Secure Code Warrior · Capability
Secure Code Warrior Portal API — Users
Secure Code Warrior Portal API — Users. 7 operations. Lead operation: List Users. Self-contained Naftiko capability covering one Secure Code Warrior business surface.
What You Can Do
GET
Listusers
— List Users
/v1/users
POST
Createuser
— Create User
/v1/users
GET
Listuserroles
— List User Roles
/v1/users/roles
POST
Searchusers
— Search Users
/v1/users/search
GET
Getuser
— Get User
/v1/users/{id}
DELETE
Deleteuser
— Delete User
/v1/users/{id}
PATCH
Updateuser
— Update User
/v1/users/{id}
MCP Tools
list-users
List Users
read-only
idempotent
create-user
Create User
list-user-roles
List User Roles
read-only
idempotent
search-users
Search Users
read-only
get-user
Get User
read-only
idempotent
delete-user
Delete User
idempotent
update-user
Update User
idempotent
Capability Spec
naftiko: 1.0.0-alpha2
info:
label: Secure Code Warrior Portal API — Users
description: 'Secure Code Warrior Portal API — Users. 7 operations. Lead operation: List Users. Self-contained Naftiko capability
covering one Secure Code Warrior business surface.'
tags:
- Secure Code Warrior
- Users
created: '2026-05-19'
modified: '2026-05-19'
binds:
- namespace: env
keys:
SECURE_CODE_WARRIOR_API_KEY: SECURE_CODE_WARRIOR_API_KEY
capability:
consumes:
- type: http
namespace: portal-users
baseUri: https://portal-api.securecodewarrior.com/api/v2
description: Secure Code Warrior Portal API — Users business capability. Self-contained, no shared references.
resources:
- name: users
path: /users
operations:
- name: listusers
method: GET
description: List Users
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: fields
in: query
type: string
description: Comma-separated list of fields to include in response
- name: page
in: query
type: integer
- name: createuser
method: POST
description: Create User
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: sendInvite
in: query
type: boolean
description: Send invitation email to new user
- name: body
in: body
type: object
description: Request body (JSON).
required: true
- name: users-roles
path: /users/roles
operations:
- name: listuserroles
method: GET
description: List User Roles
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
- name: users-search
path: /users/search
operations:
- name: searchusers
method: POST
description: Search Users
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: fields
in: query
type: string
- name: page
in: query
type: integer
- name: body
in: body
type: object
description: Request body (JSON).
required: false
- name: users-id
path: /users/{id}
operations:
- name: getuser
method: GET
description: Get User
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: id
in: path
type: string
required: true
- name: idtype
in: query
type: string
description: Type of identifier (id or email)
- name: fields
in: query
type: string
- name: deleteuser
method: DELETE
description: Delete User
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: id
in: path
type: string
required: true
- name: idtype
in: query
type: string
- name: updateuser
method: PATCH
description: Update User
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: id
in: path
type: string
required: true
- name: idtype
in: query
type: string
- name: skipNotifyIfSso
in: query
type: boolean
- name: sendInvite
in: query
type: boolean
- name: body
in: body
type: object
description: Request body (JSON).
required: false
authentication:
type: apikey
key: X-API-Key
value: '{{env.SECURE_CODE_WARRIOR_API_KEY}}'
placement: header
exposes:
- type: rest
namespace: portal-users-rest
port: 8080
description: REST adapter for Secure Code Warrior Portal API — Users. One Spectral-compliant resource per consumed operation,
prefixed with /v1.
resources:
- path: /v1/users
name: users
description: REST surface for users.
operations:
- method: GET
name: listusers
description: List Users
call: portal-users.listusers
with:
fields: rest.fields
page: rest.page
outputParameters:
- type: object
mapping: $.
- method: POST
name: createuser
description: Create User
call: portal-users.createuser
with:
sendInvite: rest.sendInvite
body: rest.body
outputParameters:
- type: object
mapping: $.
- path: /v1/users/roles
name: users-roles
description: REST surface for users-roles.
operations:
- method: GET
name: listuserroles
description: List User Roles
call: portal-users.listuserroles
outputParameters:
- type: object
mapping: $.
- path: /v1/users/search
name: users-search
description: REST surface for users-search.
operations:
- method: POST
name: searchusers
description: Search Users
call: portal-users.searchusers
with:
fields: rest.fields
page: rest.page
body: rest.body
outputParameters:
- type: object
mapping: $.
- path: /v1/users/{id}
name: users-id
description: REST surface for users-id.
operations:
- method: GET
name: getuser
description: Get User
call: portal-users.getuser
with:
id: rest.id
idtype: rest.idtype
fields: rest.fields
outputParameters:
- type: object
mapping: $.
- method: DELETE
name: deleteuser
description: Delete User
call: portal-users.deleteuser
with:
id: rest.id
idtype: rest.idtype
outputParameters:
- type: object
mapping: $.
- method: PATCH
name: updateuser
description: Update User
call: portal-users.updateuser
with:
id: rest.id
idtype: rest.idtype
skipNotifyIfSso: rest.skipNotifyIfSso
sendInvite: rest.sendInvite
body: rest.body
outputParameters:
- type: object
mapping: $.
- type: mcp
namespace: portal-users-mcp
port: 9090
transport: http
description: MCP adapter for Secure Code Warrior Portal API — Users. One tool per consumed operation, routed inline through
this capability's consumes block.
tools:
- name: list-users
description: List Users
hints:
readOnly: true
destructive: false
idempotent: true
call: portal-users.listusers
with:
fields: tools.fields
page: tools.page
outputParameters:
- type: object
mapping: $.
- name: create-user
description: Create User
hints:
readOnly: false
destructive: false
idempotent: false
call: portal-users.createuser
with:
sendInvite: tools.sendInvite
body: tools.body
outputParameters:
- type: object
mapping: $.
- name: list-user-roles
description: List User Roles
hints:
readOnly: true
destructive: false
idempotent: true
call: portal-users.listuserroles
outputParameters:
- type: object
mapping: $.
- name: search-users
description: Search Users
hints:
readOnly: true
destructive: false
idempotent: false
call: portal-users.searchusers
with:
fields: tools.fields
page: tools.page
body: tools.body
outputParameters:
- type: object
mapping: $.
- name: get-user
description: Get User
hints:
readOnly: true
destructive: false
idempotent: true
call: portal-users.getuser
with:
id: tools.id
idtype: tools.idtype
fields: tools.fields
outputParameters:
- type: object
mapping: $.
- name: delete-user
description: Delete User
hints:
readOnly: false
destructive: true
idempotent: true
call: portal-users.deleteuser
with:
id: tools.id
idtype: tools.idtype
outputParameters:
- type: object
mapping: $.
- name: update-user
description: Update User
hints:
readOnly: false
destructive: false
idempotent: true
call: portal-users.updateuser
with:
id: tools.id
idtype: tools.idtype
skipNotifyIfSso: tools.skipNotifyIfSso
sendInvite: tools.sendInvite
body: tools.body
outputParameters:
- type: object
mapping: $.