# PlatPhorm Keys Full Discovery

Version: 1.0.0-phase1
Base URL: https://keys.platphormnews.com

PlatPhorm Keys is the canonical public-safe API key issuer, future PLATPHORM_API_KEY lifecycle manager, validation service, rotation/revocation service, scoped-access policy layer, audit/telemetry service, OpenTelemetry key operations hub, and Keys-specific MCP/API tooling surface.

Generated full key secrets are shown once only. Raw key secrets are not stored in public views, RSS, sitemap, llms files, OpenAPI examples, traces, logs, or screenshots.

## Public Routes
- / - API key dashboard
- /docs - API documentation
- /faq - Frequently asked questions
- /api/v1/health - Health summary
- /api/docs - OpenAPI JSON
- /openapi.json - Canonical OpenAPI JSON
- /openapi.yaml - Canonical OpenAPI YAML
- /llms.txt - Concise LLM discovery
- /llms-full.txt - Full LLM discovery
- /llms-index.json - Machine-readable LLM index
- /rss.xml - Public RSS feed
- /feed.xml - Public feed alias

## Auth Policy
Protected requests accept Authorization: Bearer $PLATPHORM_API_KEY or X-PlatPhorm-API-Key: $PLATPHORM_API_KEY. Phase 1 public-safe pages remain public and protected key-management contracts are scaffolded for future enforcement.

## Scopes
- read: Read public-safe platform resources. (public self-service allowed)
- write: Create or update resources where a service permits public-safe write flows. (bounded self-service allowed)
- mcp: Use public-safe MCP introspection and future MCP actions. (bounded self-service allowed)
- trace: Attach trace context and inspect public-safe trace links. (bounded self-service allowed)
- admin: Administrative key-management actions. (protected only)
- sync: Refresh network/discovery metadata. (protected only)
- report: Generate Sheets, Docs, and Decks reports. (protected only)
- workflow: Run remediation/workflow integrations. (protected only)
- site: Manage site-scoped access. (protected only)
- registry: Mutate trusted registry state. (protected only)
- keys: Manage key lifecycle records. (protected only)

## MCP Tools
- provision_key
- list_keys
- get_key
- validate_key
- rotate_key
- revoke_key
- list_scopes
- get_key_usage
- get_key_audit
- get_rate_limit_status
- get_telemetry_summary
- get_health
- get_info
- get_route_compliance
- get_discovery_compliance
- create_docs_report
- create_sheet_report
- create_deck_summary

## MCP Resources
- keys://keys
- keys://key/{keyId}
- keys://scopes
- keys://telemetry
- keys://rate-limit
- keys://audit
- keys://faq
- keys://openapi
- keys://llms
- keys://trust-policy

## MCP Prompts
- explain_platphorm_api_key
- generate_key_usage_instructions
- recommend_key_scopes
- explain_key_rotation
- explain_key_revocation
- generate_security_guidance
- summarize_key_audit
- human_machine_keys_handoff

## Integrations
Trace, MCP, Claws, Docs, Evals, BrowserOps, WebhookLab, Sandbox, AgentUI, Atlas, Monitor, Sheets, and Decks are integrations. Keys remains the key issuer and lifecycle service.