Remote OAuth 2.0 API — OAuth

naftiko: 1.0.0-alpha2
info:
  label: Remote OAuth 2.0 API — OAuth
  description: 'Self-contained Naftiko capability for exchanging OAuth 2.0 tokens with Remote (authorization code, client credentials, assertion, and refresh flows).'
  tags:
  - Remote
  - OAuth
  - Authentication
  created: '2026-05-25'
  modified: '2026-05-25'
binds:
- namespace: env
  keys:
    REMOTE_CLIENT_ID: REMOTE_CLIENT_ID
    REMOTE_CLIENT_SECRET: REMOTE_CLIENT_SECRET
capability:
  consumes:
  - type: http
    namespace: oauth
    baseUri: https://gateway.remote.com
    description: Remote OAuth business capability.
    resources:
    - name: oauth2-token
      path: /oauth2/token
      operations:
      - name: exchangetoken
        method: POST
        description: Exchange OAuth 2.0 Token
        inputParameters:
        - name: body
          in: body
          type: object
          required: true
        outputParameters:
        - name: result
          type: object
          value: $.
    authentication:
      type: none
  exposes:
  - type: mcp
    namespace: oauth-mcp
    port: 9090
    transport: http
    description: MCP adapter for Remote OAuth.
    tools:
    - name: remote-exchange-oauth-token
      description: Exchange an OAuth 2.0 grant for an access token on Remote.
      hints: { readOnly: false, destructive: false, idempotent: false }
      call: oauth.exchangetoken
      with:
        body: tools.body