naftiko: 1.0.0-alpha2 info: label: 'Prisma Cloud: Managed Security Service Provider (MSSP) — User Authentication' description: 'Prisma Cloud: Managed Security Service Provider (MSSP) — User Authentication. 2 operations. Lead operation: Palo Alto Networks Login with Username and Password. Self-contained Naftiko capability covering one Palo Alto Networks business surface.' tags: - Palo Alto Networks - User Authentication created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: PALO_ALTO_NETWORKS_API_KEY: PALO_ALTO_NETWORKS_API_KEY capability: consumes: - type: http namespace: palo-alto-prisma-cloud-mssp-user-authentication baseUri: https://mssp-api.prismacloud.io description: 'Prisma Cloud: Managed Security Service Provider (MSSP) — User Authentication business capability. Self-contained, no shared references.' resources: - name: api-v1-login path: /api/v1/login operations: - name: processlogin method: POST description: Palo Alto Networks Login with Username and Password outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: api-v1-mssp-mssp-id-token-refresh path: /api/v1/mssp/{mssp-id}/token-refresh operations: - name: refreshtoken method: GET description: Palo Alto Networks Refresh User JWT outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: mssp-id in: path type: string description: MSSP Id required: true authentication: type: bearer token: '{{env.PALO_ALTO_NETWORKS_API_KEY}}' exposes: - type: rest namespace: palo-alto-prisma-cloud-mssp-user-authentication-rest port: 8080 description: 'REST adapter for Prisma Cloud: Managed Security Service Provider (MSSP) — User Authentication. One Spectral-compliant resource per consumed operation, prefixed with /v1.' resources: - path: /v1/api/v1/login name: api-v1-login description: REST surface for api-v1-login. operations: - method: POST name: processlogin description: Palo Alto Networks Login with Username and Password call: palo-alto-prisma-cloud-mssp-user-authentication.processlogin with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/api/v1/mssp/{mssp-id}/token-refresh name: api-v1-mssp-mssp-id-token-refresh description: REST surface for api-v1-mssp-mssp-id-token-refresh. operations: - method: GET name: refreshtoken description: Palo Alto Networks Refresh User JWT call: palo-alto-prisma-cloud-mssp-user-authentication.refreshtoken with: mssp-id: rest.mssp-id outputParameters: - type: object mapping: $. - type: mcp namespace: palo-alto-prisma-cloud-mssp-user-authentication-mcp port: 9090 transport: http description: 'MCP adapter for Prisma Cloud: Managed Security Service Provider (MSSP) — User Authentication. One tool per consumed operation, routed inline through this capability''s consumes block.' tools: - name: palo-alto-networks-login-username description: Palo Alto Networks Login with Username and Password hints: readOnly: false destructive: false idempotent: false call: palo-alto-prisma-cloud-mssp-user-authentication.processlogin with: body: tools.body outputParameters: - type: object mapping: $. - name: palo-alto-networks-refresh-user description: Palo Alto Networks Refresh User JWT hints: readOnly: true destructive: false idempotent: true call: palo-alto-prisma-cloud-mssp-user-authentication.refreshtoken with: mssp-id: tools.mssp-id outputParameters: - type: object mapping: $.