naftiko: 1.0.0-alpha2 info: label: Passbolt API — Authentication (GPGAuth) description: 'Passbolt API — Authentication (GPGAuth). 5 operations. Lead operation: Check authentication status.. Self-contained Naftiko capability covering one Passbolt business surface.' tags: - Passbolt - Authentication (GPGAuth) created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: PASSBOLT_API_KEY: PASSBOLT_API_KEY capability: consumes: - type: http namespace: passbolt-authentication-gpgauth baseUri: https://passbolt.local description: Passbolt API — Authentication (GPGAuth) business capability. Self-contained, no shared references. resources: - name: auth-is-authenticated.json path: /auth/is-authenticated.json operations: - name: viewauthisauthenticated method: GET description: Check authentication status. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-login.json path: /auth/login.json operations: - name: authlogin method: POST description: Log in. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: false - name: auth-logout.json path: /auth/logout.json operations: - name: authlogout method: POST description: Log out. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: auth-verify.json path: /auth/verify.json operations: - name: viewauthverify method: GET description: Get the server's public PGP key. outputRawFormat: json outputParameters: - name: result type: object value: $. - name: checkauthverify method: POST description: Verify the server's identity. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: false authentication: type: bearer token: '{{env.PASSBOLT_API_KEY}}' exposes: - type: rest namespace: passbolt-authentication-gpgauth-rest port: 8080 description: REST adapter for Passbolt API — Authentication (GPGAuth). One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/auth/is-authenticated-json name: auth-is-authenticated-json description: REST surface for auth-is-authenticated.json. operations: - method: GET name: viewauthisauthenticated description: Check authentication status. call: passbolt-authentication-gpgauth.viewauthisauthenticated outputParameters: - type: object mapping: $. - path: /v1/auth/login-json name: auth-login-json description: REST surface for auth-login.json. operations: - method: POST name: authlogin description: Log in. call: passbolt-authentication-gpgauth.authlogin with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/auth/logout-json name: auth-logout-json description: REST surface for auth-logout.json. operations: - method: POST name: authlogout description: Log out. call: passbolt-authentication-gpgauth.authlogout outputParameters: - type: object mapping: $. - path: /v1/auth/verify-json name: auth-verify-json description: REST surface for auth-verify.json. operations: - method: GET name: viewauthverify description: Get the server's public PGP key. call: passbolt-authentication-gpgauth.viewauthverify outputParameters: - type: object mapping: $. - method: POST name: checkauthverify description: Verify the server's identity. call: passbolt-authentication-gpgauth.checkauthverify with: body: rest.body outputParameters: - type: object mapping: $. - type: mcp namespace: passbolt-authentication-gpgauth-mcp port: 9090 transport: http description: MCP adapter for Passbolt API — Authentication (GPGAuth). One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: check-authentication-status description: Check authentication status. hints: readOnly: true destructive: false idempotent: true call: passbolt-authentication-gpgauth.viewauthisauthenticated outputParameters: - type: object mapping: $. - name: log description: Log in. hints: readOnly: false destructive: false idempotent: false call: passbolt-authentication-gpgauth.authlogin with: body: tools.body outputParameters: - type: object mapping: $. - name: log-out description: Log out. hints: readOnly: false destructive: false idempotent: false call: passbolt-authentication-gpgauth.authlogout outputParameters: - type: object mapping: $. - name: get-server-s-public-pgp-key description: Get the server's public PGP key. hints: readOnly: true destructive: false idempotent: true call: passbolt-authentication-gpgauth.viewauthverify outputParameters: - type: object mapping: $. - name: verify-server-s-identity description: Verify the server's identity. hints: readOnly: false destructive: false idempotent: false call: passbolt-authentication-gpgauth.checkauthverify with: body: tools.body outputParameters: - type: object mapping: $.