Information
- OpenAPI version:
3.1.0
Overview
Gospl — Platform / Identity & Access API 0.1.0-draft
Section titled “Gospl — Platform / Identity & Access API 0.1.0-draft”Global, cross-cutting API consumed by every feature: current principal, functional roles, permission checks, and the org-chart (reporting-line) reads that drive manager visibility. Authored by Claude. Feature contracts SHOULD reference these schemas (UserRef, Role) rather than redefining them. See specs/_platform/identity-and-access.md. Governs principles PR-04 (tenancy), PR-05 (server-authoritative visibility), PR-06 (permission model). OPEN CLARIFICATIONS: auth/SSO shape · role assignment mechanism · whether the org chart is Gospl-mastered or synced from HomeRun (PR-01) · elevated-grant model.
Authentication
Section titled “ Authentication ”bearerAuth
Section titled “bearerAuth ”Carries tenant + userId + functional roles. All reads tenant-scoped.
Security scheme type: http
Bearer format: JWT