naftiko: 1.0.0-alpha2
info:
  label: OpenFGA — Authorization Models
  description: 'OpenFGA — Authorization Models. 3 operations. Lead operation: Return all the authorization models for a particular
    store. Self-contained Naftiko capability covering one Openfga business surface.'
  tags:
  - Openfga
  - Authorization Models
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    OPENFGA_API_KEY: OPENFGA_API_KEY
capability:
  consumes:
  - type: http
    namespace: openfga-authorization-models
    baseUri: ''
    description: OpenFGA — Authorization Models business capability. Self-contained, no shared references.
    resources:
    - name: stores-store_id-authorization-models
      path: /stores/{store_id}/authorization-models
      operations:
      - name: readauthorizationmodels
        method: GET
        description: Return all the authorization models for a particular store
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: store_id
          in: path
          type: string
          required: true
        - name: page_size
          in: query
          type: integer
        - name: continuation_token
          in: query
          type: string
      - name: writeauthorizationmodel
        method: POST
        description: Create a new authorization model
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: store_id
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          required: true
    - name: stores-store_id-authorization-models-id
      path: /stores/{store_id}/authorization-models/{id}
      operations:
      - name: readauthorizationmodel
        method: GET
        description: Return a particular version of an authorization model
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: store_id
          in: path
          type: string
          required: true
        - name: id
          in: path
          type: string
          required: true
  exposes:
  - type: rest
    namespace: openfga-authorization-models-rest
    port: 8080
    description: REST adapter for OpenFGA — Authorization Models. One Spectral-compliant resource per consumed operation,
      prefixed with /v1.
    resources:
    - path: /v1/stores/{store-id}/authorization-models
      name: stores-store-id-authorization-models
      description: REST surface for stores-store_id-authorization-models.
      operations:
      - method: GET
        name: readauthorizationmodels
        description: Return all the authorization models for a particular store
        call: openfga-authorization-models.readauthorizationmodels
        with:
          store_id: rest.store_id
          page_size: rest.page_size
          continuation_token: rest.continuation_token
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: writeauthorizationmodel
        description: Create a new authorization model
        call: openfga-authorization-models.writeauthorizationmodel
        with:
          store_id: rest.store_id
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/stores/{store-id}/authorization-models/{id}
      name: stores-store-id-authorization-models-id
      description: REST surface for stores-store_id-authorization-models-id.
      operations:
      - method: GET
        name: readauthorizationmodel
        description: Return a particular version of an authorization model
        call: openfga-authorization-models.readauthorizationmodel
        with:
          store_id: rest.store_id
          id: rest.id
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: openfga-authorization-models-mcp
    port: 9090
    transport: http
    description: MCP adapter for OpenFGA — Authorization Models. One tool per consumed operation, routed inline through this
      capability's consumes block.
    tools:
    - name: return-all-authorization-models-particular
      description: Return all the authorization models for a particular store
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: openfga-authorization-models.readauthorizationmodels
      with:
        store_id: tools.store_id
        page_size: tools.page_size
        continuation_token: tools.continuation_token
      outputParameters:
      - type: object
        mapping: $.
    - name: create-new-authorization-model
      description: Create a new authorization model
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: openfga-authorization-models.writeauthorizationmodel
      with:
        store_id: tools.store_id
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: return-particular-version-authorization-model
      description: Return a particular version of an authorization model
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: openfga-authorization-models.readauthorizationmodel
      with:
        store_id: tools.store_id
        id: tools.id
      outputParameters:
      - type: object
        mapping: $.