naftiko: 1.0.0-alpha2 info: label: Agent API — Violations description: 'Agent API — Violations. 7 operations. Lead operation: Get violations as a result of policy enforcement on messages.. Self-contained Naftiko capability covering one Finos business surface.' tags: - Finos - Violations created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: FINOS_API_KEY: FINOS_API_KEY capability: consumes: - type: http namespace: symphony-agent-violations baseUri: '' description: Agent API — Violations business capability. Self-contained, no shared references. resources: - name: v1-dlp-violations-message path: /v1/dlp/violations/message operations: - name: get method: GET description: Get violations as a result of policy enforcement on messages. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: startTime in: query type: integer description: Timestamp of the first required violation. required: true - name: endTime in: query type: integer description: Timestamp of the last required violation. - name: next in: query type: string description: Offset of the next chunk of violations. Value is null for the first request. - name: limit in: query type: integer description: Max No. of violations to return. If no value is provided, 50 is the default. The maximum supported value is 500. - name: sessionToken in: header type: string description: Session authentication token. required: true - name: keyManagerToken in: header type: string description: Key Manager authentication token. - name: v1-dlp-violations-signal path: /v1/dlp/violations/signal operations: - name: get method: GET description: Get violations as a result of policy enforcement on signals. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: startTime in: query type: integer description: Timestamp of the first required violation. required: true - name: endTime in: query type: integer description: Timestamp of the last required violation. - name: next in: query type: string description: Offset of the next chunk of violations. Value is null for the first request. - name: limit in: query type: integer description: Max No. of violations to return. If no value is provided, 50 is the default. The maximum supported value is 500. - name: sessionToken in: header type: string description: Session authentication token. required: true - name: keyManagerToken in: header type: string description: Key Manager authentication token. - name: v1-dlp-violations-stream path: /v1/dlp/violations/stream operations: - name: get method: GET description: Get violations as a result of policy enforcement on streams. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: startTime in: query type: integer description: Timestamp of the first required violation. required: true - name: endTime in: query type: integer description: Timestamp of the last required violation. - name: next in: query type: string description: Offset of the next chunk of violations. Value is null for the first request. - name: limit in: query type: integer description: Max No. of violations to return. If no value is provided, 50 is the default. The maximum supported value is 500. - name: sessionToken in: header type: string description: Session authentication token. required: true - name: keyManagerToken in: header type: string description: Key Manager authentication token. - name: v3-dlp-violation-attachment path: /v3/dlp/violation/attachment operations: - name: get method: GET description: Get attachments that were sent as part of messages that were flagged by the DLP System. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: fileId in: query type: string description: ID of attachment that will be downloaded. required: true - name: violationId in: query type: string description: ID of violation that corresponds to the flagged message that contains the attachment required: true - name: sessionToken in: header type: string description: Session authentication token. required: true - name: keyManagerToken in: header type: string description: Key Manager authentication token. - name: v3-dlp-violations-message path: /v3/dlp/violations/message operations: - name: get method: GET description: Get violations as a result of policy enforcement on messages. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: startTime in: query type: integer description: Timestamp of the first required violation. required: true - name: endTime in: query type: integer description: Timestamp of the last required violation. - name: next in: query type: string description: Offset of the next chunk of violations. Value is null for the first request. - name: limit in: query type: integer description: Max No. of violations to return. If no value is provided, 50 is the default. The maximum supported value is 500. - name: sessionToken in: header type: string description: Session authentication token. required: true - name: keyManagerToken in: header type: string description: Key Manager authentication token. - name: v3-dlp-violations-signal path: /v3/dlp/violations/signal operations: - name: get method: GET description: Get violations as a result of policy enforcement on signals. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: startTime in: query type: integer description: Timestamp of the first required violation. required: true - name: endTime in: query type: integer description: Timestamp of the last required violation. - name: next in: query type: string description: Offset of the next chunk of violations. Value is null for the first request. - name: limit in: query type: integer description: Max No. of violations to return. If no value is provided, 50 is the default. The maximum supported value is 500. - name: sessionToken in: header type: string description: Session authentication token. required: true - name: keyManagerToken in: header type: string description: Key Manager authentication token. - name: v3-dlp-violations-stream path: /v3/dlp/violations/stream operations: - name: get method: GET description: Get violations as a result of policy enforcement on streams. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: startTime in: query type: integer description: Timestamp of the first required violation. required: true - name: endTime in: query type: integer description: Timestamp of the last required violation. - name: next in: query type: string description: Offset of the next chunk of violations. Value is null for the first request. - name: limit in: query type: integer description: Max No. of violations to return. If no value is provided, 50 is the default. The maximum supported value is 500. - name: sessionToken in: header type: string description: Session authentication token. required: true - name: keyManagerToken in: header type: string description: Key Manager authentication token. exposes: - type: rest namespace: symphony-agent-violations-rest port: 8080 description: REST adapter for Agent API — Violations. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/v1/dlp/violations/message name: v1-dlp-violations-message description: REST surface for v1-dlp-violations-message. operations: - method: GET name: get description: Get violations as a result of policy enforcement on messages. call: symphony-agent-violations.get with: startTime: rest.startTime endTime: rest.endTime next: rest.next limit: rest.limit sessionToken: rest.sessionToken keyManagerToken: rest.keyManagerToken outputParameters: - type: object mapping: $. - path: /v1/v1/dlp/violations/signal name: v1-dlp-violations-signal description: REST surface for v1-dlp-violations-signal. operations: - method: GET name: get description: Get violations as a result of policy enforcement on signals. call: symphony-agent-violations.get with: startTime: rest.startTime endTime: rest.endTime next: rest.next limit: rest.limit sessionToken: rest.sessionToken keyManagerToken: rest.keyManagerToken outputParameters: - type: object mapping: $. - path: /v1/v1/dlp/violations/stream name: v1-dlp-violations-stream description: REST surface for v1-dlp-violations-stream. operations: - method: GET name: get description: Get violations as a result of policy enforcement on streams. call: symphony-agent-violations.get with: startTime: rest.startTime endTime: rest.endTime next: rest.next limit: rest.limit sessionToken: rest.sessionToken keyManagerToken: rest.keyManagerToken outputParameters: - type: object mapping: $. - path: /v1/v3/dlp/violation/attachment name: v3-dlp-violation-attachment description: REST surface for v3-dlp-violation-attachment. operations: - method: GET name: get description: Get attachments that were sent as part of messages that were flagged by the DLP System. call: symphony-agent-violations.get with: fileId: rest.fileId violationId: rest.violationId sessionToken: rest.sessionToken keyManagerToken: rest.keyManagerToken outputParameters: - type: object mapping: $. - path: /v1/v3/dlp/violations/message name: v3-dlp-violations-message description: REST surface for v3-dlp-violations-message. operations: - method: GET name: get description: Get violations as a result of policy enforcement on messages. call: symphony-agent-violations.get with: startTime: rest.startTime endTime: rest.endTime next: rest.next limit: rest.limit sessionToken: rest.sessionToken keyManagerToken: rest.keyManagerToken outputParameters: - type: object mapping: $. - path: /v1/v3/dlp/violations/signal name: v3-dlp-violations-signal description: REST surface for v3-dlp-violations-signal. operations: - method: GET name: get description: Get violations as a result of policy enforcement on signals. call: symphony-agent-violations.get with: startTime: rest.startTime endTime: rest.endTime next: rest.next limit: rest.limit sessionToken: rest.sessionToken keyManagerToken: rest.keyManagerToken outputParameters: - type: object mapping: $. - path: /v1/v3/dlp/violations/stream name: v3-dlp-violations-stream description: REST surface for v3-dlp-violations-stream. operations: - method: GET name: get description: Get violations as a result of policy enforcement on streams. call: symphony-agent-violations.get with: startTime: rest.startTime endTime: rest.endTime next: rest.next limit: rest.limit sessionToken: rest.sessionToken keyManagerToken: rest.keyManagerToken outputParameters: - type: object mapping: $. - type: mcp namespace: symphony-agent-violations-mcp port: 9090 transport: http description: MCP adapter for Agent API — Violations. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: get-violations-result-policy-enforcement description: Get violations as a result of policy enforcement on messages. hints: readOnly: true destructive: false idempotent: true call: symphony-agent-violations.get with: startTime: tools.startTime endTime: tools.endTime next: tools.next limit: tools.limit sessionToken: tools.sessionToken keyManagerToken: tools.keyManagerToken outputParameters: - type: object mapping: $. - name: get-violations-result-policy-enforcement-2 description: Get violations as a result of policy enforcement on signals. hints: readOnly: true destructive: false idempotent: true call: symphony-agent-violations.get with: startTime: tools.startTime endTime: tools.endTime next: tools.next limit: tools.limit sessionToken: tools.sessionToken keyManagerToken: tools.keyManagerToken outputParameters: - type: object mapping: $. - name: get-violations-result-policy-enforcement-3 description: Get violations as a result of policy enforcement on streams. hints: readOnly: true destructive: false idempotent: true call: symphony-agent-violations.get with: startTime: tools.startTime endTime: tools.endTime next: tools.next limit: tools.limit sessionToken: tools.sessionToken keyManagerToken: tools.keyManagerToken outputParameters: - type: object mapping: $. - name: get-attachments-that-were-sent description: Get attachments that were sent as part of messages that were flagged by the DLP System. hints: readOnly: true destructive: false idempotent: true call: symphony-agent-violations.get with: fileId: tools.fileId violationId: tools.violationId sessionToken: tools.sessionToken keyManagerToken: tools.keyManagerToken outputParameters: - type: object mapping: $. - name: get-violations-result-policy-enforcement-4 description: Get violations as a result of policy enforcement on messages. hints: readOnly: true destructive: false idempotent: true call: symphony-agent-violations.get with: startTime: tools.startTime endTime: tools.endTime next: tools.next limit: tools.limit sessionToken: tools.sessionToken keyManagerToken: tools.keyManagerToken outputParameters: - type: object mapping: $. - name: get-violations-result-policy-enforcement-5 description: Get violations as a result of policy enforcement on signals. hints: readOnly: true destructive: false idempotent: true call: symphony-agent-violations.get with: startTime: tools.startTime endTime: tools.endTime next: tools.next limit: tools.limit sessionToken: tools.sessionToken keyManagerToken: tools.keyManagerToken outputParameters: - type: object mapping: $. - name: get-violations-result-policy-enforcement-6 description: Get violations as a result of policy enforcement on streams. hints: readOnly: true destructive: false idempotent: true call: symphony-agent-violations.get with: startTime: tools.startTime endTime: tools.endTime next: tools.next limit: tools.limit sessionToken: tools.sessionToken keyManagerToken: tools.keyManagerToken outputParameters: - type: object mapping: $.