naftiko: 1.0.0-alpha2 info: label: HashiCorp Vault Vault Identity API — Group description: 'HashiCorp Vault Vault Identity API — Group. 8 operations. Lead operation: HashiCorp Vault Create group. Self-contained Naftiko capability covering one Hvault business surface.' tags: - Hvault - Group created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: HVAULT_API_KEY: HVAULT_API_KEY capability: consumes: - type: http namespace: identity-group baseUri: https://vault.example.com/v1 description: HashiCorp Vault Vault Identity API — Group business capability. Self-contained, no shared references. resources: - name: identity-group path: /identity/group operations: - name: creategroup method: POST description: HashiCorp Vault Create group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: listgroups method: GET description: HashiCorp Vault List groups outputRawFormat: json outputParameters: - name: result type: object value: $. - name: identity-group-id-id path: /identity/group/id/{id} operations: - name: readgroupbyid method: GET description: HashiCorp Vault Read group by ID outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string description: Group ID required: true - name: updategroupbyid method: POST description: HashiCorp Vault Update group by ID outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string description: Group ID required: true - name: body in: body type: object description: Request body (JSON). required: true - name: deletegroupbyid method: DELETE description: HashiCorp Vault Delete group by ID outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string description: Group ID required: true - name: identity-group-name-name path: /identity/group/name/{name} operations: - name: readgroupbyname method: GET description: HashiCorp Vault Read group by name outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: name in: path type: string description: Name of the group required: true - name: updategroupbyname method: POST description: HashiCorp Vault Update group by name outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: name in: path type: string description: Name of the group required: true - name: body in: body type: object description: Request body (JSON). required: true - name: deletegroupbyname method: DELETE description: HashiCorp Vault Delete group by name outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: name in: path type: string description: Name of the group required: true authentication: type: apikey key: X-Vault-Token value: '{{env.HVAULT_API_KEY}}' placement: header exposes: - type: rest namespace: identity-group-rest port: 8080 description: REST adapter for HashiCorp Vault Vault Identity API — Group. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/identity/group name: identity-group description: REST surface for identity-group. operations: - method: POST name: creategroup description: HashiCorp Vault Create group call: identity-group.creategroup with: body: rest.body outputParameters: - type: object mapping: $. - method: GET name: listgroups description: HashiCorp Vault List groups call: identity-group.listgroups outputParameters: - type: object mapping: $. - path: /v1/identity/group/id/{id} name: identity-group-id-id description: REST surface for identity-group-id-id. operations: - method: GET name: readgroupbyid description: HashiCorp Vault Read group by ID call: identity-group.readgroupbyid with: id: rest.id outputParameters: - type: object mapping: $. - method: POST name: updategroupbyid description: HashiCorp Vault Update group by ID call: identity-group.updategroupbyid with: id: rest.id body: rest.body outputParameters: - type: object mapping: $. - method: DELETE name: deletegroupbyid description: HashiCorp Vault Delete group by ID call: identity-group.deletegroupbyid with: id: rest.id outputParameters: - type: object mapping: $. - path: /v1/identity/group/name/{name} name: identity-group-name-name description: REST surface for identity-group-name-name. operations: - method: GET name: readgroupbyname description: HashiCorp Vault Read group by name call: identity-group.readgroupbyname with: name: rest.name outputParameters: - type: object mapping: $. - method: POST name: updategroupbyname description: HashiCorp Vault Update group by name call: identity-group.updategroupbyname with: name: rest.name body: rest.body outputParameters: - type: object mapping: $. - method: DELETE name: deletegroupbyname description: HashiCorp Vault Delete group by name call: identity-group.deletegroupbyname with: name: rest.name outputParameters: - type: object mapping: $. - type: mcp namespace: identity-group-mcp port: 9090 transport: http description: MCP adapter for HashiCorp Vault Vault Identity API — Group. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: hashicorp-vault-create-group description: HashiCorp Vault Create group hints: readOnly: false destructive: false idempotent: false call: identity-group.creategroup with: body: tools.body outputParameters: - type: object mapping: $. - name: hashicorp-vault-list-groups description: HashiCorp Vault List groups hints: readOnly: true destructive: false idempotent: true call: identity-group.listgroups outputParameters: - type: object mapping: $. - name: hashicorp-vault-read-group-id description: HashiCorp Vault Read group by ID hints: readOnly: true destructive: false idempotent: true call: identity-group.readgroupbyid with: id: tools.id outputParameters: - type: object mapping: $. - name: hashicorp-vault-update-group-id description: HashiCorp Vault Update group by ID hints: readOnly: false destructive: false idempotent: false call: identity-group.updategroupbyid with: id: tools.id body: tools.body outputParameters: - type: object mapping: $. - name: hashicorp-vault-delete-group-id description: HashiCorp Vault Delete group by ID hints: readOnly: false destructive: true idempotent: true call: identity-group.deletegroupbyid with: id: tools.id outputParameters: - type: object mapping: $. - name: hashicorp-vault-read-group-name description: HashiCorp Vault Read group by name hints: readOnly: true destructive: false idempotent: true call: identity-group.readgroupbyname with: name: tools.name outputParameters: - type: object mapping: $. - name: hashicorp-vault-update-group-name description: HashiCorp Vault Update group by name hints: readOnly: false destructive: false idempotent: false call: identity-group.updategroupbyname with: name: tools.name body: tools.body outputParameters: - type: object mapping: $. - name: hashicorp-vault-delete-group-name description: HashiCorp Vault Delete group by name hints: readOnly: false destructive: true idempotent: true call: identity-group.deletegroupbyname with: name: tools.name outputParameters: - type: object mapping: $.