{"service":"platphorm-keys","version":"1.0.0-phase1","baseUrl":"https://keys.platphormnews.com","publicSafeAccess":true,"authPolicy":{"keyName":"PLATPHORM_API_KEY","requireApiKey":false,"acceptedHeaders":["Authorization: Bearer $PLATPHORM_API_KEY","X-PlatPhorm-API-Key: $PLATPHORM_API_KEY"],"publicSafePhase1":true,"enforcementDefault":false},"issuanceRole":"Future source of truth for PLATPHORM_API_KEY values across PlatPhormNews protected platform actions.","keyStoragePolicy":{"rawSecretsStored":false,"oneTimeReveal":true,"storedMaterial":["key hash","AES-256-GCM encrypted material where backend persistence is available","public prefix"]},"keyRotationPolicy":"Rotation generates a new secret for an existing key id and reveals it once to authorized callers.","keyRevocationPolicy":"Revocation disables validation while preserving audit history.","rateLimitPolicy":"Public self-service provisioning is bounded to 5/hour per fingerprint and IP hash.","scopes":[{"scope":"read","access":"public self-service allowed","description":"Read public-safe platform resources."},{"scope":"write","access":"bounded self-service allowed","description":"Create or update resources where a service permits public-safe write flows."},{"scope":"mcp","access":"bounded self-service allowed","description":"Use public-safe MCP introspection and future MCP actions."},{"scope":"trace","access":"bounded self-service allowed","description":"Attach trace context and inspect public-safe trace links."},{"scope":"admin","access":"protected only","description":"Administrative key-management actions."},{"scope":"sync","access":"protected only","description":"Refresh network/discovery metadata."},{"scope":"report","access":"protected only","description":"Generate Sheets, Docs, and Decks reports."},{"scope":"workflow","access":"protected only","description":"Run remediation/workflow integrations."},{"scope":"site","access":"protected only","description":"Manage site-scoped access."},{"scope":"registry","access":"protected only","description":"Mutate trusted registry state."},{"scope":"keys","access":"protected only","description":"Manage key lifecycle records."}],"telemetryAuditPolicy":"Public telemetry is summary-only. Sensitive spans, usage, and audit details are protected.","trustedDomainPolicy":"*.platphormnews.com trusted by default; localhost, private, link-local, and metadata hosts are not trusted for discovery/proxy/replay.","routeStandard":["health","docs","openapi","llms","rss/feed","sitemap","mcp metadata","agents","security","trust"],"vercelMetadataPolicy":"Only safe request metadata is captured; Authorization, X-PlatPhorm-API-Key, cookies, raw IPs, and raw bodies are not public.","tracePropagationPolicy":"W3C traceparent/tracestate plus safe PlatPhorm trace headers.","backendModelScaffoldingPolicy":"Server-only provider-neutral adapter returns honest degraded state when no model provider is configured.","dataExposurePolicy":"Discovery files never contain raw key secrets, private key ids tied to users, sensitive audit data, or raw IP addresses.","securityContact":"admin@platphormnews.com","requiredTrustLine":"Public-safe API key provisioning, key lifecycle education, public documentation, read-only MCP introspection, RSS/feed consumption, trusted-domain discovery, standard route compliance, Vercel metadata capture, backend model scaffolding, and trace-linked Keys operations are intentionally supported for public use. Keys is the future issuer and lifecycle manager for PLATPHORM_API_KEY. Mutating, administrative, protected key management, telemetry, audit, sync, test-triggering, reporting, and sensitive operations require or will require PLATPHORM_API_KEY according to the configured platform enforcement policy."}