naftiko: 1.0.0-alpha2 info: label: Gravitee.io - Access Management API — Password Policy description: 'Gravitee.io - Access Management API — Password Policy. 8 operations. Lead operation: List registered password policies for a security domain. Self-contained Naftiko capability covering one Gravitee business surface.' tags: - Gravitee - Password Policy created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: GRAVITEE_API_KEY: GRAVITEE_API_KEY capability: consumes: - type: http namespace: am-password-policy baseUri: '' description: Gravitee.io - Access Management API — Password Policy business capability. Self-contained, no shared references. resources: - name: organizations-organizationId-environments-environmentId-domains-domain-password- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies operations: - name: listpasswordpolicies method: GET description: List registered password policies for a security domain outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: createpasswordpolicy method: POST description: Create a password policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true - name: organizations-organizationId-environments-environmentId-domains-domain-password- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies/activePolicy operations: - name: geteffectivepasswordpolicy method: GET description: '' outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: identity in: query type: string - name: organizations-organizationId-environments-environmentId-domains-domain-password- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies/{policy} operations: - name: getpasswordpolicy method: GET description: Read a password policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: policy in: path type: string required: true - name: updatepasswordpolicy method: PUT description: Update a password policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: policy in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true - name: deletepasswordpolicy method: DELETE description: Delete a password policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: policy in: path type: string required: true - name: organizations-organizationId-environments-environmentId-domains-domain-password- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies/{policy}/default operations: - name: setdefaultpolicy method: POST description: Set default policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: policy in: path type: string required: true - name: organizations-organizationId-environments-environmentId-domains-domain-password- path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies/{policy}/evaluate operations: - name: evaluatepolicy method: POST description: '' outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: organizationId in: path type: string required: true - name: environmentId in: path type: string required: true - name: domain in: path type: string required: true - name: policy in: path type: string required: true authentication: type: bearer token: '{{env.GRAVITEE_API_KEY}}' exposes: - type: rest namespace: am-password-policy-rest port: 8080 description: REST adapter for Gravitee.io - Access Management API — Password Policy. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies name: organizations-organizationid-environments-environmentid-domains-domain-password description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-password-. operations: - method: GET name: listpasswordpolicies description: List registered password policies for a security domain call: am-password-policy.listpasswordpolicies with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain outputParameters: - type: object mapping: $. - method: POST name: createpasswordpolicy description: Create a password policy call: am-password-policy.createpasswordpolicy with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain body: rest.body outputParameters: - type: object mapping: $. - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/activepolicy name: organizations-organizationid-environments-environmentid-domains-domain-password description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-password-. operations: - method: GET name: geteffectivepasswordpolicy description: geteffectivepasswordpolicy call: am-password-policy.geteffectivepasswordpolicy with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain identity: rest.identity outputParameters: - type: object mapping: $. - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/{policy} name: organizations-organizationid-environments-environmentid-domains-domain-password description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-password-. operations: - method: GET name: getpasswordpolicy description: Read a password policy call: am-password-policy.getpasswordpolicy with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain policy: rest.policy outputParameters: - type: object mapping: $. - method: PUT name: updatepasswordpolicy description: Update a password policy call: am-password-policy.updatepasswordpolicy with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain policy: rest.policy body: rest.body outputParameters: - type: object mapping: $. - method: DELETE name: deletepasswordpolicy description: Delete a password policy call: am-password-policy.deletepasswordpolicy with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain policy: rest.policy outputParameters: - type: object mapping: $. - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/{policy}/default name: organizations-organizationid-environments-environmentid-domains-domain-password description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-password-. operations: - method: POST name: setdefaultpolicy description: Set default policy call: am-password-policy.setdefaultpolicy with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain policy: rest.policy outputParameters: - type: object mapping: $. - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/{policy}/evaluate name: organizations-organizationid-environments-environmentid-domains-domain-password description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-password-. operations: - method: POST name: evaluatepolicy description: evaluatepolicy call: am-password-policy.evaluatepolicy with: organizationId: rest.organizationId environmentId: rest.environmentId domain: rest.domain policy: rest.policy outputParameters: - type: object mapping: $. - type: mcp namespace: am-password-policy-mcp port: 9090 transport: http description: MCP adapter for Gravitee.io - Access Management API — Password Policy. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: list-registered-password-policies-security description: List registered password policies for a security domain hints: readOnly: true destructive: false idempotent: true call: am-password-policy.listpasswordpolicies with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain outputParameters: - type: object mapping: $. - name: create-password-policy description: Create a password policy hints: readOnly: false destructive: false idempotent: false call: am-password-policy.createpasswordpolicy with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain body: tools.body outputParameters: - type: object mapping: $. - name: geteffectivepasswordpolicy description: geteffectivepasswordpolicy hints: readOnly: true destructive: false idempotent: true call: am-password-policy.geteffectivepasswordpolicy with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain identity: tools.identity outputParameters: - type: object mapping: $. - name: read-password-policy description: Read a password policy hints: readOnly: true destructive: false idempotent: true call: am-password-policy.getpasswordpolicy with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain policy: tools.policy outputParameters: - type: object mapping: $. - name: update-password-policy description: Update a password policy hints: readOnly: false destructive: false idempotent: true call: am-password-policy.updatepasswordpolicy with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain policy: tools.policy body: tools.body outputParameters: - type: object mapping: $. - name: delete-password-policy description: Delete a password policy hints: readOnly: false destructive: true idempotent: true call: am-password-policy.deletepasswordpolicy with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain policy: tools.policy outputParameters: - type: object mapping: $. - name: set-default-policy description: Set default policy hints: readOnly: false destructive: false idempotent: false call: am-password-policy.setdefaultpolicy with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain policy: tools.policy outputParameters: - type: object mapping: $. - name: evaluatepolicy description: evaluatepolicy hints: readOnly: false destructive: false idempotent: false call: am-password-policy.evaluatepolicy with: organizationId: tools.organizationId environmentId: tools.environmentId domain: tools.domain policy: tools.policy outputParameters: - type: object mapping: $.