naftiko: 1.0.0-alpha2 info: label: API Reference — RbacService description: 'API Reference — RbacService. 6 operations. Lead operation: Subjects served from this API are Groups and Users only. Id in this case is the Name field, since for users and groups, that is unique, and subjects do not have IDs.. Self-contained Naftiko capability covering one Stackrox business surface.' tags: - Stackrox - RbacService created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: STACKROX_API_KEY: STACKROX_API_KEY capability: consumes: - type: http namespace: stackrox-rbacservice baseUri: https://{central-host} description: API Reference — RbacService business capability. Self-contained, no shared references. resources: - name: v1-rbac-bindings path: /v1/rbac/bindings operations: - name: listrolebindings method: GET description: '' outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: query in: query type: string - name: pagination.limit in: query type: integer - name: pagination.offset in: query type: integer - name: pagination.sort_option.field in: query type: string - name: pagination.sort_option.reversed in: query type: boolean - name: v1-rbac-bindings-id path: /v1/rbac/bindings/{id} operations: - name: getrolebinding method: GET description: '' outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string required: true - name: v1-rbac-roles path: /v1/rbac/roles operations: - name: listroles method: GET description: '' outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: query in: query type: string - name: pagination.limit in: query type: integer - name: pagination.offset in: query type: integer - name: pagination.sort_option.field in: query type: string - name: pagination.sort_option.reversed in: query type: boolean - name: v1-rbac-roles-id path: /v1/rbac/roles/{id} operations: - name: getrole method: GET description: '' outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string required: true - name: v1-rbac-subject-id path: /v1/rbac/subject/{id} operations: - name: getsubject method: GET description: Subjects served from this API are Groups and Users only. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string required: true - name: v1-rbac-subjects path: /v1/rbac/subjects operations: - name: listsubjects method: GET description: '' outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: query in: query type: string - name: pagination.limit in: query type: integer - name: pagination.offset in: query type: integer - name: pagination.sort_option.field in: query type: string - name: pagination.sort_option.reversed in: query type: boolean authentication: type: apikey key: Authorization value: '{{env.STACKROX_API_KEY}}' placement: header exposes: - type: rest namespace: stackrox-rbacservice-rest port: 8080 description: REST adapter for API Reference — RbacService. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/v1/rbac/bindings name: v1-rbac-bindings description: REST surface for v1-rbac-bindings. operations: - method: GET name: listrolebindings description: listrolebindings call: stackrox-rbacservice.listrolebindings with: query: rest.query pagination.limit: rest.pagination.limit pagination.offset: rest.pagination.offset pagination.sort_option.field: rest.pagination.sort_option.field pagination.sort_option.reversed: rest.pagination.sort_option.reversed outputParameters: - type: object mapping: $. - path: /v1/v1/rbac/bindings/{id} name: v1-rbac-bindings-id description: REST surface for v1-rbac-bindings-id. operations: - method: GET name: getrolebinding description: getrolebinding call: stackrox-rbacservice.getrolebinding with: id: rest.id outputParameters: - type: object mapping: $. - path: /v1/v1/rbac/roles name: v1-rbac-roles description: REST surface for v1-rbac-roles. operations: - method: GET name: listroles description: listroles call: stackrox-rbacservice.listroles with: query: rest.query pagination.limit: rest.pagination.limit pagination.offset: rest.pagination.offset pagination.sort_option.field: rest.pagination.sort_option.field pagination.sort_option.reversed: rest.pagination.sort_option.reversed outputParameters: - type: object mapping: $. - path: /v1/v1/rbac/roles/{id} name: v1-rbac-roles-id description: REST surface for v1-rbac-roles-id. operations: - method: GET name: getrole description: getrole call: stackrox-rbacservice.getrole with: id: rest.id outputParameters: - type: object mapping: $. - path: /v1/v1/rbac/subject/{id} name: v1-rbac-subject-id description: REST surface for v1-rbac-subject-id. operations: - method: GET name: getsubject description: Subjects served from this API are Groups and Users only. call: stackrox-rbacservice.getsubject with: id: rest.id outputParameters: - type: object mapping: $. - path: /v1/v1/rbac/subjects name: v1-rbac-subjects description: REST surface for v1-rbac-subjects. operations: - method: GET name: listsubjects description: listsubjects call: stackrox-rbacservice.listsubjects with: query: rest.query pagination.limit: rest.pagination.limit pagination.offset: rest.pagination.offset pagination.sort_option.field: rest.pagination.sort_option.field pagination.sort_option.reversed: rest.pagination.sort_option.reversed outputParameters: - type: object mapping: $. - type: mcp namespace: stackrox-rbacservice-mcp port: 9090 transport: http description: MCP adapter for API Reference — RbacService. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: listrolebindings description: listrolebindings hints: readOnly: true destructive: false idempotent: true call: stackrox-rbacservice.listrolebindings with: query: tools.query pagination.limit: tools.pagination.limit pagination.offset: tools.pagination.offset pagination.sort_option.field: tools.pagination.sort_option.field pagination.sort_option.reversed: tools.pagination.sort_option.reversed outputParameters: - type: object mapping: $. - name: getrolebinding description: getrolebinding hints: readOnly: true destructive: false idempotent: true call: stackrox-rbacservice.getrolebinding with: id: tools.id outputParameters: - type: object mapping: $. - name: listroles description: listroles hints: readOnly: true destructive: false idempotent: true call: stackrox-rbacservice.listroles with: query: tools.query pagination.limit: tools.pagination.limit pagination.offset: tools.pagination.offset pagination.sort_option.field: tools.pagination.sort_option.field pagination.sort_option.reversed: tools.pagination.sort_option.reversed outputParameters: - type: object mapping: $. - name: getrole description: getrole hints: readOnly: true destructive: false idempotent: true call: stackrox-rbacservice.getrole with: id: tools.id outputParameters: - type: object mapping: $. - name: subjects-served-this-api-are description: Subjects served from this API are Groups and Users only. hints: readOnly: true destructive: false idempotent: true call: stackrox-rbacservice.getsubject with: id: tools.id outputParameters: - type: object mapping: $. - name: listsubjects description: listsubjects hints: readOnly: true destructive: false idempotent: true call: stackrox-rbacservice.listsubjects with: query: tools.query pagination.limit: tools.pagination.limit pagination.offset: tools.pagination.offset pagination.sort_option.field: tools.pagination.sort_option.field pagination.sort_option.reversed: tools.pagination.sort_option.reversed outputParameters: - type: object mapping: $.