naftiko: 1.0.0-alpha2 info: label: ForgeRock Identity Management API — Audit description: 'ForgeRock Identity Management API — Audit. 2 operations. Lead operation: ForgeRock Query audit log entries. Self-contained Naftiko capability covering one Forgerock business surface.' tags: - Forgerock - Audit created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: FORGEROCK_API_KEY: FORGEROCK_API_KEY capability: consumes: - type: http namespace: identity-management-audit baseUri: https://{deployment}/openidm description: ForgeRock Identity Management API — Audit business capability. Self-contained, no shared references. resources: - name: audit-auditTopic path: /audit/{auditTopic} operations: - name: queryauditlogs method: GET description: ForgeRock Query audit log entries outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: auditTopic in: path type: string description: The audit topic to query required: true - name: audit-auditTopic-auditId path: /audit/{auditTopic}/{auditId} operations: - name: getauditlogentry method: GET description: ForgeRock Get an audit log entry outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: auditTopic in: path type: string description: The audit topic required: true - name: auditId in: path type: string description: The audit entry identifier required: true authentication: type: bearer token: '{{env.FORGEROCK_API_KEY}}' exposes: - type: rest namespace: identity-management-audit-rest port: 8080 description: REST adapter for ForgeRock Identity Management API — Audit. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/audit/{audittopic} name: audit-audittopic description: REST surface for audit-auditTopic. operations: - method: GET name: queryauditlogs description: ForgeRock Query audit log entries call: identity-management-audit.queryauditlogs with: auditTopic: rest.auditTopic outputParameters: - type: object mapping: $. - path: /v1/audit/{audittopic}/{auditid} name: audit-audittopic-auditid description: REST surface for audit-auditTopic-auditId. operations: - method: GET name: getauditlogentry description: ForgeRock Get an audit log entry call: identity-management-audit.getauditlogentry with: auditTopic: rest.auditTopic auditId: rest.auditId outputParameters: - type: object mapping: $. - type: mcp namespace: identity-management-audit-mcp port: 9090 transport: http description: MCP adapter for ForgeRock Identity Management API — Audit. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: forgerock-query-audit-log-entries description: ForgeRock Query audit log entries hints: readOnly: true destructive: false idempotent: true call: identity-management-audit.queryauditlogs with: auditTopic: tools.auditTopic outputParameters: - type: object mapping: $. - name: forgerock-get-audit-log-entry description: ForgeRock Get an audit log entry hints: readOnly: true destructive: false idempotent: true call: identity-management-audit.getauditlogentry with: auditTopic: tools.auditTopic auditId: tools.auditId outputParameters: - type: object mapping: $.