naftiko: 1.0.0-alpha2 info: label: Kinde Management API — Roles and Permissions description: 'Kinde Management API — Roles and Permissions. Manages role-based access control: list/create/ update/delete roles, list/create/update/delete permissions, attach permissions to roles, and list users associated with a role. Forms the authorization backbone alongside the per-organization role assignments in the Organizations capability. Self-contained Naftiko capability covering one Kinde business surface.' tags: - Kinde - Roles - Permissions - RBAC - Authorization created: '2026-05-22' modified: '2026-05-22' binds: - namespace: env keys: KINDE_SUBDOMAIN: KINDE_SUBDOMAIN KINDE_ACCESS_TOKEN: KINDE_ACCESS_TOKEN capability: consumes: - type: http namespace: kinde-roles-permissions baseUri: https://{KINDE_SUBDOMAIN}.kinde.com/api/v1 description: Kinde Management API — Roles and Permissions business capability. Self-contained, no shared references. resources: - name: roles path: /roles operations: - name: getRoles method: GET description: List all roles in the business. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: page_size in: query type: integer - name: createRole method: POST description: Create a new role. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object required: true - name: role path: /roles/{role_id} operations: - name: updateRole method: PATCH description: Update a role's name, key, or description. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: role_id in: path type: string required: true - name: body in: body type: object required: true - name: deleteRole method: DELETE description: Delete a role. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: role_id in: path type: string required: true - name: role-permissions path: /roles/{role_id}/permissions operations: - name: getRolePermissions method: GET description: List permissions attached to a role. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: role_id in: path type: string required: true - name: updateRolePermissions method: PATCH description: Add/remove permissions on a role. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: role_id in: path type: string required: true - name: body in: body type: object required: true - name: permissions path: /permissions operations: - name: getPermissions method: GET description: List all permissions in the business. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: page_size in: query type: integer - name: createPermission method: POST description: Create a new permission. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object required: true