naftiko: 1.0.0-alpha2 info: label: SSH Key Management API — Authorized Keys description: 'SSH Key Management API — Authorized Keys. 3 operations. Lead operation: Get Authorized Keys. Self-contained Naftiko capability covering one Ssh business surface.' tags: - Ssh - Authorized Keys created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: SSH_API_KEY: SSH_API_KEY capability: consumes: - type: http namespace: key-management-authorized-keys baseUri: https://api.openssh.example.com/v1 description: SSH Key Management API — Authorized Keys business capability. Self-contained, no shared references. resources: - name: authorized-keys-username path: /authorized-keys/{username} operations: - name: getauthorizedkeys method: GET description: Get Authorized Keys outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: username in: path type: string required: true - name: addauthorizedkey method: POST description: Add Authorized Key outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: username in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true - name: authorized-keys-username-keyId path: /authorized-keys/{username}/{keyId} operations: - name: removeauthorizedkey method: DELETE description: Remove Authorized Key outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: username in: path type: string required: true - name: keyId in: path type: string required: true authentication: type: bearer token: '{{env.SSH_API_KEY}}' exposes: - type: rest namespace: key-management-authorized-keys-rest port: 8080 description: REST adapter for SSH Key Management API — Authorized Keys. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/authorized-keys/{username} name: authorized-keys-username description: REST surface for authorized-keys-username. operations: - method: GET name: getauthorizedkeys description: Get Authorized Keys call: key-management-authorized-keys.getauthorizedkeys with: username: rest.username outputParameters: - type: object mapping: $. - method: POST name: addauthorizedkey description: Add Authorized Key call: key-management-authorized-keys.addauthorizedkey with: username: rest.username body: rest.body outputParameters: - type: object mapping: $. - path: /v1/authorized-keys/{username}/{keyid} name: authorized-keys-username-keyid description: REST surface for authorized-keys-username-keyId. operations: - method: DELETE name: removeauthorizedkey description: Remove Authorized Key call: key-management-authorized-keys.removeauthorizedkey with: username: rest.username keyId: rest.keyId outputParameters: - type: object mapping: $. - type: mcp namespace: key-management-authorized-keys-mcp port: 9090 transport: http description: MCP adapter for SSH Key Management API — Authorized Keys. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: get-authorized-keys description: Get Authorized Keys hints: readOnly: true destructive: false idempotent: true call: key-management-authorized-keys.getauthorizedkeys with: username: tools.username outputParameters: - type: object mapping: $. - name: add-authorized-key description: Add Authorized Key hints: readOnly: false destructive: false idempotent: false call: key-management-authorized-keys.addauthorizedkey with: username: tools.username body: tools.body outputParameters: - type: object mapping: $. - name: remove-authorized-key description: Remove Authorized Key hints: readOnly: false destructive: true idempotent: true call: key-management-authorized-keys.removeauthorizedkey with: username: tools.username keyId: tools.keyId outputParameters: - type: object mapping: $.