BeyondTrust · Capability

BeyondTrust Password Safe API — Authentication

BeyondTrust Password Safe API — Authentication. 2 operations. Lead operation: BeyondTrust Sign App In. Self-contained Naftiko capability covering one Beyondtrust business surface.

Run with Naftiko BeyondtrustAuthentication

What You Can Do

POST
Signappin — BeyondTrust Sign App In
/v1/auth/signappin
POST
Signappout — BeyondTrust Sign App Out
/v1/auth/signappout

MCP Tools

beyondtrust-sign-app

BeyondTrust Sign App In

beyondtrust-sign-app-out

BeyondTrust Sign App Out

Capability Spec

password-safe-authentication.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: BeyondTrust Password Safe API — Authentication
  description: 'BeyondTrust Password Safe API — Authentication. 2 operations. Lead operation: BeyondTrust Sign App In. Self-contained
    Naftiko capability covering one Beyondtrust business surface.'
  tags:
  - Beyondtrust
  - Authentication
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    BEYONDTRUST_API_KEY: BEYONDTRUST_API_KEY
capability:
  consumes:
  - type: http
    namespace: password-safe-authentication
    baseUri: https://{hostname}/BeyondTrust/api/public/v3
    description: BeyondTrust Password Safe API — Authentication business capability. Self-contained, no shared references.
    resources:
    - name: auth-signappin
      path: /auth/signappin
      operations:
      - name: signappin
        method: POST
        description: BeyondTrust Sign App In
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: auth-signappout
      path: /auth/signappout
      operations:
      - name: signappout
        method: POST
        description: BeyondTrust Sign App Out
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    authentication:
      type: apikey
      key: Authorization
      value: '{{env.BEYONDTRUST_API_KEY}}'
      placement: header
  exposes:
  - type: rest
    namespace: password-safe-authentication-rest
    port: 8080
    description: REST adapter for BeyondTrust Password Safe API — Authentication. One Spectral-compliant resource per consumed
      operation, prefixed with /v1.
    resources:
    - path: /v1/auth/signappin
      name: auth-signappin
      description: REST surface for auth-signappin.
      operations:
      - method: POST
        name: signappin
        description: BeyondTrust Sign App In
        call: password-safe-authentication.signappin
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/auth/signappout
      name: auth-signappout
      description: REST surface for auth-signappout.
      operations:
      - method: POST
        name: signappout
        description: BeyondTrust Sign App Out
        call: password-safe-authentication.signappout
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: password-safe-authentication-mcp
    port: 9090
    transport: http
    description: MCP adapter for BeyondTrust Password Safe API — Authentication. One tool per consumed operation, routed inline
      through this capability's consumes block.
    tools:
    - name: beyondtrust-sign-app
      description: BeyondTrust Sign App In
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: password-safe-authentication.signappin
      with:
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: beyondtrust-sign-app-out
      description: BeyondTrust Sign App Out
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: password-safe-authentication.signappout
      outputParameters:
      - type: object
        mapping: $.