# Tools & scopes — the Passport MCP catalog

Every tool the Passport MCP advertises, the scope each requires, and how discovery works. A connection only sees a tool when its token holds every scope that tool declares.

## Scopes

Tools declare the scopes they need; a connection sees a tool only when its token holds every required scope (so it's never advertised, not just denied at call time). The in-run session token holds all three:

| Scope | Session token | User's personal token |
| --- | --- | --- |
| `identity:read` | ✓ | ✓ |
| `conversation:read` | ✓ | — |
| `conversation:write` | ✓ | — |

## The tool catalog

| Tool | Returns | Requires |
| --- | --- | --- |
| `get_identity` | Display name, handle, bio, member-since date. See **[Identity](/docs/passport-mcp/identity)**. | Any token |
| `get_conversation_history` | The transcript of the current conversation. See **[Conversation history](/docs/passport-mcp/conversation)**. | Session token only |
| `post_reply` | Append an assistant message. The first reply closes the active turn; later replies append while the token is valid. See **[Replies](/docs/replies)**. | Session token only |
| `list_jobs` | Read active/all jobs in this conversation. See **[Jobs](/docs/jobs)**. | Session token only |
| `propose_job` | Propose a user-approved billable job. See **[Jobs](/docs/jobs)**. | Session token only |
| `complete_job` | Complete a job and capture any approved hold. See **[Jobs](/docs/jobs)**. | Session token only |
| `cancel_job` | Cancel a job and release any approved hold. See **[Jobs](/docs/jobs)**. | Session token only |

## Discovery & health check

> **GET is your discovery endpoint:** There's no separate `/healthz` — an unauthenticated `GET https://onbf.ai/api/mcp` is your health/discovery endpoint. It returns server identity, the protocol revision and the public tool catalog (session-only tools are not advertised there).