L0 Py Blocks MCP Server

Selise Blocks (L0 Py Blocks)

Selise Blocks is a multi-tenant application development platform. This bundle provides full CRUD for projects, roles, permissions, schemas, translations, and security configuration (social login, MFA, CAPTCHA).

Entity Hierarchy

• Projects are the top-level tenant boundary. Every other resource is scoped to a project via project_key.
• Application Domain identifies the target environment (URL). Retrieved from the project list or set explicitly.
• Global State tracks the current auth token, active project, and application domain in the session.

Within a project:

• Roles contain Permissions. Assign/remove permissions to roles by slug.
• Schemas define GraphQL data models with typed fields. Resource groups organize schemas.
• Translation Modules contain Keys, each with per-language values. Languages are project-scoped.
• CAPTCHA Configs are provider-specific (reCAPTCHA or hCaptcha) and can be toggled on/off individually.

CRUD Capabilities

Full CRUD (create, read, update, delete/modify):

• Projects — create new projects, list all projects with domains.
• Permissions — create, update by ID, list all for a project.
• Roles — create, list, query permissions by role slug, assign/remove permissions.
• Schemas — create, list, get fields by ID, update fields, finalize changes.
• Translation Modules — create modules, get keys, save keys with translations, publish.
• CAPTCHA — save config (reCAPTCHA/hCaptcha), list configs, toggle enable/disable by ID.

Configuration (write-once or toggle):

• Social Login — activate for a project, add SSO credentials per OAuth provider (Google, Facebook, GitHub).
• MFA — enable email-based or authenticator-based multi-factor auth per project.
• Data Gateway — configure and retrieve the Blocks Data Gateway for GraphQL operations.
• Application Domain — set the active domain and tenant ID for the session.

Read-only:

• Auth status (token validity), global state (current session context), resource groups.

Workflows

Set up a new project: Create a project, then retrieve the project list to get the project_key and application domain. Set the application domain if needed. All subsequent operations use this project key.

Configure authentication: Activate social login, then add SSO credentials for each OAuth provider. Enable MFA (email or authenticator) as a second factor. Query auth status to confirm token validity.

Build RBAC: Create permissions first (named access rights with descriptions), then create roles and assign permissions to them. Query role permissions by slug to audit access.

Manage GraphQL schemas: List existing schemas or create new ones. The field update workflow is three steps: (1) get the schema by ID to see current fields, (2) update the fields, (3) finalize to confirm. Resource groups organize schemas within a project.

Localize the app: List available languages and modules for a project. Create translation modules, populate keys with per-language values, then publish to make translations live.

Add CAPTCHA: Save a CAPTCHA config specifying provider (Google reCAPTCHA or hCaptcha) with site key and secret. List configs to see all, toggle individual configs on/off by ID.

Gotchas

• Project key required: Nearly every operation needs project_key. Always list projects first if you don't have one.
• Schema workflow is sequential: Get → Update fields → Finalize. Skipping steps may leave schemas in an inconsistent state.
• Permissions before roles: Create permissions first, then create roles and assign permissions. You can't assign a permission that doesn't exist yet.
• Publish translations explicitly: Saved translations are not live until published. The publish step is a separate operation.
• CAPTCHA toggle vs config: Saving a CAPTCHA config and enabling it are separate steps. A saved config starts disabled until toggled on.
• CLI tools are dev utilities: The server includes tools to install/check the Blocks CLI via npm — these are for development setup, not application management.