naftiko: 1.0.0-alpha2 info: label: Microsoft Entra Microsoft Graph Identity API — Groups description: 'Microsoft Entra Microsoft Graph Identity API — Groups. 8 operations. Lead operation: Microsoft Entra List Groups. Self-contained Naftiko capability covering one Microsoft Entra business surface.' tags: - Microsoft Entra - Groups created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: MICROSOFT_ENTRA_API_KEY: MICROSOFT_ENTRA_API_KEY capability: consumes: - type: http namespace: graph-identity-groups baseUri: https://graph.microsoft.com/v1.0 description: Microsoft Entra Microsoft Graph Identity API — Groups business capability. Self-contained, no shared references. resources: - name: groups path: /groups operations: - name: listgroups method: GET description: Microsoft Entra List Groups outputRawFormat: json outputParameters: - name: result type: object value: $. - name: creategroup method: POST description: Microsoft Entra Create Group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: groups-group-id path: /groups/{group-id} operations: - name: getgroup method: GET description: Microsoft Entra Get Group outputRawFormat: json outputParameters: - name: result type: object value: $. - name: updategroup method: PATCH description: Microsoft Entra Update Group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: deletegroup method: DELETE description: Microsoft Entra Delete Group outputRawFormat: json outputParameters: - name: result type: object value: $. - name: groups-group-id-members path: /groups/{group-id}/members operations: - name: listgroupmembers method: GET description: Microsoft Entra List Group Members outputRawFormat: json outputParameters: - name: result type: object value: $. - name: groups-group-id-members-$ref path: /groups/{group-id}/members/$ref operations: - name: addgroupmember method: POST description: Microsoft Entra Add Group Member outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: groups-group-id-members-directoryObject-id-$ref path: /groups/{group-id}/members/{directoryObject-id}/$ref operations: - name: removegroupmember method: DELETE description: Microsoft Entra Remove Group Member outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: directoryObject-id in: path type: string description: Unique identifier of the directory object to remove required: true authentication: type: bearer token: '{{env.MICROSOFT_ENTRA_API_KEY}}' exposes: - type: rest namespace: graph-identity-groups-rest port: 8080 description: REST adapter for Microsoft Entra Microsoft Graph Identity API — Groups. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/groups name: groups description: REST surface for groups. operations: - method: GET name: listgroups description: Microsoft Entra List Groups call: graph-identity-groups.listgroups outputParameters: - type: object mapping: $. - method: POST name: creategroup description: Microsoft Entra Create Group call: graph-identity-groups.creategroup with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/groups/{group-id} name: groups-group-id description: REST surface for groups-group-id. operations: - method: GET name: getgroup description: Microsoft Entra Get Group call: graph-identity-groups.getgroup outputParameters: - type: object mapping: $. - method: PATCH name: updategroup description: Microsoft Entra Update Group call: graph-identity-groups.updategroup with: body: rest.body outputParameters: - type: object mapping: $. - method: DELETE name: deletegroup description: Microsoft Entra Delete Group call: graph-identity-groups.deletegroup outputParameters: - type: object mapping: $. - path: /v1/groups/{group-id}/members name: groups-group-id-members description: REST surface for groups-group-id-members. operations: - method: GET name: listgroupmembers description: Microsoft Entra List Group Members call: graph-identity-groups.listgroupmembers outputParameters: - type: object mapping: $. - path: /v1/groups/{group-id}/members/ref name: groups-group-id-members-ref description: REST surface for groups-group-id-members-$ref. operations: - method: POST name: addgroupmember description: Microsoft Entra Add Group Member call: graph-identity-groups.addgroupmember with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/groups/{group-id}/members/{directoryobject-id}/ref name: groups-group-id-members-directoryobject-id-ref description: REST surface for groups-group-id-members-directoryObject-id-$ref. operations: - method: DELETE name: removegroupmember description: Microsoft Entra Remove Group Member call: graph-identity-groups.removegroupmember with: directoryObject-id: rest.directoryObject-id outputParameters: - type: object mapping: $. - type: mcp namespace: graph-identity-groups-mcp port: 9090 transport: http description: MCP adapter for Microsoft Entra Microsoft Graph Identity API — Groups. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: microsoft-entra-list-groups description: Microsoft Entra List Groups hints: readOnly: true destructive: false idempotent: true call: graph-identity-groups.listgroups outputParameters: - type: object mapping: $. - name: microsoft-entra-create-group description: Microsoft Entra Create Group hints: readOnly: false destructive: false idempotent: false call: graph-identity-groups.creategroup with: body: tools.body outputParameters: - type: object mapping: $. - name: microsoft-entra-get-group description: Microsoft Entra Get Group hints: readOnly: true destructive: false idempotent: true call: graph-identity-groups.getgroup outputParameters: - type: object mapping: $. - name: microsoft-entra-update-group description: Microsoft Entra Update Group hints: readOnly: false destructive: false idempotent: true call: graph-identity-groups.updategroup with: body: tools.body outputParameters: - type: object mapping: $. - name: microsoft-entra-delete-group description: Microsoft Entra Delete Group hints: readOnly: false destructive: true idempotent: true call: graph-identity-groups.deletegroup outputParameters: - type: object mapping: $. - name: microsoft-entra-list-group-members description: Microsoft Entra List Group Members hints: readOnly: true destructive: false idempotent: true call: graph-identity-groups.listgroupmembers outputParameters: - type: object mapping: $. - name: microsoft-entra-add-group-member description: Microsoft Entra Add Group Member hints: readOnly: false destructive: false idempotent: false call: graph-identity-groups.addgroupmember with: body: tools.body outputParameters: - type: object mapping: $. - name: microsoft-entra-remove-group-member description: Microsoft Entra Remove Group Member hints: readOnly: false destructive: true idempotent: true call: graph-identity-groups.removegroupmember with: directoryObject-id: tools.directoryObject-id outputParameters: - type: object mapping: $.