naftiko: 1.0.0-alpha2 info: label: Arcade Engine — Authorization description: 'Authorization surface — 4 operations. Lead operation: Initiate Authorization. Self-contained Naftiko capability covering one Arcade business surface.' tags: - Arcade - Engine - Authorization created: '2026-05-22' modified: '2026-05-22' binds: - namespace: env keys: ARCADE_API_KEY: ARCADE_API_KEY capability: consumes: - type: http namespace: engine-authorization baseUri: https://api.arcade.dev description: Arcade Engine — Authorization business capability. Self-contained, no shared references. authentication: type: bearer token: '{{env.ARCADE_API_KEY}}' resources: - name: v1-auth-authorize path: /v1/auth/authorize operations: - name: initiate-authorization method: POST description: Initiate Authorization outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object required: true description: Request body. - name: v1-auth-confirm-user path: /v1/auth/confirm_user operations: - name: confirm-user-auth-flow method: POST description: Confirm User Authorization outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object required: true description: Request body. - name: v1-auth-status path: /v1/auth/status operations: - name: auth-status method: GET description: Check Authorization Status outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: query type: string required: true description: Authorization ID - name: wait in: query type: integer required: false description: Timeout in seconds (max 59) - name: v1-auth-validate-custom-verifier path: /v1/auth/validate_custom_verifier operations: - name: test-authorization-flow method: POST description: Test Authorization Flow outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object required: true description: Request body. exposes: - type: rest namespace: engine-authorization-rest port: 8080 description: REST adapter for Arcade Engine — Authorization. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/auth/authorize name: v1-auth-authorize description: REST surface for /v1/auth/authorize. operations: - method: POST name: initiate-authorization description: Initiate Authorization call: engine-authorization.initiate-authorization with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/auth/confirm-user name: v1-auth-confirm-user description: REST surface for /v1/auth/confirm-user. operations: - method: POST name: confirm-user-auth-flow description: Confirm User Authorization call: engine-authorization.confirm-user-auth-flow with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/auth/status name: v1-auth-status description: REST surface for /v1/auth/status. operations: - method: GET name: auth-status description: Check Authorization Status call: engine-authorization.auth-status with: id: rest.id wait: rest.wait outputParameters: - type: object mapping: $. - path: /v1/auth/validate-custom-verifier name: v1-auth-validate-custom-verifier description: REST surface for /v1/auth/validate-custom-verifier. operations: - method: POST name: test-authorization-flow description: Test Authorization Flow call: engine-authorization.test-authorization-flow with: body: rest.body outputParameters: - type: object mapping: $. - type: mcp namespace: engine-authorization-mcp port: 9090 transport: http description: MCP adapter for Arcade Engine — Authorization. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: initiate-authorization description: Initiate Authorization hints: readOnly: false destructive: false idempotent: false call: engine-authorization.initiate-authorization with: body: tools.body outputParameters: - type: object mapping: $. - name: confirm-user-authorization description: Confirm User Authorization hints: readOnly: false destructive: false idempotent: false call: engine-authorization.confirm-user-auth-flow with: body: tools.body outputParameters: - type: object mapping: $. - name: check-authorization-status description: Check Authorization Status hints: readOnly: true destructive: false idempotent: true call: engine-authorization.auth-status with: id: tools.id wait: tools.wait outputParameters: - type: object mapping: $. - name: test-authorization-flow description: Test Authorization Flow hints: readOnly: true destructive: false idempotent: false call: engine-authorization.test-authorization-flow with: body: tools.body outputParameters: - type: object mapping: $.