Symphony · Capability

Symphony Login API — Authenticate

Symphony Login API — Authenticate. 5 operations. Lead operation: Symphony Authenticate an App With Public Key. Self-contained Naftiko capability covering one Symphony business surface.

Run with Naftiko SymphonyAuthenticate

What You Can Do

POST
Post — Symphony Authenticate an App With Public Key
/v1/pubkey/app/authenticate
POST
Post — Symphony Authenticate an application in a delegated context to act on behalf of a user
/v1/pubkey/app/user/{userid}/authenticate
POST
Post — Symphony Authenticate an application in a delegated context to act on behalf of a user
/v1/pubkey/app/username/{username}/authenticate
POST
Post — Symphony Authenticate With Public Key
/v1/pubkey/authenticate
POST
Post — Symphony Authenticate Extension App With Public Key
/v1/v1/pubkey/app/authenticate/extensionapp

MCP Tools

symphony-authenticate-app-public-key

Symphony Authenticate an App With Public Key

symphony-authenticate-application-delegated-context

Symphony Authenticate an application in a delegated context to act on behalf of a user

symphony-authenticate-application-delegated-context-2

Symphony Authenticate an application in a delegated context to act on behalf of a user

symphony-authenticate-public-key

Symphony Authenticate With Public Key

symphony-authenticate-extension-app-public

Symphony Authenticate Extension App With Public Key

Capability Spec

login-authenticate.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: Symphony Login API — Authenticate
  description: 'Symphony Login API — Authenticate. 5 operations. Lead operation: Symphony Authenticate an App With Public
    Key. Self-contained Naftiko capability covering one Symphony business surface.'
  tags:
  - Symphony
  - Authenticate
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    SYMPHONY_API_KEY: SYMPHONY_API_KEY
capability:
  consumes:
  - type: http
    namespace: login-authenticate
    baseUri: ''
    description: Symphony Login API — Authenticate business capability. Self-contained, no shared references.
    resources:
    - name: pubkey-app-authenticate
      path: /pubkey/app/authenticate
      operations:
      - name: post
        method: POST
        description: Symphony Authenticate an App With Public Key
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authenticateRequest
          in: body
          type: string
          required: true
    - name: pubkey-app-user-userId-authenticate
      path: /pubkey/app/user/{userId}/authenticate
      operations:
      - name: post
        method: POST
        description: Symphony Authenticate an application in a delegated context to act on behalf of a user
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          description: App Session authentication token.
          required: true
        - name: userId
          in: path
          type: integer
          description: the user ID
          required: true
    - name: pubkey-app-username-username-authenticate
      path: /pubkey/app/username/{username}/authenticate
      operations:
      - name: post
        method: POST
        description: Symphony Authenticate an application in a delegated context to act on behalf of a user
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          description: App Session authentication token.
          required: true
        - name: username
          in: path
          type: string
          description: the username
          required: true
    - name: pubkey-authenticate
      path: /pubkey/authenticate
      operations:
      - name: post
        method: POST
        description: Symphony Authenticate With Public Key
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authenticateRequest
          in: body
          type: string
          required: true
    - name: v1-pubkey-app-authenticate-extensionApp
      path: /v1/pubkey/app/authenticate/extensionApp
      operations:
      - name: post
        method: POST
        description: Symphony Authenticate Extension App With Public Key
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: authenticateRequest
          in: body
          type: string
          required: true
  exposes:
  - type: rest
    namespace: login-authenticate-rest
    port: 8080
    description: REST adapter for Symphony Login API — Authenticate. One Spectral-compliant resource per consumed operation,
      prefixed with /v1.
    resources:
    - path: /v1/pubkey/app/authenticate
      name: pubkey-app-authenticate
      description: REST surface for pubkey-app-authenticate.
      operations:
      - method: POST
        name: post
        description: Symphony Authenticate an App With Public Key
        call: login-authenticate.post
        with:
          authenticateRequest: rest.authenticateRequest
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/pubkey/app/user/{userid}/authenticate
      name: pubkey-app-user-userid-authenticate
      description: REST surface for pubkey-app-user-userId-authenticate.
      operations:
      - method: POST
        name: post
        description: Symphony Authenticate an application in a delegated context to act on behalf of a user
        call: login-authenticate.post
        with:
          sessionToken: rest.sessionToken
          userId: rest.userId
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/pubkey/app/username/{username}/authenticate
      name: pubkey-app-username-username-authenticate
      description: REST surface for pubkey-app-username-username-authenticate.
      operations:
      - method: POST
        name: post
        description: Symphony Authenticate an application in a delegated context to act on behalf of a user
        call: login-authenticate.post
        with:
          sessionToken: rest.sessionToken
          username: rest.username
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/pubkey/authenticate
      name: pubkey-authenticate
      description: REST surface for pubkey-authenticate.
      operations:
      - method: POST
        name: post
        description: Symphony Authenticate With Public Key
        call: login-authenticate.post
        with:
          authenticateRequest: rest.authenticateRequest
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/v1/pubkey/app/authenticate/extensionapp
      name: v1-pubkey-app-authenticate-extensionapp
      description: REST surface for v1-pubkey-app-authenticate-extensionApp.
      operations:
      - method: POST
        name: post
        description: Symphony Authenticate Extension App With Public Key
        call: login-authenticate.post
        with:
          authenticateRequest: rest.authenticateRequest
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: login-authenticate-mcp
    port: 9090
    transport: http
    description: MCP adapter for Symphony Login API — Authenticate. One tool per consumed operation, routed inline through
      this capability's consumes block.
    tools:
    - name: symphony-authenticate-app-public-key
      description: Symphony Authenticate an App With Public Key
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: login-authenticate.post
      with:
        authenticateRequest: tools.authenticateRequest
      outputParameters:
      - type: object
        mapping: $.
    - name: symphony-authenticate-application-delegated-context
      description: Symphony Authenticate an application in a delegated context to act on behalf of a user
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: login-authenticate.post
      with:
        sessionToken: tools.sessionToken
        userId: tools.userId
      outputParameters:
      - type: object
        mapping: $.
    - name: symphony-authenticate-application-delegated-context-2
      description: Symphony Authenticate an application in a delegated context to act on behalf of a user
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: login-authenticate.post
      with:
        sessionToken: tools.sessionToken
        username: tools.username
      outputParameters:
      - type: object
        mapping: $.
    - name: symphony-authenticate-public-key
      description: Symphony Authenticate With Public Key
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: login-authenticate.post
      with:
        authenticateRequest: tools.authenticateRequest
      outputParameters:
      - type: object
        mapping: $.
    - name: symphony-authenticate-extension-app-public
      description: Symphony Authenticate Extension App With Public Key
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: login-authenticate.post
      with:
        authenticateRequest: tools.authenticateRequest
      outputParameters:
      - type: object
        mapping: $.