naftiko: 1.0.0-alpha2 info: label: Prismatic GraphQL API — Authentication description: 'Prismatic GraphQL API — Authentication. 3 operations. Lead operation: Prismatic Refresh Authentication Token. Self-contained Naftiko capability covering one Prismatic business surface.' tags: - Prismatic - Authentication created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: PRISMATIC_API_KEY: PRISMATIC_API_KEY capability: consumes: - type: http namespace: graphql-authentication baseUri: https://app.prismatic.io description: Prismatic GraphQL API — Authentication business capability. Self-contained, no shared references. resources: - name: auth-refresh path: /auth/refresh operations: - name: refreshauthtoken method: POST description: Prismatic Refresh Authentication Token outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: auth-revoke path: /auth/revoke operations: - name: revokeauthtoken method: POST description: Prismatic Revoke Refresh Token outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: get_auth_token path: /get_auth_token/ operations: - name: getauthtoken method: GET description: Prismatic Get Short-Lived Auth Token outputRawFormat: json outputParameters: - name: result type: object value: $. authentication: type: bearer token: '{{env.PRISMATIC_API_KEY}}' exposes: - type: rest namespace: graphql-authentication-rest port: 8080 description: REST adapter for Prismatic GraphQL API — Authentication. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/auth/refresh name: auth-refresh description: REST surface for auth-refresh. operations: - method: POST name: refreshauthtoken description: Prismatic Refresh Authentication Token call: graphql-authentication.refreshauthtoken with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/auth/revoke name: auth-revoke description: REST surface for auth-revoke. operations: - method: POST name: revokeauthtoken description: Prismatic Revoke Refresh Token call: graphql-authentication.revokeauthtoken with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/get-auth-token name: get-auth-token description: REST surface for get_auth_token. operations: - method: GET name: getauthtoken description: Prismatic Get Short-Lived Auth Token call: graphql-authentication.getauthtoken outputParameters: - type: object mapping: $. - type: mcp namespace: graphql-authentication-mcp port: 9090 transport: http description: MCP adapter for Prismatic GraphQL API — Authentication. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: prismatic-refresh-authentication-token description: Prismatic Refresh Authentication Token hints: readOnly: false destructive: false idempotent: false call: graphql-authentication.refreshauthtoken with: body: tools.body outputParameters: - type: object mapping: $. - name: prismatic-revoke-refresh-token description: Prismatic Revoke Refresh Token hints: readOnly: false destructive: false idempotent: false call: graphql-authentication.revokeauthtoken with: body: tools.body outputParameters: - type: object mapping: $. - name: prismatic-get-short-lived-auth description: Prismatic Get Short-Lived Auth Token hints: readOnly: true destructive: false idempotent: true call: graphql-authentication.getauthtoken outputParameters: - type: object mapping: $.