arazzo: 1.0.1
info:
  title: Adafruit IO Issue and Verify Token
  summary: Create a device token for the user, then read it back to confirm it was issued.
  description: >-
    Provisions a scoped device token so hardware can authenticate without the
    account master key. The workflow creates a token and then reads it back by id
    to confirm it was issued, giving the caller a verified handle to the new
    credential. Every step spells out its request inline — including the username
    path parameter and the X-AIO-Key authentication header. Note: the Token
    response schema in the OpenAPI description documents only the `token` field,
    but the token `id` returned by the create call is required as the id path
    parameter on read, so it is captured here from the response body.
  version: 1.0.0
sourceDescriptions:
- name: adafruitIoApi
  url: ../openapi/adafruit-io-rest-api-openapi.yml
  type: openapi
workflows:
- workflowId: issue-and-verify-token
  summary: Create a token and read it back by its id.
  description: >-
    Issues a new token for the user, then fetches it by id to verify the
    creation succeeded.
  inputs:
    type: object
    required:
    - username
    - aioKey
    properties:
      username:
        type: string
        description: A valid Adafruit IO username.
      aioKey:
        type: string
        description: The Adafruit IO API key, sent in the X-AIO-Key header.
      token:
        type: string
        description: Optional token value to set; the service generates one if omitted.
  steps:
  - stepId: createToken
    description: >-
      Create a new token for the user, optionally with a supplied token value.
    operationId: createToken
    parameters:
    - name: username
      in: path
      value: $inputs.username
    - name: X-AIO-Key
      in: header
      value: $inputs.aioKey
    requestBody:
      contentType: application/json
      payload:
        token: $inputs.token
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      tokenId: $response.body#/id
      tokenValue: $response.body#/token
  - stepId: verifyToken
    description: >-
      Read the token back by its id to confirm it was issued.
    operationId: getToken
    parameters:
    - name: username
      in: path
      value: $inputs.username
    - name: id
      in: path
      value: $steps.createToken.outputs.tokenId
    - name: X-AIO-Key
      in: header
      value: $inputs.aioKey
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      verifiedToken: $response.body#/token
  outputs:
    tokenId: $steps.createToken.outputs.tokenId
    verifiedToken: $steps.verifyToken.outputs.verifiedToken