BNP Paribas Capabilities
Naftiko 0.5 capability definitions for BNP Paribas - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
ADP Payroll Reconciliation
▼
payroll reconciliation adp sap servicenow power-bi
Extracts payroll data from ADP, compares against general ledger entries in SAP, flags discrepancies in ServiceNow, and updates the finance reconciliation dashboard in Power BI.
naftiko: "0.5"
info:
label: "ADP Payroll Reconciliation"
description: "Extracts payroll data from ADP, compares against general ledger entries in SAP, flags discrepancies in ServiceNow, and updates the finance reconciliation dashboard in Power BI."
tags:
- payroll
- reconciliation
- adp
- sap
- servicenow
- power-bi
capability:
exposes:
- type: mcp
namespace: payroll-recon
port: 8080
tools:
- name: reconcile-payroll
description: "Extract ADP payroll, compare to SAP GL, flag discrepancies, and refresh recon dashboard."
inputParameters:
- name: pay_period
in: body
type: string
description: "The pay period identifier (e.g. 2026-03)."
- name: entity_code
in: body
type: string
description: "The legal entity code."
steps:
- name: get-payroll
type: call
call: "adp.get-payroll-summary"
with:
pay_period: "{{pay_period}}"
entity: "{{entity_code}}"
- name: get-gl-entries
type: call
call: "sap.get-gl-postings"
with:
period: "{{pay_period}}"
company_code: "{{entity_code}}"
account_group: "payroll"
- name: flag-discrepancies
type: call
call: "servicenow.create-task"
with:
short_description: "Payroll recon: {{entity_code}} — {{pay_period}}"
description: "ADP total: {{get-payroll.total_gross}}. SAP GL total: {{get-gl-entries.total_amount}}. Variance: {{get-payroll.total_gross}} vs {{get-gl-entries.total_amount}}. Headcount: {{get-payroll.employee_count}}."
assigned_group: "Finance_Payroll"
category: "payroll_reconciliation"
- name: refresh-dashboard
type: call
call: "powerbi.refresh-dataset"
with:
workspace_id: "finance_operations"
dataset_id: "payroll_recon"
consumes:
- type: http
namespace: adp
baseUri: "https://api.adp.com/hr/v2"
authentication:
type: bearer
token: "$secrets.adp_token"
resources:
- name: payroll
path: "/payroll-summaries"
operations:
- name: get-payroll-summary
method: GET
- type: http
namespace: sap
baseUri: "https://bnp-s4.sap.com/sap/opu/odata/sap/FI_GL_ACCOUNT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: gl-entries
path: "/A_GLAccountLineItem"
operations:
- name: get-gl-postings
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: workspace_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
Alteryx Data Preparation Workflow
▼
analytics data-preparation alteryx postgresql azure-event-hubs
Triggers an Alteryx analytics workflow for financial data preparation, validates output row counts in PostgreSQL, and notifies the analytics team via Azure Event Hubs.
naftiko: "0.5"
info:
label: "Alteryx Data Preparation Workflow"
description: "Triggers an Alteryx analytics workflow for financial data preparation, validates output row counts in PostgreSQL, and notifies the analytics team via Azure Event Hubs."
tags:
- analytics
- data-preparation
- alteryx
- postgresql
- azure-event-hubs
capability:
exposes:
- type: mcp
namespace: data-prep
port: 8080
tools:
- name: run-alteryx-workflow
description: "Execute an Alteryx workflow, validate output, and notify analytics team."
inputParameters:
- name: workflow_id
in: body
type: string
description: "The Alteryx Server workflow ID."
- name: output_table
in: body
type: string
description: "The output PostgreSQL table to validate."
steps:
- name: run-workflow
type: call
call: "alteryx.run-workflow"
with:
workflow_id: "{{workflow_id}}"
- name: validate-output
type: call
call: "postgresql.run-query"
with:
query: "SELECT COUNT(*) as row_count FROM {{output_table}} WHERE updated_at >= NOW() - INTERVAL '1 hour'"
- name: notify-team
type: call
call: "eventhubs.send-event"
with:
topic: "analytics-completions"
body: "Alteryx workflow {{workflow_id}} completed. Job ID: {{run-workflow.job_id}}. Output table: {{output_table}}. Rows: {{validate-output.row_count}}."
consumes:
- type: http
namespace: alteryx
baseUri: "https://alteryx.bnpparibas.net/api/v3"
authentication:
type: bearer
token: "$secrets.alteryx_token"
resources:
- name: workflows
path: "/workflows/{{workflow_id}}/jobs"
inputParameters:
- name: workflow_id
in: path
operations:
- name: run-workflow
method: POST
- type: http
namespace: postgresql
baseUri: "https://pgrest.bnpparibas.net/api/v1"
authentication:
type: bearer
token: "$secrets.pgrest_token"
resources:
- name: queries
path: "/rpc/execute_query"
operations:
- name: run-query
method: POST
- type: http
namespace: eventhubs
baseUri: "https://bnpparibas-prod.servicebus.windows.net"
authentication:
type: bearer
token: "$secrets.eventhubs_sas_token"
resources:
- name: events
path: "/{{topic}}/messages"
inputParameters:
- name: topic
in: path
operations:
- name: send-event
method: POST
AML Case Investigation Workflow
▼
compliance temenos-transact moodys servicenow sharepoint
Retrieves suspicious activity from Temenos, enriches with Moody's data, creates investigation cases in ServiceNow, and logs evidence in SharePoint.
naftiko: "0.5"
info:
label: "AML Case Investigation Workflow"
description: "Retrieves suspicious activity from Temenos, enriches with Moody's data, creates investigation cases in ServiceNow, and logs evidence in SharePoint."
tags:
- compliance
- temenos-transact
- moodys
- servicenow
- sharepoint
capability:
exposes:
- type: mcp
namespace: aml-investigation
port: 8080
tools:
- name: investigate-aml-case
description: "Investigate an AML alert with enrichment and case management."
inputParameters:
- name: alert_id
in: body
type: string
description: "AML alert identifier."
steps:
- name: get-alert
type: call
call: "temenos.get-aml-alert"
with:
alert_id: "{{alert_id}}"
- name: enrich-data
type: call
call: "moodys.get-entity-info"
with:
entity_name: "{{get-alert.entity_name}}"
- name: create-case
type: call
call: "servicenow.create-incident"
with:
short_description: "AML investigation: {{get-alert.entity_name}}"
description: "Alert: {{alert_id}}. Risk: {{get-alert.risk_score}}. Moody's: {{enrich-data.rating}}."
category: "aml"
- name: store-evidence
type: call
call: "sharepoint.create-file"
with:
site_id: "compliance"
path: "AML/{{alert_id}}/evidence.json"
consumes:
- type: http
namespace: temenos
baseUri: "https://temenos.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: aml
path: "/compliance/aml-alerts/{{alert_id}}"
inputParameters:
- name: alert_id
in: path
operations:
- name: get-aml-alert
method: GET
- type: http
namespace: moodys
baseUri: "https://api.moodys.com/v1"
authentication:
type: bearer
token: "$secrets.moodys_api_key"
resources:
- name: entities
path: "/entities/search"
inputParameters:
- name: entity_name
in: query
operations:
- name: get-entity-info
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: files
path: "/{{site_id}}/drive/root:/{{path}}:/content"
inputParameters:
- name: site_id
in: path
- name: path
in: path
operations:
- name: create-file
method: PUT
API Gateway Traffic Analysis Pipeline
▼
api-management tyk elasticsearch grafana
Collects Tyk gateway metrics, analyzes patterns in Elasticsearch, generates dashboards in Grafana, and alerts on anomalies via Slack.
naftiko: "0.5"
info:
label: "API Gateway Traffic Analysis Pipeline"
description: "Collects Tyk gateway metrics, analyzes patterns in Elasticsearch, generates dashboards in Grafana, and alerts on anomalies via Slack."
tags:
- api-management
- tyk
- elasticsearch
- grafana
capability:
exposes:
- type: mcp
namespace: api-traffic
port: 8080
tools:
- name: analyze-traffic
description: "Analyze API gateway traffic with dashboards and anomaly alerting."
inputParameters:
- name: api_id
in: body
type: string
description: "Tyk API identifier."
steps:
- name: get-metrics
type: call
call: "tyk.get-analytics"
with:
api_id: "{{api_id}}"
- name: index-data
type: call
call: "elasticsearch.index-document"
with:
index: "api-traffic"
body: "{{get-metrics.data}}"
- name: update-dashboard
type: call
call: "grafana.update-dashboard"
with:
dashboard_id: "api-traffic-{{api_id}}"
consumes:
- type: http
namespace: tyk
baseUri: "https://tyk.bnpparibas.com/api"
authentication:
type: apiKey
name: "x-tyk-authorization"
in: header
value: "$secrets.tyk_api_key"
resources:
- name: analytics
path: "/apis/{{api_id}}/analytics"
inputParameters:
- name: api_id
in: path
operations:
- name: get-analytics
method: GET
- type: http
namespace: elasticsearch
baseUri: "https://elastic.bnpparibas.com"
authentication:
type: basic
username: "$secrets.elastic_user"
password: "$secrets.elastic_password"
resources:
- name: documents
path: "/{{index}}/_doc"
inputParameters:
- name: index
in: path
operations:
- name: index-document
method: POST
- type: http
namespace: grafana
baseUri: "https://grafana.bnpparibas.com/api"
authentication:
type: bearer
token: "$secrets.grafana_token"
resources:
- name: dashboards
path: "/dashboards/db/{{dashboard_id}}"
inputParameters:
- name: dashboard_id
in: path
operations:
- name: update-dashboard
method: POST
Azure Active Directory User Lookup
▼
identity azure-active-directory
Retrieves user profile and group membership from Azure Active Directory for identity management workflows.
naftiko: "0.5"
info:
label: "Azure Active Directory User Lookup"
description: "Retrieves user profile and group membership from Azure Active Directory for identity management workflows."
tags:
- identity
- azure-active-directory
capability:
exposes:
- type: mcp
namespace: azure-ad
port: 8080
tools:
- name: get-user-profile
description: "Look up an Azure AD user by principal name."
inputParameters:
- name: user_principal
in: body
type: string
description: "Azure AD user principal name."
call: "azuread-api.get-user"
with:
user_principal: "{{user_principal}}"
consumes:
- type: http
namespace: azuread-api
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: users
path: "/users/{{user_principal}}"
inputParameters:
- name: user_principal
in: path
operations:
- name: get-user
method: GET
Azure DevOps Pipeline Status
▼
cicd azure-devops
Checks the status of an Azure DevOps build pipeline, returning latest run result, duration, and artifact links.
naftiko: "0.5"
info:
label: "Azure DevOps Pipeline Status"
description: "Checks the status of an Azure DevOps build pipeline, returning latest run result, duration, and artifact links."
tags:
- cicd
- azure-devops
capability:
exposes:
- type: mcp
namespace: azdo-pipelines
port: 8080
tools:
- name: get-pipeline-status
description: "Retrieve the latest pipeline run status from Azure DevOps."
inputParameters:
- name: project
in: body
type: string
description: "Azure DevOps project name."
- name: pipeline_id
in: body
type: string
description: "Pipeline identifier."
call: "azdo-pipelines.get-runs"
with:
project: "{{project}}"
pipeline_id: "{{pipeline_id}}"
consumes:
- type: http
namespace: azdo-pipelines
baseUri: "https://dev.azure.com/bnpparibas"
authentication:
type: bearer
token: "$secrets.azdo_token"
resources:
- name: runs
path: "/{{project}}/_apis/pipelines/{{pipeline_id}}/runs"
inputParameters:
- name: project
in: path
- name: pipeline_id
in: path
operations:
- name: get-runs
method: GET
Azure Key Vault Certificate Retrieval
▼
security azure-key-vault
Retrieves an SSL certificate from Azure Key Vault for service authentication or TLS configuration.
naftiko: "0.5"
info:
label: "Azure Key Vault Certificate Retrieval"
description: "Retrieves an SSL certificate from Azure Key Vault for service authentication or TLS configuration."
tags:
- security
- azure-key-vault
capability:
exposes:
- type: mcp
namespace: azure-kv-certs
port: 8080
tools:
- name: get-certificate
description: "Retrieve a certificate from Azure Key Vault by name."
inputParameters:
- name: cert_name
in: body
type: string
description: "The certificate name in Key Vault."
call: "azure-kv-certs.get-cert"
with:
cert_name: "{{cert_name}}"
consumes:
- type: http
namespace: azure-kv-certs
baseUri: "https://bnp-vault.vault.azure.net"
authentication:
type: bearer
token: "$secrets.azure_kv_token"
resources:
- name: certificates
path: "/certificates/{{cert_name}}"
inputParameters:
- name: cert_name
in: path
operations:
- name: get-cert
method: GET
Azure Key Vault Secret Retrieval
▼
security azure-key-vault secrets-management
Retrieves a named secret from Azure Key Vault for use in secure credential rotation workflows.
naftiko: "0.5"
info:
label: "Azure Key Vault Secret Retrieval"
description: "Retrieves a named secret from Azure Key Vault for use in secure credential rotation workflows."
tags:
- security
- azure-key-vault
- secrets-management
capability:
exposes:
- type: mcp
namespace: secrets
port: 8080
tools:
- name: get-secret
description: "Retrieve a secret value from Azure Key Vault by secret name."
inputParameters:
- name: secret_name
in: body
type: string
description: "The name of the secret in Azure Key Vault."
call: "keyvault.get-secret"
with:
secret_name: "{{secret_name}}"
outputParameters:
- name: value
type: string
mapping: "$.value"
- name: version
type: string
mapping: "$.id"
consumes:
- type: http
namespace: keyvault
baseUri: "https://bnpparibas-prod.vault.azure.net"
authentication:
type: bearer
token: "$secrets.azure_keyvault_token"
resources:
- name: secrets
path: "/secrets/{{secret_name}}?api-version=7.4"
inputParameters:
- name: secret_name
in: path
operations:
- name: get-secret
method: GET
Azure Machine Learning Model Deployment
▼
machine-learning azure-machine-learning sonarqube servicenow
Deploys a trained ML model from Azure Machine Learning to a real-time endpoint, validates with SonarQube code quality, and registers the deployment in ServiceNow CMDB.
naftiko: "0.5"
info:
label: "Azure Machine Learning Model Deployment"
description: "Deploys a trained ML model from Azure Machine Learning to a real-time endpoint, validates with SonarQube code quality, and registers the deployment in ServiceNow CMDB."
tags:
- machine-learning
- azure-machine-learning
- sonarqube
- servicenow
capability:
exposes:
- type: mcp
namespace: ml-ops
port: 8080
tools:
- name: deploy-model
description: "Deploy an Azure ML model to a managed endpoint, validate quality, and register in CMDB."
inputParameters:
- name: model_name
in: body
type: string
description: "The Azure ML model name."
- name: model_version
in: body
type: string
description: "The model version to deploy."
- name: endpoint_name
in: body
type: string
description: "The target managed online endpoint name."
steps:
- name: deploy-endpoint
type: call
call: "azureml.create-deployment"
with:
model_name: "{{model_name}}"
model_version: "{{model_version}}"
endpoint_name: "{{endpoint_name}}"
- name: quality-check
type: call
call: "sonarqube.get-quality-gate"
with:
project_key: "ml-{{model_name}}"
- name: register-cmdb
type: call
call: "servicenow.create-ci"
with:
name: "ml-model-{{model_name}}-v{{model_version}}"
class: "cmdb_ci_ml_model"
description: "Model {{model_name}} v{{model_version}} deployed to endpoint {{endpoint_name}}. Quality gate: {{quality-check.status}}. Deployment ID: {{deploy-endpoint.deployment_id}}."
owned_by: "Data_Science"
consumes:
- type: http
namespace: azureml
baseUri: "https://ml.azure.com/api/subscriptions/{{sub_id}}/resourceGroups/bnp-rg/providers/Microsoft.MachineLearningServices/workspaces/bnp-ml"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: deployments
path: "/endpoints/{{endpoint_name}}/deployments"
inputParameters:
- name: endpoint_name
in: path
operations:
- name: create-deployment
method: POST
- type: http
namespace: sonarqube
baseUri: "https://sonarqube.bnpparibas.net/api"
authentication:
type: bearer
token: "$secrets.sonarqube_token"
resources:
- name: quality-gates
path: "/qualitygates/project_status?projectKey={{project_key}}"
inputParameters:
- name: project_key
in: path
operations:
- name: get-quality-gate
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci"
operations:
- name: create-ci
method: POST
Bloomberg FX Rate Lookup
▼
fx bloomberg-enterprise-data
Fetches current FX exchange rates from Bloomberg Enterprise Data for a given currency pair, returning bid, ask, and mid rates.
naftiko: "0.5"
info:
label: "Bloomberg FX Rate Lookup"
description: "Fetches current FX exchange rates from Bloomberg Enterprise Data for a given currency pair, returning bid, ask, and mid rates."
tags:
- fx
- bloomberg-enterprise-data
capability:
exposes:
- type: mcp
namespace: bloomberg-fx
port: 8080
tools:
- name: get-fx-rate
description: "Retrieve the current FX rate for a currency pair from Bloomberg."
inputParameters:
- name: currency_pair
in: body
type: string
description: "Currency pair ticker (e.g. EURUSD Curncy)."
call: "bloomberg-fx.get-rate"
with:
currency_pair: "{{currency_pair}}"
consumes:
- type: http
namespace: bloomberg-fx
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/fields"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: rates
path: "/snapshots/{{currency_pair}}"
inputParameters:
- name: currency_pair
in: path
operations:
- name: get-rate
method: GET
Bloomberg Market Data Lookup
▼
trading market-data bloomberg bloomberg-enterprise-data
Retrieves real-time market data for a given security from Bloomberg Enterprise Data, returning last price, bid/ask, and volume.
naftiko: "0.5"
info:
label: "Bloomberg Market Data Lookup"
description: "Retrieves real-time market data for a given security from Bloomberg Enterprise Data, returning last price, bid/ask, and volume."
tags:
- trading
- market-data
- bloomberg
- bloomberg-enterprise-data
capability:
exposes:
- type: mcp
namespace: market-data
port: 8080
tools:
- name: get-security-quote
description: "Given a Bloomberg ticker symbol, return the latest price, bid, ask, and volume from Bloomberg Enterprise Data."
inputParameters:
- name: ticker
in: body
type: string
description: "The Bloomberg ticker symbol (e.g. BNPP FP Equity)."
call: "bloomberg.get-quote"
with:
ticker: "{{ticker}}"
outputParameters:
- name: last_price
type: number
mapping: "$.data.lastPrice"
- name: bid
type: number
mapping: "$.data.bid"
- name: ask
type: number
mapping: "$.data.ask"
- name: volume
type: number
mapping: "$.data.volume"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/fields"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: quotes
path: "/snapshots/{{ticker}}"
inputParameters:
- name: ticker
in: path
operations:
- name: get-quote
method: GET
Bond Issuance Workflow
▼
capital-markets bloomberg-aim simcorp-dimension swift servicenow
Creates a new bond instrument in Bloomberg AIM, registers in SimCorp Dimension, generates SWIFT messages, and notifies the syndicate desk via ServiceNow.
naftiko: "0.5"
info:
label: "Bond Issuance Workflow"
description: "Creates a new bond instrument in Bloomberg AIM, registers in SimCorp Dimension, generates SWIFT messages, and notifies the syndicate desk via ServiceNow."
tags:
- capital-markets
- bloomberg-aim
- simcorp-dimension
- swift
- servicenow
capability:
exposes:
- type: mcp
namespace: bond-issuance
port: 8080
tools:
- name: issue-bond
description: "Register and notify for a new bond issuance."
inputParameters:
- name: isin
in: body
type: string
description: "Bond ISIN."
- name: issuer
in: body
type: string
description: "Issuer name."
- name: amount
in: body
type: number
description: "Issuance amount."
steps:
- name: register-aim
type: call
call: "bloomberg-aim.create-instrument"
with:
isin: "{{isin}}"
issuer: "{{issuer}}"
- name: register-simcorp
type: call
call: "simcorp.create-instrument"
with:
isin: "{{isin}}"
name: "{{issuer}} Bond"
- name: send-swift
type: call
call: "swift.send-mt564"
with:
isin: "{{isin}}"
event_type: "NEW_ISSUE"
- name: notify-desk
type: call
call: "servicenow.create-task"
with:
short_description: "New bond issuance: {{issuer}} {{isin}}"
description: "Amount: {{amount}}. SWIFT: {{send-swift.reference}}."
category: "capital_markets"
consumes:
- type: http
namespace: bloomberg-aim
baseUri: "https://aim.bloomberg.com/api/v1"
authentication:
type: bearer
token: "$secrets.bloomberg_aim_token"
resources:
- name: instruments
path: "/instruments"
operations:
- name: create-instrument
method: POST
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: instruments
path: "/instruments"
operations:
- name: create-instrument
method: POST
- type: http
namespace: swift
baseUri: "https://swift.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.swift_token"
resources:
- name: messages
path: "/messages/mt564"
operations:
- name: send-mt564
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
CI/CD Pipeline Deployment Orchestrator
▼
development ci-cd github-actions sonarqube azure-kubernetes-service servicenow
Triggers a GitHub Actions deployment pipeline, monitors build status, scans with SonarQube for code quality, deploys to Azure Kubernetes Service, and logs the release in ServiceNow.
naftiko: "0.5"
info:
label: "CI/CD Pipeline Deployment Orchestrator"
description: "Triggers a GitHub Actions deployment pipeline, monitors build status, scans with SonarQube for code quality, deploys to Azure Kubernetes Service, and logs the release in ServiceNow."
tags:
- development
- ci-cd
- github-actions
- sonarqube
- azure-kubernetes-service
- servicenow
capability:
exposes:
- type: mcp
namespace: cicd
port: 8080
tools:
- name: deploy-service
description: "Trigger a full CI/CD deployment from GitHub Actions through quality gate to AKS, with ServiceNow change tracking."
inputParameters:
- name: repository
in: body
type: string
description: "The GitHub repository in owner/repo format."
- name: branch
in: body
type: string
description: "The branch to deploy."
- name: environment
in: body
type: string
description: "Target environment (staging, production)."
steps:
- name: trigger-build
type: call
call: "github.trigger-workflow"
with:
repository: "{{repository}}"
workflow: "deploy.yml"
ref: "{{branch}}"
- name: quality-scan
type: call
call: "sonarqube.get-quality-gate"
with:
project_key: "{{repository}}"
- name: deploy-to-aks
type: call
call: "aks.create-deployment"
with:
cluster: "bnp-{{environment}}-cluster"
namespace: "{{repository}}"
image_tag: "{{trigger-build.sha}}"
- name: log-change
type: call
call: "servicenow.create-change"
with:
short_description: "Deployment: {{repository}} to {{environment}}"
description: "Branch: {{branch}}. Commit: {{trigger-build.sha}}. SonarQube gate: {{quality-scan.status}}. AKS deployment: {{deploy-to-aks.deployment_id}}."
assigned_group: "Platform_Engineering"
category: "deployment"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: workflows
path: "/repos/{{repository}}/actions/workflows/{{workflow}}/dispatches"
inputParameters:
- name: repository
in: path
- name: workflow
in: path
operations:
- name: trigger-workflow
method: POST
- type: http
namespace: sonarqube
baseUri: "https://sonarqube.bnpparibas.net/api"
authentication:
type: bearer
token: "$secrets.sonarqube_token"
resources:
- name: quality-gates
path: "/qualitygates/project_status?projectKey={{project_key}}"
inputParameters:
- name: project_key
in: path
operations:
- name: get-quality-gate
method: GET
- type: http
namespace: aks
baseUri: "https://management.azure.com/subscriptions/{{sub_id}}/resourceGroups/bnp-rg/providers/Microsoft.ContainerService/managedClusters"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: deployments
path: "/{{cluster}}/deployments"
inputParameters:
- name: cluster
in: path
operations:
- name: create-deployment
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
CI/CD Security Gate Pipeline
▼
devsecops sonarqube docker azure-devops
Scans code in SonarQube, checks dependencies for vulnerabilities, runs container scans, and gates deployment approval in Azure DevOps.
naftiko: "0.5"
info:
label: "CI/CD Security Gate Pipeline"
description: "Scans code in SonarQube, checks dependencies for vulnerabilities, runs container scans, and gates deployment approval in Azure DevOps."
tags:
- devsecops
- sonarqube
- docker
- azure-devops
capability:
exposes:
- type: mcp
namespace: security-gate
port: 8080
tools:
- name: run-security-gate
description: "Execute security gates before deployment approval."
inputParameters:
- name: project_key
in: body
type: string
description: "SonarQube project key."
- name: pipeline_id
in: body
type: string
description: "Azure DevOps pipeline ID."
steps:
- name: check-quality
type: call
call: "sonarqube.get-quality-gate"
with:
project_key: "{{project_key}}"
- name: scan-container
type: call
call: "docker.scan-image"
with:
project: "{{project_key}}"
- name: approve-deploy
type: call
call: "azdo.approve-gate"
with:
pipeline_id: "{{pipeline_id}}"
status: "{{check-quality.status}}"
consumes:
- type: http
namespace: sonarqube
baseUri: "https://sonar.bnpparibas.com/api"
authentication:
type: bearer
token: "$secrets.sonarqube_token"
resources:
- name: quality-gates
path: "/qualitygates/project_status"
inputParameters:
- name: project_key
in: query
operations:
- name: get-quality-gate
method: GET
- type: http
namespace: docker
baseUri: "https://registry.bnpparibas.com/v2"
authentication:
type: bearer
token: "$secrets.registry_token"
resources:
- name: scans
path: "/scans"
operations:
- name: scan-image
method: POST
- type: http
namespace: azdo
baseUri: "https://dev.azure.com/bnpparibas"
authentication:
type: bearer
token: "$secrets.azdo_token"
resources:
- name: approvals
path: "/_apis/pipelines/{{pipeline_id}}/approvals"
inputParameters:
- name: pipeline_id
in: path
operations:
- name: approve-gate
method: POST
Client KYC Refresh Pipeline
▼
compliance salesforce temenos-transact servicenow
Retrieves client data from Salesforce, runs screening checks, updates KYC status in Temenos, and logs results in ServiceNow.
naftiko: "0.5"
info:
label: "Client KYC Refresh Pipeline"
description: "Retrieves client data from Salesforce, runs screening checks, updates KYC status in Temenos, and logs results in ServiceNow."
tags:
- compliance
- salesforce
- temenos-transact
- servicenow
capability:
exposes:
- type: mcp
namespace: kyc-refresh
port: 8080
tools:
- name: refresh-kyc
description: "Refresh KYC status for a client across Salesforce, Temenos, and ServiceNow."
inputParameters:
- name: client_id
in: body
type: string
description: "Salesforce client account ID."
steps:
- name: get-client
type: call
call: "salesforce.get-account"
with:
account_id: "{{client_id}}"
- name: run-screening
type: call
call: "temenos.screen-client"
with:
name: "{{get-client.Name}}"
country: "{{get-client.BillingCountry}}"
- name: update-kyc
type: call
call: "temenos.update-kyc-status"
with:
customer_id: "{{get-client.Temenos_ID__c}}"
status: "{{run-screening.result}}"
- name: log-review
type: call
call: "servicenow.create-task"
with:
short_description: "KYC refresh: {{get-client.Name}}"
description: "Screening result: {{run-screening.result}}. Matches: {{run-screening.match_count}}."
category: "kyc_review"
consumes:
- type: http
namespace: salesforce
baseUri: "https://bnpparibas.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: temenos
baseUri: "https://temenos.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: screening
path: "/compliance/screen"
operations:
- name: screen-client
method: POST
- name: kyc
path: "/customers/{{customer_id}}/kyc"
inputParameters:
- name: customer_id
in: path
operations:
- name: update-kyc-status
method: PATCH
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Client Offboarding Orchestrator
▼
operations temenos-transact azure-blob-storage salesforce servicenow
Closes accounts in Temenos, archives records in Azure Blob Storage, updates Salesforce CRM, and completes offboarding in ServiceNow.
naftiko: "0.5"
info:
label: "Client Offboarding Orchestrator"
description: "Closes accounts in Temenos, archives records in Azure Blob Storage, updates Salesforce CRM, and completes offboarding in ServiceNow."
tags:
- operations
- temenos-transact
- azure-blob-storage
- salesforce
- servicenow
capability:
exposes:
- type: mcp
namespace: client-offboarding
port: 8080
tools:
- name: offboard-client
description: "Close client accounts and archive records."
inputParameters:
- name: client_id
in: body
type: string
description: "Salesforce client ID."
steps:
- name: get-client
type: call
call: "salesforce.get-account"
with:
account_id: "{{client_id}}"
- name: close-accounts
type: call
call: "temenos.close-customer"
with:
customer_id: "{{get-client.Temenos_ID__c}}"
- name: archive-records
type: call
call: "azure-blob.upload"
with:
container: "client-archives"
blob_name: "{{client_id}}/records.json"
- name: complete-offboarding
type: call
call: "servicenow.create-task"
with:
short_description: "Client offboarding: {{get-client.Name}}"
description: "Accounts closed. Records archived. Salesforce: {{client_id}}."
consumes:
- type: http
namespace: salesforce
baseUri: "https://bnpparibas.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: temenos
baseUri: "https://temenos.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: customers
path: "/customers/{{customer_id}}/close"
inputParameters:
- name: customer_id
in: path
operations:
- name: close-customer
method: POST
- type: http
namespace: azure-blob
baseUri: "https://bnpdata.blob.core.windows.net"
authentication:
type: bearer
token: "$secrets.azure_storage_token"
resources:
- name: blobs
path: "/{{container}}/{{blob_name}}"
inputParameters:
- name: container
in: path
- name: blob_name
in: path
operations:
- name: upload
method: PUT
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Client Portfolio Reporting Pipeline
▼
client-reporting factset power-bi azure-blob-storage salesforce
Extracts holdings from FactSet, generates performance reports in Power BI, stores in Azure Blob Storage, and distributes to clients via Salesforce.
naftiko: "0.5"
info:
label: "Client Portfolio Reporting Pipeline"
description: "Extracts holdings from FactSet, generates performance reports in Power BI, stores in Azure Blob Storage, and distributes to clients via Salesforce."
tags:
- client-reporting
- factset
- power-bi
- azure-blob-storage
- salesforce
capability:
exposes:
- type: mcp
namespace: portfolio-reporting
port: 8080
tools:
- name: generate-client-report
description: "Generate and distribute client portfolio performance reports."
inputParameters:
- name: portfolio_code
in: body
type: string
description: "Portfolio code."
- name: client_email
in: body
type: string
description: "Client email."
steps:
- name: get-holdings
type: call
call: "factset.get-holdings"
with:
portfolio_code: "{{portfolio_code}}"
- name: refresh-report
type: call
call: "powerbi.refresh-dataset"
with:
dataset_id: "client-portfolio-{{portfolio_code}}"
- name: store-report
type: call
call: "azure-blob.upload"
with:
container: "client-reports"
blob_name: "{{portfolio_code}}/latest.pdf"
- name: notify-client
type: call
call: "salesforce.create-task"
with:
subject: "Portfolio Report — {{portfolio_code}}"
description: "Report generated. Holdings: {{get-holdings.count}}. Download: {{store-report.url}}."
consumes:
- type: http
namespace: factset
baseUri: "https://api.factset.com/analytics/v3"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_api_key"
resources:
- name: holdings
path: "/portfolios/{{portfolio_code}}/holdings"
inputParameters:
- name: portfolio_code
in: path
operations:
- name: get-holdings
method: GET
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: azure-blob
baseUri: "https://bnpdata.blob.core.windows.net"
authentication:
type: bearer
token: "$secrets.azure_storage_token"
resources:
- name: blobs
path: "/{{container}}/{{blob_name}}"
inputParameters:
- name: container
in: path
- name: blob_name
in: path
operations:
- name: upload
method: PUT
- type: http
namespace: salesforce
baseUri: "https://bnpparibas.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: tasks
path: "/sobjects/Task"
operations:
- name: create-task
method: POST
Collateral Call Processing Workflow
▼
collateral simcorp-dimension swift servicenow
Calculates margin requirements from SimCorp, generates collateral calls, sends via SWIFT, and tracks responses in ServiceNow.
naftiko: "0.5"
info:
label: "Collateral Call Processing Workflow"
description: "Calculates margin requirements from SimCorp, generates collateral calls, sends via SWIFT, and tracks responses in ServiceNow."
tags:
- collateral
- simcorp-dimension
- swift
- servicenow
capability:
exposes:
- type: mcp
namespace: collateral-calls
port: 8080
tools:
- name: process-collateral-call
description: "Calculate margin and process collateral calls."
inputParameters:
- name: counterparty_id
in: body
type: string
description: "Counterparty identifier."
steps:
- name: calculate-margin
type: call
call: "simcorp.calculate-margin"
with:
counterparty_id: "{{counterparty_id}}"
- name: send-call
type: call
call: "swift.send-mt503"
with:
counterparty: "{{counterparty_id}}"
amount: "{{calculate-margin.call_amount}}"
- name: track-response
type: call
call: "servicenow.create-task"
with:
short_description: "Collateral call: {{counterparty_id}}"
description: "Amount: {{calculate-margin.call_amount}}. SWIFT: {{send-call.reference}}."
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: margin
path: "/counterparties/{{counterparty_id}}/margin"
inputParameters:
- name: counterparty_id
in: path
operations:
- name: calculate-margin
method: POST
- type: http
namespace: swift
baseUri: "https://swift.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.swift_token"
resources:
- name: messages
path: "/messages/mt503"
operations:
- name: send-mt503
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Collateral Management Orchestrator
▼
collateral-management simcorp-dimension sap servicenow bloomberg
Calculates margin requirements from SimCorp Dimension, matches against available collateral in SAP, and triggers margin call notifications through ServiceNow and Bloomberg messaging.
naftiko: "0.5"
info:
label: "Collateral Management Orchestrator"
description: "Calculates margin requirements from SimCorp Dimension, matches against available collateral in SAP, and triggers margin call notifications through ServiceNow and Bloomberg messaging."
tags:
- collateral-management
- simcorp-dimension
- sap
- servicenow
- bloomberg
capability:
exposes:
- type: mcp
namespace: collateral-mgmt
port: 8080
tools:
- name: process-margin-call
description: "Calculate margin requirements, check collateral availability, and issue margin call notifications."
inputParameters:
- name: agreement_id
in: body
type: string
description: "The collateral agreement identifier."
- name: counterparty_code
in: body
type: string
description: "The counterparty code."
steps:
- name: get-margin-requirement
type: call
call: "simcorp.get-margin"
with:
agreement_id: "{{agreement_id}}"
- name: get-available-collateral
type: call
call: "sap.get-collateral-pool"
with:
counterparty: "{{counterparty_code}}"
- name: create-margin-call
type: call
call: "servicenow.create-task"
with:
short_description: "Margin call: {{counterparty_code}} — Agreement {{agreement_id}}"
description: "Required margin: {{get-margin-requirement.required_amount}} {{get-margin-requirement.currency}}. Available collateral: {{get-available-collateral.total_value}}. Shortfall: {{get-margin-requirement.shortfall}}."
assigned_group: "Collateral_Management"
category: "margin_call"
priority: "2"
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: margins
path: "/agreements/{{agreement_id}}/margin"
inputParameters:
- name: agreement_id
in: path
operations:
- name: get-margin
method: GET
- type: http
namespace: sap
baseUri: "https://bnp-s4.sap.com/sap/opu/odata/sap/FI_COLLATERAL_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: collateral
path: "/A_CollateralPool(Counterparty='{{counterparty}}')"
inputParameters:
- name: counterparty
in: path
operations:
- name: get-collateral-pool
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Corporate Action Processing Orchestrator
▼
corporate-actions asset-management bloomberg simcorp-dimension sap servicenow
On corporate action announcement from Bloomberg, identifies impacted portfolios in SimCorp Dimension, calculates entitlements, books adjustments in SAP, and notifies portfolio managers.
naftiko: "0.5"
info:
label: "Corporate Action Processing Orchestrator"
description: "On corporate action announcement from Bloomberg, identifies impacted portfolios in SimCorp Dimension, calculates entitlements, books adjustments in SAP, and notifies portfolio managers."
tags:
- corporate-actions
- asset-management
- bloomberg
- simcorp-dimension
- sap
- servicenow
capability:
exposes:
- type: mcp
namespace: corporate-actions
port: 8080
tools:
- name: process-corporate-action
description: "On corporate action event, identify impacted portfolios, calculate entitlements, book adjustments, and notify managers."
inputParameters:
- name: event_id
in: body
type: string
description: "The Bloomberg corporate action event identifier."
- name: isin
in: body
type: string
description: "The ISIN of the affected security."
steps:
- name: get-event
type: call
call: "bloomberg.get-corporate-action"
with:
event_id: "{{event_id}}"
- name: find-portfolios
type: call
call: "simcorp.search-holdings"
with:
isin: "{{isin}}"
- name: book-adjustment
type: call
call: "sap.create-adjustment"
with:
event_type: "{{get-event.action_type}}"
isin: "{{isin}}"
ratio: "{{get-event.ratio}}"
ex_date: "{{get-event.ex_date}}"
portfolio_count: "{{find-portfolios.count}}"
- name: notify-managers
type: call
call: "servicenow.create-task"
with:
short_description: "Corporate action: {{get-event.action_type}} on {{isin}}"
description: "Event: {{get-event.description}}. Ex-date: {{get-event.ex_date}}. Ratio: {{get-event.ratio}}. Impacted portfolios: {{find-portfolios.count}}. SAP adjustment ref: {{book-adjustment.adjustment_ref}}."
assigned_group: "Portfolio_Management"
category: "corporate_action"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: corporate-actions
path: "/corporate-actions/{{event_id}}"
inputParameters:
- name: event_id
in: path
operations:
- name: get-corporate-action
method: GET
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: holdings
path: "/holdings/search"
operations:
- name: search-holdings
method: POST
- type: http
namespace: sap
baseUri: "https://bnp-s4.sap.com/sap/opu/odata/sap/FI_CORP_ACTION_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: adjustments
path: "/A_Adjustment"
operations:
- name: create-adjustment
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Corporate Event Notification Pipeline
▼
corporate-actions bloomberg simcorp-dimension confluence
Detects corporate actions from Bloomberg, updates positions in SimCorp, notifies portfolio managers via email, and logs in Confluence.
naftiko: "0.5"
info:
label: "Corporate Event Notification Pipeline"
description: "Detects corporate actions from Bloomberg, updates positions in SimCorp, notifies portfolio managers via email, and logs in Confluence."
tags:
- corporate-actions
- bloomberg
- simcorp-dimension
- confluence
capability:
exposes:
- type: mcp
namespace: corp-events
port: 8080
tools:
- name: process-corporate-event
description: "Process a corporate action event across systems."
inputParameters:
- name: event_id
in: body
type: string
description: "Bloomberg corporate action event ID."
steps:
- name: get-event
type: call
call: "bloomberg.get-corporate-action"
with:
event_id: "{{event_id}}"
- name: update-positions
type: call
call: "simcorp.apply-corporate-action"
with:
isin: "{{get-event.isin}}"
action_type: "{{get-event.action_type}}"
- name: log-action
type: call
call: "confluence.create-page"
with:
space_key: "OPS"
title: "Corporate Action: {{get-event.action_type}} — {{get-event.isin}}"
body: "Event: {{get-event.description}}. Portfolios affected: {{update-positions.count}}."
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: corporate-actions
path: "/corporate-actions/{{event_id}}"
inputParameters:
- name: event_id
in: path
operations:
- name: get-corporate-action
method: GET
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: corporate-actions
path: "/corporate-actions/apply"
operations:
- name: apply-corporate-action
method: POST
- type: http
namespace: confluence
baseUri: "https://bnpparibas.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
Corporate Payment Processing Pipeline
▼
payments corporate-banking temenos-transact moodys sap servicenow
Validates a corporate payment against the customer account in Temenos Transact, screens beneficiary through Moody's sanctions list, executes via SAP treasury, and notifies operations via ServiceNow.
naftiko: "0.5"
info:
label: "Corporate Payment Processing Pipeline"
description: "Validates a corporate payment against the customer account in Temenos Transact, screens beneficiary through Moody's sanctions list, executes via SAP treasury, and notifies operations via ServiceNow."
tags:
- payments
- corporate-banking
- temenos-transact
- moodys
- sap
- servicenow
capability:
exposes:
- type: mcp
namespace: corporate-payments
port: 8080
tools:
- name: process-corporate-payment
description: "Validate account, screen beneficiary, execute payment, and notify operations for a corporate wire transfer."
inputParameters:
- name: debit_account_id
in: body
type: string
description: "The Temenos Transact debit account ID."
- name: beneficiary_name
in: body
type: string
description: "The beneficiary name for sanctions screening."
- name: beneficiary_country
in: body
type: string
description: "The beneficiary country ISO code."
- name: amount
in: body
type: number
description: "The payment amount."
- name: currency
in: body
type: string
description: "The payment currency ISO code."
steps:
- name: validate-account
type: call
call: "temenos.get-balance"
with:
account_id: "{{debit_account_id}}"
- name: screen-beneficiary
type: call
call: "moodys.screen-entity"
with:
entity_name: "{{beneficiary_name}}"
country: "{{beneficiary_country}}"
- name: execute-payment
type: call
call: "sap.create-payment"
with:
debit_account: "{{debit_account_id}}"
beneficiary: "{{beneficiary_name}}"
amount: "{{amount}}"
currency: "{{currency}}"
- name: notify-ops
type: call
call: "servicenow.create-task"
with:
short_description: "Corporate payment executed: {{amount}} {{currency}} to {{beneficiary_name}}"
description: "Debit account: {{debit_account_id}}. Available balance after: {{validate-account.available_balance}}. Screening result: {{screen-beneficiary.risk_level}}. SAP ref: {{execute-payment.payment_ref}}."
assigned_group: "Payment_Operations"
category: "payment_processing"
consumes:
- type: http
namespace: temenos
baseUri: "https://transact.bnpparibas.net/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: accounts
path: "/accounts/{{account_id}}/balances"
inputParameters:
- name: account_id
in: path
operations:
- name: get-balance
method: GET
- type: http
namespace: moodys
baseUri: "https://api.moodys.com/screening/v1"
authentication:
type: bearer
token: "$secrets.moodys_api_key"
resources:
- name: entities
path: "/screen"
operations:
- name: screen-entity
method: POST
- type: http
namespace: sap
baseUri: "https://bnp-s4.sap.com/sap/opu/odata/sap/FI_PAYMENT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: payments
path: "/A_PaymentInstruction"
operations:
- name: create-payment
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Credit Limit Approval Orchestrator
▼
credit-risk simcorp-dimension moodys servicenow temenos-transact
Retrieves counterparty exposure from SimCorp, checks Moody's rating, routes for approval in ServiceNow, and updates limits in Temenos.
naftiko: "0.5"
info:
label: "Credit Limit Approval Orchestrator"
description: "Retrieves counterparty exposure from SimCorp, checks Moody's rating, routes for approval in ServiceNow, and updates limits in Temenos."
tags:
- credit-risk
- simcorp-dimension
- moodys
- servicenow
- temenos-transact
capability:
exposes:
- type: mcp
namespace: credit-approval
port: 8080
tools:
- name: approve-credit-limit
description: "Evaluate and approve a credit limit change."
inputParameters:
- name: counterparty_id
in: body
type: string
description: "Counterparty identifier."
- name: requested_limit
in: body
type: number
description: "Requested credit limit."
steps:
- name: get-exposure
type: call
call: "simcorp.get-counterparty-exposure"
with:
counterparty_id: "{{counterparty_id}}"
- name: get-rating
type: call
call: "moodys.get-rating"
with:
entity_id: "{{counterparty_id}}"
- name: request-approval
type: call
call: "servicenow.create-change-request"
with:
short_description: "Credit limit: {{counterparty_id}} — {{requested_limit}}"
description: "Current exposure: {{get-exposure.total}}. Rating: {{get-rating.rating}}. Requested: {{requested_limit}}."
- name: update-limit
type: call
call: "temenos.update-credit-limit"
with:
counterparty_id: "{{counterparty_id}}"
limit: "{{requested_limit}}"
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: exposure
path: "/counterparties/{{counterparty_id}}/exposure"
inputParameters:
- name: counterparty_id
in: path
operations:
- name: get-counterparty-exposure
method: GET
- type: http
namespace: moodys
baseUri: "https://api.moodys.com/v1"
authentication:
type: bearer
token: "$secrets.moodys_api_key"
resources:
- name: ratings
path: "/issuers/{{entity_id}}/ratings"
inputParameters:
- name: entity_id
in: path
operations:
- name: get-rating
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change-request
method: POST
- type: http
namespace: temenos
baseUri: "https://temenos.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: limits
path: "/counterparties/{{counterparty_id}}/credit-limits"
inputParameters:
- name: counterparty_id
in: path
operations:
- name: update-credit-limit
method: PUT
Credit Risk Counterparty Assessment
▼
credit-risk counterparty-risk bloomberg moodys simcorp-dimension sharepoint
Pulls counterparty financials from Bloomberg, credit rating from Moody's, exposure from SimCorp Dimension, and assembles a risk assessment report stored in SharePoint.
naftiko: "0.5"
info:
label: "Credit Risk Counterparty Assessment"
description: "Pulls counterparty financials from Bloomberg, credit rating from Moody's, exposure from SimCorp Dimension, and assembles a risk assessment report stored in SharePoint."
tags:
- credit-risk
- counterparty-risk
- bloomberg
- moodys
- simcorp-dimension
- sharepoint
capability:
exposes:
- type: mcp
namespace: counterparty-risk
port: 8080
tools:
- name: assess-counterparty
description: "Compile counterparty risk assessment from market data, credit rating, and exposure data."
inputParameters:
- name: counterparty_ticker
in: body
type: string
description: "The Bloomberg ticker of the counterparty."
- name: counterparty_moodys_id
in: body
type: string
description: "The Moody's issuer ID."
- name: portfolio_code
in: body
type: string
description: "The portfolio to check exposure against."
steps:
- name: get-financials
type: call
call: "bloomberg.get-quote"
with:
ticker: "{{counterparty_ticker}}"
- name: get-rating
type: call
call: "moodys.get-rating"
with:
issuer_id: "{{counterparty_moodys_id}}"
- name: get-exposure
type: call
call: "simcorp.get-counterparty-exposure"
with:
portfolio_code: "{{portfolio_code}}"
counterparty_ticker: "{{counterparty_ticker}}"
- name: store-report
type: call
call: "sharepoint.create-file"
with:
site_id: "credit_risk_reports"
file_path: "Assessments/{{counterparty_ticker}}/assessment.json"
content_type: "application/json"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/fields"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: quotes
path: "/snapshots/{{ticker}}"
inputParameters:
- name: ticker
in: path
operations:
- name: get-quote
method: GET
- type: http
namespace: moodys
baseUri: "https://api.moodys.com/credit/v1"
authentication:
type: bearer
token: "$secrets.moodys_api_key"
resources:
- name: ratings
path: "/issuers/{{issuer_id}}/ratings"
inputParameters:
- name: issuer_id
in: path
operations:
- name: get-rating
method: GET
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: exposure
path: "/portfolios/{{portfolio_code}}/exposure/{{counterparty_ticker}}"
inputParameters:
- name: portfolio_code
in: path
- name: counterparty_ticker
in: path
operations:
- name: get-counterparty-exposure
method: GET
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: files
path: "/{{site_id}}/drive/root:/{{file_path}}:/content"
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: create-file
method: PUT
Cross-Border Payment Processing Pipeline
▼
payments sap bloomberg swift servicenow
Validates payment in SAP, converts currency via Bloomberg FX, routes through SWIFT, and tracks delivery in ServiceNow.
naftiko: "0.5"
info:
label: "Cross-Border Payment Processing Pipeline"
description: "Validates payment in SAP, converts currency via Bloomberg FX, routes through SWIFT, and tracks delivery in ServiceNow."
tags:
- payments
- sap
- bloomberg
- swift
- servicenow
capability:
exposes:
- type: mcp
namespace: xborder-payment
port: 8080
tools:
- name: process-cross-border-payment
description: "Process and track a cross-border payment end-to-end."
inputParameters:
- name: payment_id
in: body
type: string
description: "SAP payment instruction ID."
steps:
- name: get-payment
type: call
call: "sap.get-payment"
with:
payment_id: "{{payment_id}}"
- name: get-fx-rate
type: call
call: "bloomberg.get-fx-rate"
with:
pair: "{{get-payment.currency_pair}}"
- name: send-swift
type: call
call: "swift.send-mt103"
with:
payment_ref: "{{payment_id}}"
amount: "{{get-payment.amount}}"
rate: "{{get-fx-rate.mid}}"
- name: track-delivery
type: call
call: "servicenow.create-task"
with:
short_description: "Cross-border payment: {{payment_id}}"
description: "Amount: {{get-payment.amount}}. FX: {{get-fx-rate.mid}}. SWIFT: {{send-swift.uetr}}."
consumes:
- type: http
namespace: sap
baseUri: "https://bnp-s4.sap.com/sap/opu/odata/sap"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: payments
path: "/FI_PAYMENT_SRV/A_Payment('{{payment_id}}')"
inputParameters:
- name: payment_id
in: path
operations:
- name: get-payment
method: GET
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/fields"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: fx
path: "/snapshots/{{pair}}"
inputParameters:
- name: pair
in: path
operations:
- name: get-fx-rate
method: GET
- type: http
namespace: swift
baseUri: "https://swift.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.swift_token"
resources:
- name: messages
path: "/messages/mt103"
operations:
- name: send-mt103
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Data Lake Ingestion Pipeline
▼
data-engineering informatica snowflake azure-data-factory
Triggers Informatica data flows, validates quality in Snowflake, publishes metadata to Azure Data Catalog, and notifies data stewards via Microsoft Teams.
naftiko: "0.5"
info:
label: "Data Lake Ingestion Pipeline"
description: "Triggers Informatica data flows, validates quality in Snowflake, publishes metadata to Azure Data Catalog, and notifies data stewards via Microsoft Teams."
tags:
- data-engineering
- informatica
- snowflake
- azure-data-factory
capability:
exposes:
- type: mcp
namespace: data-ingestion
port: 8080
tools:
- name: ingest-data
description: "Trigger data ingestion with quality validation and notification."
inputParameters:
- name: source_name
in: body
type: string
description: "Data source name."
- name: dataset
in: body
type: string
description: "Target dataset."
steps:
- name: trigger-flow
type: call
call: "informatica.run-task"
with:
task_name: "ingest-{{source_name}}"
- name: validate-quality
type: call
call: "snowflake.execute-statement"
with:
statement: "CALL DQ.VALIDATE('{{dataset}}')"
- name: publish-metadata
type: call
call: "adf.trigger-pipeline"
with:
pipeline_name: "catalog-{{dataset}}"
consumes:
- type: http
namespace: informatica
baseUri: "https://dm-us.informaticacloud.com/saas/api/v2"
authentication:
type: bearer
token: "$secrets.informatica_token"
resources:
- name: tasks
path: "/task/run"
operations:
- name: run-task
method: POST
- type: http
namespace: snowflake
baseUri: "https://bnpparibas.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: adf
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: pipelines
path: "/subscriptions/$secrets.azure_sub_id/resourceGroups/data/providers/Microsoft.DataFactory/factories/bnp-adf/pipelines/{{pipeline_name}}/createRun"
inputParameters:
- name: pipeline_name
in: path
operations:
- name: trigger-pipeline
method: POST
Data Privacy Request Handler
▼
compliance servicenow temenos-transact salesforce confluence
Receives GDPR requests via ServiceNow, searches for personal data in Temenos and Salesforce, generates deletion reports, and logs in Confluence.
naftiko: "0.5"
info:
label: "Data Privacy Request Handler"
description: "Receives GDPR requests via ServiceNow, searches for personal data in Temenos and Salesforce, generates deletion reports, and logs in Confluence."
tags:
- compliance
- servicenow
- temenos-transact
- salesforce
- confluence
capability:
exposes:
- type: mcp
namespace: gdpr-handler
port: 8080
tools:
- name: handle-privacy-request
description: "Process a GDPR data subject request."
inputParameters:
- name: request_id
in: body
type: string
description: "ServiceNow request ID."
- name: subject_email
in: body
type: string
description: "Data subject email."
steps:
- name: get-request
type: call
call: "servicenow.get-task"
with:
task_id: "{{request_id}}"
- name: search-temenos
type: call
call: "temenos.search-customer"
with:
email: "{{subject_email}}"
- name: search-salesforce
type: call
call: "salesforce.search-contact"
with:
email: "{{subject_email}}"
- name: log-report
type: call
call: "confluence.create-page"
with:
space_key: "GDPR"
title: "DSAR: {{request_id}} — {{subject_email}}"
body: "Temenos records: {{search-temenos.count}}. Salesforce records: {{search-salesforce.count}}."
consumes:
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task/{{task_id}}"
inputParameters:
- name: task_id
in: path
operations:
- name: get-task
method: GET
- type: http
namespace: temenos
baseUri: "https://temenos.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: customers
path: "/customers/search"
inputParameters:
- name: email
in: query
operations:
- name: search-customer
method: GET
- type: http
namespace: salesforce
baseUri: "https://bnpparibas.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: contacts
path: "/parameterizedSearch"
inputParameters:
- name: email
in: query
operations:
- name: search-contact
method: GET
- type: http
namespace: confluence
baseUri: "https://bnpparibas.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_api_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
Database Failover Test Pipeline
▼
disaster-recovery oracle datadog servicenow
Triggers Oracle database failover, verifies replication health, checks application connectivity via Datadog, and logs results in ServiceNow.
naftiko: "0.5"
info:
label: "Database Failover Test Pipeline"
description: "Triggers Oracle database failover, verifies replication health, checks application connectivity via Datadog, and logs results in ServiceNow."
tags:
- disaster-recovery
- oracle
- datadog
- servicenow
capability:
exposes:
- type: mcp
namespace: db-failover
port: 8080
tools:
- name: test-failover
description: "Execute and verify a database failover test."
inputParameters:
- name: db_name
in: body
type: string
description: "Oracle database name."
steps:
- name: trigger-failover
type: call
call: "oracle.initiate-failover"
with:
database: "{{db_name}}"
- name: verify-health
type: call
call: "datadog.query-metrics"
with:
query: "avg:oracle.db.connections{db:{{db_name}}}"
- name: log-result
type: call
call: "servicenow.create-change-request"
with:
short_description: "DR failover test: {{db_name}}"
description: "Failover status: {{trigger-failover.status}}. Connections: {{verify-health.value}}."
consumes:
- type: http
namespace: oracle
baseUri: "https://oracle.bnpparibas.com/em/api/v1"
authentication:
type: basic
username: "$secrets.oracle_user"
password: "$secrets.oracle_password"
resources:
- name: databases
path: "/databases/{{database}}/failover"
inputParameters:
- name: database
in: path
operations:
- name: initiate-failover
method: POST
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
name: "DD-API-KEY"
in: header
value: "$secrets.datadog_api_key"
resources:
- name: metrics
path: "/query"
inputParameters:
- name: query
in: query
operations:
- name: query-metrics
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change-request
method: POST
Datadog API Latency Check
▼
observability datadog
Queries Datadog for API endpoint latency percentiles for a given service, returning p50, p95, and p99 values.
naftiko: "0.5"
info:
label: "Datadog API Latency Check"
description: "Queries Datadog for API endpoint latency percentiles for a given service, returning p50, p95, and p99 values."
tags:
- observability
- datadog
capability:
exposes:
- type: mcp
namespace: datadog-latency
port: 8080
tools:
- name: get-latency
description: "Retrieve API latency percentiles for a service from Datadog."
inputParameters:
- name: service_name
in: body
type: string
description: "The service name tag in Datadog."
call: "datadog-latency.query-metrics"
with:
query: "p99:trace.http.request{service:{{service_name}}}"
consumes:
- type: http
namespace: datadog-latency
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
name: "DD-API-KEY"
in: header
value: "$secrets.datadog_api_key"
resources:
- name: metrics
path: "/query"
inputParameters:
- name: query
in: query
operations:
- name: query-metrics
method: GET
Datadog APM Service Health
▼
monitoring observability datadog
Queries Datadog for the health status and error rate of a given service, used by SRE teams to assess production stability.
naftiko: "0.5"
info:
label: "Datadog APM Service Health"
description: "Queries Datadog for the health status and error rate of a given service, used by SRE teams to assess production stability."
tags:
- monitoring
- observability
- datadog
capability:
exposes:
- type: mcp
namespace: observability
port: 8080
tools:
- name: get-service-health
description: "Retrieve the current health status, latency, and error rate for a service from Datadog APM."
inputParameters:
- name: service_name
in: body
type: string
description: "The Datadog service name."
call: "datadog.get-service-metrics"
with:
service_name: "{{service_name}}"
outputParameters:
- name: status
type: string
mapping: "$.data.attributes.status"
- name: error_rate
type: number
mapping: "$.data.attributes.errorRate"
- name: avg_latency_ms
type: number
mapping: "$.data.attributes.avgLatencyMs"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.eu/api/v2"
authentication:
type: apiKey
name: "DD-API-KEY"
in: header
value: "$secrets.datadog_api_key"
resources:
- name: services
path: "/services/{{service_name}}/metrics"
inputParameters:
- name: service_name
in: path
operations:
- name: get-service-metrics
method: GET
Derivatives Trade Confirmation Workflow
▼
derivatives trade-operations bloomberg-aim sharepoint axway servicenow
On new OTC derivative trade, retrieves trade details from Bloomberg AIM, generates confirmation document in SharePoint, sends to counterparty via Axway secure file transfer, and logs in ServiceNow.
naftiko: "0.5"
info:
label: "Derivatives Trade Confirmation Workflow"
description: "On new OTC derivative trade, retrieves trade details from Bloomberg AIM, generates confirmation document in SharePoint, sends to counterparty via Axway secure file transfer, and logs in ServiceNow."
tags:
- derivatives
- trade-operations
- bloomberg-aim
- sharepoint
- axway
- servicenow
capability:
exposes:
- type: mcp
namespace: derivatives-confirm
port: 8080
tools:
- name: confirm-otc-trade
description: "Generate and send trade confirmation for an OTC derivative, logging the workflow in ServiceNow."
inputParameters:
- name: trade_ref
in: body
type: string
description: "The Bloomberg AIM trade reference."
- name: counterparty_id
in: body
type: string
description: "The counterparty identifier for secure delivery."
steps:
- name: get-trade
type: call
call: "bloomberg-aim.get-trade"
with:
trade_ref: "{{trade_ref}}"
- name: create-confirmation
type: call
call: "sharepoint.create-file"
with:
site_id: "derivatives_confirmations"
file_path: "Confirmations/{{trade_ref}}_confirm.pdf"
content_type: "application/pdf"
- name: send-to-counterparty
type: call
call: "axway.send-file"
with:
partner_id: "{{counterparty_id}}"
file_url: "{{create-confirmation.url}}"
filename: "{{trade_ref}}_confirm.pdf"
- name: log-confirmation
type: call
call: "servicenow.create-task"
with:
short_description: "OTC confirmation sent: {{trade_ref}}"
description: "Trade: {{get-trade.instrument}} {{get-trade.notional}} {{get-trade.currency}}. Counterparty: {{get-trade.counterparty}}. Confirmation delivered via Axway. Transfer ID: {{send-to-counterparty.transfer_id}}."
assigned_group: "Derivatives_Operations"
category: "trade_confirmation"
consumes:
- type: http
namespace: bloomberg-aim
baseUri: "https://aim.bloomberg.com/api/v1"
authentication:
type: bearer
token: "$secrets.bloomberg_aim_token"
resources:
- name: trades
path: "/trades/{{trade_ref}}"
inputParameters:
- name: trade_ref
in: path
operations:
- name: get-trade
method: GET
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: files
path: "/{{site_id}}/drive/root:/{{file_path}}:/content"
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: create-file
method: PUT
- type: http
namespace: axway
baseUri: "https://axway.bnpparibas.net/api/v1"
authentication:
type: bearer
token: "$secrets.axway_token"
resources:
- name: transfers
path: "/transfers"
operations:
- name: send-file
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Derivatives Valuation Pipeline
▼
derivatives bloomberg azure-databricks snowflake simcorp-dimension
Fetches market data from Bloomberg, runs valuation models in Azure Databricks, stores results in Snowflake, and updates positions in SimCorp.
naftiko: "0.5"
info:
label: "Derivatives Valuation Pipeline"
description: "Fetches market data from Bloomberg, runs valuation models in Azure Databricks, stores results in Snowflake, and updates positions in SimCorp."
tags:
- derivatives
- bloomberg
- azure-databricks
- snowflake
- simcorp-dimension
capability:
exposes:
- type: mcp
namespace: deriv-valuation
port: 8080
tools:
- name: value-derivatives
description: "Run derivative valuations with market data and position updates."
inputParameters:
- name: portfolio_code
in: body
type: string
description: "Portfolio code."
- name: valuation_date
in: body
type: string
description: "Valuation date YYYY-MM-DD."
steps:
- name: get-market-data
type: call
call: "bloomberg.get-curves"
with:
date: "{{valuation_date}}"
- name: run-models
type: call
call: "databricks.submit-job"
with:
job_name: "deriv-valuation"
parameters: "{{portfolio_code}},{{valuation_date}}"
- name: store-results
type: call
call: "snowflake.execute-statement"
with:
statement: "CALL DERIV.STORE_VALUATIONS('{{portfolio_code}}', '{{valuation_date}}')"
- name: update-positions
type: call
call: "simcorp.update-valuations"
with:
portfolio_code: "{{portfolio_code}}"
date: "{{valuation_date}}"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: curves
path: "/curves"
inputParameters:
- name: date
in: query
operations:
- name: get-curves
method: GET
- type: http
namespace: databricks
baseUri: "https://adb-bnp.azuredatabricks.net/api/2.0"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: submit-job
method: POST
- type: http
namespace: snowflake
baseUri: "https://bnpparibas.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: valuations
path: "/portfolios/{{portfolio_code}}/valuations"
inputParameters:
- name: portfolio_code
in: path
operations:
- name: update-valuations
method: PUT
Docker Container Security Scan Pipeline
▼
security container-security docker falco open-policy-agent servicenow
Scans a Docker container image with Falco for runtime vulnerabilities, checks compliance with Open Policy Agent, and logs findings in ServiceNow for security review.
naftiko: "0.5"
info:
label: "Docker Container Security Scan Pipeline"
description: "Scans a Docker container image with Falco for runtime vulnerabilities, checks compliance with Open Policy Agent, and logs findings in ServiceNow for security review."
tags:
- security
- container-security
- docker
- falco
- open-policy-agent
- servicenow
capability:
exposes:
- type: mcp
namespace: container-security
port: 8080
tools:
- name: scan-container
description: "Scan a Docker image for vulnerabilities, check policy compliance, and log security findings."
inputParameters:
- name: image_name
in: body
type: string
description: "The Docker image name with tag (e.g. registry.bnpparibas.net/app:v1.2)."
- name: namespace
in: body
type: string
description: "The Kubernetes namespace where the image runs."
steps:
- name: vulnerability-scan
type: call
call: "falco.scan-image"
with:
image: "{{image_name}}"
- name: policy-check
type: call
call: "opa.evaluate-policy"
with:
policy_path: "container/security"
input: "{{image_name}}"
- name: log-findings
type: call
call: "servicenow.create-task"
with:
short_description: "Container scan: {{image_name}}"
description: "Falco vulnerabilities: critical={{vulnerability-scan.critical_count}}, high={{vulnerability-scan.high_count}}. OPA policy: {{policy-check.decision}}. Namespace: {{namespace}}. Base image: {{vulnerability-scan.base_image}}."
assigned_group: "AppSec_Team"
category: "container_security"
consumes:
- type: http
namespace: falco
baseUri: "https://falco.bnpparibas.net/api/v1"
authentication:
type: bearer
token: "$secrets.falco_token"
resources:
- name: scans
path: "/scans"
operations:
- name: scan-image
method: POST
- type: http
namespace: opa
baseUri: "https://opa.bnpparibas.net/v1"
authentication:
type: bearer
token: "$secrets.opa_token"
resources:
- name: policies
path: "/data/{{policy_path}}"
inputParameters:
- name: policy_path
in: path
operations:
- name: evaluate-policy
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Elasticsearch Log Analysis Pipeline
▼
observability logging elasticsearch datadog servicenow
Queries Elasticsearch for error patterns in application logs, correlates with Datadog traces, and creates a ServiceNow problem record for recurring issues.
naftiko: "0.5"
info:
label: "Elasticsearch Log Analysis Pipeline"
description: "Queries Elasticsearch for error patterns in application logs, correlates with Datadog traces, and creates a ServiceNow problem record for recurring issues."
tags:
- observability
- logging
- elasticsearch
- datadog
- servicenow
capability:
exposes:
- type: mcp
namespace: log-analysis
port: 8080
tools:
- name: analyze-error-pattern
description: "Search for error patterns in Elasticsearch, correlate with Datadog traces, and create a problem record if recurring."
inputParameters:
- name: application
in: body
type: string
description: "The application name to search logs for."
- name: error_pattern
in: body
type: string
description: "The error pattern regex to search for."
- name: time_range
in: body
type: string
description: "Time range for the search (e.g. 24h, 7d)."
steps:
- name: search-logs
type: call
call: "elasticsearch.search"
with:
index: "logs-{{application}}-*"
query: "{{error_pattern}}"
time_range: "{{time_range}}"
- name: get-traces
type: call
call: "datadog.search-traces"
with:
service: "{{application}}"
query: "status:error"
time_range: "{{time_range}}"
- name: create-problem
type: call
call: "servicenow.create-problem"
with:
short_description: "Recurring error: {{application}} — {{error_pattern}}"
description: "Error occurrences: {{search-logs.total_hits}} in last {{time_range}}. Correlated Datadog traces: {{get-traces.trace_count}}. Top error: {{search-logs.top_message}}. First seen: {{search-logs.first_occurrence}}."
assigned_group: "Application_Support"
category: "application_error"
consumes:
- type: http
namespace: elasticsearch
baseUri: "https://elasticsearch.bnpparibas.net:9200"
authentication:
type: basic
username: "$secrets.elastic_user"
password: "$secrets.elastic_password"
resources:
- name: search
path: "/{{index}}/_search"
inputParameters:
- name: index
in: path
operations:
- name: search
method: POST
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.eu/api/v2"
authentication:
type: apiKey
name: "DD-API-KEY"
in: header
value: "$secrets.datadog_api_key"
resources:
- name: traces
path: "/traces/search"
operations:
- name: search-traces
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: problems
path: "/table/problem"
operations:
- name: create-problem
method: POST
Employee Access Review Workflow
▼
security azure-active-directory sharepoint servicenow
Pulls access records from Azure Active Directory, generates a review report in SharePoint, routes approvals via ServiceNow, and revokes stale access.
naftiko: "0.5"
info:
label: "Employee Access Review Workflow"
description: "Pulls access records from Azure Active Directory, generates a review report in SharePoint, routes approvals via ServiceNow, and revokes stale access."
tags:
- security
- azure-active-directory
- sharepoint
- servicenow
capability:
exposes:
- type: mcp
namespace: access-review
port: 8080
tools:
- name: review-access
description: "Audit employee access and revoke stale permissions."
inputParameters:
- name: department
in: body
type: string
description: "Department to review."
steps:
- name: get-users
type: call
call: "azure-ad.list-users"
with:
department: "{{department}}"
- name: store-report
type: call
call: "sharepoint.create-file"
with:
site_id: "security"
path: "AccessReviews/{{department}}/review.json"
- name: create-approval
type: call
call: "servicenow.create-change-request"
with:
short_description: "Access review: {{department}}"
description: "Users reviewed: {{get-users.count}}. Report: {{store-report.url}}."
consumes:
- type: http
namespace: azure-ad
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: users
path: "/users"
inputParameters:
- name: department
in: query
operations:
- name: list-users
method: GET
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: files
path: "/{{site_id}}/drive/root:/{{path}}:/content"
inputParameters:
- name: site_id
in: path
- name: path
in: path
operations:
- name: create-file
method: PUT
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change-request
method: POST
Employee Offboarding Orchestrator
▼
hr offboarding workday azure-active-directory salesforce servicenow sharepoint
On employee termination in Workday, disables Azure AD account, revokes Salesforce access, closes ServiceNow assets, and archives SharePoint personal folder.
naftiko: "0.5"
info:
label: "Employee Offboarding Orchestrator"
description: "On employee termination in Workday, disables Azure AD account, revokes Salesforce access, closes ServiceNow assets, and archives SharePoint personal folder."
tags:
- hr
- offboarding
- workday
- azure-active-directory
- salesforce
- servicenow
- sharepoint
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: process-offboarding
description: "Given a Workday employee ID, disable AD account, revoke CRM access, close IT assets, and archive documents."
inputParameters:
- name: worker_id
in: body
type: string
description: "The Workday worker ID of the departing employee."
- name: termination_date
in: body
type: string
description: "The termination effective date in YYYY-MM-DD format."
steps:
- name: get-employee
type: call
call: "workday.get-worker"
with:
worker_id: "{{worker_id}}"
- name: disable-ad-account
type: call
call: "azuread.disable-user"
with:
user_principal_name: "{{get-employee.work_email}}"
- name: revoke-salesforce
type: call
call: "salesforce.deactivate-user"
with:
email: "{{get-employee.work_email}}"
- name: close-assets
type: call
call: "servicenow.create-task"
with:
short_description: "Offboarding asset recovery: {{get-employee.full_name}}"
description: "Employee {{get-employee.full_name}} termination date: {{termination_date}}. Recover laptop, badges, and tokens. AD disabled. Salesforce revoked."
assigned_group: "IT_Offboarding"
category: "offboarding"
- name: archive-folder
type: call
call: "sharepoint.move-folder"
with:
site_id: "employee_docs"
source_path: "Active/{{get-employee.full_name}}"
target_path: "Archived/{{get-employee.full_name}}_{{termination_date}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: azuread
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: users
path: "/users/{{user_principal_name}}"
inputParameters:
- name: user_principal_name
in: path
operations:
- name: disable-user
method: PATCH
- type: http
namespace: salesforce
baseUri: "https://bnpparibas.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: users
path: "/sobjects/User"
operations:
- name: deactivate-user
method: PATCH
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/{{site_id}}/drive/root:/{{source_path}}"
inputParameters:
- name: site_id
in: path
- name: source_path
in: path
operations:
- name: move-folder
method: PATCH
FactSet Portfolio Holdings
▼
asset-management portfolio-management factset
Queries FactSet for current portfolio holdings by portfolio ID, returning asset allocation, top positions, and total NAV.
naftiko: "0.5"
info:
label: "FactSet Portfolio Holdings"
description: "Queries FactSet for current portfolio holdings by portfolio ID, returning asset allocation, top positions, and total NAV."
tags:
- asset-management
- portfolio-management
- factset
capability:
exposes:
- type: mcp
namespace: portfolio
port: 8080
tools:
- name: get-portfolio-holdings
description: "Retrieve current holdings for a given portfolio from FactSet, including top positions and net asset value."
inputParameters:
- name: portfolio_id
in: body
type: string
description: "The FactSet portfolio identifier."
call: "factset.get-holdings"
with:
portfolio_id: "{{portfolio_id}}"
outputParameters:
- name: total_nav
type: number
mapping: "$.data.totalNAV"
- name: holdings_count
type: number
mapping: "$.data.holdingsCount"
- name: top_positions
type: string
mapping: "$.data.topPositions"
consumes:
- type: http
namespace: factset
baseUri: "https://api.factset.com/analytics/portfolio/v3"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_password"
resources:
- name: holdings
path: "/portfolios/{{portfolio_id}}/holdings"
inputParameters:
- name: portfolio_id
in: path
operations:
- name: get-holdings
method: GET
FactSet Security Pricing
▼
market-data factset
Fetches end-of-day pricing data for a security from FactSet, returning close price, volume, and VWAP.
naftiko: "0.5"
info:
label: "FactSet Security Pricing"
description: "Fetches end-of-day pricing data for a security from FactSet, returning close price, volume, and VWAP."
tags:
- market-data
- factset
capability:
exposes:
- type: mcp
namespace: factset-pricing
port: 8080
tools:
- name: get-security-price
description: "Retrieve end-of-day pricing for a security by ISIN from FactSet."
inputParameters:
- name: isin
in: body
type: string
description: "The ISIN of the security."
call: "factset-pricing.get-price"
with:
isin: "{{isin}}"
consumes:
- type: http
namespace: factset-pricing
baseUri: "https://api.factset.com/content/factset-prices/v1"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_api_key"
resources:
- name: prices
path: "/fixed-income/prices"
inputParameters:
- name: isin
in: query
operations:
- name: get-price
method: GET
Fund Accounting NAV Calculation Pipeline
▼
fund-accounting asset-management simcorp-dimension bloomberg azure-databricks oracle-database power-bi
Pulls fund positions from SimCorp Dimension, retrieves market prices from Bloomberg, computes NAV in Azure Databricks, publishes results to Oracle Database, and refreshes the fund reporting dashboard.
naftiko: "0.5"
info:
label: "Fund Accounting NAV Calculation Pipeline"
description: "Pulls fund positions from SimCorp Dimension, retrieves market prices from Bloomberg, computes NAV in Azure Databricks, publishes results to Oracle Database, and refreshes the fund reporting dashboard."
tags:
- fund-accounting
- asset-management
- simcorp-dimension
- bloomberg
- azure-databricks
- oracle-database
- power-bi
capability:
exposes:
- type: mcp
namespace: fund-accounting
port: 8080
tools:
- name: calculate-nav
description: "Calculate net asset value for a fund by pulling positions, pricing, computing, and publishing."
inputParameters:
- name: fund_code
in: body
type: string
description: "The SimCorp fund/portfolio code."
- name: valuation_date
in: body
type: string
description: "The NAV valuation date in YYYY-MM-DD format."
steps:
- name: get-positions
type: call
call: "simcorp.get-positions"
with:
portfolio_code: "{{fund_code}}"
- name: get-prices
type: call
call: "bloomberg.get-bulk-prices"
with:
date: "{{valuation_date}}"
universe: "fund_{{fund_code}}"
- name: compute-nav
type: call
call: "databricks.run-job"
with:
job_name: "nav_calculation"
parameters: "fund={{fund_code}}&date={{valuation_date}}&positions_value={{get-positions.total_market_value}}"
- name: publish-nav
type: call
call: "oracle.execute-procedure"
with:
procedure: "pkg_fund_nav.publish_nav"
parameters: "fund_code={{fund_code}}&nav_date={{valuation_date}}&nav_value={{compute-nav.nav_value}}"
- name: refresh-dashboard
type: call
call: "powerbi.refresh-dataset"
with:
workspace_id: "fund_reporting"
dataset_id: "fund_nav_daily"
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: positions
path: "/portfolios/{{portfolio_code}}/positions"
inputParameters:
- name: portfolio_code
in: path
operations:
- name: get-positions
method: GET
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: bulk-prices
path: "/universes/{{universe}}/prices?date={{date}}"
inputParameters:
- name: universe
in: path
- name: date
in: path
operations:
- name: get-bulk-prices
method: GET
- type: http
namespace: databricks
baseUri: "https://adb-bnpparibas.azuredatabricks.net/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: oracle
baseUri: "https://ords.bnpparibas.net/ords/fund"
authentication:
type: bearer
token: "$secrets.oracle_ords_token"
resources:
- name: procedures
path: "/{{procedure}}"
inputParameters:
- name: procedure
in: path
operations:
- name: execute-procedure
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: workspace_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
Fund NAV Publication Workflow
▼
fund-accounting simcorp-dimension snowflake bloomberg salesforce
Calculates NAV in SimCorp, validates in Snowflake, publishes to Bloomberg, and distributes to investors via Salesforce.
naftiko: "0.5"
info:
label: "Fund NAV Publication Workflow"
description: "Calculates NAV in SimCorp, validates in Snowflake, publishes to Bloomberg, and distributes to investors via Salesforce."
tags:
- fund-accounting
- simcorp-dimension
- snowflake
- bloomberg
- salesforce
capability:
exposes:
- type: mcp
namespace: nav-publication
port: 8080
tools:
- name: publish-nav
description: "Calculate, validate, and publish fund NAV."
inputParameters:
- name: fund_code
in: body
type: string
description: "Fund code."
- name: nav_date
in: body
type: string
description: "NAV date YYYY-MM-DD."
steps:
- name: calculate-nav
type: call
call: "simcorp.calculate-nav"
with:
fund_code: "{{fund_code}}"
date: "{{nav_date}}"
- name: validate
type: call
call: "snowflake.execute-statement"
with:
statement: "CALL NAV.VALIDATE('{{fund_code}}', '{{nav_date}}')"
- name: publish
type: call
call: "bloomberg.publish-nav"
with:
fund_code: "{{fund_code}}"
nav: "{{calculate-nav.nav_per_share}}"
date: "{{nav_date}}"
- name: notify-investors
type: call
call: "salesforce.create-task"
with:
subject: "NAV Published: {{fund_code}} — {{nav_date}}"
description: "NAV: {{calculate-nav.nav_per_share}}. Published to Bloomberg."
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: nav
path: "/funds/{{fund_code}}/nav"
inputParameters:
- name: fund_code
in: path
operations:
- name: calculate-nav
method: POST
- type: http
namespace: snowflake
baseUri: "https://bnpparibas.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: nav
path: "/nav/publish"
operations:
- name: publish-nav
method: POST
- type: http
namespace: salesforce
baseUri: "https://bnpparibas.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: tasks
path: "/sobjects/Task"
operations:
- name: create-task
method: POST
FX Hedging Execution Workflow
▼
fx bloomberg tradeweb simcorp-dimension swift
Fetches FX rates from Bloomberg, executes hedging trades via Tradeweb, books in SimCorp Dimension, and confirms via SWIFT.
naftiko: "0.5"
info:
label: "FX Hedging Execution Workflow"
description: "Fetches FX rates from Bloomberg, executes hedging trades via Tradeweb, books in SimCorp Dimension, and confirms via SWIFT."
tags:
- fx
- bloomberg
- tradeweb
- simcorp-dimension
- swift
capability:
exposes:
- type: mcp
namespace: fx-hedging
port: 8080
tools:
- name: execute-hedge
description: "Execute an FX hedge across Bloomberg, Tradeweb, SimCorp, and SWIFT."
inputParameters:
- name: currency_pair
in: body
type: string
description: "Currency pair (e.g. EUR/USD)."
- name: notional
in: body
type: number
description: "Notional amount."
- name: portfolio_code
in: body
type: string
description: "SimCorp portfolio code."
steps:
- name: get-rate
type: call
call: "bloomberg.get-fx-rate"
with:
pair: "{{currency_pair}}"
- name: execute-trade
type: call
call: "tradeweb.submit-rfq"
with:
currency_pair: "{{currency_pair}}"
amount: "{{notional}}"
- name: book-trade
type: call
call: "simcorp.create-trade"
with:
portfolio_code: "{{portfolio_code}}"
instrument: "{{currency_pair}}"
amount: "{{notional}}"
rate: "{{execute-trade.rate}}"
- name: confirm-trade
type: call
call: "swift.send-mt300"
with:
trade_ref: "{{book-trade.trade_id}}"
counterparty: "{{execute-trade.counterparty_bic}}"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/fields"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: fx
path: "/snapshots/{{pair}}"
inputParameters:
- name: pair
in: path
operations:
- name: get-fx-rate
method: GET
- type: http
namespace: tradeweb
baseUri: "https://api.tradeweb.com/v1"
authentication:
type: bearer
token: "$secrets.tradeweb_token"
resources:
- name: rfqs
path: "/fx/rfq"
operations:
- name: submit-rfq
method: POST
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: trades
path: "/portfolios/{{portfolio_code}}/trades"
inputParameters:
- name: portfolio_code
in: path
operations:
- name: create-trade
method: POST
- type: http
namespace: swift
baseUri: "https://swift.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.swift_token"
resources:
- name: messages
path: "/messages/mt300"
operations:
- name: send-mt300
method: POST
Incident Escalation Pipeline
▼
incident-management servicenow pagerduty microsoft-teams
Monitors ServiceNow P1 incidents, escalates via PagerDuty, creates a war room in Microsoft Teams, and posts updates to the operations channel.
naftiko: "0.5"
info:
label: "Incident Escalation Pipeline"
description: "Monitors ServiceNow P1 incidents, escalates via PagerDuty, creates a war room in Microsoft Teams, and posts updates to the operations channel."
tags:
- incident-management
- servicenow
- pagerduty
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: incident-escalation
port: 8080
tools:
- name: escalate-incident
description: "Escalate a P1 incident with war room and notifications."
inputParameters:
- name: incident_number
in: body
type: string
description: "ServiceNow incident number."
steps:
- name: get-incident
type: call
call: "servicenow.get-incident"
with:
number: "{{incident_number}}"
- name: page-oncall
type: call
call: "pagerduty.create-incident"
with:
title: "P1: {{get-incident.short_description}}"
service_id: "{{get-incident.service_id}}"
urgency: "high"
- name: create-war-room
type: call
call: "msteams.create-channel"
with:
team_id: "incident-response"
name: "WAR-{{incident_number}}"
description: "{{get-incident.short_description}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
inputParameters:
- name: number
in: query
operations:
- name: get-incident
method: GET
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/{{team_id}}/channels"
inputParameters:
- name: team_id
in: path
operations:
- name: create-channel
method: POST
Informatica Data Quality Pipeline
▼
data-quality reference-data informatica oracle-database servicenow power-bi
Triggers an Informatica data quality job for client reference data, validates results against Oracle Database, flags exceptions in ServiceNow, and refreshes the data quality dashboard in Power BI.
naftiko: "0.5"
info:
label: "Informatica Data Quality Pipeline"
description: "Triggers an Informatica data quality job for client reference data, validates results against Oracle Database, flags exceptions in ServiceNow, and refreshes the data quality dashboard in Power BI."
tags:
- data-quality
- reference-data
- informatica
- oracle-database
- servicenow
- power-bi
capability:
exposes:
- type: mcp
namespace: data-quality
port: 8080
tools:
- name: run-data-quality-check
description: "Run Informatica data quality profile, validate against Oracle, flag exceptions, and refresh quality dashboard."
inputParameters:
- name: profile_name
in: body
type: string
description: "The Informatica data quality profile name."
- name: dataset
in: body
type: string
description: "The dataset or table to profile."
steps:
- name: run-profile
type: call
call: "informatica.run-job"
with:
job_name: "{{profile_name}}"
dataset: "{{dataset}}"
- name: validate-oracle
type: call
call: "oracle.execute-query"
with:
query_name: "dq_validation_{{dataset}}"
job_id: "{{run-profile.job_id}}"
- name: flag-exceptions
type: call
call: "servicenow.create-task"
with:
short_description: "Data quality exceptions: {{dataset}}"
description: "Informatica profile: {{profile_name}}. Job ID: {{run-profile.job_id}}. Records scanned: {{run-profile.records_scanned}}. Exceptions: {{validate-oracle.exception_count}}. Pass rate: {{run-profile.pass_rate}}%."
assigned_group: "Data_Governance"
category: "data_quality"
- name: refresh-dashboard
type: call
call: "powerbi.refresh-dataset"
with:
workspace_id: "data_governance"
dataset_id: "data_quality_metrics"
consumes:
- type: http
namespace: informatica
baseUri: "https://dm-us.informaticacloud.com/saas/api/v2"
authentication:
type: bearer
token: "$secrets.informatica_token"
resources:
- name: jobs
path: "/job"
operations:
- name: run-job
method: POST
- type: http
namespace: oracle
baseUri: "https://ords.bnpparibas.net/ords/dq"
authentication:
type: bearer
token: "$secrets.oracle_ords_token"
resources:
- name: queries
path: "/validations/{{query_name}}"
inputParameters:
- name: query_name
in: path
operations:
- name: execute-query
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: workspace_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
Infrastructure Incident Response Orchestrator
▼
operations incident-management datadog servicenow dynatrace azure-event-hubs
On critical alert from Datadog, creates a ServiceNow incident, retrieves impacted service topology from Dynatrace, and sends an urgent notification to the on-call team via Azure Event Hubs.
naftiko: "0.5"
info:
label: "Infrastructure Incident Response Orchestrator"
description: "On critical alert from Datadog, creates a ServiceNow incident, retrieves impacted service topology from Dynatrace, and sends an urgent notification to the on-call team via Azure Event Hubs."
tags:
- operations
- incident-management
- datadog
- servicenow
- dynatrace
- azure-event-hubs
capability:
exposes:
- type: mcp
namespace: incident-response
port: 8080
tools:
- name: handle-critical-alert
description: "On critical Datadog alert, create ServiceNow incident, pull Dynatrace topology, and broadcast to on-call channel."
inputParameters:
- name: alert_id
in: body
type: string
description: "The Datadog alert identifier."
- name: service_name
in: body
type: string
description: "The affected service name."
steps:
- name: get-alert
type: call
call: "datadog.get-alert"
with:
alert_id: "{{alert_id}}"
- name: get-topology
type: call
call: "dynatrace.get-service-topology"
with:
service_name: "{{service_name}}"
- name: create-incident
type: call
call: "servicenow.create-incident"
with:
short_description: "CRITICAL: {{service_name}} — {{get-alert.title}}"
description: "Datadog alert {{alert_id}}: {{get-alert.message}}. Impacted dependencies: {{get-topology.dependencies}}. Triggered: {{get-alert.timestamp}}."
priority: "1"
assigned_group: "SRE_OnCall"
category: "infrastructure"
- name: broadcast-notification
type: call
call: "eventhubs.send-event"
with:
topic: "critical-incidents"
body: "INCIDENT {{create-incident.number}}: {{service_name}} is down. Alert: {{get-alert.title}}. Dependencies: {{get-topology.dependency_count}} services affected."
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.eu/api/v2"
authentication:
type: apiKey
name: "DD-API-KEY"
in: header
value: "$secrets.datadog_api_key"
resources:
- name: alerts
path: "/alerts/{{alert_id}}"
inputParameters:
- name: alert_id
in: path
operations:
- name: get-alert
method: GET
- type: http
namespace: dynatrace
baseUri: "https://bnpparibas.live.dynatrace.com/api/v2"
authentication:
type: bearer
token: "$secrets.dynatrace_token"
resources:
- name: topology
path: "/entities?entitySelector=type(SERVICE),entityName({{service_name}})"
inputParameters:
- name: service_name
in: path
operations:
- name: get-service-topology
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: eventhubs
baseUri: "https://bnpparibas-prod.servicebus.windows.net"
authentication:
type: bearer
token: "$secrets.eventhubs_sas_token"
resources:
- name: events
path: "/{{topic}}/messages"
inputParameters:
- name: topic
in: path
operations:
- name: send-event
method: POST
Infrastructure Security Scan Pipeline
▼
security docker kubernetes elasticsearch jira
Runs Docker container scans, checks Kubernetes config compliance, logs findings in Elasticsearch, and creates Jira tickets for remediation.
naftiko: "0.5"
info:
label: "Infrastructure Security Scan Pipeline"
description: "Runs Docker container scans, checks Kubernetes config compliance, logs findings in Elasticsearch, and creates Jira tickets for remediation."
tags:
- security
- docker
- kubernetes
- elasticsearch
- jira
capability:
exposes:
- type: mcp
namespace: infra-security
port: 8080
tools:
- name: scan-infrastructure
description: "Run security scans across container and Kubernetes infrastructure."
inputParameters:
- name: namespace
in: body
type: string
description: "Kubernetes namespace to scan."
steps:
- name: scan-containers
type: call
call: "docker.scan-images"
with:
namespace: "{{namespace}}"
- name: check-compliance
type: call
call: "kubernetes.audit-config"
with:
namespace: "{{namespace}}"
- name: log-findings
type: call
call: "elasticsearch.index-document"
with:
index: "security-scans"
body: "{{scan-containers.results}}"
- name: create-tickets
type: call
call: "jira.create-issue"
with:
project: "SEC"
summary: "Security scan: {{namespace}} — {{scan-containers.vulnerability_count}} findings"
description: "Container vulns: {{scan-containers.vulnerability_count}}. Config issues: {{check-compliance.issue_count}}."
issue_type: "Bug"
consumes:
- type: http
namespace: docker
baseUri: "https://registry.bnpparibas.com/v2"
authentication:
type: bearer
token: "$secrets.registry_token"
resources:
- name: scans
path: "/scans"
operations:
- name: scan-images
method: POST
- type: http
namespace: kubernetes
baseUri: "https://aks.bnpparibas.com/apis/v1"
authentication:
type: bearer
token: "$secrets.k8s_token"
resources:
- name: audit
path: "/namespaces/{{namespace}}/audit"
inputParameters:
- name: namespace
in: path
operations:
- name: audit-config
method: GET
- type: http
namespace: elasticsearch
baseUri: "https://elastic.bnpparibas.com"
authentication:
type: basic
username: "$secrets.elastic_user"
password: "$secrets.elastic_password"
resources:
- name: documents
path: "/{{index}}/_doc"
inputParameters:
- name: index
in: path
operations:
- name: index-document
method: POST
- type: http
namespace: jira
baseUri: "https://bnpparibas.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Interest Rate Swap Booking Pipeline
▼
derivatives tradeweb bloomberg-aim simcorp-dimension servicenow
Captures swap terms from Tradeweb, books the trade in Bloomberg AIM, generates confirmations in SimCorp, and notifies middle office via ServiceNow.
naftiko: "0.5"
info:
label: "Interest Rate Swap Booking Pipeline"
description: "Captures swap terms from Tradeweb, books the trade in Bloomberg AIM, generates confirmations in SimCorp, and notifies middle office via ServiceNow."
tags:
- derivatives
- tradeweb
- bloomberg-aim
- simcorp-dimension
- servicenow
capability:
exposes:
- type: mcp
namespace: irs-booking
port: 8080
tools:
- name: book-swap
description: "Book an interest rate swap across Tradeweb, Bloomberg AIM, SimCorp, and ServiceNow."
inputParameters:
- name: trade_ref
in: body
type: string
description: "Tradeweb trade reference."
- name: portfolio_code
in: body
type: string
description: "SimCorp portfolio code."
steps:
- name: get-trade
type: call
call: "tradeweb.get-trade"
with:
trade_ref: "{{trade_ref}}"
- name: book-aim
type: call
call: "bloomberg-aim.create-trade"
with:
trade_ref: "{{trade_ref}}"
instrument_type: "IRS"
- name: confirm-simcorp
type: call
call: "simcorp.create-trade"
with:
portfolio_code: "{{portfolio_code}}"
instrument: "{{get-trade.instrument}}"
notional: "{{get-trade.notional}}"
- name: notify-mo
type: call
call: "servicenow.create-task"
with:
short_description: "IRS booked: {{trade_ref}}"
description: "Notional: {{get-trade.notional}}. Rate: {{get-trade.fixed_rate}}. SimCorp: {{confirm-simcorp.trade_id}}."
category: "trade_processing"
consumes:
- type: http
namespace: tradeweb
baseUri: "https://api.tradeweb.com/v1"
authentication:
type: bearer
token: "$secrets.tradeweb_token"
resources:
- name: trades
path: "/trades/{{trade_ref}}"
inputParameters:
- name: trade_ref
in: path
operations:
- name: get-trade
method: GET
- type: http
namespace: bloomberg-aim
baseUri: "https://aim.bloomberg.com/api/v1"
authentication:
type: bearer
token: "$secrets.bloomberg_aim_token"
resources:
- name: trades
path: "/trades"
operations:
- name: create-trade
method: POST
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: trades
path: "/portfolios/{{portfolio_code}}/trades"
inputParameters:
- name: portfolio_code
in: path
operations:
- name: create-trade
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Jira Project Backlog Summary
▼
project-management jira
Retrieves the backlog summary for a Jira project, returning total issues, priority distribution, and sprint velocity.
naftiko: "0.5"
info:
label: "Jira Project Backlog Summary"
description: "Retrieves the backlog summary for a Jira project, returning total issues, priority distribution, and sprint velocity."
tags:
- project-management
- jira
capability:
exposes:
- type: mcp
namespace: jira-backlog
port: 8080
tools:
- name: get-backlog
description: "Retrieve backlog summary for a Jira project."
inputParameters:
- name: project_key
in: body
type: string
description: "The Jira project key."
call: "jira-backlog.search-issues"
with:
jql: "project = {{project_key}} AND sprint is EMPTY"
consumes:
- type: http
namespace: jira-backlog
baseUri: "https://bnpparibas.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: search
path: "/search"
inputParameters:
- name: jql
in: query
operations:
- name: search-issues
method: GET
Kafka Event Stream Health Monitor
▼
infrastructure streaming apache-kafka servicenow
Checks Apache Kafka cluster health, consumer group lag, and topic throughput, then logs degradation alerts in ServiceNow for platform engineering review.
naftiko: "0.5"
info:
label: "Kafka Event Stream Health Monitor"
description: "Checks Apache Kafka cluster health, consumer group lag, and topic throughput, then logs degradation alerts in ServiceNow for platform engineering review."
tags:
- infrastructure
- streaming
- apache-kafka
- servicenow
capability:
exposes:
- type: mcp
namespace: kafka-ops
port: 8080
tools:
- name: check-kafka-health
description: "Monitor Kafka cluster health and consumer group lag, creating ServiceNow alerts for degradation."
inputParameters:
- name: cluster_id
in: body
type: string
description: "The Kafka cluster identifier."
- name: consumer_group
in: body
type: string
description: "The consumer group to monitor."
steps:
- name: get-cluster-health
type: call
call: "kafka.get-cluster"
with:
cluster_id: "{{cluster_id}}"
- name: get-consumer-lag
type: call
call: "kafka.get-consumer-lag"
with:
cluster_id: "{{cluster_id}}"
consumer_group: "{{consumer_group}}"
- name: create-alert
type: call
call: "servicenow.create-incident"
with:
short_description: "Kafka lag alert: {{consumer_group}} on {{cluster_id}}"
description: "Cluster status: {{get-cluster-health.status}}. Broker count: {{get-cluster-health.broker_count}}. Consumer group {{consumer_group}} total lag: {{get-consumer-lag.total_lag}} messages."
assigned_group: "Platform_Engineering"
category: "kafka_monitoring"
consumes:
- type: http
namespace: kafka
baseUri: "https://kafka-rest.bnpparibas.net/v3"
authentication:
type: bearer
token: "$secrets.kafka_rest_token"
resources:
- name: clusters
path: "/clusters/{{cluster_id}}"
inputParameters:
- name: cluster_id
in: path
operations:
- name: get-cluster
method: GET
- name: consumer-groups
path: "/clusters/{{cluster_id}}/consumer-groups/{{consumer_group}}/lags"
inputParameters:
- name: cluster_id
in: path
- name: consumer_group
in: path
operations:
- name: get-consumer-lag
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Kafka Topic Offset Check
▼
streaming apache-kafka
Retrieves consumer group lag for a Kafka topic, returning current offset, end offset, and lag per partition.
naftiko: "0.5"
info:
label: "Kafka Topic Offset Check"
description: "Retrieves consumer group lag for a Kafka topic, returning current offset, end offset, and lag per partition."
tags:
- streaming
- apache-kafka
capability:
exposes:
- type: mcp
namespace: kafka-monitor
port: 8080
tools:
- name: get-consumer-lag
description: "Check consumer group offset lag for a Kafka topic."
inputParameters:
- name: group_id
in: body
type: string
description: "The Kafka consumer group ID."
call: "kafka-monitor.get-offsets"
with:
group_id: "{{group_id}}"
consumes:
- type: http
namespace: kafka-monitor
baseUri: "https://kafka-rest.bnpparibas.com/v3"
authentication:
type: bearer
token: "$secrets.kafka_rest_token"
resources:
- name: offsets
path: "/consumers/{{group_id}}/offsets"
inputParameters:
- name: group_id
in: path
operations:
- name: get-offsets
method: GET
Keycloak Identity Provisioning Pipeline
▼
security identity-management keycloak workday azure-active-directory servicenow
Creates a new user in Keycloak, assigns realm roles based on Workday job profile, configures Azure AD group membership, and logs provisioning in ServiceNow.
naftiko: "0.5"
info:
label: "Keycloak Identity Provisioning Pipeline"
description: "Creates a new user in Keycloak, assigns realm roles based on Workday job profile, configures Azure AD group membership, and logs provisioning in ServiceNow."
tags:
- security
- identity-management
- keycloak
- workday
- azure-active-directory
- servicenow
capability:
exposes:
- type: mcp
namespace: identity
port: 8080
tools:
- name: provision-identity
description: "Create Keycloak user, assign roles from Workday profile, sync Azure AD groups, and log provisioning."
inputParameters:
- name: worker_id
in: body
type: string
description: "The Workday worker ID of the new user."
- name: realm
in: body
type: string
description: "The Keycloak realm to provision into."
steps:
- name: get-employee
type: call
call: "workday.get-worker"
with:
worker_id: "{{worker_id}}"
- name: create-user
type: call
call: "keycloak.create-user"
with:
realm: "{{realm}}"
username: "{{get-employee.work_email}}"
first_name: "{{get-employee.first_name}}"
last_name: "{{get-employee.last_name}}"
email: "{{get-employee.work_email}}"
- name: assign-ad-group
type: call
call: "azuread.add-group-member"
with:
group_id: "{{get-employee.department}}_users"
user_principal_name: "{{get-employee.work_email}}"
- name: log-provisioning
type: call
call: "servicenow.create-task"
with:
short_description: "Identity provisioned: {{get-employee.full_name}}"
description: "Keycloak user created in realm {{realm}}. Azure AD group: {{get-employee.department}}_users. Worker ID: {{worker_id}}. Department: {{get-employee.department}}."
assigned_group: "IAM_Team"
category: "identity_provisioning"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: keycloak
baseUri: "https://keycloak.bnpparibas.net/admin/realms"
authentication:
type: bearer
token: "$secrets.keycloak_admin_token"
resources:
- name: users
path: "/{{realm}}/users"
inputParameters:
- name: realm
in: path
operations:
- name: create-user
method: POST
- type: http
namespace: azuread
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: groups
path: "/groups/{{group_id}}/members/$ref"
inputParameters:
- name: group_id
in: path
operations:
- name: add-group-member
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Kubernetes Cluster Upgrade Pipeline
▼
infrastructure azure-kubernetes-service datadog servicenow
Plans the upgrade in Azure Kubernetes Service, drains nodes, runs health checks via Datadog, and logs changes in ServiceNow.
naftiko: "0.5"
info:
label: "Kubernetes Cluster Upgrade Pipeline"
description: "Plans the upgrade in Azure Kubernetes Service, drains nodes, runs health checks via Datadog, and logs changes in ServiceNow."
tags:
- infrastructure
- azure-kubernetes-service
- datadog
- servicenow
capability:
exposes:
- type: mcp
namespace: k8s-upgrade
port: 8080
tools:
- name: upgrade-cluster
description: "Plan and execute a Kubernetes cluster upgrade with monitoring."
inputParameters:
- name: cluster_name
in: body
type: string
description: "AKS cluster name."
- name: target_version
in: body
type: string
description: "Target Kubernetes version."
steps:
- name: start-upgrade
type: call
call: "aks.upgrade-cluster"
with:
cluster_name: "{{cluster_name}}"
version: "{{target_version}}"
- name: check-health
type: call
call: "datadog.query-metrics"
with:
query: "avg:kubernetes.pods.running{cluster:{{cluster_name}}}"
- name: log-change
type: call
call: "servicenow.create-change-request"
with:
short_description: "K8s upgrade: {{cluster_name}} to {{target_version}}"
description: "Cluster: {{cluster_name}}. Target: {{target_version}}. Pods running: {{check-health.value}}."
consumes:
- type: http
namespace: aks
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: clusters
path: "/subscriptions/$secrets.azure_sub_id/resourceGroups/infra/providers/Microsoft.ContainerService/managedClusters/{{cluster_name}}"
inputParameters:
- name: cluster_name
in: path
operations:
- name: upgrade-cluster
method: PUT
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
name: "DD-API-KEY"
in: header
value: "$secrets.datadog_api_key"
resources:
- name: metrics
path: "/query"
inputParameters:
- name: query
in: query
operations:
- name: query-metrics
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change-request
method: POST
Kubernetes Namespace Provisioning
▼
platform-engineering kubernetes azure-kubernetes-service hashicorp-vault servicenow
Creates a new Kubernetes namespace on AKS with resource quotas, configures Hashicorp Vault secrets injection, and registers the namespace in ServiceNow CMDB.
naftiko: "0.5"
info:
label: "Kubernetes Namespace Provisioning"
description: "Creates a new Kubernetes namespace on AKS with resource quotas, configures Hashicorp Vault secrets injection, and registers the namespace in ServiceNow CMDB."
tags:
- platform-engineering
- kubernetes
- azure-kubernetes-service
- hashicorp-vault
- servicenow
capability:
exposes:
- type: mcp
namespace: k8s-provisioning
port: 8080
tools:
- name: provision-namespace
description: "Create AKS namespace with quotas, configure Vault secrets, and register in CMDB."
inputParameters:
- name: namespace_name
in: body
type: string
description: "The Kubernetes namespace to create."
- name: team
in: body
type: string
description: "The owning team name."
- name: environment
in: body
type: string
description: "Target environment (dev, staging, production)."
steps:
- name: create-namespace
type: call
call: "aks.create-namespace"
with:
cluster: "bnp-{{environment}}-cluster"
namespace: "{{namespace_name}}"
labels: "team={{team}},env={{environment}}"
- name: configure-vault
type: call
call: "vault.create-policy"
with:
policy_name: "{{namespace_name}}-{{environment}}"
path: "secret/data/{{environment}}/{{namespace_name}}/*"
capabilities: "read,list"
- name: register-cmdb
type: call
call: "servicenow.create-ci"
with:
name: "k8s-ns-{{namespace_name}}-{{environment}}"
class: "cmdb_ci_kubernetes_namespace"
environment: "{{environment}}"
owned_by: "{{team}}"
description: "Kubernetes namespace {{namespace_name}} on {{environment}} cluster. Vault policy: {{configure-vault.policy_name}}."
consumes:
- type: http
namespace: aks
baseUri: "https://management.azure.com/subscriptions/{{sub_id}}/resourceGroups/bnp-rg/providers/Microsoft.ContainerService/managedClusters"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: namespaces
path: "/{{cluster}}/namespaces"
inputParameters:
- name: cluster
in: path
operations:
- name: create-namespace
method: POST
- type: http
namespace: vault
baseUri: "https://vault.bnpparibas.net/v1"
authentication:
type: bearer
token: "$secrets.vault_token"
resources:
- name: policies
path: "/sys/policies/acl/{{policy_name}}"
inputParameters:
- name: policy_name
in: path
operations:
- name: create-policy
method: PUT
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci"
operations:
- name: create-ci
method: POST
KYC Client Onboarding Pipeline
▼
compliance know-your-customer salesforce moodys servicenow sharepoint
Orchestrates Know Your Customer onboarding by retrieving client data from Salesforce, running screening against Moody's, creating a compliance case in ServiceNow, and notifying the relationship manager via SharePoint.
naftiko: "0.5"
info:
label: "KYC Client Onboarding Pipeline"
description: "Orchestrates Know Your Customer onboarding by retrieving client data from Salesforce, running screening against Moody's, creating a compliance case in ServiceNow, and notifying the relationship manager via SharePoint."
tags:
- compliance
- know-your-customer
- salesforce
- moodys
- servicenow
- sharepoint
capability:
exposes:
- type: mcp
namespace: kyc-onboarding
port: 8080
tools:
- name: onboard-client
description: "Given a Salesforce account ID, run KYC screening, create compliance case, and provision client documentation folder."
inputParameters:
- name: account_id
in: body
type: string
description: "The Salesforce account ID for the new client."
- name: compliance_officer_id
in: body
type: string
description: "The Workday ID of the assigned compliance officer."
steps:
- name: get-client
type: call
call: "salesforce.get-account"
with:
account_id: "{{account_id}}"
- name: screen-entity
type: call
call: "moodys.screen-entity"
with:
entity_name: "{{get-client.Name}}"
country: "{{get-client.BillingCountry}}"
- name: get-officer
type: call
call: "workday.get-worker"
with:
worker_id: "{{compliance_officer_id}}"
- name: create-case
type: call
call: "servicenow.create-case"
with:
short_description: "KYC onboarding: {{get-client.Name}}"
description: "New client KYC screening result: {{screen-entity.risk_level}}. Screening score: {{screen-entity.score}}. Assigned to: {{get-officer.full_name}}."
assigned_group: "Compliance_KYC"
category: "kyc_onboarding"
- name: provision-folder
type: call
call: "sharepoint.create-folder"
with:
site_id: "compliance_kyc_site"
folder_path: "KYC/{{get-client.Name}}_{{account_id}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://bnpparibas.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: moodys
baseUri: "https://api.moodys.com/screening/v1"
authentication:
type: bearer
token: "$secrets.moodys_api_key"
resources:
- name: entities
path: "/screen"
operations:
- name: screen-entity
method: POST
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cases
path: "/table/sn_customerservice_case"
operations:
- name: create-case
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/{{site_id}}/drive/root:/{{folder_path}}"
inputParameters:
- name: site_id
in: path
- name: folder_path
in: path
operations:
- name: create-folder
method: POST
Liquidity Monitoring Pipeline
▼
treasury temenos-transact datadog power-bi
Aggregates cash positions from Temenos, monitors intraday limits, generates alerts in Datadog, and reports to treasury via Power BI.
naftiko: "0.5"
info:
label: "Liquidity Monitoring Pipeline"
description: "Aggregates cash positions from Temenos, monitors intraday limits, generates alerts in Datadog, and reports to treasury via Power BI."
tags:
- treasury
- temenos-transact
- datadog
- power-bi
capability:
exposes:
- type: mcp
namespace: liquidity-monitor
port: 8080
tools:
- name: monitor-liquidity
description: "Monitor intraday liquidity positions with alerting and reporting."
inputParameters:
- name: entity_code
in: body
type: string
description: "Legal entity code."
steps:
- name: get-positions
type: call
call: "temenos.get-cash-positions"
with:
entity: "{{entity_code}}"
- name: check-limits
type: call
call: "datadog.query-metrics"
with:
query: "sum:treasury.liquidity{entity:{{entity_code}}}"
- name: refresh-dashboard
type: call
call: "powerbi.refresh-dataset"
with:
dataset_id: "liquidity-{{entity_code}}"
consumes:
- type: http
namespace: temenos
baseUri: "https://temenos.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: cash
path: "/treasury/cash-positions"
inputParameters:
- name: entity
in: query
operations:
- name: get-cash-positions
method: GET
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
name: "DD-API-KEY"
in: header
value: "$secrets.datadog_api_key"
resources:
- name: metrics
path: "/query"
inputParameters:
- name: query
in: query
operations:
- name: query-metrics
method: GET
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
Loan Origination Orchestrator
▼
lending temenos-transact moodys salesforce servicenow
Creates a loan application in Temenos, runs credit checks via Moody's, generates documents in Salesforce, and tracks approval in ServiceNow.
naftiko: "0.5"
info:
label: "Loan Origination Orchestrator"
description: "Creates a loan application in Temenos, runs credit checks via Moody's, generates documents in Salesforce, and tracks approval in ServiceNow."
tags:
- lending
- temenos-transact
- moodys
- salesforce
- servicenow
capability:
exposes:
- type: mcp
namespace: loan-origination
port: 8080
tools:
- name: originate-loan
description: "Process a loan application end-to-end."
inputParameters:
- name: customer_id
in: body
type: string
description: "Temenos customer ID."
- name: loan_amount
in: body
type: number
description: "Requested loan amount."
steps:
- name: create-application
type: call
call: "temenos.create-loan"
with:
customer_id: "{{customer_id}}"
amount: "{{loan_amount}}"
- name: check-credit
type: call
call: "moodys.get-rating"
with:
entity_id: "{{customer_id}}"
- name: generate-docs
type: call
call: "salesforce.create-task"
with:
subject: "Loan docs: {{customer_id}} — {{loan_amount}}"
description: "Credit rating: {{check-credit.rating}}. Application: {{create-application.loan_id}}."
- name: track-approval
type: call
call: "servicenow.create-change-request"
with:
short_description: "Loan approval: {{create-application.loan_id}}"
description: "Amount: {{loan_amount}}. Rating: {{check-credit.rating}}."
consumes:
- type: http
namespace: temenos
baseUri: "https://temenos.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: loans
path: "/loans"
operations:
- name: create-loan
method: POST
- type: http
namespace: moodys
baseUri: "https://api.moodys.com/v1"
authentication:
type: bearer
token: "$secrets.moodys_api_key"
resources:
- name: ratings
path: "/issuers/{{entity_id}}/ratings"
inputParameters:
- name: entity_id
in: path
operations:
- name: get-rating
method: GET
- type: http
namespace: salesforce
baseUri: "https://bnpparibas.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: tasks
path: "/sobjects/Task"
operations:
- name: create-task
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change-request
method: POST
Market Risk VaR Computation Pipeline
▼
market-risk risk-management simcorp-dimension azure-databricks azure-data-factory power-bi
Pulls portfolio positions from SimCorp Dimension, runs Value-at-Risk computation in Azure Databricks, stores results in Azure Data Factory, and publishes to the risk dashboard in Power BI.
naftiko: "0.5"
info:
label: "Market Risk VaR Computation Pipeline"
description: "Pulls portfolio positions from SimCorp Dimension, runs Value-at-Risk computation in Azure Databricks, stores results in Azure Data Factory, and publishes to the risk dashboard in Power BI."
tags:
- market-risk
- risk-management
- simcorp-dimension
- azure-databricks
- azure-data-factory
- power-bi
capability:
exposes:
- type: mcp
namespace: market-risk
port: 8080
tools:
- name: compute-var
description: "Run end-of-day VaR computation for a portfolio, store results, and refresh risk dashboard."
inputParameters:
- name: portfolio_code
in: body
type: string
description: "The SimCorp portfolio code."
- name: valuation_date
in: body
type: string
description: "The valuation date in YYYY-MM-DD format."
- name: confidence_level
in: body
type: number
description: "VaR confidence level (e.g. 0.99)."
steps:
- name: get-positions
type: call
call: "simcorp.get-positions"
with:
portfolio_code: "{{portfolio_code}}"
- name: run-var-model
type: call
call: "databricks.run-job"
with:
job_name: "var_computation"
parameters: "portfolio={{portfolio_code}}&date={{valuation_date}}&confidence={{confidence_level}}&positions_count={{get-positions.total_market_value}}"
- name: store-results
type: call
call: "adf.trigger-pipeline"
with:
pipeline_name: "var_results_load"
parameters: "run_id={{run-var-model.run_id}}&portfolio={{portfolio_code}}&date={{valuation_date}}"
- name: refresh-risk-dashboard
type: call
call: "powerbi.refresh-dataset"
with:
workspace_id: "risk_management"
dataset_id: "market_risk_var"
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: positions
path: "/portfolios/{{portfolio_code}}/positions"
inputParameters:
- name: portfolio_code
in: path
operations:
- name: get-positions
method: GET
- type: http
namespace: databricks
baseUri: "https://adb-bnpparibas.azuredatabricks.net/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: adf
baseUri: "https://management.azure.com/subscriptions/{{sub_id}}/resourceGroups/bnp-rg/providers/Microsoft.DataFactory/factories/bnp-adf"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: pipelines
path: "/pipelines/{{pipeline_name}}/createRun?api-version=2018-06-01"
inputParameters:
- name: pipeline_name
in: path
operations:
- name: trigger-pipeline
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: workspace_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
Market Risk VaR Report Pipeline
▼
risk-management snowflake qlik-sense azure-blob-storage
Computes Value at Risk from Snowflake data, generates reports in Qlik Sense, stores in Azure Blob Storage, and distributes via email.
naftiko: "0.5"
info:
label: "Market Risk VaR Report Pipeline"
description: "Computes Value at Risk from Snowflake data, generates reports in Qlik Sense, stores in Azure Blob Storage, and distributes via email."
tags:
- risk-management
- snowflake
- qlik-sense
- azure-blob-storage
capability:
exposes:
- type: mcp
namespace: var-report
port: 8080
tools:
- name: generate-var-report
description: "Compute VaR and generate risk reports."
inputParameters:
- name: portfolio_code
in: body
type: string
description: "Portfolio code."
- name: confidence_level
in: body
type: number
description: "VaR confidence level (e.g. 0.99)."
steps:
- name: compute-var
type: call
call: "snowflake.execute-statement"
with:
statement: "CALL RISK.COMPUTE_VAR('{{portfolio_code}}', {{confidence_level}})"
- name: refresh-dashboard
type: call
call: "qlik.reload-app"
with:
app_id: "var-dashboard"
- name: export-report
type: call
call: "azure-blob.upload"
with:
container: "risk-reports"
blob_name: "var/{{portfolio_code}}/latest.pdf"
consumes:
- type: http
namespace: snowflake
baseUri: "https://bnpparibas.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: qlik
baseUri: "https://qlik.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.qlik_token"
resources:
- name: apps
path: "/apps/{{app_id}}/reload"
inputParameters:
- name: app_id
in: path
operations:
- name: reload-app
method: POST
- type: http
namespace: azure-blob
baseUri: "https://bnpdata.blob.core.windows.net"
authentication:
type: bearer
token: "$secrets.azure_storage_token"
resources:
- name: blobs
path: "/{{container}}/{{blob_name}}"
inputParameters:
- name: container
in: path
- name: blob_name
in: path
operations:
- name: upload
method: PUT
Mastercard Transaction Lookup
▼
payments mastercard transaction-monitoring
Retrieves transaction details from Mastercard by authorization reference, returning amount, merchant, status, and settlement date.
naftiko: "0.5"
info:
label: "Mastercard Transaction Lookup"
description: "Retrieves transaction details from Mastercard by authorization reference, returning amount, merchant, status, and settlement date."
tags:
- payments
- mastercard
- transaction-monitoring
capability:
exposes:
- type: mcp
namespace: card-payments
port: 8080
tools:
- name: get-transaction
description: "Look up a Mastercard transaction by authorization reference number."
inputParameters:
- name: auth_ref
in: body
type: string
description: "The Mastercard authorization reference number."
call: "mastercard.get-transaction"
with:
auth_ref: "{{auth_ref}}"
outputParameters:
- name: amount
type: number
mapping: "$.transaction.amount"
- name: currency
type: string
mapping: "$.transaction.currency"
- name: merchant
type: string
mapping: "$.transaction.merchantName"
- name: status
type: string
mapping: "$.transaction.status"
consumes:
- type: http
namespace: mastercard
baseUri: "https://api.mastercard.com/transaction/v1"
authentication:
type: bearer
token: "$secrets.mastercard_api_key"
resources:
- name: transactions
path: "/authorizations/{{auth_ref}}"
inputParameters:
- name: auth_ref
in: path
operations:
- name: get-transaction
method: GET
Moody Credit Rating Lookup
▼
credit-risk moodys
Retrieves the current Moody's credit rating for an issuer by entity ID, returning rating, outlook, and last action date.
naftiko: "0.5"
info:
label: "Moody Credit Rating Lookup"
description: "Retrieves the current Moody's credit rating for an issuer by entity ID, returning rating, outlook, and last action date."
tags:
- credit-risk
- moodys
capability:
exposes:
- type: mcp
namespace: moodys
port: 8080
tools:
- name: get-credit-rating
description: "Look up the Moody's credit rating for an issuer."
inputParameters:
- name: entity_id
in: body
type: string
description: "The Moody's entity identifier."
call: "moodys.get-rating"
with:
entity_id: "{{entity_id}}"
consumes:
- type: http
namespace: moodys
baseUri: "https://api.moodys.com/v1"
authentication:
type: bearer
token: "$secrets.moodys_api_key"
resources:
- name: ratings
path: "/issuers/{{entity_id}}/ratings"
inputParameters:
- name: entity_id
in: path
operations:
- name: get-rating
method: GET
n8n Workflow Automation Monitor
▼
automation n8n servicenow
Checks n8n workflow execution status, retrieves execution logs, and creates ServiceNow tickets for failed automations that require manual intervention.
naftiko: "0.5"
info:
label: "n8n Workflow Automation Monitor"
description: "Checks n8n workflow execution status, retrieves execution logs, and creates ServiceNow tickets for failed automations that require manual intervention."
tags:
- automation
- n8n
- servicenow
capability:
exposes:
- type: mcp
namespace: workflow-monitor
port: 8080
tools:
- name: monitor-workflow
description: "Check n8n workflow execution status and create ServiceNow ticket for failures."
inputParameters:
- name: workflow_id
in: body
type: string
description: "The n8n workflow ID."
- name: execution_id
in: body
type: string
description: "The n8n execution ID to check."
steps:
- name: get-execution
type: call
call: "n8n.get-execution"
with:
workflow_id: "{{workflow_id}}"
execution_id: "{{execution_id}}"
- name: create-ticket
type: call
call: "servicenow.create-task"
with:
short_description: "n8n workflow failure: {{workflow_id}} — execution {{execution_id}}"
description: "Workflow status: {{get-execution.status}}. Error node: {{get-execution.error_node}}. Error message: {{get-execution.error_message}}. Started: {{get-execution.started_at}}. Failed: {{get-execution.finished_at}}."
assigned_group: "Automation_Support"
category: "workflow_failure"
consumes:
- type: http
namespace: n8n
baseUri: "https://n8n.bnpparibas.net/api/v1"
authentication:
type: bearer
token: "$secrets.n8n_api_key"
resources:
- name: executions
path: "/workflows/{{workflow_id}}/executions/{{execution_id}}"
inputParameters:
- name: workflow_id
in: path
- name: execution_id
in: path
operations:
- name: get-execution
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Nostro Account Reconciliation Workflow
▼
operations temenos-transact swift oracle servicenow
Retrieves nostro balances from Temenos, matches against SWIFT statements, logs breaks in Oracle, and creates ServiceNow tickets for unmatched items.
naftiko: "0.5"
info:
label: "Nostro Account Reconciliation Workflow"
description: "Retrieves nostro balances from Temenos, matches against SWIFT statements, logs breaks in Oracle, and creates ServiceNow tickets for unmatched items."
tags:
- operations
- temenos-transact
- swift
- oracle
- servicenow
capability:
exposes:
- type: mcp
namespace: nostro-recon
port: 8080
tools:
- name: reconcile-nostro
description: "Reconcile nostro account balances against SWIFT statements."
inputParameters:
- name: nostro_account
in: body
type: string
description: "Nostro account number."
- name: recon_date
in: body
type: string
description: "Reconciliation date YYYY-MM-DD."
steps:
- name: get-balance
type: call
call: "temenos.get-balance"
with:
account_number: "{{nostro_account}}"
- name: get-statement
type: call
call: "swift.get-mt950"
with:
account: "{{nostro_account}}"
date: "{{recon_date}}"
- name: log-breaks
type: call
call: "oracle.insert-breaks"
with:
account: "{{nostro_account}}"
book_balance: "{{get-balance.balance}}"
statement_balance: "{{get-statement.closing_balance}}"
- name: create-ticket
type: call
call: "servicenow.create-task"
with:
short_description: "Nostro recon: {{nostro_account}} — {{recon_date}}"
description: "Book: {{get-balance.balance}}. Statement: {{get-statement.closing_balance}}. Breaks logged in Oracle."
consumes:
- type: http
namespace: temenos
baseUri: "https://temenos.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: accounts
path: "/accounts/{{account_number}}/balance"
inputParameters:
- name: account_number
in: path
operations:
- name: get-balance
method: GET
- type: http
namespace: swift
baseUri: "https://api.swift.com/gpi/v4"
authentication:
type: bearer
token: "$secrets.swift_gpi_token"
resources:
- name: statements
path: "/statements/mt950"
inputParameters:
- name: account
in: query
- name: date
in: query
operations:
- name: get-mt950
method: GET
- type: http
namespace: oracle
baseUri: "https://oracle.bnpparibas.com/fscmRestApi/resources/v1"
authentication:
type: basic
username: "$secrets.oracle_user"
password: "$secrets.oracle_password"
resources:
- name: recon-breaks
path: "/reconciliationBreaks"
operations:
- name: insert-breaks
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Oracle Database Health Check
▼
databases oracle oracle-enterprise-manager monitoring
Queries Oracle Enterprise Manager for database instance status, tablespace usage, and active sessions for a given database SID.
naftiko: "0.5"
info:
label: "Oracle Database Health Check"
description: "Queries Oracle Enterprise Manager for database instance status, tablespace usage, and active sessions for a given database SID."
tags:
- databases
- oracle
- oracle-enterprise-manager
- monitoring
capability:
exposes:
- type: mcp
namespace: db-ops
port: 8080
tools:
- name: get-db-health
description: "Retrieve health metrics for an Oracle database instance including status, tablespace usage, and active session count."
inputParameters:
- name: db_sid
in: body
type: string
description: "The Oracle database SID."
call: "oem.get-db-status"
with:
db_sid: "{{db_sid}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: tablespace_pct
type: number
mapping: "$.tablespaceUsedPct"
- name: active_sessions
type: number
mapping: "$.activeSessions"
consumes:
- type: http
namespace: oem
baseUri: "https://oem.bnpparibas.net/em/websvcs/restful/emws/db"
authentication:
type: basic
username: "$secrets.oem_user"
password: "$secrets.oem_password"
resources:
- name: databases
path: "/targets/{{db_sid}}/health"
inputParameters:
- name: db_sid
in: path
operations:
- name: get-db-status
method: GET
Oracle GL Balance Inquiry
▼
finance oracle
Queries Oracle General Ledger for account balances by ledger, period, and account code, returning debit, credit, and net balance.
naftiko: "0.5"
info:
label: "Oracle GL Balance Inquiry"
description: "Queries Oracle General Ledger for account balances by ledger, period, and account code, returning debit, credit, and net balance."
tags:
- finance
- oracle
capability:
exposes:
- type: mcp
namespace: oracle-gl
port: 8080
tools:
- name: get-gl-balance
description: "Retrieve General Ledger balance for a given account and period."
inputParameters:
- name: account_code
in: body
type: string
description: "The GL account code."
- name: period
in: body
type: string
description: "Accounting period (e.g. JAN-26)."
call: "oracle-gl.get-balance"
with:
account_code: "{{account_code}}"
period: "{{period}}"
consumes:
- type: http
namespace: oracle-gl
baseUri: "https://oracle.bnpparibas.com/fscmRestApi/resources/v1"
authentication:
type: basic
username: "$secrets.oracle_user"
password: "$secrets.oracle_password"
resources:
- name: balances
path: "/generalLedgerBalances"
inputParameters:
- name: account_code
in: query
- name: period
in: query
operations:
- name: get-balance
method: GET
Payment Sanctions Screening Pipeline
▼
compliance oracle sap servicenow
Screens outgoing payments against sanctions lists, logs results in Oracle, holds flagged payments in SAP, and alerts compliance via ServiceNow.
naftiko: "0.5"
info:
label: "Payment Sanctions Screening Pipeline"
description: "Screens outgoing payments against sanctions lists, logs results in Oracle, holds flagged payments in SAP, and alerts compliance via ServiceNow."
tags:
- compliance
- oracle
- sap
- servicenow
capability:
exposes:
- type: mcp
namespace: sanctions-screen
port: 8080
tools:
- name: screen-payment
description: "Screen a payment against sanctions with hold and alert capabilities."
inputParameters:
- name: payment_ref
in: body
type: string
description: "Payment reference."
- name: beneficiary_name
in: body
type: string
description: "Beneficiary name."
steps:
- name: run-screening
type: call
call: "oracle.screen-payment"
with:
payment_ref: "{{payment_ref}}"
name: "{{beneficiary_name}}"
- name: log-result
type: call
call: "oracle.log-screening"
with:
payment_ref: "{{payment_ref}}"
result: "{{run-screening.result}}"
- name: hold-payment
type: call
call: "sap.hold-payment"
with:
payment_ref: "{{payment_ref}}"
reason: "{{run-screening.match_details}}"
- name: alert-compliance
type: call
call: "servicenow.create-incident"
with:
short_description: "Sanctions hit: {{payment_ref}}"
description: "Beneficiary: {{beneficiary_name}}. Match: {{run-screening.match_details}}."
category: "sanctions"
urgency: "1"
consumes:
- type: http
namespace: oracle
baseUri: "https://oracle.bnpparibas.com/fscmRestApi/resources/v1"
authentication:
type: basic
username: "$secrets.oracle_user"
password: "$secrets.oracle_password"
resources:
- name: screening
path: "/sanctions/screen"
operations:
- name: screen-payment
method: POST
- name: logs
path: "/sanctions/logs"
operations:
- name: log-screening
method: POST
- type: http
namespace: sap
baseUri: "https://bnp-s4.sap.com/sap/opu/odata/sap"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: payments
path: "/FI_PAYMENT_SRV/A_Payment"
operations:
- name: hold-payment
method: PATCH
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Power BI Report Refresh
▼
analytics reporting power-bi
Triggers a dataset refresh in Power BI for a given workspace and dataset, used by finance teams to ensure dashboards reflect the latest data.
naftiko: "0.5"
info:
label: "Power BI Report Refresh"
description: "Triggers a dataset refresh in Power BI for a given workspace and dataset, used by finance teams to ensure dashboards reflect the latest data."
tags:
- analytics
- reporting
- power-bi
capability:
exposes:
- type: mcp
namespace: bi-reporting
port: 8080
tools:
- name: refresh-dataset
description: "Trigger a Power BI dataset refresh for a given workspace and dataset ID."
inputParameters:
- name: workspace_id
in: body
type: string
description: "The Power BI workspace (group) ID."
- name: dataset_id
in: body
type: string
description: "The Power BI dataset ID."
call: "powerbi.refresh-dataset"
with:
workspace_id: "{{workspace_id}}"
dataset_id: "{{dataset_id}}"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: workspace_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
Qlik Sense Report Distribution
▼
analytics reporting qlik-sense sharepoint azure-service-bus
Triggers a Qlik Sense app reload, exports the report as PDF, uploads to SharePoint for stakeholder access, and notifies recipients via Azure Service Bus.
naftiko: "0.5"
info:
label: "Qlik Sense Report Distribution"
description: "Triggers a Qlik Sense app reload, exports the report as PDF, uploads to SharePoint for stakeholder access, and notifies recipients via Azure Service Bus."
tags:
- analytics
- reporting
- qlik-sense
- sharepoint
- azure-service-bus
capability:
exposes:
- type: mcp
namespace: report-distribution
port: 8080
tools:
- name: distribute-report
description: "Reload Qlik Sense app, export PDF, upload to SharePoint, and notify stakeholders."
inputParameters:
- name: app_id
in: body
type: string
description: "The Qlik Sense application ID."
- name: report_name
in: body
type: string
description: "The report name for file naming."
- name: distribution_list
in: body
type: string
description: "Comma-separated list of recipient email addresses."
steps:
- name: reload-app
type: call
call: "qlik.reload-app"
with:
app_id: "{{app_id}}"
- name: export-pdf
type: call
call: "qlik.export-report"
with:
app_id: "{{app_id}}"
format: "pdf"
- name: upload-report
type: call
call: "sharepoint.create-file"
with:
site_id: "reports_distribution"
file_path: "Reports/{{report_name}}/{{report_name}}_latest.pdf"
content_type: "application/pdf"
- name: notify-recipients
type: call
call: "servicebus.send-message"
with:
queue: "report-notifications"
body: "Report {{report_name}} is ready. Download: {{upload-report.url}}. Recipients: {{distribution_list}}."
consumes:
- type: http
namespace: qlik
baseUri: "https://qlik.bnpparibas.net/api/v1"
authentication:
type: bearer
token: "$secrets.qlik_token"
resources:
- name: apps
path: "/apps/{{app_id}}/reload"
inputParameters:
- name: app_id
in: path
operations:
- name: reload-app
method: POST
- name: exports
path: "/apps/{{app_id}}/export/{{format}}"
inputParameters:
- name: app_id
in: path
- name: format
in: path
operations:
- name: export-report
method: GET
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: files
path: "/{{site_id}}/drive/root:/{{file_path}}:/content"
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: create-file
method: PUT
- type: http
namespace: servicebus
baseUri: "https://bnpparibas-prod.servicebus.windows.net"
authentication:
type: bearer
token: "$secrets.servicebus_sas_token"
resources:
- name: queues
path: "/{{queue}}/messages"
inputParameters:
- name: queue
in: path
operations:
- name: send-message
method: POST
Qlik Sense Report Export
▼
reporting qlik-sense
Exports a Qlik Sense report as PDF by app ID and sheet ID for distribution to stakeholders.
naftiko: "0.5"
info:
label: "Qlik Sense Report Export"
description: "Exports a Qlik Sense report as PDF by app ID and sheet ID for distribution to stakeholders."
tags:
- reporting
- qlik-sense
capability:
exposes:
- type: mcp
namespace: qlik-export
port: 8080
tools:
- name: export-report
description: "Export a Qlik Sense sheet as PDF."
inputParameters:
- name: app_id
in: body
type: string
description: "The Qlik Sense app identifier."
- name: sheet_id
in: body
type: string
description: "The sheet identifier."
call: "qlik-export.export-pdf"
with:
app_id: "{{app_id}}"
sheet_id: "{{sheet_id}}"
consumes:
- type: http
namespace: qlik-export
baseUri: "https://qlik.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.qlik_token"
resources:
- name: exports
path: "/apps/{{app_id}}/sheets/{{sheet_id}}/export/pdf"
inputParameters:
- name: app_id
in: path
- name: sheet_id
in: path
operations:
- name: export-pdf
method: GET
RabbitMQ Dead Letter Queue Processor
▼
messaging rabbitmq elasticsearch servicenow
Retrieves messages from a RabbitMQ dead letter queue, logs the failure pattern in Elasticsearch, and creates a ServiceNow incident for application support to investigate.
naftiko: "0.5"
info:
label: "RabbitMQ Dead Letter Queue Processor"
description: "Retrieves messages from a RabbitMQ dead letter queue, logs the failure pattern in Elasticsearch, and creates a ServiceNow incident for application support to investigate."
tags:
- messaging
- rabbitmq
- elasticsearch
- servicenow
capability:
exposes:
- type: mcp
namespace: dlq-processor
port: 8080
tools:
- name: process-dead-letters
description: "Retrieve DLQ messages, log failure patterns, and create incident for investigation."
inputParameters:
- name: queue_name
in: body
type: string
description: "The dead letter queue name."
- name: vhost
in: body
type: string
description: "The RabbitMQ virtual host."
steps:
- name: get-messages
type: call
call: "rabbitmq.get-messages"
with:
vhost: "{{vhost}}"
queue: "{{queue_name}}"
- name: log-pattern
type: call
call: "elasticsearch.index-document"
with:
index: "dlq-failures"
body: "queue={{queue_name}}&vhost={{vhost}}&count={{get-messages.message_count}}&oldest={{get-messages.oldest_timestamp}}"
- name: create-incident
type: call
call: "servicenow.create-incident"
with:
short_description: "DLQ accumulation: {{queue_name}} on {{vhost}}"
description: "Dead letter queue {{queue_name}} has {{get-messages.message_count}} unprocessed messages. Oldest message: {{get-messages.oldest_timestamp}}. Sample error: {{get-messages.sample_error}}."
assigned_group: "Application_Support"
category: "messaging_failure"
consumes:
- type: http
namespace: rabbitmq
baseUri: "https://rabbitmq.bnpparibas.net:15672/api"
authentication:
type: basic
username: "$secrets.rabbitmq_user"
password: "$secrets.rabbitmq_password"
resources:
- name: queues
path: "/queues/{{vhost}}/{{queue}}/get"
inputParameters:
- name: vhost
in: path
- name: queue
in: path
operations:
- name: get-messages
method: POST
- type: http
namespace: elasticsearch
baseUri: "https://elasticsearch.bnpparibas.net:9200"
authentication:
type: basic
username: "$secrets.elastic_user"
password: "$secrets.elastic_password"
resources:
- name: documents
path: "/{{index}}/_doc"
inputParameters:
- name: index
in: path
operations:
- name: index-document
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Real-Time Fraud Detection Pipeline
▼
fraud apache-kafka azure-machine-learning temenos-transact servicenow
Monitors Kafka payment events, scores transactions via Azure Machine Learning, blocks suspicious payments in Temenos, and alerts via ServiceNow.
naftiko: "0.5"
info:
label: "Real-Time Fraud Detection Pipeline"
description: "Monitors Kafka payment events, scores transactions via Azure Machine Learning, blocks suspicious payments in Temenos, and alerts via ServiceNow."
tags:
- fraud
- apache-kafka
- azure-machine-learning
- temenos-transact
- servicenow
capability:
exposes:
- type: mcp
namespace: fraud-detection
port: 8080
tools:
- name: detect-fraud
description: "Score a transaction for fraud and take action."
inputParameters:
- name: transaction_id
in: body
type: string
description: "Transaction identifier."
steps:
- name: get-event
type: call
call: "kafka.get-event"
with:
topic: "payments"
key: "{{transaction_id}}"
- name: score-transaction
type: call
call: "azure-ml.score"
with:
features: "{{get-event.payload}}"
- name: block-payment
type: call
call: "temenos.hold-transaction"
with:
transaction_id: "{{transaction_id}}"
reason: "Fraud score: {{score-transaction.score}}"
- name: create-alert
type: call
call: "servicenow.create-incident"
with:
short_description: "Fraud alert: {{transaction_id}}"
description: "Score: {{score-transaction.score}}. Amount: {{get-event.amount}}."
category: "fraud"
urgency: "1"
consumes:
- type: http
namespace: kafka
baseUri: "https://kafka-rest.bnpparibas.com/v3"
authentication:
type: bearer
token: "$secrets.kafka_rest_token"
resources:
- name: events
path: "/topics/{{topic}}/records/{{key}}"
inputParameters:
- name: topic
in: path
- name: key
in: path
operations:
- name: get-event
method: GET
- type: http
namespace: azure-ml
baseUri: "https://ml-bnp.azureml.net/api/v1"
authentication:
type: bearer
token: "$secrets.azure_ml_token"
resources:
- name: scoring
path: "/models/fraud-detector/score"
operations:
- name: score
method: POST
- type: http
namespace: temenos
baseUri: "https://temenos.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: transactions
path: "/transactions/{{transaction_id}}/hold"
inputParameters:
- name: transaction_id
in: path
operations:
- name: hold-transaction
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Regulatory Capital Report Pipeline
▼
regulatory simcorp-dimension snowflake power-bi azure-blob-storage
Extracts position data from SimCorp, computes capital requirements in Snowflake, generates reports in Power BI, and archives in Azure Blob Storage.
naftiko: "0.5"
info:
label: "Regulatory Capital Report Pipeline"
description: "Extracts position data from SimCorp, computes capital requirements in Snowflake, generates reports in Power BI, and archives in Azure Blob Storage."
tags:
- regulatory
- simcorp-dimension
- snowflake
- power-bi
- azure-blob-storage
capability:
exposes:
- type: mcp
namespace: reg-capital
port: 8080
tools:
- name: generate-capital-report
description: "Compute and distribute regulatory capital report."
inputParameters:
- name: reporting_date
in: body
type: string
description: "Reporting date YYYY-MM-DD."
steps:
- name: get-positions
type: call
call: "simcorp.get-positions"
with:
as_of_date: "{{reporting_date}}"
- name: compute-capital
type: call
call: "snowflake.execute-statement"
with:
statement: "CALL REG.COMPUTE_CAPITAL_REQUIREMENTS('{{reporting_date}}')"
- name: refresh-report
type: call
call: "powerbi.refresh-dataset"
with:
dataset_id: "regulatory-capital"
- name: archive
type: call
call: "azure-blob.upload"
with:
container: "regulatory-reports"
blob_name: "capital/{{reporting_date}}/report.json"
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: positions
path: "/positions"
inputParameters:
- name: as_of_date
in: query
operations:
- name: get-positions
method: GET
- type: http
namespace: snowflake
baseUri: "https://bnpparibas.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: azure-blob
baseUri: "https://bnpdata.blob.core.windows.net"
authentication:
type: bearer
token: "$secrets.azure_storage_token"
resources:
- name: blobs
path: "/{{container}}/{{blob_name}}"
inputParameters:
- name: container
in: path
- name: blob_name
in: path
operations:
- name: upload
method: PUT
Regulatory Filing Submission Pipeline
▼
compliance snowflake simcorp-dimension servicenow
Extracts reporting data from Snowflake, validates via compliance rules in SimCorp Dimension, and submits to regulatory portal with ServiceNow tracking.
naftiko: "0.5"
info:
label: "Regulatory Filing Submission Pipeline"
description: "Extracts reporting data from Snowflake, validates via compliance rules in SimCorp Dimension, and submits to regulatory portal with ServiceNow tracking."
tags:
- compliance
- snowflake
- simcorp-dimension
- servicenow
capability:
exposes:
- type: mcp
namespace: regulatory-filing
port: 8080
tools:
- name: submit-regulatory-filing
description: "Extract, validate, and submit a regulatory filing."
inputParameters:
- name: report_code
in: body
type: string
description: "Regulatory report code."
- name: reporting_date
in: body
type: string
description: "Reporting date YYYY-MM-DD."
steps:
- name: extract-data
type: call
call: "snowflake-api.run-query"
with:
query: "SELECT * FROM regulatory.{{report_code}} WHERE reporting_date = '{{reporting_date}}'"
- name: validate-positions
type: call
call: "simcorp-api.get-positions"
with:
report_code: "{{report_code}}"
date: "{{reporting_date}}"
- name: track-submission
type: call
call: "servicenow-api.create-incident"
with:
short_description: "Regulatory filing: {{report_code}} for {{reporting_date}}"
description: "Records: {{extract-data.count}}. Positions validated: {{validate-positions.count}}."
category: "regulatory_filing"
consumes:
- type: http
namespace: snowflake-api
baseUri: "https://bnpparibas.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: queries
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: simcorp-api
baseUri: "https://simcorp.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: positions
path: "/portfolios/positions"
operations:
- name: get-positions
method: GET
- type: http
namespace: servicenow-api
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Regulatory Report Generation Pipeline
▼
compliance regulatory financial-reporting oracle-database azure-databricks power-bi servicenow
Extracts data from Oracle Database, transforms it in Azure Databricks, generates the regulatory report in Power BI, and logs submission in ServiceNow for audit trail.
naftiko: "0.5"
info:
label: "Regulatory Report Generation Pipeline"
description: "Extracts data from Oracle Database, transforms it in Azure Databricks, generates the regulatory report in Power BI, and logs submission in ServiceNow for audit trail."
tags:
- compliance
- regulatory
- financial-reporting
- oracle-database
- azure-databricks
- power-bi
- servicenow
capability:
exposes:
- type: mcp
namespace: regulatory-reporting
port: 8080
tools:
- name: generate-regulatory-report
description: "Extract regulatory data, transform in Databricks, refresh Power BI report, and log submission for audit."
inputParameters:
- name: report_type
in: body
type: string
description: "The regulatory report type (e.g. COREP, FINREP, FRTB)."
- name: reporting_date
in: body
type: string
description: "The reporting period end date in YYYY-MM-DD format."
- name: entity_code
in: body
type: string
description: "The legal entity code for the report."
steps:
- name: extract-data
type: call
call: "oracle.execute-query"
with:
query_name: "reg_{{report_type}}_extract"
reporting_date: "{{reporting_date}}"
entity_code: "{{entity_code}}"
- name: transform-data
type: call
call: "databricks.run-job"
with:
job_name: "regulatory_{{report_type}}_transform"
parameters: "reporting_date={{reporting_date}}&entity={{entity_code}}&extract_id={{extract-data.extract_id}}"
- name: refresh-report
type: call
call: "powerbi.refresh-dataset"
with:
workspace_id: "regulatory_reports"
dataset_id: "{{report_type}}_{{entity_code}}"
- name: log-submission
type: call
call: "servicenow.create-task"
with:
short_description: "Regulatory report generated: {{report_type}} — {{entity_code}} — {{reporting_date}}"
description: "Extract ID: {{extract-data.extract_id}}. Databricks run: {{transform-data.run_id}}. Report refreshed in Power BI. Ready for supervisory submission."
assigned_group: "Regulatory_Reporting"
category: "regulatory_submission"
consumes:
- type: http
namespace: oracle
baseUri: "https://ords.bnpparibas.net/ords/reg"
authentication:
type: bearer
token: "$secrets.oracle_ords_token"
resources:
- name: queries
path: "/extracts/{{query_name}}"
inputParameters:
- name: query_name
in: path
operations:
- name: execute-query
method: POST
- type: http
namespace: databricks
baseUri: "https://adb-bnpparibas.azuredatabricks.net/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: workspace_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Salesforce Client Account Lookup
▼
crm salesforce client-management
Retrieves a corporate client account from Salesforce by account ID, returning relationship manager, segment, AUM, and last interaction date.
naftiko: "0.5"
info:
label: "Salesforce Client Account Lookup"
description: "Retrieves a corporate client account from Salesforce by account ID, returning relationship manager, segment, AUM, and last interaction date."
tags:
- crm
- salesforce
- client-management
capability:
exposes:
- type: mcp
namespace: crm
port: 8080
tools:
- name: get-client-account
description: "Look up a Salesforce corporate client account. Returns account name, relationship manager, segment classification, and AUM."
inputParameters:
- name: account_id
in: body
type: string
description: "The Salesforce account ID."
call: "salesforce.get-account"
with:
account_id: "{{account_id}}"
outputParameters:
- name: account_name
type: string
mapping: "$.Name"
- name: relationship_manager
type: string
mapping: "$.Owner.Name"
- name: segment
type: string
mapping: "$.Client_Segment__c"
- name: aum
type: number
mapping: "$.AUM__c"
consumes:
- type: http
namespace: salesforce
baseUri: "https://bnpparibas.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
Salesforce Client Opportunity Lookup
▼
sales salesforce
Fetches opportunity details from Salesforce CRM by opportunity ID, returning stage, value, and expected close date.
naftiko: "0.5"
info:
label: "Salesforce Client Opportunity Lookup"
description: "Fetches opportunity details from Salesforce CRM by opportunity ID, returning stage, value, and expected close date."
tags:
- sales
- salesforce
capability:
exposes:
- type: mcp
namespace: salesforce-crm
port: 8080
tools:
- name: get-opportunity
description: "Retrieve a Salesforce opportunity by ID."
inputParameters:
- name: opportunity_id
in: body
type: string
description: "The Salesforce opportunity identifier."
call: "salesforce-crm.get-opportunity"
with:
opportunity_id: "{{opportunity_id}}"
consumes:
- type: http
namespace: salesforce-crm
baseUri: "https://bnpparibas.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity/{{opportunity_id}}"
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
SAP Payment Instruction Status
▼
payments treasury sap
Checks the status of a payment instruction in SAP, returning execution status, value date, and beneficiary details for treasury operations.
naftiko: "0.5"
info:
label: "SAP Payment Instruction Status"
description: "Checks the status of a payment instruction in SAP, returning execution status, value date, and beneficiary details for treasury operations."
tags:
- payments
- treasury
- sap
capability:
exposes:
- type: mcp
namespace: treasury
port: 8080
tools:
- name: get-payment-status
description: "Retrieve the status of a SAP payment instruction by document number."
inputParameters:
- name: payment_doc_number
in: body
type: string
description: "The SAP payment document number."
call: "sap.get-payment"
with:
payment_doc_number: "{{payment_doc_number}}"
outputParameters:
- name: status
type: string
mapping: "$.d.PaymentStatus"
- name: value_date
type: string
mapping: "$.d.ValueDate"
- name: amount
type: number
mapping: "$.d.Amount"
- name: currency
type: string
mapping: "$.d.Currency"
consumes:
- type: http
namespace: sap
baseUri: "https://bnp-s4.sap.com/sap/opu/odata/sap/FI_PAYMENT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
inputParameters:
- name: Accept
in: header
value: "application/json"
- name: sap-client
in: header
value: "100"
resources:
- name: payments
path: "/A_PaymentInstruction('{{payment_doc_number}}')"
inputParameters:
- name: payment_doc_number
in: path
operations:
- name: get-payment
method: GET
ServiceNow Change Request Lookup
▼
itsm servicenow
Retrieves change request details from ServiceNow by change number, returning approval status, risk level, and implementation plan.
naftiko: "0.5"
info:
label: "ServiceNow Change Request Lookup"
description: "Retrieves change request details from ServiceNow by change number, returning approval status, risk level, and implementation plan."
tags:
- itsm
- servicenow
capability:
exposes:
- type: mcp
namespace: servicenow-changes
port: 8080
tools:
- name: get-change-request
description: "Look up a ServiceNow change request by number."
inputParameters:
- name: number
in: body
type: string
description: "The change request number (e.g. CHG0012345)."
call: "servicenow-changes.get-change"
with:
number: "{{number}}"
consumes:
- type: http
namespace: servicenow-changes
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
inputParameters:
- name: number
in: query
operations:
- name: get-change
method: GET
ServiceNow Incident Lookup
▼
operations servicenow incident-management
Retrieves a ServiceNow incident by number, returning status, priority, assigned group, and resolution notes for IT operations triage.
naftiko: "0.5"
info:
label: "ServiceNow Incident Lookup"
description: "Retrieves a ServiceNow incident by number, returning status, priority, assigned group, and resolution notes for IT operations triage."
tags:
- operations
- servicenow
- incident-management
capability:
exposes:
- type: mcp
namespace: itsm
port: 8080
tools:
- name: get-incident
description: "Look up a ServiceNow incident by incident number. Returns current state, priority, assigned group, and short description."
inputParameters:
- name: incident_number
in: body
type: string
description: "The ServiceNow incident number (e.g. INC0012345)."
call: "servicenow.get-incident"
with:
incident_number: "{{incident_number}}"
outputParameters:
- name: state
type: string
mapping: "$.result.state"
- name: priority
type: string
mapping: "$.result.priority"
- name: assigned_to
type: string
mapping: "$.result.assigned_to.display_value"
consumes:
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident?sysparm_query=number={{incident_number}}"
inputParameters:
- name: incident_number
in: path
operations:
- name: get-incident
method: GET
SimCorp Dimension Position Lookup
▼
asset-management portfolio-management simcorp-dimension
Retrieves current positions for a given portfolio from SimCorp Dimension, returning instrument, quantity, market value, and currency.
naftiko: "0.5"
info:
label: "SimCorp Dimension Position Lookup"
description: "Retrieves current positions for a given portfolio from SimCorp Dimension, returning instrument, quantity, market value, and currency."
tags:
- asset-management
- portfolio-management
- simcorp-dimension
capability:
exposes:
- type: mcp
namespace: investment-ops
port: 8080
tools:
- name: get-positions
description: "Retrieve current positions for a portfolio from SimCorp Dimension."
inputParameters:
- name: portfolio_code
in: body
type: string
description: "The SimCorp portfolio code."
call: "simcorp.get-positions"
with:
portfolio_code: "{{portfolio_code}}"
outputParameters:
- name: positions
type: string
mapping: "$.data.positions"
- name: total_market_value
type: number
mapping: "$.data.totalMarketValue"
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: positions
path: "/portfolios/{{portfolio_code}}/positions"
inputParameters:
- name: portfolio_code
in: path
operations:
- name: get-positions
method: GET
Spark ETL Job Orchestration
▼
data-engineering etl apache-spark azure-databricks postgresql azure-event-hubs
Triggers an Apache Spark ETL job on Azure Databricks, monitors completion, validates output in PostgreSQL, and notifies the data team via Azure Event Hubs.
naftiko: "0.5"
info:
label: "Spark ETL Job Orchestration"
description: "Triggers an Apache Spark ETL job on Azure Databricks, monitors completion, validates output in PostgreSQL, and notifies the data team via Azure Event Hubs."
tags:
- data-engineering
- etl
- apache-spark
- azure-databricks
- postgresql
- azure-event-hubs
capability:
exposes:
- type: mcp
namespace: etl-ops
port: 8080
tools:
- name: run-etl-pipeline
description: "Run a Spark ETL job on Databricks, validate output data, and notify the data team."
inputParameters:
- name: job_name
in: body
type: string
description: "The Databricks job name."
- name: source_table
in: body
type: string
description: "The source table for the ETL job."
- name: target_table
in: body
type: string
description: "The target PostgreSQL table."
steps:
- name: run-spark-job
type: call
call: "databricks.run-job"
with:
job_name: "{{job_name}}"
parameters: "source={{source_table}}&target={{target_table}}"
- name: validate-output
type: call
call: "postgresql.run-query"
with:
query: "SELECT COUNT(*) as row_count FROM {{target_table}} WHERE load_date = CURRENT_DATE"
- name: notify-team
type: call
call: "eventhubs.send-event"
with:
topic: "etl-completions"
body: "ETL job {{job_name}} completed. Databricks run: {{run-spark-job.run_id}}. Target: {{target_table}}. Rows loaded: {{validate-output.row_count}}."
consumes:
- type: http
namespace: databricks
baseUri: "https://adb-bnpparibas.azuredatabricks.net/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: postgresql
baseUri: "https://pgrest.bnpparibas.net/api/v1"
authentication:
type: bearer
token: "$secrets.pgrest_token"
resources:
- name: queries
path: "/rpc/execute_query"
operations:
- name: run-query
method: POST
- type: http
namespace: eventhubs
baseUri: "https://bnpparibas-prod.servicebus.windows.net"
authentication:
type: bearer
token: "$secrets.eventhubs_sas_token"
resources:
- name: events
path: "/{{topic}}/messages"
inputParameters:
- name: topic
in: path
operations:
- name: send-event
method: POST
Stress Testing Scenario Runner
▼
stress-testing risk-management bloomberg simcorp-dimension azure-databricks sharepoint
Loads a stress scenario from Bloomberg market data, applies it to portfolio positions in SimCorp Dimension, computes PnL impact in Azure Databricks, and stores results in SharePoint.
naftiko: "0.5"
info:
label: "Stress Testing Scenario Runner"
description: "Loads a stress scenario from Bloomberg market data, applies it to portfolio positions in SimCorp Dimension, computes PnL impact in Azure Databricks, and stores results in SharePoint."
tags:
- stress-testing
- risk-management
- bloomberg
- simcorp-dimension
- azure-databricks
- sharepoint
capability:
exposes:
- type: mcp
namespace: stress-testing
port: 8080
tools:
- name: run-stress-test
description: "Execute a stress test scenario against a portfolio, compute PnL impact, and store results."
inputParameters:
- name: scenario_name
in: body
type: string
description: "The stress scenario name (e.g. rate_shock_200bp, equity_crash_20pct)."
- name: portfolio_code
in: body
type: string
description: "The SimCorp portfolio code."
- name: valuation_date
in: body
type: string
description: "The valuation date in YYYY-MM-DD format."
steps:
- name: get-scenario-data
type: call
call: "bloomberg.get-scenario"
with:
scenario: "{{scenario_name}}"
- name: get-positions
type: call
call: "simcorp.get-positions"
with:
portfolio_code: "{{portfolio_code}}"
- name: compute-impact
type: call
call: "databricks.run-job"
with:
job_name: "stress_test_pnl"
parameters: "scenario={{scenario_name}}&portfolio={{portfolio_code}}&date={{valuation_date}}&positions_value={{get-positions.total_market_value}}"
- name: store-results
type: call
call: "sharepoint.create-file"
with:
site_id: "risk_management"
file_path: "StressTests/{{portfolio_code}}/{{scenario_name}}_{{valuation_date}}.json"
content_type: "application/json"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: scenarios
path: "/scenarios/{{scenario}}"
inputParameters:
- name: scenario
in: path
operations:
- name: get-scenario
method: GET
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: positions
path: "/portfolios/{{portfolio_code}}/positions"
inputParameters:
- name: portfolio_code
in: path
operations:
- name: get-positions
method: GET
- type: http
namespace: databricks
baseUri: "https://adb-bnpparibas.azuredatabricks.net/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/run-now"
operations:
- name: run-job
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: files
path: "/{{site_id}}/drive/root:/{{file_path}}:/content"
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: create-file
method: PUT
SWIFT gpi Payment Tracking Pipeline
▼
payments swift temenos-transact servicenow
Tracks a SWIFT gpi payment status, enriches with Temenos transaction data, and notifies operations via ServiceNow.
naftiko: "0.5"
info:
label: "SWIFT gpi Payment Tracking Pipeline"
description: "Tracks a SWIFT gpi payment status, enriches with Temenos transaction data, and notifies operations via ServiceNow."
tags:
- payments
- swift
- temenos-transact
- servicenow
capability:
exposes:
- type: mcp
namespace: swift-gpi-tracking
port: 8080
tools:
- name: track-gpi-payment
description: "Track SWIFT gpi payment end-to-end and notify on issues."
inputParameters:
- name: uetr
in: body
type: string
description: "SWIFT Unique End-to-end Transaction Reference."
steps:
- name: get-gpi-status
type: call
call: "swift-api.get-payment-status"
with:
uetr: "{{uetr}}"
- name: get-transaction
type: call
call: "temenos-api.get-transaction"
with:
reference: "{{uetr}}"
- name: notify-ops
type: call
call: "servicenow-api.create-incident"
with:
short_description: "SWIFT gpi tracking: {{uetr}}"
description: "Status: {{get-gpi-status.status}}. Amount: {{get-transaction.amount}} {{get-transaction.currency}}. Beneficiary: {{get-transaction.beneficiary}}."
category: "payment_operations"
consumes:
- type: http
namespace: swift-api
baseUri: "https://api.swiftnet.sipn.swift.com/swift-apitracker/v5"
authentication:
type: bearer
token: "$secrets.swift_api_token"
resources:
- name: payments
path: "/payments/{{uetr}}/transactions"
inputParameters:
- name: uetr
in: path
operations:
- name: get-payment-status
method: GET
- type: http
namespace: temenos-api
baseUri: "https://temenos.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: transactions
path: "/transactions/{{reference}}"
inputParameters:
- name: reference
in: path
operations:
- name: get-transaction
method: GET
- type: http
namespace: servicenow-api
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
SWIFT Message Status Check
▼
payments swift
Retrieves the status of a SWIFT payment message by reference number, returning delivery status, acknowledgments, and timestamps.
naftiko: "0.5"
info:
label: "SWIFT Message Status Check"
description: "Retrieves the status of a SWIFT payment message by reference number, returning delivery status, acknowledgments, and timestamps."
tags:
- payments
- swift
capability:
exposes:
- type: mcp
namespace: swift-gpi
port: 8080
tools:
- name: get-message-status
description: "Check the delivery status of a SWIFT payment message by reference."
inputParameters:
- name: reference
in: body
type: string
description: "The SWIFT UETR or reference number."
call: "swift-gpi.get-status"
with:
reference: "{{reference}}"
consumes:
- type: http
namespace: swift-gpi
baseUri: "https://api.swift.com/gpi/v4"
authentication:
type: bearer
token: "$secrets.swift_gpi_token"
resources:
- name: tracking
path: "/payments/{{reference}}/status"
inputParameters:
- name: reference
in: path
operations:
- name: get-status
method: GET
SWIFT Payment Message Tracking
▼
payments swift sap servicenow
Tracks a SWIFT MT103 payment message through the payment chain, checking status in SAP treasury and logging delays in ServiceNow for operations follow-up.
naftiko: "0.5"
info:
label: "SWIFT Payment Message Tracking"
description: "Tracks a SWIFT MT103 payment message through the payment chain, checking status in SAP treasury and logging delays in ServiceNow for operations follow-up."
tags:
- payments
- swift
- sap
- servicenow
capability:
exposes:
- type: mcp
namespace: swift-tracking
port: 8080
tools:
- name: track-swift-payment
description: "Track a SWIFT payment by reference, check SAP status, and log delays for follow-up."
inputParameters:
- name: swift_ref
in: body
type: string
description: "The SWIFT UETR or transaction reference."
- name: payment_doc_number
in: body
type: string
description: "The SAP payment document number."
steps:
- name: track-message
type: call
call: "swift.track-payment"
with:
uetr: "{{swift_ref}}"
- name: get-sap-status
type: call
call: "sap.get-payment"
with:
payment_doc_number: "{{payment_doc_number}}"
- name: log-status
type: call
call: "servicenow.create-task"
with:
short_description: "SWIFT tracking: {{swift_ref}}"
description: "SWIFT status: {{track-message.status}}. Last update: {{track-message.last_update}}. SAP status: {{get-sap-status.status}}. Amount: {{get-sap-status.amount}} {{get-sap-status.currency}}. Value date: {{get-sap-status.value_date}}."
assigned_group: "Payment_Operations"
category: "swift_tracking"
consumes:
- type: http
namespace: swift
baseUri: "https://api.swiftnet.sipn.swift.com/gpi/v4"
authentication:
type: bearer
token: "$secrets.swift_api_key"
resources:
- name: tracker
path: "/payments/{{uetr}}"
inputParameters:
- name: uetr
in: path
operations:
- name: track-payment
method: GET
- type: http
namespace: sap
baseUri: "https://bnp-s4.sap.com/sap/opu/odata/sap/FI_PAYMENT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: payments
path: "/A_PaymentInstruction('{{payment_doc_number}}')"
inputParameters:
- name: payment_doc_number
in: path
operations:
- name: get-payment
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Temenos Account Balance
▼
core-banking temenos-transact
Retrieves the real-time account balance from Temenos Transact core banking platform by account number.
naftiko: "0.5"
info:
label: "Temenos Account Balance"
description: "Retrieves the real-time account balance from Temenos Transact core banking platform by account number."
tags:
- core-banking
- temenos-transact
capability:
exposes:
- type: mcp
namespace: temenos
port: 8080
tools:
- name: get-account-balance
description: "Retrieve the current balance for a Temenos account by account number."
inputParameters:
- name: account_number
in: body
type: string
description: "The Temenos account number."
call: "temenos.get-balance"
with:
account_number: "{{account_number}}"
consumes:
- type: http
namespace: temenos
baseUri: "https://temenos.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: accounts
path: "/accounts/{{account_number}}/balance"
inputParameters:
- name: account_number
in: path
operations:
- name: get-balance
method: GET
Temenos Core Banking Account Balance
▼
banking core-banking temenos-transact
Retrieves the current balance and available balance for a customer account from Temenos Transact core banking system.
naftiko: "0.5"
info:
label: "Temenos Core Banking Account Balance"
description: "Retrieves the current balance and available balance for a customer account from Temenos Transact core banking system."
tags:
- banking
- core-banking
- temenos-transact
capability:
exposes:
- type: mcp
namespace: core-banking
port: 8080
tools:
- name: get-account-balance
description: "Retrieve current and available balance for a Temenos Transact customer account."
inputParameters:
- name: account_id
in: body
type: string
description: "The Temenos Transact account identifier."
call: "temenos.get-balance"
with:
account_id: "{{account_id}}"
outputParameters:
- name: current_balance
type: number
mapping: "$.body.currentBalance"
- name: available_balance
type: number
mapping: "$.body.availableBalance"
- name: currency
type: string
mapping: "$.body.currency"
consumes:
- type: http
namespace: temenos
baseUri: "https://transact.bnpparibas.net/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: accounts
path: "/accounts/{{account_id}}/balances"
inputParameters:
- name: account_id
in: path
operations:
- name: get-balance
method: GET
Terraform Cloud Provisioning Pipeline
▼
infrastructure terraform servicenow datadog
Provisions infrastructure via Terraform, registers resources in ServiceNow CMDB, configures monitoring in Datadog, and notifies the platform team.
naftiko: "0.5"
info:
label: "Terraform Cloud Provisioning Pipeline"
description: "Provisions infrastructure via Terraform, registers resources in ServiceNow CMDB, configures monitoring in Datadog, and notifies the platform team."
tags:
- infrastructure
- terraform
- servicenow
- datadog
capability:
exposes:
- type: mcp
namespace: infra-provision
port: 8080
tools:
- name: provision-infrastructure
description: "Provision infrastructure with CMDB registration and monitoring setup."
inputParameters:
- name: workspace_id
in: body
type: string
description: "Terraform workspace ID."
- name: environment
in: body
type: string
description: "Target environment."
steps:
- name: create-run
type: call
call: "terraform.create-run"
with:
workspace_id: "{{workspace_id}}"
message: "Provision {{environment}}"
- name: register-cmdb
type: call
call: "servicenow.create-ci"
with:
name: "{{workspace_id}}-{{environment}}"
environment: "{{environment}}"
- name: setup-monitoring
type: call
call: "datadog.create-monitor"
with:
name: "Infra health: {{workspace_id}}"
type: "metric alert"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/runs"
operations:
- name: create-run
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci"
operations:
- name: create-ci
method: POST
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
name: "DD-API-KEY"
in: header
value: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor"
operations:
- name: create-monitor
method: POST
Terraform Infrastructure Provisioning with Approval
▼
infrastructure terraform open-policy-agent servicenow azure
Validates a Terraform plan, checks policy compliance with Open Policy Agent, requests approval via ServiceNow change request, and applies the infrastructure change on Azure.
naftiko: "0.5"
info:
label: "Terraform Infrastructure Provisioning with Approval"
description: "Validates a Terraform plan, checks policy compliance with Open Policy Agent, requests approval via ServiceNow change request, and applies the infrastructure change on Azure."
tags:
- infrastructure
- terraform
- open-policy-agent
- servicenow
- azure
capability:
exposes:
- type: mcp
namespace: infra-provision
port: 8080
tools:
- name: provision-infrastructure
description: "Validate Terraform plan, check OPA policy, create change request, and apply infrastructure on Azure."
inputParameters:
- name: workspace_name
in: body
type: string
description: "The Terraform Cloud workspace name."
- name: run_id
in: body
type: string
description: "The Terraform plan run ID."
- name: requestor_email
in: body
type: string
description: "The email of the infrastructure requestor."
steps:
- name: get-plan
type: call
call: "terraform.get-run"
with:
workspace: "{{workspace_name}}"
run_id: "{{run_id}}"
- name: check-policy
type: call
call: "opa.evaluate-policy"
with:
policy_path: "infrastructure/azure"
input: "{{get-plan.plan_json}}"
- name: create-change-request
type: call
call: "servicenow.create-change"
with:
short_description: "Terraform apply: {{workspace_name}}"
description: "Run: {{run_id}}. Resources to add: {{get-plan.resources_to_add}}. Resources to change: {{get-plan.resources_to_change}}. OPA policy result: {{check-policy.decision}}. Requestor: {{requestor_email}}."
assigned_group: "Cloud_Engineering"
category: "infrastructure_change"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/workspaces/{{workspace}}/runs/{{run_id}}"
inputParameters:
- name: workspace
in: path
- name: run_id
in: path
operations:
- name: get-run
method: GET
- type: http
namespace: opa
baseUri: "https://opa.bnpparibas.net/v1"
authentication:
type: bearer
token: "$secrets.opa_token"
resources:
- name: policies
path: "/data/{{policy_path}}"
inputParameters:
- name: policy_path
in: path
operations:
- name: evaluate-policy
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
Trade Lifecycle Orchestrator
▼
trading trade-operations bloomberg-aim simcorp-dimension sap servicenow
On trade execution, captures the trade in Bloomberg AIM, books it in SimCorp Dimension, triggers settlement instruction generation in SAP, and notifies the middle office via ServiceNow.
naftiko: "0.5"
info:
label: "Trade Lifecycle Orchestrator"
description: "On trade execution, captures the trade in Bloomberg AIM, books it in SimCorp Dimension, triggers settlement instruction generation in SAP, and notifies the middle office via ServiceNow."
tags:
- trading
- trade-operations
- bloomberg-aim
- simcorp-dimension
- sap
- servicenow
capability:
exposes:
- type: mcp
namespace: trade-lifecycle
port: 8080
tools:
- name: process-trade
description: "Given a trade reference, capture it in Bloomberg AIM, book in SimCorp, generate settlement in SAP, and notify middle office."
inputParameters:
- name: trade_ref
in: body
type: string
description: "The trade reference identifier from the execution platform."
- name: portfolio_code
in: body
type: string
description: "The portfolio code in SimCorp Dimension."
- name: trader_id
in: body
type: string
description: "The trader's employee ID."
steps:
- name: capture-trade
type: call
call: "bloomberg-aim.get-trade"
with:
trade_ref: "{{trade_ref}}"
- name: book-trade
type: call
call: "simcorp.create-trade"
with:
portfolio_code: "{{portfolio_code}}"
instrument: "{{capture-trade.instrument}}"
quantity: "{{capture-trade.quantity}}"
price: "{{capture-trade.price}}"
trade_date: "{{capture-trade.trade_date}}"
- name: generate-settlement
type: call
call: "sap.create-settlement"
with:
trade_id: "{{book-trade.trade_id}}"
counterparty: "{{capture-trade.counterparty}}"
settlement_date: "{{capture-trade.settlement_date}}"
amount: "{{capture-trade.net_amount}}"
- name: notify-middle-office
type: call
call: "servicenow.create-task"
with:
short_description: "Trade booked: {{trade_ref}} — {{capture-trade.instrument}}"
description: "Trade {{trade_ref}} booked in SimCorp ({{book-trade.trade_id}}). Settlement {{generate-settlement.settlement_ref}} due {{capture-trade.settlement_date}}. Amount: {{capture-trade.net_amount}} {{capture-trade.currency}}."
assigned_group: "Middle_Office"
category: "trade_processing"
consumes:
- type: http
namespace: bloomberg-aim
baseUri: "https://aim.bloomberg.com/api/v1"
authentication:
type: bearer
token: "$secrets.bloomberg_aim_token"
resources:
- name: trades
path: "/trades/{{trade_ref}}"
inputParameters:
- name: trade_ref
in: path
operations:
- name: get-trade
method: GET
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: trades
path: "/portfolios/{{portfolio_code}}/trades"
inputParameters:
- name: portfolio_code
in: path
operations:
- name: create-trade
method: POST
- type: http
namespace: sap
baseUri: "https://bnp-s4.sap.com/sap/opu/odata/sap/FI_SETTLEMENT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: settlements
path: "/A_Settlement"
operations:
- name: create-settlement
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Trade Settlement Monitoring Pipeline
▼
settlement swift simcorp-dimension snowflake servicenow
Monitors trade settlements in SWIFT, matches against SimCorp positions, logs breaks in Snowflake, and alerts operations via ServiceNow.
naftiko: "0.5"
info:
label: "Trade Settlement Monitoring Pipeline"
description: "Monitors trade settlements in SWIFT, matches against SimCorp positions, logs breaks in Snowflake, and alerts operations via ServiceNow."
tags:
- settlement
- swift
- simcorp-dimension
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: settlement-monitor
port: 8080
tools:
- name: monitor-settlements
description: "Match SWIFT settlements against booked positions and track breaks."
inputParameters:
- name: settlement_date
in: body
type: string
description: "Settlement date YYYY-MM-DD."
steps:
- name: get-swift-settlements
type: call
call: "swift.get-settlements"
with:
date: "{{settlement_date}}"
- name: get-positions
type: call
call: "simcorp.get-expected-settlements"
with:
date: "{{settlement_date}}"
- name: log-breaks
type: call
call: "snowflake.execute-statement"
with:
statement: "CALL SETTLEMENT.LOG_BREAKS('{{settlement_date}}')"
- name: create-ticket
type: call
call: "servicenow.create-task"
with:
short_description: "Settlement breaks: {{settlement_date}}"
description: "SWIFT settlements: {{get-swift-settlements.count}}. Expected: {{get-positions.count}}. Review breaks in Snowflake."
category: "settlement_ops"
consumes:
- type: http
namespace: swift
baseUri: "https://api.swift.com/gpi/v4"
authentication:
type: bearer
token: "$secrets.swift_gpi_token"
resources:
- name: settlements
path: "/payments/settlements"
inputParameters:
- name: date
in: query
operations:
- name: get-settlements
method: GET
- type: http
namespace: simcorp
baseUri: "https://simcorp.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: settlements
path: "/settlements/expected"
inputParameters:
- name: date
in: query
operations:
- name: get-expected-settlements
method: GET
- type: http
namespace: snowflake
baseUri: "https://bnpparibas.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Trade Surveillance Alert Pipeline
▼
compliance trade-surveillance bloomberg-bql servicenow salesforce sharepoint
When a Bloomberg BQL query detects anomalous trading patterns, creates a surveillance case in ServiceNow, enriches with Salesforce client data, and stores evidence in SharePoint.
naftiko: "0.5"
info:
label: "Trade Surveillance Alert Pipeline"
description: "When a Bloomberg BQL query detects anomalous trading patterns, creates a surveillance case in ServiceNow, enriches with Salesforce client data, and stores evidence in SharePoint."
tags:
- compliance
- trade-surveillance
- bloomberg-bql
- servicenow
- salesforce
- sharepoint
capability:
exposes:
- type: mcp
namespace: trade-surveillance
port: 8080
tools:
- name: process-surveillance-alert
description: "On anomalous trade detection, create surveillance case, enrich with client data, and store evidence."
inputParameters:
- name: alert_id
in: body
type: string
description: "The surveillance alert identifier."
- name: trader_account_id
in: body
type: string
description: "The Salesforce account ID of the trader's desk."
- name: instrument
in: body
type: string
description: "The instrument ticker involved."
steps:
- name: get-trade-data
type: call
call: "bloomberg-bql.run-query"
with:
query: "get(px_last, volume) for('{{instrument}}') with(dates=range(-5d,0d))"
- name: get-desk-info
type: call
call: "salesforce.get-account"
with:
account_id: "{{trader_account_id}}"
- name: create-case
type: call
call: "servicenow.create-case"
with:
short_description: "Surveillance alert: {{alert_id}} — {{instrument}}"
description: "Anomalous pattern detected for {{instrument}}. Desk: {{get-desk-info.Name}}. RM: {{get-desk-info.Owner.Name}}. 5-day data retrieved for analysis."
assigned_group: "Compliance_Surveillance"
category: "trade_surveillance"
priority: "2"
- name: store-evidence
type: call
call: "sharepoint.create-file"
with:
site_id: "compliance_surveillance"
file_path: "Evidence/{{alert_id}}/trade_data.json"
content_type: "application/json"
consumes:
- type: http
namespace: bloomberg-bql
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: queries
path: "/queries"
operations:
- name: run-query
method: POST
- type: http
namespace: salesforce
baseUri: "https://bnpparibas.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cases
path: "/table/sn_customerservice_case"
operations:
- name: create-case
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: files
path: "/{{site_id}}/drive/root:/{{file_path}}:/content"
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: create-file
method: PUT
Trade Surveillance Investigation Pipeline
▼
surveillance bloomberg snowflake servicenow microsoft-teams
Detects anomalies in Bloomberg trade data, runs pattern analysis in Snowflake, creates cases in ServiceNow, and alerts compliance via Microsoft Teams.
naftiko: "0.5"
info:
label: "Trade Surveillance Investigation Pipeline"
description: "Detects anomalies in Bloomberg trade data, runs pattern analysis in Snowflake, creates cases in ServiceNow, and alerts compliance via Microsoft Teams."
tags:
- surveillance
- bloomberg
- snowflake
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: trade-surveillance
port: 8080
tools:
- name: investigate-anomaly
description: "Investigate a trade surveillance alert with analysis and case creation."
inputParameters:
- name: alert_id
in: body
type: string
description: "Surveillance alert identifier."
steps:
- name: get-trade-data
type: call
call: "bloomberg.get-trade-history"
with:
alert_id: "{{alert_id}}"
- name: analyze-patterns
type: call
call: "snowflake.execute-statement"
with:
statement: "CALL SURVEILLANCE.ANALYZE_PATTERN('{{alert_id}}')"
- name: create-case
type: call
call: "servicenow.create-incident"
with:
short_description: "Trade surveillance: {{alert_id}}"
description: "Pattern: {{analyze-patterns.pattern_type}}. Confidence: {{analyze-patterns.confidence}}."
category: "surveillance"
- name: notify-compliance
type: call
call: "msteams.send-message"
with:
recipient_upn: "compliance@bnpparibas.com"
text: "Surveillance alert {{alert_id}}: {{analyze-patterns.pattern_type}}. Case: {{create-case.number}}."
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg"
authentication:
type: bearer
token: "$secrets.bloomberg_api_key"
resources:
- name: trades
path: "/trades/history"
inputParameters:
- name: alert_id
in: query
operations:
- name: get-trade-history
method: GET
- type: http
namespace: snowflake
baseUri: "https://bnpparibas.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-statement
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Tradeweb RFQ Submission
▼
trading fixed-income tradeweb
Submits a request-for-quote on Tradeweb for a fixed income security, returning dealer quotes and best execution price.
naftiko: "0.5"
info:
label: "Tradeweb RFQ Submission"
description: "Submits a request-for-quote on Tradeweb for a fixed income security, returning dealer quotes and best execution price."
tags:
- trading
- fixed-income
- tradeweb
capability:
exposes:
- type: mcp
namespace: fixed-income-trading
port: 8080
tools:
- name: submit-rfq
description: "Submit a request-for-quote on Tradeweb for a given ISIN and notional amount."
inputParameters:
- name: isin
in: body
type: string
description: "The ISIN of the bond."
- name: notional
in: body
type: number
description: "The notional amount in the bond currency."
- name: direction
in: body
type: string
description: "BUY or SELL."
call: "tradeweb.create-rfq"
with:
isin: "{{isin}}"
notional: "{{notional}}"
direction: "{{direction}}"
consumes:
- type: http
namespace: tradeweb
baseUri: "https://api.tradeweb.com/v2"
authentication:
type: bearer
token: "$secrets.tradeweb_api_key"
resources:
- name: rfqs
path: "/rfqs"
operations:
- name: create-rfq
method: POST
Treasury Cash Pooling Pipeline
▼
treasury temenos-transact oracle swift power-bi
Aggregates subsidiary balances from Temenos, optimizes allocation in Oracle, executes sweeps via SWIFT, and reports to treasury via Power BI.
naftiko: "0.5"
info:
label: "Treasury Cash Pooling Pipeline"
description: "Aggregates subsidiary balances from Temenos, optimizes allocation in Oracle, executes sweeps via SWIFT, and reports to treasury via Power BI."
tags:
- treasury
- temenos-transact
- oracle
- swift
- power-bi
capability:
exposes:
- type: mcp
namespace: cash-pooling
port: 8080
tools:
- name: execute-cash-pooling
description: "Aggregate balances and execute intercompany cash sweeps."
inputParameters:
- name: pool_id
in: body
type: string
description: "Cash pool identifier."
steps:
- name: get-balances
type: call
call: "temenos.get-pool-balances"
with:
pool_id: "{{pool_id}}"
- name: optimize
type: call
call: "oracle.calculate-sweeps"
with:
pool_id: "{{pool_id}}"
balances: "{{get-balances.accounts}}"
- name: execute-sweeps
type: call
call: "swift.send-mt202"
with:
sweeps: "{{optimize.sweep_instructions}}"
- name: refresh-report
type: call
call: "powerbi.refresh-dataset"
with:
dataset_id: "cash-pooling"
consumes:
- type: http
namespace: temenos
baseUri: "https://temenos.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.temenos_token"
resources:
- name: pools
path: "/treasury/pools/{{pool_id}}/balances"
inputParameters:
- name: pool_id
in: path
operations:
- name: get-pool-balances
method: GET
- type: http
namespace: oracle
baseUri: "https://oracle.bnpparibas.com/fscmRestApi/resources/v1"
authentication:
type: basic
username: "$secrets.oracle_user"
password: "$secrets.oracle_password"
resources:
- name: sweeps
path: "/treasury/sweeps/calculate"
operations:
- name: calculate-sweeps
method: POST
- type: http
namespace: swift
baseUri: "https://swift.bnpparibas.com/api/v1"
authentication:
type: bearer
token: "$secrets.swift_token"
resources:
- name: messages
path: "/messages/mt202/batch"
operations:
- name: send-mt202
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
Tyk API Gateway Health Check
▼
api-management tyk datadog servicenow
Queries Tyk API gateway for endpoint health metrics, retrieves error rates from Datadog, and creates a ServiceNow incident if degradation is detected.
naftiko: "0.5"
info:
label: "Tyk API Gateway Health Check"
description: "Queries Tyk API gateway for endpoint health metrics, retrieves error rates from Datadog, and creates a ServiceNow incident if degradation is detected."
tags:
- api-management
- tyk
- datadog
- servicenow
capability:
exposes:
- type: mcp
namespace: api-health
port: 8080
tools:
- name: check-api-health
description: "Monitor Tyk API gateway endpoint health, correlate with Datadog errors, and alert on degradation."
inputParameters:
- name: api_id
in: body
type: string
description: "The Tyk API definition ID."
- name: service_name
in: body
type: string
description: "The corresponding Datadog service name."
steps:
- name: get-api-metrics
type: call
call: "tyk.get-api-analytics"
with:
api_id: "{{api_id}}"
- name: get-error-rate
type: call
call: "datadog.get-service-metrics"
with:
service_name: "{{service_name}}"
- name: create-alert
type: call
call: "servicenow.create-incident"
with:
short_description: "API degradation: {{api_id}}"
description: "Tyk metrics — requests: {{get-api-metrics.total_requests}}, errors: {{get-api-metrics.error_count}}, avg latency: {{get-api-metrics.avg_latency_ms}}ms. Datadog error rate: {{get-error-rate.error_rate}}%."
assigned_group: "API_Platform"
category: "api_monitoring"
consumes:
- type: http
namespace: tyk
baseUri: "https://tyk-dashboard.bnpparibas.net/api"
authentication:
type: apiKey
name: "Authorization"
in: header
value: "$secrets.tyk_api_key"
resources:
- name: analytics
path: "/apis/{{api_id}}/analytics"
inputParameters:
- name: api_id
in: path
operations:
- name: get-api-analytics
method: GET
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.eu/api/v2"
authentication:
type: apiKey
name: "DD-API-KEY"
in: header
value: "$secrets.datadog_api_key"
resources:
- name: services
path: "/services/{{service_name}}/metrics"
inputParameters:
- name: service_name
in: path
operations:
- name: get-service-metrics
method: GET
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Vendor Onboarding Orchestrator
▼
procurement sap-ariba oracle servicenow
Creates vendor in SAP Ariba, runs due diligence checks, sets up payment terms in Oracle, and tracks onboarding in ServiceNow.
naftiko: "0.5"
info:
label: "Vendor Onboarding Orchestrator"
description: "Creates vendor in SAP Ariba, runs due diligence checks, sets up payment terms in Oracle, and tracks onboarding in ServiceNow."
tags:
- procurement
- sap-ariba
- oracle
- servicenow
capability:
exposes:
- type: mcp
namespace: vendor-onboarding
port: 8080
tools:
- name: onboard-vendor
description: "Onboard a new vendor across SAP Ariba, Oracle, and ServiceNow."
inputParameters:
- name: vendor_name
in: body
type: string
description: "Vendor company name."
- name: tax_id
in: body
type: string
description: "Vendor tax ID."
steps:
- name: create-vendor
type: call
call: "ariba.create-supplier"
with:
name: "{{vendor_name}}"
tax_id: "{{tax_id}}"
- name: setup-payments
type: call
call: "oracle.create-supplier"
with:
supplier_name: "{{vendor_name}}"
supplier_number: "{{create-vendor.supplier_id}}"
- name: track-onboarding
type: call
call: "servicenow.create-task"
with:
short_description: "Vendor onboarding: {{vendor_name}}"
description: "Ariba: {{create-vendor.supplier_id}}. Oracle: {{setup-payments.supplier_number}}."
category: "procurement"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: suppliers
path: "/supplier-management/v2/suppliers"
operations:
- name: create-supplier
method: POST
- type: http
namespace: oracle
baseUri: "https://oracle.bnpparibas.com/fscmRestApi/resources/v1"
authentication:
type: basic
username: "$secrets.oracle_user"
password: "$secrets.oracle_password"
resources:
- name: suppliers
path: "/suppliers"
operations:
- name: create-supplier
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
Vendor Risk Assessment Orchestrator
▼
third-party-risk vendor-management sap-ariba moodys fortinet servicenow
Retrieves vendor details from SAP Ariba, screens through Moody's risk database, assesses IT risk via Fortinet vulnerability scan, and creates a risk review in ServiceNow.
naftiko: "0.5"
info:
label: "Vendor Risk Assessment Orchestrator"
description: "Retrieves vendor details from SAP Ariba, screens through Moody's risk database, assesses IT risk via Fortinet vulnerability scan, and creates a risk review in ServiceNow."
tags:
- third-party-risk
- vendor-management
- sap-ariba
- moodys
- fortinet
- servicenow
capability:
exposes:
- type: mcp
namespace: vendor-risk
port: 8080
tools:
- name: assess-vendor-risk
description: "Compile vendor risk assessment from procurement, credit, and security data sources."
inputParameters:
- name: vendor_id
in: body
type: string
description: "The SAP Ariba vendor identifier."
- name: vendor_domain
in: body
type: string
description: "The vendor's primary domain for security scanning."
steps:
- name: get-vendor
type: call
call: "ariba.get-vendor"
with:
vendor_id: "{{vendor_id}}"
- name: screen-vendor
type: call
call: "moodys.screen-entity"
with:
entity_name: "{{get-vendor.company_name}}"
country: "{{get-vendor.country}}"
- name: scan-security
type: call
call: "fortinet.scan-domain"
with:
domain: "{{vendor_domain}}"
- name: create-review
type: call
call: "servicenow.create-task"
with:
short_description: "Vendor risk review: {{get-vendor.company_name}}"
description: "Ariba vendor: {{vendor_id}}. Moody's risk level: {{screen-vendor.risk_level}}. Score: {{screen-vendor.score}}. Security scan: {{scan-security.risk_grade}}. Vulnerabilities: {{scan-security.vuln_count}}. Contract value: {{get-vendor.contract_value}}."
assigned_group: "Third_Party_Risk"
category: "vendor_risk_assessment"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/supplier-management/v1"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: vendors
path: "/vendors/{{vendor_id}}"
inputParameters:
- name: vendor_id
in: path
operations:
- name: get-vendor
method: GET
- type: http
namespace: moodys
baseUri: "https://api.moodys.com/screening/v1"
authentication:
type: bearer
token: "$secrets.moodys_api_key"
resources:
- name: entities
path: "/screen"
operations:
- name: screen-entity
method: POST
- type: http
namespace: fortinet
baseUri: "https://fortiguard.bnpparibas.net/api/v2"
authentication:
type: bearer
token: "$secrets.fortinet_token"
resources:
- name: scans
path: "/scans/domain"
operations:
- name: scan-domain
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tasks
path: "/table/task"
operations:
- name: create-task
method: POST
VMware VM Provisioning Pipeline
▼
infrastructure vmware palo-alto-networks servicenow datadog
Provisions a new VMware virtual machine, configures networking via Palo Alto Networks firewall rules, registers in ServiceNow CMDB, and sets up Datadog monitoring.
naftiko: "0.5"
info:
label: "VMware VM Provisioning Pipeline"
description: "Provisions a new VMware virtual machine, configures networking via Palo Alto Networks firewall rules, registers in ServiceNow CMDB, and sets up Datadog monitoring."
tags:
- infrastructure
- vmware
- palo-alto-networks
- servicenow
- datadog
capability:
exposes:
- type: mcp
namespace: vm-provisioning
port: 8080
tools:
- name: provision-vm
description: "Create a VMware VM, configure firewall rules, register in CMDB, and enable monitoring."
inputParameters:
- name: vm_name
in: body
type: string
description: "The virtual machine name."
- name: template
in: body
type: string
description: "The VMware template to clone from."
- name: network_zone
in: body
type: string
description: "The target network zone (e.g. dmz, internal, restricted)."
- name: owner_team
in: body
type: string
description: "The owning team name."
steps:
- name: create-vm
type: call
call: "vmware.clone-vm"
with:
name: "{{vm_name}}"
template: "{{template}}"
cluster: "bnp-prod-cluster"
- name: configure-firewall
type: call
call: "paloalto.create-rule"
with:
rule_name: "allow-{{vm_name}}"
source_zone: "{{network_zone}}"
destination: "{{create-vm.ip_address}}"
- name: register-cmdb
type: call
call: "servicenow.create-ci"
with:
name: "{{vm_name}}"
class: "cmdb_ci_vmware_instance"
ip_address: "{{create-vm.ip_address}}"
owned_by: "{{owner_team}}"
description: "VMware VM from template {{template}}. Zone: {{network_zone}}. Firewall rule: {{configure-firewall.rule_id}}."
- name: enable-monitoring
type: call
call: "datadog.create-monitor"
with:
name: "{{vm_name}}-health"
type: "metric alert"
query: "avg(last_5m):avg:system.cpu.idle{host:{{vm_name}}} < 10"
consumes:
- type: http
namespace: vmware
baseUri: "https://vcenter.bnpparibas.net/api"
authentication:
type: bearer
token: "$secrets.vcenter_token"
resources:
- name: vms
path: "/vcenter/vm"
operations:
- name: clone-vm
method: POST
- type: http
namespace: paloalto
baseUri: "https://panorama.bnpparibas.net/restapi/v10.2"
authentication:
type: apiKey
name: "X-PAN-KEY"
in: header
value: "$secrets.paloalto_api_key"
resources:
- name: security-rules
path: "/Policies/SecurityRules"
operations:
- name: create-rule
method: POST
- type: http
namespace: servicenow
baseUri: "https://bnpparibas.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: cmdb
path: "/table/cmdb_ci"
operations:
- name: create-ci
method: POST
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.eu/api/v1"
authentication:
type: apiKey
name: "DD-API-KEY"
in: header
value: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor"
operations:
- name: create-monitor
method: POST
Wealth Management Client Review Orchestrator
▼
wealth-management client-management factset salesforce moodys sharepoint
Prepares a client portfolio review by pulling holdings from FactSet, account data from Salesforce, risk assessment from Moody's, and assembling a review deck notification in SharePoint.
naftiko: "0.5"
info:
label: "Wealth Management Client Review Orchestrator"
description: "Prepares a client portfolio review by pulling holdings from FactSet, account data from Salesforce, risk assessment from Moody's, and assembling a review deck notification in SharePoint."
tags:
- wealth-management
- client-management
- factset
- salesforce
- moodys
- sharepoint
capability:
exposes:
- type: mcp
namespace: wealth-review
port: 8080
tools:
- name: prepare-client-review
description: "Assemble a wealth management client review package from portfolio, CRM, and risk data."
inputParameters:
- name: client_account_id
in: body
type: string
description: "The Salesforce account ID for the wealth management client."
- name: portfolio_id
in: body
type: string
description: "The FactSet portfolio ID."
steps:
- name: get-client
type: call
call: "salesforce.get-account"
with:
account_id: "{{client_account_id}}"
- name: get-holdings
type: call
call: "factset.get-holdings"
with:
portfolio_id: "{{portfolio_id}}"
- name: get-risk-profile
type: call
call: "moodys.get-portfolio-risk"
with:
portfolio_id: "{{portfolio_id}}"
- name: create-review-folder
type: call
call: "sharepoint.create-folder"
with:
site_id: "wealth_management_reviews"
folder_path: "Reviews/{{get-client.Name}}/{{portfolio_id}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://bnpparibas.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: factset
baseUri: "https://api.factset.com/analytics/portfolio/v3"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_password"
resources:
- name: holdings
path: "/portfolios/{{portfolio_id}}/holdings"
inputParameters:
- name: portfolio_id
in: path
operations:
- name: get-holdings
method: GET
- type: http
namespace: moodys
baseUri: "https://api.moodys.com/risk/v1"
authentication:
type: bearer
token: "$secrets.moodys_api_key"
resources:
- name: portfolio-risk
path: "/portfolios/{{portfolio_id}}/risk"
inputParameters:
- name: portfolio_id
in: path
operations:
- name: get-portfolio-risk
method: GET
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/{{site_id}}/drive/root:/{{folder_path}}"
inputParameters:
- name: site_id
in: path
- name: folder_path
in: path
operations:
- name: create-folder
method: POST
Workday Employee Directory Search
▼
hr workday
Searches the Workday employee directory by name or department, returning employee profiles and organizational hierarchy.
naftiko: "0.5"
info:
label: "Workday Employee Directory Search"
description: "Searches the Workday employee directory by name or department, returning employee profiles and organizational hierarchy."
tags:
- hr
- workday
capability:
exposes:
- type: mcp
namespace: workday-dir
port: 8080
tools:
- name: search-employees
description: "Search Workday employee directory by name or department."
inputParameters:
- name: search_query
in: body
type: string
description: "Search term for employee name or department."
call: "workday-dir.search-workers"
with:
query: "{{search_query}}"
consumes:
- type: http
namespace: workday-dir
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers"
inputParameters:
- name: query
in: query
operations:
- name: search-workers
method: GET
Workday Employee Lookup
▼
hr workday employee-data
Retrieves employee details from Workday by worker ID, returning name, department, cost center, and manager for HR and compliance workflows.
naftiko: "0.5"
info:
label: "Workday Employee Lookup"
description: "Retrieves employee details from Workday by worker ID, returning name, department, cost center, and manager for HR and compliance workflows."
tags:
- hr
- workday
- employee-data
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: get-employee
description: "Look up a Workday employee by worker ID. Returns full name, department, cost center, and direct manager."
inputParameters:
- name: worker_id
in: body
type: string
description: "The Workday worker ID."
call: "workday.get-worker"
with:
worker_id: "{{worker_id}}"
outputParameters:
- name: full_name
type: string
mapping: "$.worker.fullName"
- name: department
type: string
mapping: "$.worker.department"
- name: cost_center
type: string
mapping: "$.worker.costCenter"
- name: manager_id
type: string
mapping: "$.worker.managerId"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET