western-digital · Capability
WD My Cloud Home API — Authentication
WD My Cloud Home API — Authentication. 2 operations. Lead operation: Authorize User. Self-contained Naftiko capability covering one Western Digital business surface.
What You Can Do
GET
Authorizeuser
— Authorize User
/v1/authorize
POST
Getaccesstoken
— Get Access Token
/v1/oauth/token
MCP Tools
authorize-user
Authorize User
read-only
idempotent
get-access-token
Get Access Token
read-only
Capability Spec
naftiko: 1.0.0-alpha2
info:
label: WD My Cloud Home API — Authentication
description: 'WD My Cloud Home API — Authentication. 2 operations. Lead operation: Authorize User. Self-contained Naftiko
capability covering one Western Digital business surface.'
tags:
- Western Digital
- Authentication
created: '2026-05-19'
modified: '2026-05-19'
binds:
- namespace: env
keys:
WESTERN_DIGITAL_API_KEY: WESTERN_DIGITAL_API_KEY
capability:
consumes:
- type: http
namespace: my-cloud-home-authentication
baseUri: https://config.mycloud.com
description: WD My Cloud Home API — Authentication business capability. Self-contained, no shared references.
resources:
- name: authorize
path: /authorize
operations:
- name: authorizeuser
method: GET
description: Authorize User
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: client_id
in: query
type: string
description: OAuth 2.0 client identifier.
required: true
- name: redirect_uri
in: query
type: string
description: URI to redirect to after authorization.
required: true
- name: response_type
in: query
type: string
description: Must be "code" for authorization code flow.
required: true
- name: scope
in: query
type: string
description: 'Space-separated list of scopes. Supported: openid, email, profile, nas_read_only, nas_read_write.'
- name: state
in: query
type: string
description: CSRF protection state parameter.
- name: oauth-token
path: /oauth/token
operations:
- name: getaccesstoken
method: POST
description: Get Access Token
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: body
in: body
type: object
description: Request body (JSON).
required: true
authentication:
type: bearer
token: '{{env.WESTERN_DIGITAL_API_KEY}}'
exposes:
- type: rest
namespace: my-cloud-home-authentication-rest
port: 8080
description: REST adapter for WD My Cloud Home API — Authentication. One Spectral-compliant resource per consumed operation,
prefixed with /v1.
resources:
- path: /v1/authorize
name: authorize
description: REST surface for authorize.
operations:
- method: GET
name: authorizeuser
description: Authorize User
call: my-cloud-home-authentication.authorizeuser
with:
client_id: rest.client_id
redirect_uri: rest.redirect_uri
response_type: rest.response_type
scope: rest.scope
state: rest.state
outputParameters:
- type: object
mapping: $.
- path: /v1/oauth/token
name: oauth-token
description: REST surface for oauth-token.
operations:
- method: POST
name: getaccesstoken
description: Get Access Token
call: my-cloud-home-authentication.getaccesstoken
with:
body: rest.body
outputParameters:
- type: object
mapping: $.
- type: mcp
namespace: my-cloud-home-authentication-mcp
port: 9090
transport: http
description: MCP adapter for WD My Cloud Home API — Authentication. One tool per consumed operation, routed inline through
this capability's consumes block.
tools:
- name: authorize-user
description: Authorize User
hints:
readOnly: true
destructive: false
idempotent: true
call: my-cloud-home-authentication.authorizeuser
with:
client_id: tools.client_id
redirect_uri: tools.redirect_uri
response_type: tools.response_type
scope: tools.scope
state: tools.state
outputParameters:
- type: object
mapping: $.
- name: get-access-token
description: Get Access Token
hints:
readOnly: true
destructive: false
idempotent: false
call: my-cloud-home-authentication.getaccesstoken
with:
body: tools.body
outputParameters:
- type: object
mapping: $.