Gravitee · Capability

Gravitee.io - Access Management API — Password Policy

Gravitee.io - Access Management API — Password Policy. 8 operations. Lead operation: List registered password policies for a security domain. Self-contained Naftiko capability covering one Gravitee business surface.

Run with Naftiko GraviteePassword Policy

What You Can Do

GET
Listpasswordpolicies — List registered password policies for a security domain
/v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies
POST
Createpasswordpolicy — Create a password policy
/v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies
GET
Geteffectivepasswordpolicy — geteffectivepasswordpolicy
/v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/activepolicy
GET
Getpasswordpolicy — Read a password policy
/v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/{policy}
PUT
Updatepasswordpolicy — Update a password policy
/v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/{policy}
DELETE
Deletepasswordpolicy — Delete a password policy
/v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/{policy}
POST
Setdefaultpolicy — Set default policy
/v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/{policy}/default
POST
Evaluatepolicy — evaluatepolicy
/v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/{policy}/evaluate

MCP Tools

list-registered-password-policies-security

List registered password policies for a security domain

read-only idempotent
create-password-policy

Create a password policy

geteffectivepasswordpolicy

geteffectivepasswordpolicy

read-only idempotent
read-password-policy

Read a password policy

read-only idempotent
update-password-policy

Update a password policy

idempotent
delete-password-policy

Delete a password policy

idempotent
set-default-policy

Set default policy

evaluatepolicy

evaluatepolicy

Capability Spec

am-password-policy.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: Gravitee.io - Access Management API — Password Policy
  description: 'Gravitee.io - Access Management API — Password Policy. 8 operations. Lead operation: List registered password
    policies for a security domain. Self-contained Naftiko capability covering one Gravitee business surface.'
  tags:
  - Gravitee
  - Password Policy
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    GRAVITEE_API_KEY: GRAVITEE_API_KEY
capability:
  consumes:
  - type: http
    namespace: am-password-policy
    baseUri: ''
    description: Gravitee.io - Access Management API — Password Policy business capability. Self-contained, no shared references.
    resources:
    - name: organizations-organizationId-environments-environmentId-domains-domain-password-
      path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies
      operations:
      - name: listpasswordpolicies
        method: GET
        description: List registered password policies for a security domain
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          required: true
        - name: environmentId
          in: path
          type: string
          required: true
        - name: domain
          in: path
          type: string
          required: true
      - name: createpasswordpolicy
        method: POST
        description: Create a password policy
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          required: true
        - name: environmentId
          in: path
          type: string
          required: true
        - name: domain
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: organizations-organizationId-environments-environmentId-domains-domain-password-
      path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies/activePolicy
      operations:
      - name: geteffectivepasswordpolicy
        method: GET
        description: ''
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          required: true
        - name: environmentId
          in: path
          type: string
          required: true
        - name: domain
          in: path
          type: string
          required: true
        - name: identity
          in: query
          type: string
    - name: organizations-organizationId-environments-environmentId-domains-domain-password-
      path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies/{policy}
      operations:
      - name: getpasswordpolicy
        method: GET
        description: Read a password policy
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          required: true
        - name: environmentId
          in: path
          type: string
          required: true
        - name: domain
          in: path
          type: string
          required: true
        - name: policy
          in: path
          type: string
          required: true
      - name: updatepasswordpolicy
        method: PUT
        description: Update a password policy
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          required: true
        - name: environmentId
          in: path
          type: string
          required: true
        - name: domain
          in: path
          type: string
          required: true
        - name: policy
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: deletepasswordpolicy
        method: DELETE
        description: Delete a password policy
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          required: true
        - name: environmentId
          in: path
          type: string
          required: true
        - name: domain
          in: path
          type: string
          required: true
        - name: policy
          in: path
          type: string
          required: true
    - name: organizations-organizationId-environments-environmentId-domains-domain-password-
      path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies/{policy}/default
      operations:
      - name: setdefaultpolicy
        method: POST
        description: Set default policy
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          required: true
        - name: environmentId
          in: path
          type: string
          required: true
        - name: domain
          in: path
          type: string
          required: true
        - name: policy
          in: path
          type: string
          required: true
    - name: organizations-organizationId-environments-environmentId-domains-domain-password-
      path: /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/password-policies/{policy}/evaluate
      operations:
      - name: evaluatepolicy
        method: POST
        description: ''
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: organizationId
          in: path
          type: string
          required: true
        - name: environmentId
          in: path
          type: string
          required: true
        - name: domain
          in: path
          type: string
          required: true
        - name: policy
          in: path
          type: string
          required: true
    authentication:
      type: bearer
      token: '{{env.GRAVITEE_API_KEY}}'
  exposes:
  - type: rest
    namespace: am-password-policy-rest
    port: 8080
    description: REST adapter for Gravitee.io - Access Management API — Password Policy. One Spectral-compliant resource per
      consumed operation, prefixed with /v1.
    resources:
    - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies
      name: organizations-organizationid-environments-environmentid-domains-domain-password
      description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-password-.
      operations:
      - method: GET
        name: listpasswordpolicies
        description: List registered password policies for a security domain
        call: am-password-policy.listpasswordpolicies
        with:
          organizationId: rest.organizationId
          environmentId: rest.environmentId
          domain: rest.domain
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: createpasswordpolicy
        description: Create a password policy
        call: am-password-policy.createpasswordpolicy
        with:
          organizationId: rest.organizationId
          environmentId: rest.environmentId
          domain: rest.domain
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/activepolicy
      name: organizations-organizationid-environments-environmentid-domains-domain-password
      description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-password-.
      operations:
      - method: GET
        name: geteffectivepasswordpolicy
        description: geteffectivepasswordpolicy
        call: am-password-policy.geteffectivepasswordpolicy
        with:
          organizationId: rest.organizationId
          environmentId: rest.environmentId
          domain: rest.domain
          identity: rest.identity
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/{policy}
      name: organizations-organizationid-environments-environmentid-domains-domain-password
      description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-password-.
      operations:
      - method: GET
        name: getpasswordpolicy
        description: Read a password policy
        call: am-password-policy.getpasswordpolicy
        with:
          organizationId: rest.organizationId
          environmentId: rest.environmentId
          domain: rest.domain
          policy: rest.policy
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: updatepasswordpolicy
        description: Update a password policy
        call: am-password-policy.updatepasswordpolicy
        with:
          organizationId: rest.organizationId
          environmentId: rest.environmentId
          domain: rest.domain
          policy: rest.policy
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: deletepasswordpolicy
        description: Delete a password policy
        call: am-password-policy.deletepasswordpolicy
        with:
          organizationId: rest.organizationId
          environmentId: rest.environmentId
          domain: rest.domain
          policy: rest.policy
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/{policy}/default
      name: organizations-organizationid-environments-environmentid-domains-domain-password
      description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-password-.
      operations:
      - method: POST
        name: setdefaultpolicy
        description: Set default policy
        call: am-password-policy.setdefaultpolicy
        with:
          organizationId: rest.organizationId
          environmentId: rest.environmentId
          domain: rest.domain
          policy: rest.policy
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/organizations/{organizationid}/environments/{environmentid}/domains/{domain}/password-policies/{policy}/evaluate
      name: organizations-organizationid-environments-environmentid-domains-domain-password
      description: REST surface for organizations-organizationId-environments-environmentId-domains-domain-password-.
      operations:
      - method: POST
        name: evaluatepolicy
        description: evaluatepolicy
        call: am-password-policy.evaluatepolicy
        with:
          organizationId: rest.organizationId
          environmentId: rest.environmentId
          domain: rest.domain
          policy: rest.policy
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: am-password-policy-mcp
    port: 9090
    transport: http
    description: MCP adapter for Gravitee.io - Access Management API — Password Policy. One tool per consumed operation, routed
      inline through this capability's consumes block.
    tools:
    - name: list-registered-password-policies-security
      description: List registered password policies for a security domain
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: am-password-policy.listpasswordpolicies
      with:
        organizationId: tools.organizationId
        environmentId: tools.environmentId
        domain: tools.domain
      outputParameters:
      - type: object
        mapping: $.
    - name: create-password-policy
      description: Create a password policy
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: am-password-policy.createpasswordpolicy
      with:
        organizationId: tools.organizationId
        environmentId: tools.environmentId
        domain: tools.domain
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: geteffectivepasswordpolicy
      description: geteffectivepasswordpolicy
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: am-password-policy.geteffectivepasswordpolicy
      with:
        organizationId: tools.organizationId
        environmentId: tools.environmentId
        domain: tools.domain
        identity: tools.identity
      outputParameters:
      - type: object
        mapping: $.
    - name: read-password-policy
      description: Read a password policy
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: am-password-policy.getpasswordpolicy
      with:
        organizationId: tools.organizationId
        environmentId: tools.environmentId
        domain: tools.domain
        policy: tools.policy
      outputParameters:
      - type: object
        mapping: $.
    - name: update-password-policy
      description: Update a password policy
      hints:
        readOnly: false
        destructive: false
        idempotent: true
      call: am-password-policy.updatepasswordpolicy
      with:
        organizationId: tools.organizationId
        environmentId: tools.environmentId
        domain: tools.domain
        policy: tools.policy
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: delete-password-policy
      description: Delete a password policy
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: am-password-policy.deletepasswordpolicy
      with:
        organizationId: tools.organizationId
        environmentId: tools.environmentId
        domain: tools.domain
        policy: tools.policy
      outputParameters:
      - type: object
        mapping: $.
    - name: set-default-policy
      description: Set default policy
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: am-password-policy.setdefaultpolicy
      with:
        organizationId: tools.organizationId
        environmentId: tools.environmentId
        domain: tools.domain
        policy: tools.policy
      outputParameters:
      - type: object
        mapping: $.
    - name: evaluatepolicy
      description: evaluatepolicy
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: am-password-policy.evaluatepolicy
      with:
        organizationId: tools.organizationId
        environmentId: tools.environmentId
        domain: tools.domain
        policy: tools.policy
      outputParameters:
      - type: object
        mapping: $.