naftiko: 1.0.0-alpha2 info: label: RingCentral API — OAuth 2.0 / OpenID Connect description: 'RingCentral API — OAuth 2.0 / OpenID Connect. 4 operations. Lead operation: OAuth 2.0 Authorization Endpoint. Self-contained Naftiko capability covering one Ringcentral business surface.' tags: - Ringcentral - OAuth 2.0 / OpenID Connect created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: RINGCENTRAL_API_KEY: RINGCENTRAL_API_KEY capability: consumes: - type: http namespace: platform-oauth-2-0-openid-connect baseUri: https://platform.ringcentral.com description: RingCentral API — OAuth 2.0 / OpenID Connect business capability. Self-contained, no shared references. resources: - name: restapi-oauth-authorize path: /restapi/oauth/authorize operations: - name: authorize method: GET description: OAuth 2.0 Authorization Endpoint outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: response_type in: query type: string description: Determines authorization flow type. The only supported value is `code` which corresponds to OAuth 2.0 "Authorization Code Flow" required: true - name: redirect_uri in: query type: string description: This is the URI where the Authorization Server redirects the User Agent to at the end of the authorization flow. - name: state in: query type: string description: An opaque value used by the client to maintain state between the request and callback. - name: scope in: query type: string description: The list of space separated application permissions (OAuth scopes) - name: display in: query type: string description: Specifies how the Authorization Server displays the authentication and consent user interface pages to the End-User. - name: prompt in: query type: string description: Space-delimited, case-sensitive list of ASCII string values that specifies whether the Authorization Server prompts the End-User for - name: ui_locales in: query type: string description: End-User's preferred languages and scripts for the user interface, represented as a space-separated list of - name: localeId in: query type: string description: 'DEPRECATED: `ui_locales` parameter should be used instead' - name: code_challenge in: query type: string description: The code challenge value as defined by the PKCE specification - - name: code_challenge_method in: query type: string description: The code challenge method as defined by by the PKCE specification - - name: nonce in: query type: string description: String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication - name: ui_options in: query type: string description: Login form user interface options (space-separated). By default, the UI options that are registered for this client application will be used - name: login_hint in: query type: string description: Hint to the Authorization Server about the login identifier the End-User might use to log in. - name: authorize2 method: POST description: OAuth 2.0 Authorization Endpoint (POST) outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: restapi-oauth-revoke path: /restapi/oauth/revoke operations: - name: revoketoken method: POST description: OAuth 2.0 Token Revocation Endpoint outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: token in: query type: string description: Access or refresh token to be revoked (along with the entire OAuth session) - name: body in: body type: object description: Request body (JSON). required: false - name: restapi-oauth-token path: /restapi/oauth/token operations: - name: gettoken method: POST description: OAuth 2.0 Token Endpoint outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true authentication: type: bearer token: '{{env.RINGCENTRAL_API_KEY}}' exposes: - type: rest namespace: platform-oauth-2-0-openid-connect-rest port: 8080 description: REST adapter for RingCentral API — OAuth 2.0 / OpenID Connect. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/restapi/oauth/authorize name: restapi-oauth-authorize description: REST surface for restapi-oauth-authorize. operations: - method: GET name: authorize description: OAuth 2.0 Authorization Endpoint call: platform-oauth-2-0-openid-connect.authorize with: response_type: rest.response_type redirect_uri: rest.redirect_uri state: rest.state scope: rest.scope display: rest.display prompt: rest.prompt ui_locales: rest.ui_locales localeId: rest.localeId code_challenge: rest.code_challenge code_challenge_method: rest.code_challenge_method nonce: rest.nonce ui_options: rest.ui_options login_hint: rest.login_hint outputParameters: - type: object mapping: $. - method: POST name: authorize2 description: OAuth 2.0 Authorization Endpoint (POST) call: platform-oauth-2-0-openid-connect.authorize2 with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/restapi/oauth/revoke name: restapi-oauth-revoke description: REST surface for restapi-oauth-revoke. operations: - method: POST name: revoketoken description: OAuth 2.0 Token Revocation Endpoint call: platform-oauth-2-0-openid-connect.revoketoken with: token: rest.token body: rest.body outputParameters: - type: object mapping: $. - path: /v1/restapi/oauth/token name: restapi-oauth-token description: REST surface for restapi-oauth-token. operations: - method: POST name: gettoken description: OAuth 2.0 Token Endpoint call: platform-oauth-2-0-openid-connect.gettoken with: body: rest.body outputParameters: - type: object mapping: $. - type: mcp namespace: platform-oauth-2-0-openid-connect-mcp port: 9090 transport: http description: MCP adapter for RingCentral API — OAuth 2.0 / OpenID Connect. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: oauth-2-0-authorization-endpoint description: OAuth 2.0 Authorization Endpoint hints: readOnly: true destructive: false idempotent: true call: platform-oauth-2-0-openid-connect.authorize with: response_type: tools.response_type redirect_uri: tools.redirect_uri state: tools.state scope: tools.scope display: tools.display prompt: tools.prompt ui_locales: tools.ui_locales localeId: tools.localeId code_challenge: tools.code_challenge code_challenge_method: tools.code_challenge_method nonce: tools.nonce ui_options: tools.ui_options login_hint: tools.login_hint outputParameters: - type: object mapping: $. - name: oauth-2-0-authorization-endpoint-post description: OAuth 2.0 Authorization Endpoint (POST) hints: readOnly: false destructive: false idempotent: false call: platform-oauth-2-0-openid-connect.authorize2 with: body: tools.body outputParameters: - type: object mapping: $. - name: oauth-2-0-token-revocation-endpoint description: OAuth 2.0 Token Revocation Endpoint hints: readOnly: false destructive: false idempotent: false call: platform-oauth-2-0-openid-connect.revoketoken with: token: tools.token body: tools.body outputParameters: - type: object mapping: $. - name: oauth-2-0-token-endpoint description: OAuth 2.0 Token Endpoint hints: readOnly: false destructive: false idempotent: false call: platform-oauth-2-0-openid-connect.gettoken with: body: tools.body outputParameters: - type: object mapping: $.