope. Returns templateSlug, language, displays (array of {displayId, name, scope='personal'|'group', groupId?, isLocked}) and requiredDataSlots (array of {key, label, type, placeholderName, required}). When no displays come back, tell the user they first need to create/claim a display (create_display / pair_by_code) before installing store content. API-key callers with a display whitelist only see their scoped displays.
invite_member
ChatGPTCreates an invite link to add a new member to an organization. The invite is valid for 7 days. Optionally bind it to a specific email address. Requires admin scope and the user must be an admin or owner of the organization. Returns the inviteUrl to share with the invitee.
list_api_keys
ChatGPTLists all API keys for the current user. Returns key metadata (prefix, name, scope, dates) but never the raw key. Requires admin scope.
list_assets
ChatGPTLists uploaded assets with optional filtering. When working with an organization display, pass its orgId as group_id to search the group's shared asset pool. Without group_id, only personal assets are returned. Check this before uploading to avoid duplicates. Requires authentication with at least content_only scope.
list_data_slots
ChatGPTLists data slots with optional filtering. Returns metadata only (no jsonContent). Each item includes readUrl: /data/u/{publicSlug}/{slug}.json or /data/g/{groupSlug}/{slug}.json. Use readUrl in display HTML fetch() calls. Requires authentication.
list_display_categories
ChatGPTLists the authenticated user's personal display categories and assignment counts. Requires authentication with at least content_only scope.
list_displays
ChatGPTReturns all displays accessible to the authenticated user as an array with count and display details. Use this to discover available display IDs before reading or modifying a specific display with get_display or send_html. Requires authentication with at least content_only scope; admin is not required. Each display entry includes id (8-character alphanumeric profile ID), name, status, locked, displayUrl, setupUrl, pairingUrl and other management links plus a compact runtime summary such as screen resolution, touch support, deviceClass and deviceFamily when known. Do not use this to get full details of one display — use get_display with the display_id instead.
list_org_displays
ChatGPTReturns all displays in an organization with their real-time connection status, online/offline state, and license info. Use this for fleet monitoring. Requires content_only scope and organization membership.
list_organizations
ChatGPTReturns all organizations the authenticated user belongs to with their role, display count, member count and allocated slots. Use this to answer questions about the user's organizations, how many displays an organization has, or team membership. Requires authentication with at least content_only scope.
list_public_api_categories
ChatGPTLists all public-API categories with the number of APIs in each. Call this BEFORE search_public_apis when you want to offer the user a guided category pick (weather, finance, news, etc.), or when answering 'what kinds of free APIs do you have?'. No authentication required.
list_store_categories
ChatGPTLists all published agentView store categories (e.g. Gastronomie, Wartezimmer, Empfang, Smart Home) with localized titles, descriptions and template counts. Use this to narrow a subsequent search_store_templates call when the user asks for 'templates for a waiting room' or similar. No authentication required. Returns count, language and a categories array; each entry has slug, title, description, templateCount, heroIconKey and detailPath.
lock_display
ChatGPTLocks a display so that content changes such as send_html, send_url and clear_display are rejected until unlock_display is called. Use this when the user wants to protect a display from accidental content changes. The display continues showing its current content. Requires admin scope. Returns id and locked (boolean true). To reverse this, use unlock_display.
logout
ChatGPTClears the cached authentication identity from the current MCP session. Use this when the user wants to end the session or switch accounts. This does not revoke the underlying JWT token — it only removes the session-local cache. After logout, protected tools will require re-authentication. Returns loggedOut (boolean) and sessionBound (boolean).
pair_by_code
ChatGPTPREFERRED way to set up a physical display — and the DEFAULT for any ambiguous user request about creating, adding, or setting up a display. Unless the user explicitly asks for pre-provisioning without hardware or a virtual/headless display, ALWAYS use this tool instead of create_display. agentView is purely browser-based — there is NO native app to install. Workflow: (1) Ask the user to open https://display.agentview.de in any web browser on the target TV/screen/tablet, (2) ask them to read the 6-character code shown on screen, (3) call this tool with the code. This creates and pairs the display in one step — no orphaned or offline displays. Two modes: (A) New display — provide code + profile_name to create and pair in one step. This is the recommended default for first-time setup. (B) Rebind — provide code + target_display_id to move an existing display profile to new hardware. Call list_displays first to get the target_display_id. Always prefer this over create_display or create_org_display for physical devices. Requires admin scope.
read_display_html
ChatGPTReads the raw HTML source code that is currently shown on a display. Use this when you want to inspect, modify or reuse the existing content. Typical workflow: call read_display_html to get the current HTML, make changes, then send the modified HTML back via send_html. Returns the HTML as a string plus metadata (character count, content type, when it was sent). If no live content is active, returns the idle/default HTML if one is set. Requires authentication with at least content_only scope.
remove_display_from_org
ChatGPTRemoves a display from an organization, clearing its group assignment and all display grants. The display becomes unassigned. Requires admin scope and admin or owner role.
remove_display_grant
ChatGPTRemoves a user's access grant from a display within an organization. Requires admin scope and admin or owner role.
remove_member
ChatGPTRemoves a member from an organization. Transfers their owned displays to a successor, unassigns their license allocations, and removes their display grants. Cannot remove the last owner. Requires admin scope and admin or owner role.
rename_display
ChatGPTChanges the friendly name of an existing display. Use this when the user wants to update only the display name without affecting its content or state. Requires admin scope. Returns id and the updated name.
rename_display_category
ChatGPTRenames one personal display category by ID. Assignments and grants keep working because they reference the stable category ID.
rename_organization
ChatGPTRenames an existing organization. Requires admin scope and admin or owner role in the organization.
revoke_api_key
ChatGPTPermanently revokes an API key. This is irreversible — the key will immediately stop working. Requires admin scope.
search
ChatGPTSearches agentView resources by keyword and returns a ranked list of matching resource URIs with titles and snippets. Use this to discover resources before calling fetch for full details. Do not use this if you already know the exact resource URI — call fetch directly instead. Without authentication only public documentation resources are searched; with authentication your account and accessible displays are included. Returns query, resourceType, count and a results array where each entry has uri, type, title, snippet and requiresAuthentication.
search_public_apis
ChatGPTSearches a curated catalog of 600+ free, public APIs that require no authentication and work over HTTPS — ideal for embedding live data in display HTML pages via fetch(). Covers 47 categories including weather, news, finance, sports, images, food, entertainment, science, geocoding and more. Use this when generating HTML that needs live data from the internet. Returns matching APIs with documentation links, CORS support info and ready-to-use fetch() code hints. No authentication required.
search_store_templates
ChatGPTSearches the agentView public template store for ready-made display designs (e.g. 'Zahnarzt-Wartezimmer', 'Bistro warm', 'Empfang'). Each template is a polished HTML design a user can push to one of their Türschild / digital-signage displays via send_store_template_to_display. Use this when the user describes a use case and wants to pick a pre-built design instead of having you generate raw HTML. No authentication required. Returns total, offset, limit, language and a templates array; each entry has slug, title, description, category, optional suite (design family), tags, theme, designStyle, placement, previewImageUrl (screenshot PNG), detailPath, previewPath, featured and publishedAt. Use get_store_template_details(slug) for the full rich description before recommending a template.
send_html
ChatGPTSend HTML content to a display. Prefer this over send_url unless the user explicitly wants an external website rendered as-is. For rich content with images, fonts, or media, first upload assets using upload_asset and reference the returned URLs in your HTML. Include content_description whenever possible so get_display_content can describe intent without immediately reading raw HTML. Assets are cached on the display — only the HTML is re-downloaded on updates. Use <img src="asset_url">, <video src="asset_url">, or @font-face { src: url("asset_url") } to embed assets. Before generating complex HTML, call get_display_capabilities for the target display so you know the real browser/runtime limits. Produce high-quality, visually polished output suitable for digital signage: clean typography, balanced spacing, large readable fonts, consistent colors, full-screen layout (100vw/100vh, no scrollbars), and smooth animations where appropriate. Always include <meta charset='UTF-8'> and <meta name='viewport' content='width=device-width, initial-scale=1'>. Requires authentication with at least content_only scope. Exactly one of html or base64_html must be provided. Returns id, name, duration, file and version.
send_store_template_to_display
ChatGPTInstalls a published store template onto one of the authenticated user's displays. The server materializes the template HTML, auto-creates any required data slots (reusing existing slots from a prior install when possible) and publishes the result so the Türschild updates within seconds. Requires authentication with at least content_only scope, control access to the target display, and (for API-key callers) the display.send capability. Returns templateSlug, versionId, displayId, fileName, contentVersionId and installedSlots (each with key, placeholderName, slug, readUrl, groupId, type). Errors: 'template_not_found', 'display_not_found', 'access_denied', 'slot_install_failed', 'storage_quota_exceeded', 'invalid_slot_override', 'publish_failed'. Always call get_store_template_install_options first so you know which slots this template needs and which displays the user can target. The data_slot_overrides argument lets you customize per-slot JSON without a follow-up set_data_slot call — perfect for 'show my daily menu' flows where the LLM generates the JSON on the fly.
send_url
ChatGPTLoads a web page by URL on a display using a full-page iframe, immediately replacing whatever is currently shown. Use this when the user wants to show an external website, dashboard or web app on a display. Include content_description whenever available so get_display_content can communicate intent without immediately calling read_display_html. The URL must be an absolute HTTP or HTTPS address. Call get_display_capabilities first to confirm connectivity and browser/runtime support before relying on a remote page. Requires authentication with at least content_only scope. Returns id, name, duration, file (stored filename) and version (content version ID).
set_data_slot
ChatGPTCreates or updates a mutable JSON data slot (max 2 MB). Display HTML reads it via the readUrl returned in the response: /data/u/{publicSlug}/{slug}.json (personal) or /data/g/{groupSlug}/{slug}.json (group). Slugs are unique per-user or per-group — two users can both use slug 'weather'. Human-readable slugs are not secret. Two slot kinds are supported: omit 'type' or pass 'value' to store the JSON content verbatim (default); pass 'type' = 'aggregate' to store a composite slot whose 'content' is a definition document of the shape { sources: [{slot,as}], onMissing, includeMeta }. The public read URL of an aggregate slot resolves and combines the source slots on every fetch, so displays only need one request to read multiple producers. Aggregate sources must live in the same scope (personal aggregate → personal sources; group aggregate → sources in the same group). Requires authentication with content scope. Note: in the dashboard UI, aggregate slots are presented to the user as 'JSON collections'. When a user asks to 'create a JSON collection' or 'combine slots', use type='aggregate'.
set_display_categories_for_display
ChatGPTReplaces the caller's personal category assignments on one display with the provided category ID list. Empty array clears assignments.
set_display_grant
ChatGPTGrants a specific user access to a specific display within an organization. Creates or updates the grant. The target user must be a member of the organization. Access levels: 'view' (see status) or 'control' (send content). Requires admin scope.
set_idle_content
ChatGPTSets or clears the default idle content for a display. Idle content is shown whenever the display has no active live content (after clear_display, after duration expires, or on first connect). Provide html to set idle content, or omit it to clear idle content and revert to the system default. Provide content_description to improve later state reads. Requires admin scope. Returns id, name and idle content metadata.
set_org_connectivity
ChatGPTSets the default connectivity mode and global whitelist for an organization. These settings apply to all displays in the org unless overridden at the display level. Use this when an org admin wants to declare their network topology (e.g., 'our displays can only reach *.corp.local'). Requires admin scope and Org-Admin role.
test_display_content
ChatGPTDRY-RUN validator for HTML payloads. Pushes the HTML through agentView's size + description checks WITHOUT touching any real display. Use this when an LLM has just generated HTML and you want to confirm it is well-formed and within limits BEFORE risking a real send_html call. No display_id is needed; the response carries simulated=true. Capped at 1 MB.
unassign_license
ChatGPTRemoves a premium license from a display, restoring the watermark and ad eligibility. The license returns to the user's available pool (personal) or the group's allocated slot pool (organization). Requires admin scope. Returns id, name, isPremiumAssigned, badgeMode and freeLicenses.
unlock_display
ChatGPTUnlocks a previously locked display so that content changes (send_html, send_url, clear_display) are accepted again. Use this when the user wants to resume managing a locked display. Requires admin scope. Returns id and locked (boolean false). To lock again, use lock_display.
update_asset
ChatGPTUpdates the name and/or description of an existing asset. The URL does not change. At least one of name or description must be provided. Requires authentication with at least content_only scope.
update_member_role
ChatGPTChanges a member's role within an organization. Cannot change your own role or the owner's role. Requires admin scope and admin or owner role.
upload_asset
ChatGPTUpload one or more files (images, fonts, CSS, video, etc.) as assets and receive stable URLs. Use these URLs in your HTML with <img src="..."> or @font-face { src: url("...") }. Assets are cached on displays — only the HTML is re-downloaded on updates. Pass files as base64-encoded data. IMPORTANT: When creating content for an organization display (a display with an orgId), pass that orgId as group_id so assets are stored in the group's shared storage pool. Omit group_id only for personal displays. Requires authentication with at least content_only scope.
