naftiko: 1.0.0-alpha2 info: label: Gravitee.io - Access Management API — identity provider description: 'Gravitee.io - Access Management API — identity provider. 11 operations. Lead operation: List registered identity providers for a security domain. Self-contained Naftiko capability covering one Gravitee business surface.' tags: - Gravitee - identity provider created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: GRAVITEE_API_KEY: GRAVITEE_API_KEY capability: consumes: - type: http namespace: am-identity-provider-2 baseUri: '' description: Gravitee.io - Access Management API — identity provider business capability. Self-contained, no shared references. resources: - name: organizations-organizationId-environments-environmentId-domains-domain-identitie path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/identities operations: - name: listidentityproviders method: GET description: List registered identity providers for a security domain outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: userProvider in: query type: boolean - name: createidentityprovider method: POST description: Create an identity provider outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true - name: organizations-organizationId-environments-environmentId-domains-domain-identitie path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/identities/{identity} operations: - name: findidentityprovider method: GET description: Get an identity provider outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: identity in: path type: string required: true - name: updateidentityprovider method: PUT description: Update an identity provider outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: identity in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true - name: deleteidentityprovider method: DELETE description: Delete an identity provider outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: identity in: path type: string required: true - name: organizations-organizationId-environments-environmentId-domains-domain-identitie path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/identities/{identity}/password-policy operations: - name: assignpasswordpolicytoidp method: PUT description: Assign password policy to identity provider outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: identity in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true - name: organizations-organizationId-identities path: /organizations/{organizationId}/identities operations: - name: listidentityproviders1 method: GET description: List registered identity providers of the organization outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: userProvider in: query type: boolean - name: createidentityprovider1 method: POST description: Create an identity provider for the organization outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true - name: organizations-organizationId-identities-identity path: /organizations/{organizationId}/identities/{identity} operations: - name: getidentityprovider method: GET description: Get an identity provider outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: identity in: path type: string required: true - name: updateidentityprovider1 method: PUT description: Update an identity provider outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: identity in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true - name: deleteidentityprovider1 method: DELETE description: Delete an identity provider outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: identity in: path type: string required: true authentication: type: bearer token: '{{env.GRAVITEE_API_KEY}}' exposes: - type: rest namespace: am-identity-provider-2-rest port: 8080 description: REST adapter for Gravitee.io - Access Management API — identity provider. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/identities name: organizations-organizationid-environments-environmentid-domains-domain-identitie description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-identitie. operations: - method: GET name: listidentityproviders description: List registered identity providers for a security domain call: am-identity-provider-2.listidentityproviders with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain userProvider: rest.userProvider outputParameters: - type: object mapping: $. - method: POST name: createidentityprovider description: Create an identity provider call: am-identity-provider-2.createidentityprovider with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain body: rest.body outputParameters: - type: object mapping: $. - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/identities/{identity} name: organizations-organizationid-environments-environmentid-domains-domain-identitie description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-identitie. operations: - method: GET name: findidentityprovider description: Get an identity provider call: am-identity-provider-2.findidentityprovider with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain identity: rest.identity outputParameters: - type: object mapping: $. - method: PUT name: updateidentityprovider description: Update an identity provider call: am-identity-provider-2.updateidentityprovider with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain identity: rest.identity body: rest.body outputParameters: - type: object mapping: $. - method: DELETE name: deleteidentityprovider description: Delete an identity provider call: am-identity-provider-2.deleteidentityprovider with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain identity: rest.identity outputParameters: - type: object mapping: $. - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/identities/{identity}/password-policy name: organizations-organizationid-environments-environmentid-domains-domain-identitie description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-identitie. operations: - method: PUT name: assignpasswordpolicytoidp description: Assign password policy to identity provider call: am-identity-provider-2.assignpasswordpolicytoidp with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain identity: rest.identity body: rest.body outputParameters: - type: object mapping: $. - path: /v1/organizations/{organizationid}/identities name: organizations-organizationid-identities description: REST surface for organizations-organizationId-identities. operations: - method: GET name: listidentityproviders1 description: List registered identity providers of the organization call: am-identity-provider-2.listidentityproviders1 with: organizationId: rest.organizationId userProvider: rest.userProvider outputParameters: - type: object mapping: $. - method: POST name: createidentityprovider1 description: Create an identity provider for the organization call: am-identity-provider-2.createidentityprovider1 with: organizationId: rest.organizationId body: rest.body outputParameters: - type: object mapping: $. - path: /v1/organizations/{organizationid}/identities/{identity} name: organizations-organizationid-identities-identity description: REST surface for organizations-organizationId-identities-identity. operations: - method: GET name: getidentityprovider description: Get an identity provider call: am-identity-provider-2.getidentityprovider with: organizationId: rest.organizationId identity: rest.identity outputParameters: - type: object mapping: $. - method: PUT name: updateidentityprovider1 description: Update an identity provider call: am-identity-provider-2.updateidentityprovider1 with: organizationId: rest.organizationId identity: rest.identity body: rest.body outputParameters: - type: object mapping: $. - method: DELETE name: deleteidentityprovider1 description: Delete an identity provider call: am-identity-provider-2.deleteidentityprovider1 with: organizationId: rest.organizationId identity: rest.identity outputParameters: - type: object mapping: $. - type: mcp namespace: am-identity-provider-2-mcp port: 9090 transport: http description: MCP adapter for Gravitee.io - Access Management API — identity provider. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: list-registered-identity-providers-security description: List registered identity providers for a security domain hints: readOnly: true destructive: false idempotent: true call: am-identity-provider-2.listidentityproviders with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain userProvider: tools.userProvider outputParameters: - type: object mapping: $. - name: create-identity-provider description: Create an identity provider hints: readOnly: false destructive: false idempotent: false call: am-identity-provider-2.createidentityprovider with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain body: tools.body outputParameters: - type: object mapping: $. - name: get-identity-provider description: Get an identity provider hints: readOnly: true destructive: false idempotent: true call: am-identity-provider-2.findidentityprovider with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain identity: tools.identity outputParameters: - type: object mapping: $. - name: update-identity-provider description: Update an identity provider hints: readOnly: false destructive: false idempotent: true call: am-identity-provider-2.updateidentityprovider with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain identity: tools.identity body: tools.body outputParameters: - type: object mapping: $. - name: delete-identity-provider description: Delete an identity provider hints: readOnly: false destructive: true idempotent: true call: am-identity-provider-2.deleteidentityprovider with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain identity: tools.identity outputParameters: - type: object mapping: $. - name: assign-password-policy-identity-provider description: Assign password policy to identity provider hints: readOnly: false destructive: false idempotent: true call: am-identity-provider-2.assignpasswordpolicytoidp with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain identity: tools.identity body: tools.body outputParameters: - type: object mapping: $. - name: list-registered-identity-providers-organization description: List registered identity providers of the organization hints: readOnly: true destructive: false idempotent: true call: am-identity-provider-2.listidentityproviders1 with: organizationId: tools.organizationId userProvider: tools.userProvider outputParameters: - type: object mapping: $. - name: create-identity-provider-organization description: Create an identity provider for the organization hints: readOnly: false destructive: false idempotent: false call: am-identity-provider-2.createidentityprovider1 with: organizationId: tools.organizationId body: tools.body outputParameters: - type: object mapping: $. - name: get-identity-provider-2 description: Get an identity provider hints: readOnly: true destructive: false idempotent: true call: am-identity-provider-2.getidentityprovider with: organizationId: tools.organizationId identity: tools.identity outputParameters: - type: object mapping: $. - name: update-identity-provider-2 description: Update an identity provider hints: readOnly: false destructive: false idempotent: true call: am-identity-provider-2.updateidentityprovider1 with: organizationId: tools.organizationId identity: tools.identity body: tools.body outputParameters: - type: object mapping: $. - name: delete-identity-provider-2 description: Delete an identity provider hints: readOnly: false destructive: true idempotent: true call: am-identity-provider-2.deleteidentityprovider1 with: organizationId: tools.organizationId identity: tools.identity outputParameters: - type: object mapping: $.