coulomb/flex-auth
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add capability registry with seed entry from reuse-surface
Some checks failed
CI / Build and Test (push) Has been cancelled
Details
CI / Lint (push) Has been cancelled
Details

Browse Source 
Bootstrap registry layout and migrate helix_forge capability owned by
this repository (REUSE-WP-0014-T02).
This commit is contained in:
Bernd Worsch
2026-06-16 01:46:54 +02:00
parent aa8e3a4e34
commit 3247f5d357
4 changed files with 111 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
registry/README.md Normal file
View File

@@ -0,0 +1,12 @@
# Capability Registry
Markdown-first capability index for federation and reuse planning.
## Authoring
1. Copy a capability entry template (see reuse-surface `templates/capability-entry.template.md`).
2. Add the row to `indexes/capabilities.yaml`.
3. Run `reuse-surface validate` from a checkout with the CLI installed.
4. Merge to `main` and verify publish with `reuse-surface establish --publish-check`.
Federation contract: reuse-surface `docs/RegistryFederation.md`.

0
registry/capabilities/.gitkeep Normal file
View File

80
registry/capabilities/capability.authorization.policy-evaluate.md Normal file
View File

@@ -0,0 +1,80 @@
---
id: capability.authorization.policy-evaluate
name: Authorization Policy Evaluation
summary: Evaluate access decisions from policy-as-code rules for subjects, resources, and actions.
owner: flex-auth
status: draft
domain: helix_forge
tags: [authorization, policy, flex-auth]
maturity:
discovery:
current: D4
target: D6
confidence: medium
rationale: flex-auth INTENT defines policy-as-code boundary and enterprise growth path.
availability:
current: A2
target: A5
confidence: low
rationale: Policy registry and evaluation logic exist in repo; service packaging evolving.
external_evidence:
completeness:
level: C2
name: Partial
confidence: low
basis: scope_vs_intent_and_consumer_expectations
satisfied_expectations:
- policy-as-code intent documented
broken_expectations:
- not yet indexed from flex-auth native registry
out_of_scope_expectations:
- identity proofing
reliability:
level: R1
confidence: low
basis: consumer_quality_signals
known_reliability_risks:
- early implementation phase
discovery:
intent: >
Provide inspectable authorization decisions between verified identity and
protected resources using policy-as-code.
includes:
- policy evaluation
- authorization registry
- decision explainability
excludes:
- identity issuance
- authentication protocols
use_cases: []
availability:
current_level: A2
target_level: A5
current_artifacts:
- flex-auth/
consumption_modes:
- source module
relations:
depends_on:
- capability.identity.subject-resolution
related_to:
- capability.feature-control.evaluate
consumer_guidance:
recommended_for:
- planning authorization layer between identity and resources
not_recommended_for:
- feature visibility toggles without policy intent
known_limitations:
- maturity evidence is registry-external today
---
# Authorization Policy Evaluation
Policy evaluation from flex-auth sits between identity resolution and protected
systems.

19
registry/indexes/capabilities.yaml Normal file
View File

@@ -0,0 +1,19 @@
version: 1
updated: '2026-06-16'
domain: helix_forge
capabilities:
- id: capability.authorization.policy-evaluate
name: Authorization Policy Evaluation
summary: Evaluate access decisions from policy-as-code rules for subjects, resources,
and actions.
vector: D4 / A2 / C2 / R1
domain: helix_forge
status: draft
owner: flex-auth
path: registry/capabilities/capability.authorization.policy-evaluate.md
tags:
- authorization
- policy
- flex-auth
consumption_modes:
- source module