Yodlee Core APIs — Auth

naftiko: 1.0.0-alpha2
info:
  label: Yodlee Core APIs — Auth
  description: 'Yodlee Core APIs — Auth. 5 operations. Lead operation: Generate API Key. Self-contained Naftiko capability
    covering one Yodlee business surface.'
  tags:
  - Yodlee
  - Auth
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    YODLEE_API_KEY: YODLEE_API_KEY
capability:
  consumes:
  - type: http
    namespace: core-auth
    baseUri: ''
    description: Yodlee Core APIs — Auth business capability. Self-contained, no shared references.
    resources:
    - name: auth-apiKey
      path: /auth/apiKey
      operations:
      - name: generateapikey
        method: POST
        description: Generate API Key
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: apiKeyRequest
          in: body
          type: string
          description: apiKeyRequest
          required: true
      - name: getapikeys
        method: GET
        description: Get API Keys
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auth-apiKey-key
      path: /auth/apiKey/{key}
      operations:
      - name: deleteapikey
        method: DELETE
        description: Delete API Key
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: key
          in: path
          type: string
          description: key
          required: true
    - name: auth-token
      path: /auth/token
      operations:
      - name: generateaccesstoken
        method: POST
        description: Generate Access Token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: clientId
          in: formData
          type: string
          description: clientId issued by Yodlee is used to generate the OAuth token for authentication.
        - name: secret
          in: formData
          type: string
          description: secret issued by Yodlee is used to generate the OAuth token for authentication.
      - name: deletetoken
        method: DELETE
        description: Delete Token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
  exposes:
  - type: rest
    namespace: core-auth-rest
    port: 8080
    description: REST adapter for Yodlee Core APIs — Auth. One Spectral-compliant resource per consumed operation, prefixed
      with /v1.
    resources:
    - path: /v1/auth/apikey
      name: auth-apikey
      description: REST surface for auth-apiKey.
      operations:
      - method: POST
        name: generateapikey
        description: Generate API Key
        call: core-auth.generateapikey
        with:
          apiKeyRequest: rest.apiKeyRequest
        outputParameters:
        - type: object
          mapping: $.
      - method: GET
        name: getapikeys
        description: Get API Keys
        call: core-auth.getapikeys
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/auth/apikey/{key}
      name: auth-apikey-key
      description: REST surface for auth-apiKey-key.
      operations:
      - method: DELETE
        name: deleteapikey
        description: Delete API Key
        call: core-auth.deleteapikey
        with:
          key: rest.key
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/auth/token
      name: auth-token
      description: REST surface for auth-token.
      operations:
      - method: POST
        name: generateaccesstoken
        description: Generate Access Token
        call: core-auth.generateaccesstoken
        with:
          clientId: rest.clientId
          secret: rest.secret
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: deletetoken
        description: Delete Token
        call: core-auth.deletetoken
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: core-auth-mcp
    port: 9090
    transport: http
    description: MCP adapter for Yodlee Core APIs — Auth. One tool per consumed operation, routed inline through this capability's
      consumes block.
    tools:
    - name: generate-api-key
      description: Generate API Key
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: core-auth.generateapikey
      with:
        apiKeyRequest: tools.apiKeyRequest
      outputParameters:
      - type: object
        mapping: $.
    - name: get-api-keys
      description: Get API Keys
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: core-auth.getapikeys
      outputParameters:
      - type: object
        mapping: $.
    - name: delete-api-key
      description: Delete API Key
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: core-auth.deleteapikey
      with:
        key: tools.key
      outputParameters:
      - type: object
        mapping: $.
    - name: generate-access-token
      description: Generate Access Token
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: core-auth.generateaccesstoken
      with:
        clientId: tools.clientId
        secret: tools.secret
      outputParameters:
      - type: object
        mapping: $.
    - name: delete-token
      description: Delete Token
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: core-auth.deletetoken
      outputParameters:
      - type: object
        mapping: $.