naftiko: 1.0.0-alpha2
info:
  label: Coveo Authorization Server API — Saml Identity Providers
  description: 'Coveo Authorization Server API — Saml Identity Providers. 7 operations. Lead operation: List Manageable Identity
    Providers. Self-contained Naftiko capability covering one Coveo business surface.'
  tags:
  - Coveo
  - Authorization Server
  - Saml Identity Providers
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    COVEO_API_KEY: COVEO_API_KEY
capability:
  consumes:
  - type: http
    namespace: authorization-saml-identity-providers
    baseUri: https://platform.cloud.coveo.com
    description: Coveo Authorization Server API — Saml Identity Providers business capability. Self-contained, no shared references.
    authentication:
      type: bearer
      token: '{{env.COVEO_API_KEY}}'
    resources:
    - name: rest-organizations-organizationId-saml-availables
      path: /rest/organizations/{organizationId}/saml/availables
      operations:
      - name: getavailablesamlidentityproviders
        method: GET
        description: List Manageable Identity Providers
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          description: The unique identifier of the target [organization](https://docs.coveo.com/en/185/).<br />**Example:**
            `mycoveocloudv2organizationg8tp8wu3`
          required: true
    - name: rest-organizations-organizationId-saml-enabled
      path: /rest/organizations/{organizationId}/saml/enabled
      operations:
      - name: issamlidentityproviderenabled
        method: GET
        description: Check If Any Identity Provider Exists
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          description: The unique identifier of the target [organization](https://docs.coveo.com/en/185/).<br />**Example:**
            `mycoveocloudv2organizationg8tp8wu3`
          required: true
    - name: rest-organizations-organizationId-saml-identityprovider
      path: /rest/organizations/{organizationId}/saml/identityprovider
      operations:
      - name: getidentityprovider
        method: GET
        description: Show Identity Provider
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          description: 'The [unique identifier of the organization](https://docs.coveo.com/en/n1ce5273/manage-an-organization/find-your-organization-id)
            for which to show the identity '
          required: true
      - name: updateidentityprovider
        method: PUT
        description: Update Identity Provider
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          description: The unique identifier of the target [organization](https://docs.coveo.com/en/185/).<br />**Example:**
            `mycoveocloudv2organizationg8tp8wu3`
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: createidentityprovider
        method: POST
        description: Create Identity Provider
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          description: The unique identifier of the target [organization](https://docs.coveo.com/en/185/).<br />**Example:**
            `mycoveocloudv2organizationg8tp8wu3`
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: deleteidentityprovider
        method: DELETE
        description: Delete Identity Provider
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          description: The [unique identifier of the organization](https://docs.coveo.com/en/n1ce5273/manage-an-organization/find-your-organization-id)
            for which to delete the SAML id
          required: true
    - name: rest-organizations-organizationId-saml-identityprovider-realms
      path: /rest/organizations/{organizationId}/saml/identityprovider/realms
      operations:
      - name: getrealmsforsamlidentityprovider
        method: GET
        description: List Identity Provider Realms
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          description: The [unique identifier of the organization](https://docs.coveo.com/en/n1ce5273/manage-an-organization/find-your-organization-id)
            for which to list realms.</br>*
          required: true
  exposes:
  - type: rest
    namespace: authorization-saml-identity-providers-rest
    port: 8080
    description: REST adapter for Coveo Authorization Server API — Saml Identity Providers. One Spectral-compliant resource
      per consumed operation, prefixed with /v1.
    resources:
    - path: /v1/organizations/{organizationid}/saml/availables
      name: rest-organizations-organizationid-saml-availables
      description: REST surface for rest-organizations-organizationId-saml-availables.
      operations:
      - method: GET
        name: getavailablesamlidentityproviders
        description: List Manageable Identity Providers
        call: authorization-saml-identity-providers.getavailablesamlidentityproviders
        with:
          organizationId: rest.organizationId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/organizations/{organizationid}/saml/enabled
      name: rest-organizations-organizationid-saml-enabled
      description: REST surface for rest-organizations-organizationId-saml-enabled.
      operations:
      - method: GET
        name: issamlidentityproviderenabled
        description: Check If Any Identity Provider Exists
        call: authorization-saml-identity-providers.issamlidentityproviderenabled
        with:
          organizationId: rest.organizationId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/organizations/{organizationid}/saml/identityprovider
      name: rest-organizations-organizationid-saml-identityprovider
      description: REST surface for rest-organizations-organizationId-saml-identityprovider.
      operations:
      - method: GET
        name: getidentityprovider
        description: Show Identity Provider
        call: authorization-saml-identity-providers.getidentityprovider
        with:
          organizationId: rest.organizationId
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: updateidentityprovider
        description: Update Identity Provider
        call: authorization-saml-identity-providers.updateidentityprovider
        with:
          organizationId: rest.organizationId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: createidentityprovider
        description: Create Identity Provider
        call: authorization-saml-identity-providers.createidentityprovider
        with:
          organizationId: rest.organizationId
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: deleteidentityprovider
        description: Delete Identity Provider
        call: authorization-saml-identity-providers.deleteidentityprovider
        with:
          organizationId: rest.organizationId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/organizations/{organizationid}/saml/identityprovider/realms
      name: rest-organizations-organizationid-saml-identityprovider-realms
      description: REST surface for rest-organizations-organizationId-saml-identityprovider-realms.
      operations:
      - method: GET
        name: getrealmsforsamlidentityprovider
        description: List Identity Provider Realms
        call: authorization-saml-identity-providers.getrealmsforsamlidentityprovider
        with:
          organizationId: rest.organizationId
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: authorization-saml-identity-providers-mcp
    port: 9090
    transport: http
    description: MCP adapter for Coveo Authorization Server API — Saml Identity Providers. One tool per consumed operation,
      routed inline through this capability's consumes block.
    tools:
    - name: list-manageable-identity-providers
      description: List Manageable Identity Providers
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: authorization-saml-identity-providers.getavailablesamlidentityproviders
      with:
        organizationId: tools.organizationId
      outputParameters:
      - type: object
        mapping: $.
    - name: check-if-any-identity-provider
      description: Check If Any Identity Provider Exists
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: authorization-saml-identity-providers.issamlidentityproviderenabled
      with:
        organizationId: tools.organizationId
      outputParameters:
      - type: object
        mapping: $.
    - name: show-identity-provider
      description: Show Identity Provider
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: authorization-saml-identity-providers.getidentityprovider
      with:
        organizationId: tools.organizationId
      outputParameters:
      - type: object
        mapping: $.
    - name: update-identity-provider
      description: Update Identity Provider
      hints:
        readOnly: false
        destructive: false
        idempotent: true
      call: authorization-saml-identity-providers.updateidentityprovider
      with:
        organizationId: tools.organizationId
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: create-identity-provider
      description: Create Identity Provider
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: authorization-saml-identity-providers.createidentityprovider
      with:
        organizationId: tools.organizationId
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: delete-identity-provider
      description: Delete Identity Provider
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: authorization-saml-identity-providers.deleteidentityprovider
      with:
        organizationId: tools.organizationId
      outputParameters:
      - type: object
        mapping: $.
    - name: list-identity-provider-realms
      description: List Identity Provider Realms
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: authorization-saml-identity-providers.getrealmsforsamlidentityprovider
      with:
        organizationId: tools.organizationId
      outputParameters:
      - type: object
        mapping: $.