Fidelity Investments Capabilities
Naftiko 0.5 capability definitions for Fidelity Investments - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
401k Plan Enrollment Workflow
▼
retirement onboarding workday salesforce microsoft-outlook servicenow
When a new hire completes onboarding in Workday, creates their 401k enrollment record in Salesforce, sends plan documents via Microsoft Outlook, and tracks enrollment status in ServiceNow.
naftiko: "0.5"
info:
label: "401k Plan Enrollment Workflow"
description: "When a new hire completes onboarding in Workday, creates their 401k enrollment record in Salesforce, sends plan documents via Microsoft Outlook, and tracks enrollment status in ServiceNow."
tags:
- retirement
- onboarding
- workday
- salesforce
- microsoft-outlook
- servicenow
capability:
exposes:
- type: mcp
namespace: retirement-enrollment
port: 8080
tools:
- name: enroll-401k
description: "Orchestrate 401k enrollment for a new hire across HR, CRM, email, and tracking systems."
inputParameters:
- name: worker_id
in: body
type: string
description: "Workday worker ID."
- name: contribution_pct
in: body
type: number
description: "Default contribution percentage."
steps:
- name: get-employee
type: call
call: "workday.get-worker"
with:
worker_id: "{{worker_id}}"
- name: create-enrollment
type: call
call: "salesforce.create-enrollment"
with:
employee_name: "{{get-employee.full_name}}"
employee_email: "{{get-employee.work_email}}"
contribution_pct: "{{contribution_pct}}"
plan_type: "401k"
- name: send-documents
type: call
call: "outlook.send-email"
with:
to: "{{get-employee.work_email}}"
subject: "Your Fidelity 401(k) Enrollment Confirmation"
body: "Welcome {{get-employee.first_name}}, your 401(k) enrollment is confirmed at {{contribution_pct}}% contribution. Enrollment ID: {{create-enrollment.enrollment_id}}. Review your plan details at NetBenefits."
- name: create-tracking-ticket
type: call
call: "servicenow.create-record"
with:
table: "u_retirement_enrollment"
short_description: "401k enrollment: {{get-employee.full_name}}"
enrollment_id: "{{create-enrollment.enrollment_id}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1/fidelity"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: enrollments
path: "/sobjects/Enrollment__c"
operations:
- name: create-enrollment
method: POST
- type: http
namespace: outlook
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/me/sendMail"
operations:
- name: send-email
method: POST
- type: http
namespace: servicenow
baseUri: "https://fidelity.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tables
path: "/table/{{table}}"
inputParameters:
- name: table
in: path
operations:
- name: create-record
method: POST
Access Review Pipeline
▼
security access-management okta compliance
Reviews access at Fidelity via Okta, IAM, and Jira.
naftiko: "0.5"
info:
label: "Access Review Pipeline"
description: "Reviews access at Fidelity via Okta, IAM, and Jira."
tags:
- security
- access-management
- okta
- compliance
capability:
exposes:
- type: mcp
namespace: access-rev
port: 8080
tools:
- name: review
description: "Review access at Fidelity."
inputParameters:
- name: dept
in: body
type: string
description: "Department."
steps:
- name: ent
type: call
call: "okta.get-users"
with:
dept: "{{dept}}"
- name: compare
type: call
call: "iam.compare"
with:
data: "{{ent.data}}"
- name: flag
type: call
call: "iam.flag"
with:
violations: "{{compare.violations}}"
- name: fix
type: call
call: "jira.create-issue"
with:
project: "IAM"
summary: "Violations in {{dept}}"
consumes:
- type: http
namespace: okta
baseUri: "https://fidelity.com.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users"
operations:
- name: get-users
method: GET
- type: http
namespace: iam
baseUri: "https://iam.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.iam_token"
resources:
- name: reviews
path: "/compare"
operations:
- name: compare
method: POST
- type: http
namespace: jira
baseUri: "https://fidelity.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
ADP Payroll Data Sync
▼
hr payroll adp snowflake
Pulls payroll summary data from ADP for a given pay period and loads it into Snowflake for compensation analytics.
naftiko: "0.5"
info:
label: "ADP Payroll Data Sync"
description: "Pulls payroll summary data from ADP for a given pay period and loads it into Snowflake for compensation analytics."
tags:
- hr
- payroll
- adp
- snowflake
capability:
exposes:
- type: mcp
namespace: payroll-sync
port: 8080
tools:
- name: sync-payroll-data
description: "Extract payroll data from ADP and load into Snowflake for analytics."
inputParameters:
- name: pay_period_end
in: body
type: string
description: "Pay period end date in YYYY-MM-DD format."
steps:
- name: extract-payroll
type: call
call: "adp.get-payroll-summary"
with:
pay_period_end: "{{pay_period_end}}"
- name: load-to-snowflake
type: call
call: "snowflake.execute-query"
with:
statement: "CALL load_payroll_data('{{pay_period_end}}', '{{extract-payroll.output_path}}')"
consumes:
- type: http
namespace: adp
baseUri: "https://api.adp.com/hr/v2"
authentication:
type: bearer
token: "$secrets.adp_token"
resources:
- name: payroll
path: "/payroll-summaries?payPeriodEndDate={{pay_period_end}}"
inputParameters:
- name: pay_period_end
in: query
operations:
- name: get-payroll-summary
method: GET
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Advisor Performance Dashboard Update
▼
wealth-management reporting salesforce factset snowflake power-bi
Fetches advisor AUM and revenue data from Salesforce, pulls benchmark returns from FactSet, combines them in Snowflake, and triggers a Power BI refresh for the advisor scorecard.
naftiko: "0.5"
info:
label: "Advisor Performance Dashboard Update"
description: "Fetches advisor AUM and revenue data from Salesforce, pulls benchmark returns from FactSet, combines them in Snowflake, and triggers a Power BI refresh for the advisor scorecard."
tags:
- wealth-management
- reporting
- salesforce
- factset
- snowflake
- power-bi
capability:
exposes:
- type: mcp
namespace: advisor-dashboard
port: 8080
tools:
- name: update-advisor-scorecard
description: "Refresh advisor performance data from CRM, benchmarks, and analytics for the Power BI scorecard."
inputParameters:
- name: advisor_id
in: body
type: string
description: "Salesforce advisor user ID."
- name: reporting_period
in: body
type: string
description: "Reporting period (e.g., 2026-Q1)."
steps:
- name: get-advisor-metrics
type: call
call: "salesforce.query-advisor-metrics"
with:
advisor_id: "{{advisor_id}}"
period: "{{reporting_period}}"
- name: get-benchmarks
type: call
call: "factset.get-benchmark-returns"
with:
benchmark: "SP500"
period: "{{reporting_period}}"
- name: load-combined-data
type: call
call: "snowflake.execute-query"
with:
statement: "CALL update_advisor_scorecard('{{advisor_id}}', '{{reporting_period}}', '{{get-advisor-metrics.total_aum}}', '{{get-benchmarks.return_pct}}')"
- name: refresh-dashboard
type: call
call: "powerbi.trigger-refresh"
with:
workspace_id: "advisor-scorecards-ws"
dataset_id: "advisor-performance-ds"
consumes:
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: advisor-query
path: "/query/?q=SELECT+SUM(AUM__c),COUNT(Id)+FROM+Account+WHERE+OwnerId='{{advisor_id}}'"
inputParameters:
- name: advisor_id
in: query
operations:
- name: query-advisor-metrics
method: GET
- type: http
namespace: factset
baseUri: "https://api.factset.com/portfolio/v1"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_password"
resources:
- name: benchmarks
path: "/benchmarks/{{benchmark}}/returns?period={{period}}"
inputParameters:
- name: benchmark
in: path
- name: period
in: query
operations:
- name: get-benchmark-returns
method: GET
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: datasets
path: "/groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: workspace_id
in: path
- name: dataset_id
in: path
operations:
- name: trigger-refresh
method: POST
Apache Kafka Trade Event Publisher
▼
trading messaging apache-kafka
Publishes a trade event message to an Apache Kafka topic for downstream consumers such as risk engines and settlement systems.
naftiko: "0.5"
info:
label: "Apache Kafka Trade Event Publisher"
description: "Publishes a trade event message to an Apache Kafka topic for downstream consumers such as risk engines and settlement systems."
tags:
- trading
- messaging
- apache-kafka
capability:
exposes:
- type: mcp
namespace: trade-events
port: 8080
tools:
- name: publish-trade-event
description: "Publish a trade execution event to a Kafka topic."
inputParameters:
- name: topic
in: body
type: string
description: "Kafka topic name."
- name: trade_id
in: body
type: string
description: "Unique trade identifier."
- name: payload
in: body
type: string
description: "JSON trade event payload."
call: "kafka.publish-event"
with:
topic: "{{topic}}"
key: "{{trade_id}}"
value: "{{payload}}"
consumes:
- type: http
namespace: kafka
baseUri: "https://kafka-rest.fidelity.com/v3"
authentication:
type: bearer
token: "$secrets.kafka_rest_token"
resources:
- name: records
path: "/clusters/fidelity-prod/topics/{{topic}}/records"
inputParameters:
- name: topic
in: path
operations:
- name: publish-event
method: POST
API Deprecation Pipeline
▼
api-management communications governance
Manages API deprecation at Fidelity via consumer identification, notices, and tracking.
naftiko: "0.5"
info:
label: "API Deprecation Pipeline"
description: "Manages API deprecation at Fidelity via consumer identification, notices, and tracking."
tags:
- api-management
- communications
- governance
capability:
exposes:
- type: mcp
namespace: api-sunset
port: 8080
tools:
- name: notify-sunset
description: "Manage API sunset at Fidelity."
inputParameters:
- name: api
in: body
type: string
description: "API name."
- name: date
in: body
type: string
description: "Sunset date."
steps:
- name: consumers
type: call
call: "api-gw.consumers"
with:
api: "{{api}}"
- name: notify
type: call
call: "email.batch"
with:
to: "{{consumers.emails}}"
subject: "{{api}} sunset: {{date}}"
- name: track
type: call
call: "analytics.usage"
with:
api: "{{api}}"
- name: ticket
type: call
call: "jira.create-issue"
with:
project: "API"
summary: "Sunset {{api}} by {{date}}"
consumes:
- type: http
namespace: api-gw
baseUri: "https://api-gw.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.api_gw_token"
resources:
- name: consumers
path: "/apis/{{api}}/consumers"
inputParameters:
- name: api
in: path
operations:
- name: consumers
method: GET
- type: http
namespace: email
baseUri: "https://email.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: batch
path: "/send-batch"
operations:
- name: batch
method: POST
- type: http
namespace: analytics
baseUri: "https://analytics.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: usage
path: "/api-usage"
operations:
- name: usage
method: GET
- type: http
namespace: jira
baseUri: "https://fidelity.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
AWS Lambda Function Invocation
▼
operations serverless aws-lambda
Invokes an AWS Lambda function for serverless trade processing tasks such as margin calculation or fee computation.
naftiko: "0.5"
info:
label: "AWS Lambda Function Invocation"
description: "Invokes an AWS Lambda function for serverless trade processing tasks such as margin calculation or fee computation."
tags:
- operations
- serverless
- aws-lambda
capability:
exposes:
- type: mcp
namespace: serverless-compute
port: 8080
tools:
- name: invoke-lambda
description: "Invoke an AWS Lambda function with a JSON payload."
inputParameters:
- name: function_name
in: body
type: string
description: "Lambda function name or ARN."
- name: payload
in: body
type: string
description: "JSON payload for the function."
call: "lambda.invoke-function"
with:
function_name: "{{function_name}}"
payload: "{{payload}}"
consumes:
- type: http
namespace: lambda
baseUri: "https://lambda.us-east-1.amazonaws.com/2015-03-31"
authentication:
type: aws-sigv4
key: "$secrets.aws_access_key"
resources:
- name: functions
path: "/functions/{{function_name}}/invocations"
inputParameters:
- name: function_name
in: path
operations:
- name: invoke-function
method: POST
AWS S3 Document Archive
▼
compliance storage amazon-s3
Archives a compliance document to Amazon S3 with appropriate retention tagging and encryption.
naftiko: "0.5"
info:
label: "AWS S3 Document Archive"
description: "Archives a compliance document to Amazon S3 with appropriate retention tagging and encryption."
tags:
- compliance
- storage
- amazon-s3
capability:
exposes:
- type: mcp
namespace: document-archive
port: 8080
tools:
- name: archive-document
description: "Upload a document to S3 with compliance retention tags."
inputParameters:
- name: bucket
in: body
type: string
description: "S3 bucket name."
- name: key
in: body
type: string
description: "S3 object key path."
- name: retention_years
in: body
type: integer
description: "Retention period in years."
call: "s3.put-object"
with:
bucket: "{{bucket}}"
key: "{{key}}"
retention_years: "{{retention_years}}"
consumes:
- type: http
namespace: s3
baseUri: "https://s3.us-east-1.amazonaws.com"
authentication:
type: aws-sigv4
key: "$secrets.aws_access_key"
resources:
- name: objects
path: "/{{bucket}}/{{key}}"
inputParameters:
- name: bucket
in: path
- name: key
in: path
operations:
- name: put-object
method: PUT
Azure Data Factory ETL with Notification
▼
data-engineering azure-data-factory microsoft-teams
Triggers an Azure Data Factory pipeline for ETL processing of financial data and sends a Microsoft Teams notification with the run status to the data engineering team.
naftiko: "0.5"
info:
label: "Azure Data Factory ETL with Notification"
description: "Triggers an Azure Data Factory pipeline for ETL processing of financial data and sends a Microsoft Teams notification with the run status to the data engineering team."
tags:
- data-engineering
- azure-data-factory
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: etl-pipelines
port: 8080
tools:
- name: trigger-adf-pipeline-with-notify
description: "Trigger an ADF pipeline and notify the team via Microsoft Teams."
inputParameters:
- name: pipeline_name
in: body
type: string
description: "ADF pipeline name."
- name: parameters
in: body
type: string
description: "JSON string of pipeline parameters."
- name: notify_email
in: body
type: string
description: "Team member email for notification."
steps:
- name: trigger-pipeline
type: call
call: "adf.create-pipeline-run"
with:
pipeline_name: "{{pipeline_name}}"
parameters: "{{parameters}}"
- name: notify-team
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{notify_email}}"
text: "ADF pipeline {{pipeline_name}} triggered. Run ID: {{trigger-pipeline.run_id}}. Status: {{trigger-pipeline.status}}"
consumes:
- type: http
namespace: adf
baseUri: "https://management.azure.com/subscriptions/$secrets.azure_subscription_id/resourceGroups/fidelity-data-rg/providers/Microsoft.DataFactory/factories/fidelity-adf"
authentication:
type: bearer
token: "$secrets.azure_mgmt_token"
resources:
- name: pipelines
path: "/pipelines/{{pipeline_name}}/createRun?api-version=2018-06-01"
inputParameters:
- name: pipeline_name
in: path
operations:
- name: create-pipeline-run
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chat-messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Azure Databricks Spark Job Runner
▼
data-engineering risk-management azure-databricks
Submits a Spark job to Azure Databricks for large-scale portfolio risk calculations, returning the run ID and cluster information.
naftiko: "0.5"
info:
label: "Azure Databricks Spark Job Runner"
description: "Submits a Spark job to Azure Databricks for large-scale portfolio risk calculations, returning the run ID and cluster information."
tags:
- data-engineering
- risk-management
- azure-databricks
capability:
exposes:
- type: mcp
namespace: spark-compute
port: 8080
tools:
- name: submit-risk-calc-job
description: "Submit a Spark job to Azure Databricks for portfolio risk calculation."
inputParameters:
- name: notebook_path
in: body
type: string
description: "Databricks notebook path."
- name: parameters
in: body
type: string
description: "JSON parameters for the notebook."
call: "databricks.submit-run"
with:
notebook_path: "{{notebook_path}}"
parameters: "{{parameters}}"
consumes:
- type: http
namespace: databricks
baseUri: "https://adb-fidelity.azuredatabricks.net/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/runs/submit"
operations:
- name: submit-run
method: POST
Azure DevOps Build Check
▼
devops azure-devops ci-cd
Checks build at Fidelity.
naftiko: "0.5"
info:
label: "Azure DevOps Build Check"
description: "Checks build at Fidelity."
tags:
- devops
- azure-devops
- ci-cd
capability:
exposes:
- type: mcp
namespace: azdo-build
port: 8080
tools:
- name: check-build
description: "Check build at Fidelity."
inputParameters:
- name: project
in: body
type: string
description: "Project."
- name: build_id
in: body
type: string
description: "Build ID."
call: "azdo.get-build"
with:
project: "{{project}}"
build_id: "{{build_id}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: azdo
baseUri: "https://dev.azure.com/fidelity.com"
authentication:
type: bearer
token: "$secrets.azdo_token"
resources:
- name: builds
path: "/{{project}}/_apis/build/builds/{{build_id}}"
inputParameters:
- name: project
in: path
- name: build_id
in: path
operations:
- name: get-build
method: GET
Backup Verification Pipeline
▼
database backup operations
Verifies backups at Fidelity.
naftiko: "0.5"
info:
label: "Backup Verification Pipeline"
description: "Verifies backups at Fidelity."
tags:
- database
- backup
- operations
capability:
exposes:
- type: mcp
namespace: backup-verify
port: 8080
tools:
- name: verify-backups
description: "Verify backups at Fidelity."
inputParameters:
- name: db
in: body
type: string
description: "Database."
- name: date
in: body
type: string
description: "Backup date."
steps:
- name: status
type: call
call: "backup.get-status"
with:
db: "{{db}}"
date: "{{date}}"
- name: verify
type: call
call: "backup.verify"
with:
id: "{{status.backup_id}}"
- name: log
type: call
call: "snowflake.query"
with:
query: "INSERT INTO backup_log VALUES ('{{db}}','{{date}}','{{verify.status}}')"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#dba"
text: "Backup {{db}}: {{verify.status}}"
consumes:
- type: http
namespace: backup
baseUri: "https://backup.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.backup_token"
resources:
- name: backups
path: "/databases/{{db}}/status"
inputParameters:
- name: db
in: path
operations:
- name: get-status
method: GET
- type: http
namespace: snowflake
baseUri: "https://fidelity.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Bloomberg BQL Risk Metrics
▼
risk-management analytics bloomberg-query-language
Executes a Bloomberg Query Language expression to retrieve risk metrics such as VaR, beta, and Sharpe ratio for a given portfolio.
naftiko: "0.5"
info:
label: "Bloomberg BQL Risk Metrics"
description: "Executes a Bloomberg Query Language expression to retrieve risk metrics such as VaR, beta, and Sharpe ratio for a given portfolio."
tags:
- risk-management
- analytics
- bloomberg-query-language
capability:
exposes:
- type: mcp
namespace: risk-analytics
port: 8080
tools:
- name: run-bql-risk-query
description: "Execute a BQL query against Bloomberg for portfolio risk metrics."
inputParameters:
- name: bql_expression
in: body
type: string
description: "A valid Bloomberg BQL expression."
call: "bql.execute-query"
with:
expression: "{{bql_expression}}"
consumes:
- type: http
namespace: bql
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg"
authentication:
type: bearer
token: "$secrets.bloomberg_api_token"
resources:
- name: bql-queries
path: "/queries"
operations:
- name: execute-query
method: POST
Bloomberg Market Data Fetch
▼
trading market-data bloomberg-enterprise-data
Pulls real-time market data for a given security from Bloomberg Enterprise Data, returning price, volume, and change metrics.
naftiko: "0.5"
info:
label: "Bloomberg Market Data Fetch"
description: "Pulls real-time market data for a given security from Bloomberg Enterprise Data, returning price, volume, and change metrics."
tags:
- trading
- market-data
- bloomberg-enterprise-data
capability:
exposes:
- type: mcp
namespace: market-data
port: 8080
tools:
- name: get-security-quote
description: "Fetch real-time quote data for a security ticker from Bloomberg Enterprise Data."
inputParameters:
- name: ticker
in: body
type: string
description: "Bloomberg ticker symbol (e.g., AAPL US Equity)."
call: "bloomberg.get-quote"
with:
ticker: "{{ticker}}"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_api_token"
resources:
- name: quotes
path: "/quotes/{{ticker}}"
inputParameters:
- name: ticker
in: path
operations:
- name: get-quote
method: GET
Budget Variance Pipeline
▼
finance budget oracle workday
Analyzes budget variance at Fidelity via Oracle, Workday, and Slack.
naftiko: "0.5"
info:
label: "Budget Variance Pipeline"
description: "Analyzes budget variance at Fidelity via Oracle, Workday, and Slack."
tags:
- finance
- budget
- oracle
- workday
capability:
exposes:
- type: mcp
namespace: budget-var
port: 8080
tools:
- name: analyze-variance
description: "Check budget variance at Fidelity."
inputParameters:
- name: cc
in: body
type: string
description: "Cost center."
- name: period
in: body
type: string
description: "Period."
steps:
- name: actuals
type: call
call: "oracle.get-actuals"
with:
cc: "{{cc}}"
period: "{{period}}"
- name: budget
type: call
call: "workday.get-budget"
with:
cc: "{{cc}}"
- name: compute
type: call
call: "analytics.variance"
with:
a: "{{actuals.total}}"
b: "{{budget.total}}"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#finance"
text: "Variance {{cc}}: ${{compute.variance}}"
consumes:
- type: http
namespace: oracle
baseUri: "https://oracle.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.oracle_token"
resources:
- name: fin
path: "/actuals"
operations:
- name: get-actuals
method: GET
- type: http
namespace: workday
baseUri: "https://wd5.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: budgets
path: "/budgets"
operations:
- name: get-budget
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: var
path: "/compute"
operations:
- name: variance
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Capacity Planning Pipeline
▼
infrastructure capacity-planning forecasting
Plans capacity at Fidelity by collecting utilization and forecasting.
naftiko: "0.5"
info:
label: "Capacity Planning Pipeline"
description: "Plans capacity at Fidelity by collecting utilization and forecasting."
tags:
- infrastructure
- capacity-planning
- forecasting
capability:
exposes:
- type: mcp
namespace: capacity
port: 8080
tools:
- name: plan-capacity
description: "Plan capacity at Fidelity."
inputParameters:
- name: resource
in: body
type: string
description: "Resource type."
- name: months
in: body
type: number
description: "Forecast months."
steps:
- name: util
type: call
call: "monitoring.get-util"
with:
resource: "{{resource}}"
- name: forecast
type: call
call: "analytics.forecast"
with:
current: "{{util.pct}}"
months: "{{months}}"
- name: procure
type: call
call: "servicenow.create-request"
with:
type: "capacity"
resource: "{{resource}}"
- name: dashboard
type: call
call: "power-bi.refresh"
with:
dataset: "capacity"
consumes:
- type: http
namespace: monitoring
baseUri: "https://monitoring.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.monitoring_token"
resources:
- name: util
path: "/resources/{{resource}}/util"
inputParameters:
- name: resource
in: path
operations:
- name: get-util
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: forecast
path: "/demand"
operations:
- name: forecast
method: POST
- type: http
namespace: servicenow
baseUri: "https://fidelity.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
Certificate Expiry Pipeline
▼
security certificates monitoring
Monitors cert expiry at Fidelity.
naftiko: "0.5"
info:
label: "Certificate Expiry Pipeline"
description: "Monitors cert expiry at Fidelity."
tags:
- security
- certificates
- monitoring
capability:
exposes:
- type: mcp
namespace: cert-monitor
port: 8080
tools:
- name: check-certs
description: "Monitor certs at Fidelity."
inputParameters:
- name: domains
in: body
type: string
description: "Domains to check."
steps:
- name: scan
type: call
call: "cert-scanner.scan"
with:
domains: "{{domains}}"
- name: filter
type: call
call: "analytics.filter-expiring"
with:
certs: "{{scan.results}}"
- name: ticket
type: call
call: "jira.create-issue"
with:
project: "SEC"
summary: "{{filter.count}} certs expiring"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#security"
text: "Cert alert: {{filter.count}} expiring"
consumes:
- type: http
namespace: cert-scanner
baseUri: "https://certs.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.cert_token"
resources:
- name: scans
path: "/scan"
operations:
- name: scan
method: POST
- type: http
namespace: jira
baseUri: "https://fidelity.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Change Management Pipeline
▼
change-management servicenow itil
Routes changes at Fidelity through ServiceNow and CAB approval.
naftiko: "0.5"
info:
label: "Change Management Pipeline"
description: "Routes changes at Fidelity through ServiceNow and CAB approval."
tags:
- change-management
- servicenow
- itil
capability:
exposes:
- type: mcp
namespace: change-mgmt
port: 8080
tools:
- name: process-change
description: "Process changes at Fidelity."
inputParameters:
- name: change_id
in: body
type: string
description: "Change ID."
- name: date
in: body
type: string
description: "Date."
steps:
- name: get
type: call
call: "servicenow.get-change"
with:
id: "{{change_id}}"
- name: conflicts
type: call
call: "servicenow.check-conflicts"
with:
date: "{{date}}"
- name: submit
type: call
call: "servicenow.update"
with:
id: "{{change_id}}"
state: "approval"
- name: notify
type: call
call: "email.send"
with:
to: "cab@co.com"
subject: "CAB: {{change_id}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://fidelity.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: changes
path: "/table/change_request/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-change
method: GET
- type: http
namespace: email
baseUri: "https://email.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
Client Account Lookup
▼
wealth-management client-services salesforce
Retrieves a Salesforce client account record by account number, returning contact details, account type, and assigned advisor.
naftiko: "0.5"
info:
label: "Client Account Lookup"
description: "Retrieves a Salesforce client account record by account number, returning contact details, account type, and assigned advisor."
tags:
- wealth-management
- client-services
- salesforce
capability:
exposes:
- type: mcp
namespace: client-lookup
port: 8080
tools:
- name: get-client-account
description: "Look up a client account in Salesforce by account number. Returns contact info, account type, AUM, and assigned advisor."
inputParameters:
- name: account_number
in: body
type: string
description: "The Fidelity client account number."
call: "salesforce.get-account"
with:
account_number: "{{account_number}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/query/?q=SELECT+Id,Name,AccountNumber,Type,OwnerId+FROM+Account+WHERE+AccountNumber='{{account_number}}'"
inputParameters:
- name: account_number
in: query
operations:
- name: get-account
method: GET
Client Meeting Prep Assembler
▼
wealth-management client-services salesforce factset gong sharepoint
Assembles a client meeting brief by pulling account data from Salesforce, portfolio performance from FactSet, recent interactions from Gong, and compiles the document in SharePoint.
naftiko: "0.5"
info:
label: "Client Meeting Prep Assembler"
description: "Assembles a client meeting brief by pulling account data from Salesforce, portfolio performance from FactSet, recent interactions from Gong, and compiles the document in SharePoint."
tags:
- wealth-management
- client-services
- salesforce
- factset
- gong
- sharepoint
capability:
exposes:
- type: mcp
namespace: meeting-prep
port: 8080
tools:
- name: prepare-client-brief
description: "Compile a comprehensive client meeting brief from CRM, portfolio, and interaction data."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
- name: advisor_email
in: body
type: string
description: "Advisor email for document access."
steps:
- name: get-account-data
type: call
call: "salesforce.get-account-detail"
with:
account_id: "{{account_id}}"
- name: get-performance
type: call
call: "factset.get-portfolio-performance"
with:
portfolio_id: "{{get-account-data.portfolio_id}}"
- name: get-interactions
type: call
call: "gong.get-recent-calls"
with:
account_name: "{{get-account-data.Name}}"
- name: save-brief
type: call
call: "sharepoint.upload-file"
with:
site_id: "advisor-workspace"
file_path: "MeetingBriefs/{{get-account-data.Name}}/brief_{{get-account-data.next_meeting_date}}.docx"
content: "{\"account\": \"{{get-account-data}}\", \"performance\": \"{{get-performance}}\", \"interactions\": \"{{get-interactions}}\"}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account-detail
method: GET
- type: http
namespace: factset
baseUri: "https://api.factset.com/portfolio/v1"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_password"
resources:
- name: performance
path: "/portfolios/{{portfolio_id}}/performance"
inputParameters:
- name: portfolio_id
in: path
operations:
- name: get-portfolio-performance
method: GET
- type: http
namespace: gong
baseUri: "https://api.gong.io/v2"
authentication:
type: bearer
token: "$secrets.gong_token"
resources:
- name: calls
path: "/calls?filter.accountName={{account_name}}&filter.fromDateTime=-30d"
inputParameters:
- name: account_name
in: query
operations:
- name: get-recent-calls
method: GET
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/{{site_id}}/drive/root:/{{file_path}}:/content"
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: upload-file
method: PUT
Client Risk Profile Assessment
▼
wealth-management risk-management salesforce snowflake box
Retrieves client survey responses from Salesforce, scores risk tolerance using a Snowflake model, updates the client profile in Salesforce, and archives the assessment in Box.
naftiko: "0.5"
info:
label: "Client Risk Profile Assessment"
description: "Retrieves client survey responses from Salesforce, scores risk tolerance using a Snowflake model, updates the client profile in Salesforce, and archives the assessment in Box."
tags:
- wealth-management
- risk-management
- salesforce
- snowflake
- box
capability:
exposes:
- type: mcp
namespace: risk-profiling
port: 8080
tools:
- name: assess-risk-profile
description: "Score a client risk profile from survey data and update their CRM record."
inputParameters:
- name: client_account_id
in: body
type: string
description: "Salesforce client account ID."
steps:
- name: get-survey
type: call
call: "salesforce.get-survey-responses"
with:
account_id: "{{client_account_id}}"
- name: score-risk
type: call
call: "snowflake.run-risk-model"
with:
statement: "SELECT score_risk_tolerance('{{get-survey.responses_json}}') as risk_score, classify_risk_tolerance('{{get-survey.responses_json}}') as risk_category"
- name: update-profile
type: call
call: "salesforce.update-account"
with:
account_id: "{{client_account_id}}"
risk_score: "{{score-risk.risk_score}}"
risk_category: "{{score-risk.risk_category}}"
- name: archive-assessment
type: call
call: "box.upload-file"
with:
parent_id: "risk_assessments"
name: "risk_assessment_{{client_account_id}}_{{score-risk.assessment_date}}.json"
content: "{{score-risk}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: survey-responses
path: "/query/?q=SELECT+Response_Data__c+FROM+Survey_Response__c+WHERE+Account__c='{{account_id}}'+ORDER+BY+CreatedDate+DESC+LIMIT+1"
inputParameters:
- name: account_id
in: query
operations:
- name: get-survey-responses
method: GET
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: update-account
method: PATCH
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-risk-model
method: POST
- type: http
namespace: box
baseUri: "https://api.box.com/2.0"
authentication:
type: bearer
token: "$secrets.box_token"
resources:
- name: files
path: "/files/content"
operations:
- name: upload-file
method: POST
Cloud Cost Optimization Pipeline
▼
cloud cost-management finops
Optimizes cloud costs at Fidelity via Azure, FinOps, Jira, and Power BI.
naftiko: "0.5"
info:
label: "Cloud Cost Optimization Pipeline"
description: "Optimizes cloud costs at Fidelity via Azure, FinOps, Jira, and Power BI."
tags:
- cloud
- cost-management
- finops
capability:
exposes:
- type: mcp
namespace: cloud-opt
port: 8080
tools:
- name: optimize
description: "Optimize cloud costs at Fidelity."
inputParameters:
- name: provider
in: body
type: string
description: "Provider."
- name: range
in: body
type: string
description: "Range."
steps:
- name: spend
type: call
call: "cloud.get-costs"
with:
provider: "{{provider}}"
range: "{{range}}"
- name: savings
type: call
call: "finops.analyze"
with:
data: "{{spend.data}}"
- name: action
type: call
call: "jira.create-issue"
with:
project: "FINOPS"
summary: "Save ${{savings.potential}}"
- name: report
type: call
call: "power-bi.refresh"
with:
dataset: "cloud"
consumes:
- type: http
namespace: cloud
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: costs
path: "/providers/Microsoft.CostManagement/query"
operations:
- name: get-costs
method: POST
- type: http
namespace: finops
baseUri: "https://finops.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.finops_token"
resources:
- name: analysis
path: "/savings"
operations:
- name: analyze
method: POST
- type: http
namespace: jira
baseUri: "https://fidelity.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
Compliance Alert Escalation Pipeline
▼
compliance surveillance snowflake salesforce box microsoft-teams servicenow
When a compliance violation is detected in Snowflake surveillance data, creates a Salesforce compliance case, uploads evidence to Box, notifies the compliance officer via Microsoft Teams, and logs in ServiceNow.
naftiko: "0.5"
info:
label: "Compliance Alert Escalation Pipeline"
description: "When a compliance violation is detected in Snowflake surveillance data, creates a Salesforce compliance case, uploads evidence to Box, notifies the compliance officer via Microsoft Teams, and logs in ServiceNow."
tags:
- compliance
- surveillance
- snowflake
- salesforce
- box
- microsoft-teams
- servicenow
capability:
exposes:
- type: mcp
namespace: compliance-escalation
port: 8080
tools:
- name: escalate-violation
description: "Escalate a compliance violation with case creation, evidence storage, notification, and audit logging."
inputParameters:
- name: violation_id
in: body
type: string
description: "Snowflake violation record ID."
- name: compliance_officer_email
in: body
type: string
description: "Compliance officer email address."
steps:
- name: get-violation
type: call
call: "snowflake.get-violation"
with:
statement: "SELECT * FROM compliance.violations WHERE violation_id = '{{violation_id}}'"
- name: create-case
type: call
call: "salesforce.create-case"
with:
subject: "Compliance Violation: {{get-violation.violation_type}} - {{get-violation.account_number}}"
type: "Compliance"
priority: "High"
description: "{{get-violation.description}}"
- name: store-evidence
type: call
call: "box.upload-file"
with:
parent_id: "compliance_evidence"
name: "violation_{{violation_id}}_evidence.json"
content: "{{get-violation.evidence_payload}}"
- name: notify-officer
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{compliance_officer_email}}"
text: "COMPLIANCE ALERT: {{get-violation.violation_type}} detected for account {{get-violation.account_number}}. Case: {{create-case.CaseNumber}}. Evidence: {{store-evidence.shared_link}}"
- name: log-incident
type: call
call: "servicenow.create-record"
with:
table: "u_compliance_incident"
short_description: "Compliance violation {{violation_id}}"
case_number: "{{create-case.CaseNumber}}"
severity: "{{get-violation.severity}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: get-violation
method: POST
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: cases
path: "/sobjects/Case"
operations:
- name: create-case
method: POST
- type: http
namespace: box
baseUri: "https://api.box.com/2.0"
authentication:
type: bearer
token: "$secrets.box_token"
resources:
- name: files
path: "/files/content"
operations:
- name: upload-file
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chat-messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
- type: http
namespace: servicenow
baseUri: "https://fidelity.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tables
path: "/table/{{table}}"
inputParameters:
- name: table
in: path
operations:
- name: create-record
method: POST
Compliance Training Enrollment Tracker
▼
compliance training pluralsight workday microsoft-outlook
When a compliance training deadline approaches, queries Pluralsight for completion status, updates Workday learning records, and sends reminder emails via Microsoft Outlook to incomplete employees.
naftiko: "0.5"
info:
label: "Compliance Training Enrollment Tracker"
description: "When a compliance training deadline approaches, queries Pluralsight for completion status, updates Workday learning records, and sends reminder emails via Microsoft Outlook to incomplete employees."
tags:
- compliance
- training
- pluralsight
- workday
- microsoft-outlook
capability:
exposes:
- type: mcp
namespace: compliance-training
port: 8080
tools:
- name: track-compliance-training
description: "Track compliance training completion across learning platform and HR system with email reminders."
inputParameters:
- name: course_id
in: body
type: string
description: "Pluralsight course ID."
- name: deadline
in: body
type: string
description: "Training deadline in YYYY-MM-DD format."
- name: department
in: body
type: string
description: "Department to check."
steps:
- name: get-completions
type: call
call: "pluralsight.get-course-completions"
with:
course_id: "{{course_id}}"
- name: get-department-staff
type: call
call: "workday.get-department-workers"
with:
department: "{{department}}"
- name: update-records
type: call
call: "workday.update-learning-records"
with:
completions: "{{get-completions.users}}"
course_id: "{{course_id}}"
- name: send-reminders
type: call
call: "outlook.send-email"
with:
to: "{{get-department-staff.incomplete_emails}}"
subject: "Compliance Training Reminder - Due {{deadline}}"
body: "You have not yet completed the required compliance training. Please complete the course by {{deadline}} to remain in compliance. Access the course at Pluralsight."
consumes:
- type: http
namespace: pluralsight
baseUri: "https://api.pluralsight.com/v1"
authentication:
type: bearer
token: "$secrets.pluralsight_token"
resources:
- name: courses
path: "/courses/{{course_id}}/completions"
inputParameters:
- name: course_id
in: path
operations:
- name: get-course-completions
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1/fidelity"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: departments
path: "/workers?department={{department}}"
inputParameters:
- name: department
in: query
operations:
- name: get-department-workers
method: GET
- name: learning
path: "/learning/records"
operations:
- name: update-learning-records
method: POST
- type: http
namespace: outlook
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/me/sendMail"
operations:
- name: send-email
method: POST
Confluence Article Search
▼
knowledge-management confluence documentation
Searches Confluence at Fidelity.
naftiko: "0.5"
info:
label: "Confluence Article Search"
description: "Searches Confluence at Fidelity."
tags:
- knowledge-management
- confluence
- documentation
capability:
exposes:
- type: mcp
namespace: confluence-search
port: 8080
tools:
- name: search-articles
description: "Search Confluence at Fidelity."
inputParameters:
- name: query
in: body
type: string
description: "Query."
call: "confluence.search"
with:
query: "{{query}}"
outputParameters:
- name: title
type: string
mapping: "$.results[0].title"
consumes:
- type: http
namespace: confluence
baseUri: "https://fidelity.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: content
path: "/content/search"
operations:
- name: search
method: GET
Contract Renewal Pipeline
▼
procurement contracts salesforce jira
Tracks contract renewals at Fidelity via contracts system, email, Jira, and Salesforce.
naftiko: "0.5"
info:
label: "Contract Renewal Pipeline"
description: "Tracks contract renewals at Fidelity via contracts system, email, Jira, and Salesforce."
tags:
- procurement
- contracts
- salesforce
- jira
capability:
exposes:
- type: mcp
namespace: contract-renew
port: 8080
tools:
- name: track
description: "Track renewals at Fidelity."
inputParameters:
- name: contract_id
in: body
type: string
description: "Contract ID."
- name: owner
in: body
type: string
description: "Owner email."
steps:
- name: get
type: call
call: "contracts.get"
with:
id: "{{contract_id}}"
- name: remind
type: call
call: "email.send"
with:
to: "{{owner}}"
subject: "Renewal: {{contract_id}}"
- name: task
type: call
call: "jira.create-issue"
with:
project: "PROC"
summary: "Renew {{contract_id}}"
- name: crm
type: call
call: "salesforce.update"
with:
id: "{{contract_id}}"
stage: "Renewal"
consumes:
- type: http
namespace: contracts
baseUri: "https://contracts.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.contracts_token"
resources:
- name: contracts
path: "/contracts/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get
method: GET
- type: http
namespace: email
baseUri: "https://email.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
- type: http
namespace: jira
baseUri: "https://fidelity.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: salesforce
baseUri: "https://fidelity.com.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opps
path: "/sobjects/Opportunity"
operations:
- name: update
method: PATCH
Corporate Action Processing Pipeline
▼
operations corporate-actions bloomberg-enterprise-data simcorp-dimension microsoft-teams snowflake
Detects corporate actions from Bloomberg Enterprise Data, updates positions in SimCorp Dimension, notifies portfolio managers via Microsoft Teams, and logs the action in Snowflake for audit.
naftiko: "0.5"
info:
label: "Corporate Action Processing Pipeline"
description: "Detects corporate actions from Bloomberg Enterprise Data, updates positions in SimCorp Dimension, notifies portfolio managers via Microsoft Teams, and logs the action in Snowflake for audit."
tags:
- operations
- corporate-actions
- bloomberg-enterprise-data
- simcorp-dimension
- microsoft-teams
- snowflake
capability:
exposes:
- type: mcp
namespace: corporate-actions
port: 8080
tools:
- name: process-corporate-action
description: "Process a corporate action across position management, notification, and audit systems."
inputParameters:
- name: action_id
in: body
type: string
description: "Bloomberg corporate action ID."
- name: pm_channel
in: body
type: string
description: "Microsoft Teams channel for PM notifications."
steps:
- name: get-action
type: call
call: "bloomberg.get-corporate-action"
with:
action_id: "{{action_id}}"
- name: update-positions
type: call
call: "simcorp.apply-corporate-action"
with:
action_type: "{{get-action.type}}"
security_id: "{{get-action.security_id}}"
effective_date: "{{get-action.effective_date}}"
ratio: "{{get-action.ratio}}"
- name: notify-pms
type: call
call: "msteams.post-channel"
with:
channel_id: "{{pm_channel}}"
text: "Corporate Action: {{get-action.type}} on {{get-action.security_name}} effective {{get-action.effective_date}}. Ratio: {{get-action.ratio}}. Positions updated: {{update-positions.affected_count}}"
- name: log-audit
type: call
call: "snowflake.execute-query"
with:
statement: "INSERT INTO corporate_actions_log (action_id, type, security_id, effective_date, positions_affected) VALUES ('{{action_id}}', '{{get-action.type}}', '{{get-action.security_id}}', '{{get-action.effective_date}}', {{update-positions.affected_count}})"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_api_token"
resources:
- name: corporate-actions
path: "/corporate-actions/{{action_id}}"
inputParameters:
- name: action_id
in: path
operations:
- name: get-corporate-action
method: GET
- type: http
namespace: simcorp
baseUri: "https://simcorp.fidelity.com/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: corporate-actions
path: "/corporate-actions/apply"
operations:
- name: apply-corporate-action
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Cost Reallocation Pipeline
▼
finance cost-allocation oracle
Reallocates costs at Fidelity.
naftiko: "0.5"
info:
label: "Cost Reallocation Pipeline"
description: "Reallocates costs at Fidelity."
tags:
- finance
- cost-allocation
- oracle
capability:
exposes:
- type: mcp
namespace: cost-realloc
port: 8080
tools:
- name: reallocate
description: "Reallocate costs at Fidelity."
inputParameters:
- name: source
in: body
type: string
description: "Source CC."
- name: target
in: body
type: string
description: "Target CC."
- name: amount
in: body
type: number
description: "Amount."
steps:
- name: current
type: call
call: "oracle.get-alloc"
with:
cc: "{{source}}"
- name: compute
type: call
call: "analytics.realloc"
with:
source: "{{source}}"
target: "{{target}}"
amount: "{{amount}}"
- name: post
type: call
call: "oracle.post-journal"
with:
entries: "{{compute.entries}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#finance"
text: "Reallocated ${{amount}} from {{source}} to {{target}}"
consumes:
- type: http
namespace: oracle
baseUri: "https://oracle.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.oracle_token"
resources:
- name: allocations
path: "/cost-centers/{{cc}}/allocations"
inputParameters:
- name: cc
in: path
operations:
- name: get-alloc
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: realloc
path: "/compute"
operations:
- name: realloc
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Data Pipeline Monitor Pipeline
▼
data-engineering databricks monitoring slack
Monitors data pipelines at Fidelity via Databricks, Snowflake, Slack, and ServiceNow.
naftiko: "0.5"
info:
label: "Data Pipeline Monitor Pipeline"
description: "Monitors data pipelines at Fidelity via Databricks, Snowflake, Slack, and ServiceNow."
tags:
- data-engineering
- databricks
- monitoring
- slack
capability:
exposes:
- type: mcp
namespace: pipeline-mon
port: 8080
tools:
- name: monitor
description: "Monitor pipelines at Fidelity."
inputParameters:
- name: pipeline_id
in: body
type: string
description: "Pipeline ID."
steps:
- name: status
type: call
call: "databricks.get-run"
with:
id: "{{pipeline_id}}"
- name: quality
type: call
call: "snowflake.query"
with:
query: "SELECT COUNT(*) FROM out WHERE p='{{pipeline_id}}'"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#data"
text: "Pipeline {{pipeline_id}}: {{status.state}}"
- name: incident
type: call
call: "servicenow.create-incident"
with:
desc: "Pipeline {{pipeline_id}} issue"
consumes:
- type: http
namespace: databricks
baseUri: "https://fidelity.com.cloud.databricks.com/api/2.1"
authentication:
type: bearer
token: "$secrets.databricks_token"
resources:
- name: jobs
path: "/jobs/runs/get"
operations:
- name: get-run
method: GET
- type: http
namespace: snowflake
baseUri: "https://fidelity.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: servicenow
baseUri: "https://fidelity.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Datadog Monitor Check
▼
monitoring datadog observability
Checks Datadog monitor at Fidelity.
naftiko: "0.5"
info:
label: "Datadog Monitor Check"
description: "Checks Datadog monitor at Fidelity."
tags:
- monitoring
- datadog
- observability
capability:
exposes:
- type: mcp
namespace: dd-monitor
port: 8080
tools:
- name: check-monitor
description: "Check monitor at Fidelity."
inputParameters:
- name: monitor_id
in: body
type: string
description: "Monitor ID."
call: "datadog.get-monitor"
with:
monitor_id: "{{monitor_id}}"
outputParameters:
- name: status
type: string
mapping: "$.overall_state"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/{{monitor_id}}"
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
DR Test Pipeline
▼
disaster-recovery business-continuity testing
Tests disaster recovery at Fidelity via failover, health checks, and reporting.
naftiko: "0.5"
info:
label: "DR Test Pipeline"
description: "Tests disaster recovery at Fidelity via failover, health checks, and reporting."
tags:
- disaster-recovery
- business-continuity
- testing
capability:
exposes:
- type: mcp
namespace: dr-test
port: 8080
tools:
- name: test-dr
description: "Test DR at Fidelity."
inputParameters:
- name: plan_id
in: body
type: string
description: "Plan ID."
- name: type
in: body
type: string
description: "Test type."
steps:
- name: failover
type: call
call: "dr.failover"
with:
plan: "{{plan_id}}"
type: "{{type}}"
- name: validate
type: call
call: "monitoring.check"
with:
scope: "critical"
- name: measure
type: call
call: "dr.metrics"
with:
id: "{{failover.id}}"
- name: report
type: call
call: "confluence.create-page"
with:
title: "DR - {{plan_id}}"
body: "RTO:{{measure.rto}}m RPO:{{measure.rpo}}m"
consumes:
- type: http
namespace: dr
baseUri: "https://dr.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.dr_token"
resources:
- name: failovers
path: "/failovers"
operations:
- name: failover
method: POST
- type: http
namespace: monitoring
baseUri: "https://monitoring.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.monitoring_token"
resources:
- name: health
path: "/checks"
operations:
- name: check
method: POST
- type: http
namespace: confluence
baseUri: "https://fidelity.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
Drift Detection Pipeline
▼
infrastructure terraform drift-detection devops
Detects infrastructure drift at Fidelity via Terraform, Slack, and Jira.
naftiko: "0.5"
info:
label: "Drift Detection Pipeline"
description: "Detects infrastructure drift at Fidelity via Terraform, Slack, and Jira."
tags:
- infrastructure
- terraform
- drift-detection
- devops
capability:
exposes:
- type: mcp
namespace: drift-det
port: 8080
tools:
- name: detect
description: "Detect drift at Fidelity."
inputParameters:
- name: ws_id
in: body
type: string
description: "Workspace ID."
- name: env
in: body
type: string
description: "Environment."
steps:
- name: plan
type: call
call: "terraform.run"
with:
ws: "{{ws_id}}"
- name: check
type: call
call: "terraform.get-plan"
with:
run: "{{plan.id}}"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#infra"
text: "Drift {{env}}: {{check.changes}} changes"
- name: ticket
type: call
call: "jira.create-issue"
with:
project: "INFRA"
summary: "Drift in {{env}}"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/runs"
operations:
- name: run
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: jira
baseUri: "https://fidelity.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
ES Index Health
▼
search elasticsearch infrastructure
Checks ES index at Fidelity.
naftiko: "0.5"
info:
label: "ES Index Health"
description: "Checks ES index at Fidelity."
tags:
- search
- elasticsearch
- infrastructure
capability:
exposes:
- type: mcp
namespace: es-health
port: 8080
tools:
- name: check-index
description: "Check ES index at Fidelity."
inputParameters:
- name: index
in: body
type: string
description: "Index name."
call: "es.get-health"
with:
index: "{{index}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
- name: docs
type: number
mapping: "$.docs.count"
consumes:
- type: http
namespace: es
baseUri: "https://es.fidelity.com:9200"
authentication:
type: bearer
token: "$secrets.es_token"
resources:
- name: indices
path: "/{{index}}/_stats"
inputParameters:
- name: index
in: path
operations:
- name: get-health
method: GET
Elasticsearch Trade Log Search
▼
operations trade-support elasticsearch
Searches Elasticsearch for trade execution logs matching a given order ID or time range, used for trade support investigations.
naftiko: "0.5"
info:
label: "Elasticsearch Trade Log Search"
description: "Searches Elasticsearch for trade execution logs matching a given order ID or time range, used for trade support investigations."
tags:
- operations
- trade-support
- elasticsearch
capability:
exposes:
- type: mcp
namespace: trade-log-search
port: 8080
tools:
- name: search-trade-logs
description: "Search Elasticsearch for trade execution logs by order ID."
inputParameters:
- name: order_id
in: body
type: string
description: "Trade order identifier."
call: "elasticsearch.search-logs"
with:
order_id: "{{order_id}}"
consumes:
- type: http
namespace: elasticsearch
baseUri: "https://elasticsearch.fidelity.com:9200"
authentication:
type: basic
username: "$secrets.elastic_user"
password: "$secrets.elastic_password"
resources:
- name: trade-logs
path: "/trade-logs-*/_search"
operations:
- name: search-logs
method: POST
Employee Offboarding Orchestrator
▼
hr offboarding workday azure-active-directory salesforce servicenow microsoft-teams
When a termination is processed in Workday, disables the Azure AD account, revokes Salesforce access, closes ServiceNow tickets, and notifies HR via Microsoft Teams.
naftiko: "0.5"
info:
label: "Employee Offboarding Orchestrator"
description: "When a termination is processed in Workday, disables the Azure AD account, revokes Salesforce access, closes ServiceNow tickets, and notifies HR via Microsoft Teams."
tags:
- hr
- offboarding
- workday
- azure-active-directory
- salesforce
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: offboard-employee
description: "Orchestrate the full offboarding workflow across identity, CRM, ITSM, and communications."
inputParameters:
- name: worker_id
in: body
type: string
description: "Workday worker ID of the departing employee."
- name: hr_contact_email
in: body
type: string
description: "HR partner email for notifications."
steps:
- name: get-employee
type: call
call: "workday.get-worker"
with:
worker_id: "{{worker_id}}"
- name: disable-ad-account
type: call
call: "azuread.disable-user"
with:
user_principal_name: "{{get-employee.work_email}}"
- name: deactivate-salesforce
type: call
call: "salesforce.deactivate-user"
with:
email: "{{get-employee.work_email}}"
- name: close-tickets
type: call
call: "servicenow.bulk-close"
with:
assigned_to: "{{get-employee.work_email}}"
close_notes: "Employee {{get-employee.full_name}} offboarded. Tickets reassigned or closed."
- name: notify-hr
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{hr_contact_email}}"
text: "Offboarding complete for {{get-employee.full_name}}. AD disabled, Salesforce deactivated, {{close-tickets.count}} tickets closed."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1/fidelity"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: azuread
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: users
path: "/users/{{user_principal_name}}"
inputParameters:
- name: user_principal_name
in: path
operations:
- name: disable-user
method: PATCH
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: users
path: "/query/?q=SELECT+Id+FROM+User+WHERE+Email='{{email}}'"
inputParameters:
- name: email
in: query
operations:
- name: deactivate-user
method: GET
- type: http
namespace: servicenow
baseUri: "https://fidelity.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident?sysparm_query=assigned_to={{assigned_to}}^state!=7"
inputParameters:
- name: assigned_to
in: query
operations:
- name: bulk-close
method: PATCH
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chat-messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Employee Offboarding Pipeline
▼
hr offboarding okta servicenow
Offboards employees at Fidelity via Okta, Slack, ServiceNow, and storage.
naftiko: "0.5"
info:
label: "Employee Offboarding Pipeline"
description: "Offboards employees at Fidelity via Okta, Slack, ServiceNow, and storage."
tags:
- hr
- offboarding
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: offboarding
port: 8080
tools:
- name: offboard
description: "Offboard employees at Fidelity."
inputParameters:
- name: emp_id
in: body
type: string
description: "Employee ID."
- name: last_day
in: body
type: string
description: "Last day."
steps:
- name: disable
type: call
call: "okta.deactivate"
with:
user: "{{emp_id}}"
- name: revoke
type: call
call: "slack.remove"
with:
user: "{{emp_id}}"
- name: return
type: call
call: "servicenow.create-request"
with:
type: "return"
emp: "{{emp_id}}"
- name: archive
type: call
call: "storage.archive"
with:
user: "{{emp_id}}"
consumes:
- type: http
namespace: okta
baseUri: "https://fidelity.com.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users/{{user}}/lifecycle/deactivate"
inputParameters:
- name: user
in: path
operations:
- name: deactivate
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: users
path: "/users.admin.remove"
operations:
- name: remove
method: POST
- type: http
namespace: servicenow
baseUri: "https://fidelity.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- type: http
namespace: storage
baseUri: "https://storage.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.storage_token"
resources:
- name: archives
path: "/archive"
operations:
- name: archive
method: POST
End-of-Day Reconciliation Orchestrator
▼
operations reconciliation simcorp-dimension snowflake sharepoint jira microsoft-teams
Runs end-of-day reconciliation by comparing positions in SimCorp Dimension with custodian records in Snowflake, generating break reports in SharePoint, creating Jira tickets for unresolved breaks, and sending a summary to operations via Microsoft Teams.
naftiko: "0.5"
info:
label: "End-of-Day Reconciliation Orchestrator"
description: "Runs end-of-day reconciliation by comparing positions in SimCorp Dimension with custodian records in Snowflake, generating break reports in SharePoint, creating Jira tickets for unresolved breaks, and sending a summary to operations via Microsoft Teams."
tags:
- operations
- reconciliation
- simcorp-dimension
- snowflake
- sharepoint
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: eod-recon
port: 8080
tools:
- name: run-eod-reconciliation
description: "Execute end-of-day position reconciliation with break reporting and escalation."
inputParameters:
- name: business_date
in: body
type: string
description: "Business date in YYYY-MM-DD format."
- name: ops_channel
in: body
type: string
description: "Microsoft Teams operations channel ID."
steps:
- name: get-internal-positions
type: call
call: "simcorp.get-eod-positions"
with:
date: "{{business_date}}"
- name: run-recon-query
type: call
call: "snowflake.execute-query"
with:
statement: "CALL run_eod_position_recon('{{business_date}}')"
- name: store-break-report
type: call
call: "sharepoint.upload-file"
with:
site_id: "operations"
file_path: "Reconciliation/EOD/{{business_date}}_break_report.json"
content: "{{run-recon-query.break_details}}"
- name: create-break-tickets
type: call
call: "jira.create-issue"
with:
project: "OPSRECON"
summary: "EOD Position Breaks: {{business_date}} - {{run-recon-query.break_count}} items"
description: "Break report: {{store-break-report.url}}. Total breaks: {{run-recon-query.break_count}}. Net break value: ${{run-recon-query.net_break_value}}"
issue_type: "Task"
priority: "High"
- name: notify-ops-team
type: call
call: "msteams.post-channel"
with:
channel_id: "{{ops_channel}}"
text: "EOD Recon Complete ({{business_date}}): {{run-recon-query.matched_count}} matched, {{run-recon-query.break_count}} breaks. Report: {{store-break-report.url}}. Jira: {{create-break-tickets.key}}"
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.fidelity.com/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: positions
path: "/positions/eod?date={{date}}"
inputParameters:
- name: date
in: query
operations:
- name: get-eod-positions
method: GET
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/{{site_id}}/drive/root:/{{file_path}}:/content"
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: upload-file
method: PUT
- type: http
namespace: jira
baseUri: "https://fidelity.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Expense Audit Pipeline
▼
finance travel sap-concur compliance
Audits expenses at Fidelity via Concur, compliance checks, and email.
naftiko: "0.5"
info:
label: "Expense Audit Pipeline"
description: "Audits expenses at Fidelity via Concur, compliance checks, and email."
tags:
- finance
- travel
- sap-concur
- compliance
capability:
exposes:
- type: mcp
namespace: expense-audit
port: 8080
tools:
- name: audit
description: "Audit expenses at Fidelity."
inputParameters:
- name: report_id
in: body
type: string
description: "Report ID."
steps:
- name: get
type: call
call: "concur.get-report"
with:
id: "{{report_id}}"
- name: check
type: call
call: "compliance.check"
with:
expenses: "{{get.entries}}"
- name: flag
type: call
call: "workflow.flag"
with:
id: "{{report_id}}"
violations: "{{check.violations}}"
- name: notify
type: call
call: "email.send"
with:
to: "{{get.approver}}"
subject: "Expense {{report_id}} violations"
consumes:
- type: http
namespace: concur
baseUri: "https://us.api.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: reports
path: "/expense/reports/{{id}}"
inputParameters:
- name: id
in: path
operations:
- name: get-report
method: GET
- type: http
namespace: compliance
baseUri: "https://compliance.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.compliance_token"
resources:
- name: policies
path: "/check"
operations:
- name: check
method: POST
- type: http
namespace: workflow
baseUri: "https://workflow.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.workflow_token"
resources:
- name: reviews
path: "/flag"
operations:
- name: flag
method: POST
- type: http
namespace: email
baseUri: "https://email.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
FactSet Holdings Snapshot
▼
portfolio-management analytics factset
Queries FactSet for current holdings of a portfolio, returning security identifiers, weights, and market values.
naftiko: "0.5"
info:
label: "FactSet Holdings Snapshot"
description: "Queries FactSet for current holdings of a portfolio, returning security identifiers, weights, and market values."
tags:
- portfolio-management
- analytics
- factset
capability:
exposes:
- type: mcp
namespace: portfolio-analytics
port: 8080
tools:
- name: get-portfolio-holdings
description: "Retrieve current holdings for a portfolio from FactSet by portfolio ID."
inputParameters:
- name: portfolio_id
in: body
type: string
description: "The FactSet portfolio identifier."
call: "factset.get-holdings"
with:
portfolio_id: "{{portfolio_id}}"
consumes:
- type: http
namespace: factset
baseUri: "https://api.factset.com/portfolio/v1"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_password"
resources:
- name: holdings
path: "/portfolios/{{portfolio_id}}/holdings"
inputParameters:
- name: portfolio_id
in: path
operations:
- name: get-holdings
method: GET
Customer Feedback Pipeline
▼
customer-experience analytics sentiment-analysis
Analyzes feedback at Fidelity via surveys, AI sentiment, and Power BI.
naftiko: "0.5"
info:
label: "Customer Feedback Pipeline"
description: "Analyzes feedback at Fidelity via surveys, AI sentiment, and Power BI."
tags:
- customer-experience
- analytics
- sentiment-analysis
capability:
exposes:
- type: mcp
namespace: feedback
port: 8080
tools:
- name: analyze
description: "Analyze feedback at Fidelity."
inputParameters:
- name: survey_id
in: body
type: string
description: "Survey ID."
steps:
- name: collect
type: call
call: "survey.get"
with:
id: "{{survey_id}}"
- name: sentiment
type: call
call: "ai.analyze"
with:
text: "{{collect.responses}}"
- name: themes
type: call
call: "ai.themes"
with:
data: "{{collect.responses}}"
- name: dashboard
type: call
call: "power-bi.refresh"
with:
dataset: "cx"
consumes:
- type: http
namespace: survey
baseUri: "https://surveys.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.survey_token"
resources:
- name: responses
path: "/surveys/{{id}}/responses"
inputParameters:
- name: id
in: path
operations:
- name: get
method: GET
- type: http
namespace: ai
baseUri: "https://api.openai.com/v1"
authentication:
type: bearer
token: "$secrets.openai_api_key"
resources:
- name: completions
path: "/chat/completions"
operations:
- name: analyze
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
GitHub Repo Check
▼
devops github version-control
Checks GitHub repo at Fidelity.
naftiko: "0.5"
info:
label: "GitHub Repo Check"
description: "Checks GitHub repo at Fidelity."
tags:
- devops
- github
- version-control
capability:
exposes:
- type: mcp
namespace: gh-repo
port: 8080
tools:
- name: get-branch
description: "Check branch at Fidelity."
inputParameters:
- name: repo
in: body
type: string
description: "Repo."
- name: branch
in: body
type: string
description: "Branch."
call: "github.get-branch"
with:
repo: "{{repo}}"
branch: "{{branch}}"
outputParameters:
- name: sha
type: string
mapping: "$.commit.sha"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: branches
path: "/repos/org/{{repo}}/branches/{{branch}}"
inputParameters:
- name: repo
in: path
- name: branch
in: path
operations:
- name: get-branch
method: GET
Grafana Dashboard Status
▼
monitoring grafana dashboards
Checks Grafana dashboard at Fidelity.
naftiko: "0.5"
info:
label: "Grafana Dashboard Status"
description: "Checks Grafana dashboard at Fidelity."
tags:
- monitoring
- grafana
- dashboards
capability:
exposes:
- type: mcp
namespace: grafana
port: 8080
tools:
- name: check-dash
description: "Check dashboard at Fidelity."
inputParameters:
- name: uid
in: body
type: string
description: "Dashboard UID."
call: "grafana.get-dash"
with:
uid: "{{uid}}"
outputParameters:
- name: title
type: string
mapping: "$.dashboard.title"
consumes:
- type: http
namespace: grafana
baseUri: "https://grafana.fidelity.com/api"
authentication:
type: bearer
token: "$secrets.grafana_token"
resources:
- name: dashboards
path: "/dashboards/uid/{{uid}}"
inputParameters:
- name: uid
in: path
operations:
- name: get-dash
method: GET
HubSpot Lead Qualification Pipeline
▼
sales marketing hubspot zoominfo snowflake salesforce
When a new lead is created in HubSpot, enriches with ZoomInfo firmographic data, scores the lead in Snowflake, and creates a Salesforce opportunity if qualified.
naftiko: "0.5"
info:
label: "HubSpot Lead Qualification Pipeline"
description: "When a new lead is created in HubSpot, enriches with ZoomInfo firmographic data, scores the lead in Snowflake, and creates a Salesforce opportunity if qualified."
tags:
- sales
- marketing
- hubspot
- zoominfo
- snowflake
- salesforce
capability:
exposes:
- type: mcp
namespace: lead-qualification
port: 8080
tools:
- name: qualify-lead
description: "Enrich, score, and qualify a new lead from HubSpot to Salesforce."
inputParameters:
- name: hubspot_contact_id
in: body
type: string
description: "HubSpot contact ID."
steps:
- name: get-lead
type: call
call: "hubspot.get-contact"
with:
contact_id: "{{hubspot_contact_id}}"
- name: enrich-firmographics
type: call
call: "zoominfo.get-company"
with:
company_name: "{{get-lead.company}}"
- name: score-lead
type: call
call: "snowflake.execute-query"
with:
statement: "SELECT score_institutional_lead('{{get-lead.company}}', '{{enrich-firmographics.revenue}}', '{{enrich-firmographics.employee_count}}', '{{enrich-firmographics.industry}}') as lead_score"
- name: create-opportunity
type: call
call: "salesforce.create-opportunity"
with:
name: "{{get-lead.company}} - Institutional Services"
contact_email: "{{get-lead.email}}"
lead_score: "{{score-lead.lead_score}}"
company_revenue: "{{enrich-firmographics.revenue}}"
consumes:
- type: http
namespace: hubspot
baseUri: "https://api.hubapi.com/crm/v3"
authentication:
type: bearer
token: "$secrets.hubspot_token"
resources:
- name: contacts
path: "/objects/contacts/{{contact_id}}"
inputParameters:
- name: contact_id
in: path
operations:
- name: get-contact
method: GET
- type: http
namespace: zoominfo
baseUri: "https://api.zoominfo.com/search"
authentication:
type: bearer
token: "$secrets.zoominfo_token"
resources:
- name: companies
path: "/company"
operations:
- name: get-company
method: POST
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity"
operations:
- name: create-opportunity
method: POST
IBM MQ Message Queue Monitor
▼
operations messaging ibm-mq
Checks IBM MQ queue depth and message age for trade messaging queues, returning current depth, oldest message age, and consumer count.
naftiko: "0.5"
info:
label: "IBM MQ Message Queue Monitor"
description: "Checks IBM MQ queue depth and message age for trade messaging queues, returning current depth, oldest message age, and consumer count."
tags:
- operations
- messaging
- ibm-mq
capability:
exposes:
- type: mcp
namespace: mq-monitoring
port: 8080
tools:
- name: check-queue-health
description: "Get IBM MQ queue depth and health metrics for a trade messaging queue."
inputParameters:
- name: queue_manager
in: body
type: string
description: "Queue manager name."
- name: queue_name
in: body
type: string
description: "Queue name."
call: "ibmmq.get-queue-status"
with:
queue_manager: "{{queue_manager}}"
queue_name: "{{queue_name}}"
consumes:
- type: http
namespace: ibmmq
baseUri: "https://ibmmq.fidelity.com/ibmmq/rest/v2"
authentication:
type: basic
username: "$secrets.ibmmq_user"
password: "$secrets.ibmmq_password"
resources:
- name: queues
path: "/messaging/qmgr/{{queue_manager}}/queue/{{queue_name}}"
inputParameters:
- name: queue_manager
in: path
- name: queue_name
in: path
operations:
- name: get-queue-status
method: GET
Infrastructure Cost Optimization Report
▼
finops infrastructure cloudwatch azure-synapse-analytics snowflake tableau
Pulls AWS cost data via CloudWatch, Azure spend from Azure Synapse Analytics, combines in Snowflake, and generates a Tableau dashboard refresh for FinOps review.
naftiko: "0.5"
info:
label: "Infrastructure Cost Optimization Report"
description: "Pulls AWS cost data via CloudWatch, Azure spend from Azure Synapse Analytics, combines in Snowflake, and generates a Tableau dashboard refresh for FinOps review."
tags:
- finops
- infrastructure
- cloudwatch
- azure-synapse-analytics
- snowflake
- tableau
capability:
exposes:
- type: mcp
namespace: finops-reporting
port: 8080
tools:
- name: generate-cost-report
description: "Aggregate multi-cloud cost data and refresh the FinOps dashboard."
inputParameters:
- name: month
in: body
type: string
description: "Reporting month in YYYY-MM format."
steps:
- name: get-aws-costs
type: call
call: "cloudwatch.get-metric-data"
with:
namespace: "AWS/Billing"
metric: "EstimatedCharges"
period: "{{month}}"
- name: get-azure-costs
type: call
call: "synapse.execute-query"
with:
query: "SELECT service_name, SUM(cost) as total_cost FROM azure_billing WHERE billing_month = '{{month}}' GROUP BY service_name"
- name: load-combined
type: call
call: "snowflake.execute-query"
with:
statement: "CALL merge_cloud_costs('{{month}}', '{{get-aws-costs.datapoints}}', '{{get-azure-costs.results}}')"
- name: refresh-tableau
type: call
call: "tableau.refresh-extract"
with:
datasource_id: "cloud-cost-analysis"
consumes:
- type: http
namespace: cloudwatch
baseUri: "https://monitoring.us-east-1.amazonaws.com"
authentication:
type: aws-sigv4
key: "$secrets.aws_access_key"
resources:
- name: metric-data
path: "/"
operations:
- name: get-metric-data
method: POST
- type: http
namespace: synapse
baseUri: "https://fidelity-synapse.sql.azuresynapse.net"
authentication:
type: bearer
token: "$secrets.synapse_token"
resources:
- name: queries
path: "/queries"
operations:
- name: execute-query
method: POST
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: tableau
baseUri: "https://tableau.fidelity.com/api/3.21"
authentication:
type: bearer
token: "$secrets.tableau_token"
resources:
- name: datasources
path: "/sites/default/datasources/{{datasource_id}}/refresh"
inputParameters:
- name: datasource_id
in: path
operations:
- name: refresh-extract
method: POST
Investment Policy Statement Generator
▼
wealth-management compliance salesforce factset sharepoint microsoft-outlook
Pulls client risk profile from Salesforce, retrieves model portfolio allocations from FactSet, generates an IPS document, stores it in SharePoint, and emails the client via Microsoft Outlook.
naftiko: "0.5"
info:
label: "Investment Policy Statement Generator"
description: "Pulls client risk profile from Salesforce, retrieves model portfolio allocations from FactSet, generates an IPS document, stores it in SharePoint, and emails the client via Microsoft Outlook."
tags:
- wealth-management
- compliance
- salesforce
- factset
- sharepoint
- microsoft-outlook
capability:
exposes:
- type: mcp
namespace: ips-generation
port: 8080
tools:
- name: generate-ips
description: "Generate an Investment Policy Statement for a client based on risk profile and model portfolio."
inputParameters:
- name: account_id
in: body
type: string
description: "Salesforce account ID."
- name: model_portfolio
in: body
type: string
description: "Model portfolio name (conservative, moderate, aggressive)."
steps:
- name: get-client-profile
type: call
call: "salesforce.get-account-detail"
with:
account_id: "{{account_id}}"
- name: get-model-allocation
type: call
call: "factset.get-model-portfolio"
with:
model: "{{model_portfolio}}"
- name: store-ips
type: call
call: "sharepoint.upload-file"
with:
site_id: "wealth-mgmt-clients"
file_path: "Clients/{{get-client-profile.Name}}/IPS/ips_{{model_portfolio}}.pdf"
content: "{\"client\": \"{{get-client-profile}}\", \"allocation\": \"{{get-model-allocation}}\", \"risk_category\": \"{{get-client-profile.risk_category}}\"}"
- name: email-client
type: call
call: "outlook.send-email"
with:
to: "{{get-client-profile.owner_email}}"
subject: "Your Fidelity Investment Policy Statement"
body: "Dear {{get-client-profile.Name}}, your Investment Policy Statement based on your {{get-client-profile.risk_category}} risk profile is ready for review: {{store-ips.url}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account-detail
method: GET
- type: http
namespace: factset
baseUri: "https://api.factset.com/portfolio/v1"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_password"
resources:
- name: models
path: "/models/{{model}}/allocation"
inputParameters:
- name: model
in: path
operations:
- name: get-model-portfolio
method: GET
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/{{site_id}}/drive/root:/{{file_path}}:/content"
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: upload-file
method: PUT
- type: http
namespace: outlook
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/me/sendMail"
operations:
- name: send-email
method: POST
IT Incident Escalation Pipeline
▼
incident-management servicenow pagerduty slack
Escalates IT incidents at Fidelity via ServiceNow, PagerDuty, and Slack.
naftiko: "0.5"
info:
label: "IT Incident Escalation Pipeline"
description: "Escalates IT incidents at Fidelity via ServiceNow, PagerDuty, and Slack."
tags:
- incident-management
- servicenow
- pagerduty
- slack
capability:
exposes:
- type: mcp
namespace: incident-escalation
port: 8080
tools:
- name: escalate-incident
description: "Escalate incidents at Fidelity."
inputParameters:
- name: incident_id
in: body
type: string
description: "Incident ID."
- name: severity
in: body
type: string
description: "Severity."
steps:
- name: get-incident
type: call
call: "servicenow.get-incident"
with:
incident_id: "{{incident_id}}"
- name: page
type: call
call: "pagerduty.create-incident"
with:
title: "{{get-incident.description}}"
urgency: "{{severity}}"
- name: channel
type: call
call: "slack.create-channel"
with:
name: "inc-{{incident_id}}"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#inc-{{incident_id}}"
text: "P{{severity}}: {{get-incident.description}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://fidelity.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident/{{incident_id}}"
inputParameters:
- name: incident_id
in: path
operations:
- name: get-incident
method: GET
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents"
operations:
- name: create-incident
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: channels
path: "/conversations.create"
operations:
- name: create-channel
method: POST
Jira Sprint Progress Lookup
▼
project-management jira agile
Retrieves sprint progress at Fidelity.
naftiko: "0.5"
info:
label: "Jira Sprint Progress Lookup"
description: "Retrieves sprint progress at Fidelity."
tags:
- project-management
- jira
- agile
capability:
exposes:
- type: mcp
namespace: jira-sprint
port: 8080
tools:
- name: get-sprint
description: "Look up sprint at Fidelity."
inputParameters:
- name: project_key
in: body
type: string
description: "Project key."
call: "jira.get-sprints"
with:
project: "{{project_key}}"
outputParameters:
- name: name
type: string
mapping: "$.values[0].name"
- name: state
type: string
mapping: "$.values[0].state"
consumes:
- type: http
namespace: jira
baseUri: "https://fidelity.com.atlassian.net/rest/agile/1.0"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: sprints
path: "/board/1/sprint"
operations:
- name: get-sprints
method: GET
Knowledge Base Maintenance Pipeline
▼
knowledge-management confluence maintenance
Maintains KB at Fidelity by finding stale articles and notifying owners.
naftiko: "0.5"
info:
label: "Knowledge Base Maintenance Pipeline"
description: "Maintains KB at Fidelity by finding stale articles and notifying owners."
tags:
- knowledge-management
- confluence
- maintenance
capability:
exposes:
- type: mcp
namespace: kb-maint
port: 8080
tools:
- name: maintain-kb
description: "Maintain KB at Fidelity."
inputParameters:
- name: space
in: body
type: string
description: "Confluence space."
- name: stale_days
in: body
type: number
description: "Days threshold."
steps:
- name: find
type: call
call: "confluence.search-stale"
with:
space: "{{space}}"
days: "{{stale_days}}"
- name: notify
type: call
call: "email.batch"
with:
to: "{{find.owners}}"
subject: "KB review needed"
- name: flag
type: call
call: "confluence.add-label"
with:
pages: "{{find.ids}}"
label: "needs-review"
- name: report
type: call
call: "slack.post-message"
with:
channel: "#kb"
text: "KB: {{find.count}} stale articles"
consumes:
- type: http
namespace: confluence
baseUri: "https://fidelity.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: content
path: "/content/search"
operations:
- name: search-stale
method: GET
- type: http
namespace: email
baseUri: "https://email.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: batch
path: "/send-batch"
operations:
- name: batch
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Weekly KPI Digest Pipeline
▼
reporting kpi snowflake executive
Generates KPI digest at Fidelity from Snowflake, Oracle, Power BI, and email.
naftiko: "0.5"
info:
label: "Weekly KPI Digest Pipeline"
description: "Generates KPI digest at Fidelity from Snowflake, Oracle, Power BI, and email."
tags:
- reporting
- kpi
- snowflake
- executive
capability:
exposes:
- type: mcp
namespace: kpi-digest
port: 8080
tools:
- name: gen-digest
description: "Generate KPI digest at Fidelity."
inputParameters:
- name: week
in: body
type: string
description: "Week ending."
- name: dist
in: body
type: string
description: "Distribution list."
steps:
- name: ops
type: call
call: "snowflake.query"
with:
query: "SELECT * FROM kpis WHERE w='{{week}}'"
- name: fin
type: call
call: "oracle.get-summary"
with:
period: "{{week}}"
- name: refresh
type: call
call: "power-bi.refresh"
with:
dataset: "exec_kpis"
- name: send
type: call
call: "email.send"
with:
to: "{{dist}}"
subject: "KPIs - {{week}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://fidelity.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
- type: http
namespace: oracle
baseUri: "https://oracle.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.oracle_token"
resources:
- name: fin
path: "/summary"
operations:
- name: get-summary
method: GET
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
- type: http
namespace: email
baseUri: "https://email.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
K8s Pod Health
▼
containers kubernetes infrastructure
Checks K8s pod health at Fidelity.
naftiko: "0.5"
info:
label: "K8s Pod Health"
description: "Checks K8s pod health at Fidelity."
tags:
- containers
- kubernetes
- infrastructure
capability:
exposes:
- type: mcp
namespace: k8s-pod
port: 8080
tools:
- name: check-pod
description: "Check pod at Fidelity."
inputParameters:
- name: namespace
in: body
type: string
description: "Namespace."
- name: pod
in: body
type: string
description: "Pod name."
call: "k8s.get-pod"
with:
namespace: "{{namespace}}"
pod: "{{pod}}"
outputParameters:
- name: phase
type: string
mapping: "$.status.phase"
consumes:
- type: http
namespace: k8s
baseUri: "https://k8s.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.k8s_token"
resources:
- name: pods
path: "/namespaces/{{namespace}}/pods/{{pod}}"
inputParameters:
- name: namespace
in: path
- name: pod
in: path
operations:
- name: get-pod
method: GET
Kubernetes Trading Pod Health Check
▼
operations trading grafana jira
Queries Kubernetes cluster for trading application pod health, correlates with Grafana metrics, and creates a Jira issue if degradation is detected.
naftiko: "0.5"
info:
label: "Kubernetes Trading Pod Health Check"
description: "Queries Kubernetes cluster for trading application pod health, correlates with Grafana metrics, and creates a Jira issue if degradation is detected."
tags:
- operations
- trading
- grafana
- jira
capability:
exposes:
- type: mcp
namespace: k8s-health
port: 8080
tools:
- name: check-trading-pods
description: "Check health of trading application pods and escalate degradation to Jira."
inputParameters:
- name: namespace
in: body
type: string
description: "Kubernetes namespace for trading pods."
- name: grafana_dashboard_uid
in: body
type: string
description: "Grafana dashboard UID for trading metrics."
steps:
- name: get-metrics
type: call
call: "grafana.query-dashboard"
with:
dashboard_uid: "{{grafana_dashboard_uid}}"
from: "now-1h"
to: "now"
- name: create-issue
type: call
call: "jira.create-issue"
with:
project: "TRADEOPS"
summary: "Trading pod degradation in {{namespace}}"
description: "Grafana metrics indicate degradation in namespace {{namespace}}. Dashboard: {{grafana_dashboard_uid}}. Error rate: {{get-metrics.error_rate}}. P99 latency: {{get-metrics.p99_latency}}ms"
issue_type: "Bug"
priority: "High"
consumes:
- type: http
namespace: grafana
baseUri: "https://grafana.fidelity.com/api"
authentication:
type: bearer
token: "$secrets.grafana_token"
resources:
- name: dashboards
path: "/dashboards/uid/{{dashboard_uid}}"
inputParameters:
- name: dashboard_uid
in: path
operations:
- name: query-dashboard
method: GET
- type: http
namespace: jira
baseUri: "https://fidelity.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
KYC Document Collection Pipeline
▼
compliance onboarding salesforce box microsoft-outlook
Collects KYC documents for a new client by creating a Salesforce case, provisioning a secure Box folder for uploads, and sending document request emails via Microsoft Outlook.
naftiko: "0.5"
info:
label: "KYC Document Collection Pipeline"
description: "Collects KYC documents for a new client by creating a Salesforce case, provisioning a secure Box folder for uploads, and sending document request emails via Microsoft Outlook."
tags:
- compliance
- onboarding
- salesforce
- box
- microsoft-outlook
capability:
exposes:
- type: mcp
namespace: kyc-workflow
port: 8080
tools:
- name: initiate-kyc-collection
description: "Start the KYC document collection process for a new client."
inputParameters:
- name: client_name
in: body
type: string
description: "Client full name."
- name: client_email
in: body
type: string
description: "Client email address."
- name: account_type
in: body
type: string
description: "Account type (individual, joint, trust, corporate)."
steps:
- name: create-case
type: call
call: "salesforce.create-case"
with:
subject: "KYC Collection: {{client_name}}"
type: "KYC"
account_type: "{{account_type}}"
contact_email: "{{client_email}}"
- name: create-secure-folder
type: call
call: "box.create-folder"
with:
parent_id: "kyc_uploads"
name: "KYC_{{client_name}}_{{create-case.CaseNumber}}"
- name: send-request
type: call
call: "outlook.send-email"
with:
to: "{{client_email}}"
subject: "Fidelity - Document Upload Required for Account Opening"
body: "Dear {{client_name}}, please upload your identification documents to the secure folder: {{create-secure-folder.shared_link}}. Required: government ID, proof of address, and tax forms. Case reference: {{create-case.CaseNumber}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: cases
path: "/sobjects/Case"
operations:
- name: create-case
method: POST
- type: http
namespace: box
baseUri: "https://api.box.com/2.0"
authentication:
type: bearer
token: "$secrets.box_token"
resources:
- name: folders
path: "/folders"
operations:
- name: create-folder
method: POST
- type: http
namespace: outlook
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/me/sendMail"
operations:
- name: send-email
method: POST
License Compliance Pipeline
▼
compliance licensing procurement
Checks license compliance at Fidelity via scanning, entitlements, and procurement.
naftiko: "0.5"
info:
label: "License Compliance Pipeline"
description: "Checks license compliance at Fidelity via scanning, entitlements, and procurement."
tags:
- compliance
- licensing
- procurement
capability:
exposes:
- type: mcp
namespace: license-comp
port: 8080
tools:
- name: check-licenses
description: "Check license compliance at Fidelity."
inputParameters:
- name: software
in: body
type: string
description: "Software."
- name: vendor
in: body
type: string
description: "Vendor."
steps:
- name: scan
type: call
call: "assets.installations"
with:
sw: "{{software}}"
- name: entitlements
type: call
call: "licenses.get"
with:
sw: "{{software}}"
- name: flag
type: call
call: "compliance.flag"
with:
installed: "{{scan.count}}"
entitled: "{{entitlements.count}}"
- name: procure
type: call
call: "servicenow.create-request"
with:
type: "license"
sw: "{{software}}"
consumes:
- type: http
namespace: assets
baseUri: "https://assets.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.asset_token"
resources:
- name: installations
path: "/installations"
operations:
- name: installations
method: GET
- type: http
namespace: licenses
baseUri: "https://licenses.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.license_token"
resources:
- name: ent
path: "/entitlements"
operations:
- name: get
method: GET
- type: http
namespace: compliance
baseUri: "https://compliance.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.compliance_token"
resources:
- name: overages
path: "/flag"
operations:
- name: flag
method: POST
- type: http
namespace: servicenow
baseUri: "https://fidelity.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
Market Data Ingestion Pipeline
▼
market-data data-engineering bloomberg-enterprise-data factset snowflake apache-kafka
Pulls end-of-day pricing from Bloomberg Enterprise Data, validates against FactSet, loads into Snowflake, and publishes a completion event to Apache Kafka for downstream consumers.
naftiko: "0.5"
info:
label: "Market Data Ingestion Pipeline"
description: "Pulls end-of-day pricing from Bloomberg Enterprise Data, validates against FactSet, loads into Snowflake, and publishes a completion event to Apache Kafka for downstream consumers."
tags:
- market-data
- data-engineering
- bloomberg-enterprise-data
- factset
- snowflake
- apache-kafka
capability:
exposes:
- type: mcp
namespace: market-data-pipeline
port: 8080
tools:
- name: run-eod-pricing-load
description: "Execute the end-of-day market data ingestion pipeline across Bloomberg, FactSet, Snowflake, and Kafka."
inputParameters:
- name: pricing_date
in: body
type: string
description: "Pricing date in YYYY-MM-DD format."
- name: asset_class
in: body
type: string
description: "Asset class (equity, fixed_income, derivatives)."
steps:
- name: fetch-bloomberg-prices
type: call
call: "bloomberg.get-eod-prices"
with:
date: "{{pricing_date}}"
asset_class: "{{asset_class}}"
- name: fetch-factset-prices
type: call
call: "factset.get-eod-prices"
with:
date: "{{pricing_date}}"
asset_class: "{{asset_class}}"
- name: load-validated-prices
type: call
call: "snowflake.execute-query"
with:
statement: "CALL load_validated_eod_prices('{{pricing_date}}', '{{asset_class}}', '{{fetch-bloomberg-prices.output_path}}', '{{fetch-factset-prices.output_path}}')"
- name: publish-completion
type: call
call: "kafka.publish-event"
with:
topic: "market-data-events"
key: "eod-pricing-{{pricing_date}}"
value: "{\"status\": \"complete\", \"date\": \"{{pricing_date}}\", \"asset_class\": \"{{asset_class}}\", \"record_count\": \"{{load-validated-prices.rows_loaded}}\"}"
consumes:
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_api_token"
resources:
- name: eod-prices
path: "/pricing/eod"
operations:
- name: get-eod-prices
method: POST
- type: http
namespace: factset
baseUri: "https://api.factset.com/content/v1"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_password"
resources:
- name: prices
path: "/prices/eod"
operations:
- name: get-eod-prices
method: POST
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: kafka
baseUri: "https://kafka-rest.fidelity.com/v3"
authentication:
type: bearer
token: "$secrets.kafka_rest_token"
resources:
- name: records
path: "/clusters/fidelity-prod/topics/{{topic}}/records"
inputParameters:
- name: topic
in: path
operations:
- name: publish-event
method: POST
Model Risk Validation Pipeline
▼
risk-management compliance azure-machine-learning snowflake sharepoint jira
Pulls model output from Azure Machine Learning, validates against historical data in Snowflake, generates a validation report in SharePoint, and creates a Jira ticket for model governance review.
naftiko: "0.5"
info:
label: "Model Risk Validation Pipeline"
description: "Pulls model output from Azure Machine Learning, validates against historical data in Snowflake, generates a validation report in SharePoint, and creates a Jira ticket for model governance review."
tags:
- risk-management
- compliance
- azure-machine-learning
- snowflake
- sharepoint
- jira
capability:
exposes:
- type: mcp
namespace: model-validation
port: 8080
tools:
- name: validate-risk-model
description: "Run model validation pipeline for risk model governance."
inputParameters:
- name: model_name
in: body
type: string
description: "Azure ML model name."
- name: model_version
in: body
type: string
description: "Model version to validate."
steps:
- name: get-model-metrics
type: call
call: "azureml.get-model-metrics"
with:
model_name: "{{model_name}}"
version: "{{model_version}}"
- name: run-backtests
type: call
call: "snowflake.execute-query"
with:
statement: "CALL run_model_backtest('{{model_name}}', '{{model_version}}', '{{get-model-metrics.training_date}}')"
- name: store-report
type: call
call: "sharepoint.upload-file"
with:
site_id: "model-governance"
file_path: "Validations/{{model_name}}/v{{model_version}}_validation.json"
content: "{\"model\": \"{{model_name}}\", \"version\": \"{{model_version}}\", \"metrics\": \"{{get-model-metrics}}\", \"backtest\": \"{{run-backtests}}\"}"
- name: create-review-ticket
type: call
call: "jira.create-issue"
with:
project: "MRGOV"
summary: "Model validation: {{model_name}} v{{model_version}}"
description: "Model validation complete. Report: {{store-report.url}}. Accuracy: {{get-model-metrics.accuracy}}. Backtest pass rate: {{run-backtests.pass_rate}}%"
issue_type: "Task"
consumes:
- type: http
namespace: azureml
baseUri: "https://fidelity-ml.api.azureml.ms/mlflow/v2.0"
authentication:
type: bearer
token: "$secrets.azureml_token"
resources:
- name: models
path: "/models/{{model_name}}/versions/{{version}}/metrics"
inputParameters:
- name: model_name
in: path
- name: version
in: path
operations:
- name: get-model-metrics
method: GET
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/{{site_id}}/drive/root:/{{file_path}}:/content"
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: upload-file
method: PUT
- type: http
namespace: jira
baseUri: "https://fidelity.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Monthly Security Report Pipeline
▼
security reporting splunk compliance
Generates monthly security reports at Fidelity from Splunk and Qualys.
naftiko: "0.5"
info:
label: "Monthly Security Report Pipeline"
description: "Generates monthly security reports at Fidelity from Splunk and Qualys."
tags:
- security
- reporting
- splunk
- compliance
capability:
exposes:
- type: mcp
namespace: sec-report
port: 8080
tools:
- name: gen-sec-report
description: "Generate security report at Fidelity."
inputParameters:
- name: month
in: body
type: string
description: "Month."
steps:
- name: splunk
type: call
call: "splunk.search"
with:
query: "index=security earliest=-30d"
- name: scans
type: call
call: "qualys.results"
with:
month: "{{month}}"
- name: compile
type: call
call: "analytics.compile-security"
with:
events: "{{splunk.count}}"
vulns: "{{scans.critical}}"
- name: send
type: call
call: "email.send"
with:
to: "ciso@co.com"
subject: "Security - {{month}}"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.fidelity.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: search
method: POST
- type: http
namespace: qualys
baseUri: "https://qualysapi.qualys.com/api/v2"
authentication:
type: bearer
token: "$secrets.qualys_token"
resources:
- name: results
path: "/fo/scan/results"
operations:
- name: results
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: security
path: "/compile"
operations:
- name: compile-security
method: POST
- type: http
namespace: email
baseUri: "https://email.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
Multi-Asset Order Routing Pipeline
▼
trading order-management bloomberg-aim tradeweb snowflake microsoft-teams
Routes a multi-asset trade order by checking Bloomberg AIM for best execution venue, submitting to Tradeweb for fixed income or Bloomberg AIM for equity, logging in Snowflake, and notifying the trader via Microsoft Teams.
naftiko: "0.5"
info:
label: "Multi-Asset Order Routing Pipeline"
description: "Routes a multi-asset trade order by checking Bloomberg AIM for best execution venue, submitting to Tradeweb for fixed income or Bloomberg AIM for equity, logging in Snowflake, and notifying the trader via Microsoft Teams."
tags:
- trading
- order-management
- bloomberg-aim
- tradeweb
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: order-routing
port: 8080
tools:
- name: route-multi-asset-order
description: "Route a trade order to the appropriate execution venue based on asset class."
inputParameters:
- name: order_id
in: body
type: string
description: "Internal order identifier."
- name: asset_class
in: body
type: string
description: "Asset class (equity, fixed_income)."
- name: ticker
in: body
type: string
description: "Security identifier."
- name: side
in: body
type: string
description: "BUY or SELL."
- name: quantity
in: body
type: integer
description: "Order quantity."
- name: trader_email
in: body
type: string
description: "Trader email for notification."
steps:
- name: get-venue
type: call
call: "aim.get-best-venue"
with:
ticker: "{{ticker}}"
asset_class: "{{asset_class}}"
- name: submit-order
type: call
call: "aim.submit-order"
with:
order_id: "{{order_id}}"
venue: "{{get-venue.recommended_venue}}"
ticker: "{{ticker}}"
side: "{{side}}"
quantity: "{{quantity}}"
- name: log-execution
type: call
call: "snowflake.execute-query"
with:
statement: "INSERT INTO order_routing_log (order_id, asset_class, venue, ticker, side, quantity, status) VALUES ('{{order_id}}', '{{asset_class}}', '{{get-venue.recommended_venue}}', '{{ticker}}', '{{side}}', {{quantity}}, '{{submit-order.status}}')"
- name: notify-trader
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{trader_email}}"
text: "Order {{order_id}} routed to {{get-venue.recommended_venue}}: {{side}} {{quantity}} {{ticker}}. Status: {{submit-order.status}}. Fill price: {{submit-order.fill_price}}"
consumes:
- type: http
namespace: aim
baseUri: "https://aim.bloomberg.com/api/v1"
authentication:
type: bearer
token: "$secrets.bloomberg_aim_token"
resources:
- name: venues
path: "/venues/best?ticker={{ticker}}&asset_class={{asset_class}}"
inputParameters:
- name: ticker
in: query
- name: asset_class
in: query
operations:
- name: get-best-venue
method: GET
- name: orders
path: "/orders"
operations:
- name: submit-order
method: POST
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chat-messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Mutual Fund NAV Publication
▼
fund-accounting operations simcorp-dimension bloomberg-enterprise-data snowflake microsoft-teams
Calculates final NAV in SimCorp Dimension, validates against Bloomberg pricing, publishes to Snowflake for distribution, and sends confirmation to fund operations via Microsoft Teams.
naftiko: "0.5"
info:
label: "Mutual Fund NAV Publication"
description: "Calculates final NAV in SimCorp Dimension, validates against Bloomberg pricing, publishes to Snowflake for distribution, and sends confirmation to fund operations via Microsoft Teams."
tags:
- fund-accounting
- operations
- simcorp-dimension
- bloomberg-enterprise-data
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: nav-publication
port: 8080
tools:
- name: publish-fund-nav
description: "Calculate, validate, and publish mutual fund NAV with operations notification."
inputParameters:
- name: fund_code
in: body
type: string
description: "Fund identifier."
- name: valuation_date
in: body
type: string
description: "Valuation date in YYYY-MM-DD format."
- name: ops_email
in: body
type: string
description: "Fund operations team email."
steps:
- name: calculate-nav
type: call
call: "simcorp.calculate-nav"
with:
fund_code: "{{fund_code}}"
date: "{{valuation_date}}"
- name: validate-prices
type: call
call: "bloomberg.validate-fund-prices"
with:
fund_code: "{{fund_code}}"
expected_nav: "{{calculate-nav.nav_per_share}}"
- name: publish-nav
type: call
call: "snowflake.execute-query"
with:
statement: "INSERT INTO fund_nav (fund_code, valuation_date, nav_per_share, shares_outstanding, total_net_assets) VALUES ('{{fund_code}}', '{{valuation_date}}', {{calculate-nav.nav_per_share}}, {{calculate-nav.shares_outstanding}}, {{calculate-nav.total_net_assets}})"
- name: confirm-ops
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{ops_email}}"
text: "NAV published for {{fund_code}} as of {{valuation_date}}: ${{calculate-nav.nav_per_share}}/share. Validation status: {{validate-prices.status}}. TNA: ${{calculate-nav.total_net_assets}}"
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.fidelity.com/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: nav-calculation
path: "/funds/{{fund_code}}/nav/calculate?date={{date}}"
inputParameters:
- name: fund_code
in: path
- name: date
in: query
operations:
- name: calculate-nav
method: POST
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_api_token"
resources:
- name: fund-validation
path: "/pricing/validate"
operations:
- name: validate-fund-prices
method: POST
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chat-messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
New Client Onboarding Orchestrator
▼
wealth-management onboarding salesforce sharepoint jira microsoft-teams
When a new wealth management client is created in Salesforce, provisions a SharePoint document library, creates a Jira onboarding task, and sends a Microsoft Teams notification to the assigned advisor.
naftiko: "0.5"
info:
label: "New Client Onboarding Orchestrator"
description: "When a new wealth management client is created in Salesforce, provisions a SharePoint document library, creates a Jira onboarding task, and sends a Microsoft Teams notification to the assigned advisor."
tags:
- wealth-management
- onboarding
- salesforce
- sharepoint
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: client-onboarding
port: 8080
tools:
- name: onboard-new-client
description: "Orchestrate the full onboarding workflow for a new wealth management client across Salesforce, SharePoint, Jira, and Teams."
inputParameters:
- name: salesforce_account_id
in: body
type: string
description: "Salesforce Account ID for the new client."
- name: advisor_email
in: body
type: string
description: "Email of the assigned financial advisor."
steps:
- name: get-client
type: call
call: "salesforce.get-account"
with:
account_id: "{{salesforce_account_id}}"
- name: create-doc-library
type: call
call: "sharepoint.create-folder"
with:
site_id: "wealth-mgmt-clients"
folder_path: "Clients/{{get-client.Name}}"
- name: create-onboarding-task
type: call
call: "jira.create-issue"
with:
project: "WMONB"
summary: "Client onboarding: {{get-client.Name}}"
description: "Complete KYC, risk profile, and IPS for new client {{get-client.Name}}. Documents: {{create-doc-library.url}}"
issue_type: "Task"
assignee: "{{advisor_email}}"
- name: notify-advisor
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{advisor_email}}"
text: "New client onboarding started for {{get-client.Name}}. Jira task: {{create-onboarding-task.key}}. Document folder: {{create-doc-library.url}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: accounts
path: "/sobjects/Account/{{account_id}}"
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/{{site_id}}/drive/root:/{{folder_path}}"
inputParameters:
- name: site_id
in: path
- name: folder_path
in: path
operations:
- name: create-folder
method: POST
- type: http
namespace: jira
baseUri: "https://fidelity.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chat-messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
New Employee IT Onboarding Pipeline
▼
hr onboarding okta servicenow slack
Onboards employees at Fidelity with Okta, ServiceNow, Slack, and calendar.
naftiko: "0.5"
info:
label: "New Employee IT Onboarding Pipeline"
description: "Onboards employees at Fidelity with Okta, ServiceNow, Slack, and calendar."
tags:
- hr
- onboarding
- okta
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: it-onboarding
port: 8080
tools:
- name: onboard-employee
description: "Onboard employees at Fidelity."
inputParameters:
- name: name
in: body
type: string
description: "Name."
- name: dept
in: body
type: string
description: "Department."
- name: start
in: body
type: string
description: "Start date."
steps:
- name: okta
type: call
call: "okta.create-user"
with:
name: "{{name}}"
department: "{{dept}}"
- name: equip
type: call
call: "servicenow.create-request"
with:
type: "new_hire"
for: "{{name}}"
- name: slack
type: call
call: "slack.invite"
with:
email: "{{okta.email}}"
- name: orient
type: call
call: "calendar.create-event"
with:
title: "Orientation - {{name}}"
date: "{{start}}"
consumes:
- type: http
namespace: okta
baseUri: "https://fidelity.com.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: servicenow
baseUri: "https://fidelity.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: requests
path: "/table/sc_request"
operations:
- name: create-request
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: users
path: "/users.admin.invite"
operations:
- name: invite
method: POST
- type: http
namespace: calendar
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: events
path: "/users/hr/events"
operations:
- name: create-event
method: POST
New Relic APM Check
▼
monitoring new-relic apm
Checks New Relic APM at Fidelity.
naftiko: "0.5"
info:
label: "New Relic APM Check"
description: "Checks New Relic APM at Fidelity."
tags:
- monitoring
- new-relic
- apm
capability:
exposes:
- type: mcp
namespace: nr-apm
port: 8080
tools:
- name: check-apm
description: "Check APM at Fidelity."
inputParameters:
- name: app_id
in: body
type: string
description: "App ID."
call: "newrelic.get-app"
with:
app_id: "{{app_id}}"
outputParameters:
- name: health
type: string
mapping: "$.application.health_status"
consumes:
- type: http
namespace: newrelic
baseUri: "https://api.newrelic.com/v2"
authentication:
type: bearer
token: "$secrets.new_relic_api_key"
resources:
- name: applications
path: "/applications/{{app_id}}.json"
inputParameters:
- name: app_id
in: path
operations:
- name: get-app
method: GET
New Relic APM Performance Report
▼
monitoring operations new-relic
Fetches application performance metrics from New Relic for a given trading service, returning response time, throughput, and error rate.
naftiko: "0.5"
info:
label: "New Relic APM Performance Report"
description: "Fetches application performance metrics from New Relic for a given trading service, returning response time, throughput, and error rate."
tags:
- monitoring
- operations
- new-relic
capability:
exposes:
- type: mcp
namespace: apm-metrics
port: 8080
tools:
- name: get-app-performance
description: "Retrieve New Relic APM metrics for a trading application."
inputParameters:
- name: app_id
in: body
type: string
description: "New Relic application ID."
- name: time_range
in: body
type: string
description: "Time range (e.g., last_hour, last_24h)."
call: "newrelic.get-app-metrics"
with:
app_id: "{{app_id}}"
time_range: "{{time_range}}"
consumes:
- type: http
namespace: newrelic
baseUri: "https://api.newrelic.com/v2"
authentication:
type: apiKey
key: "$secrets.newrelic_api_key"
resources:
- name: applications
path: "/applications/{{app_id}}/metrics/data.json"
inputParameters:
- name: app_id
in: path
operations:
- name: get-app-metrics
method: GET
Okta User Check
▼
identity okta access-management
Checks Okta user at Fidelity.
naftiko: "0.5"
info:
label: "Okta User Check"
description: "Checks Okta user at Fidelity."
tags:
- identity
- okta
- access-management
capability:
exposes:
- type: mcp
namespace: okta-user
port: 8080
tools:
- name: check-user
description: "Check user at Fidelity."
inputParameters:
- name: email
in: body
type: string
description: "Email."
call: "okta.get-user"
with:
email: "{{email}}"
outputParameters:
- name: status
type: string
mapping: "$.status"
consumes:
- type: http
namespace: okta
baseUri: "https://fidelity.com.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_api_token"
resources:
- name: users
path: "/users/{{email}}"
inputParameters:
- name: email
in: path
operations:
- name: get-user
method: GET
PagerDuty On-Call Check
▼
incident-management pagerduty on-call
Checks on-call at Fidelity.
naftiko: "0.5"
info:
label: "PagerDuty On-Call Check"
description: "Checks on-call at Fidelity."
tags:
- incident-management
- pagerduty
- on-call
capability:
exposes:
- type: mcp
namespace: pd-oncall
port: 8080
tools:
- name: get-oncall
description: "Check on-call at Fidelity."
inputParameters:
- name: schedule_id
in: body
type: string
description: "Schedule ID."
call: "pagerduty.get-oncall"
with:
schedule_id: "{{schedule_id}}"
outputParameters:
- name: user
type: string
mapping: "$.oncalls[0].user.summary"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: oncalls
path: "/oncalls"
operations:
- name: get-oncall
method: GET
Portfolio Rebalance Notification Pipeline
▼
portfolio-management rebalancing factset sharepoint microsoft-teams
Pulls portfolio drift data from FactSet, generates a rebalance proposal, stores it in SharePoint, and notifies the portfolio manager via Microsoft Teams.
naftiko: "0.5"
info:
label: "Portfolio Rebalance Notification Pipeline"
description: "Pulls portfolio drift data from FactSet, generates a rebalance proposal, stores it in SharePoint, and notifies the portfolio manager via Microsoft Teams."
tags:
- portfolio-management
- rebalancing
- factset
- sharepoint
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: portfolio-rebalance
port: 8080
tools:
- name: trigger-rebalance-review
description: "Detect portfolio drift in FactSet, store a rebalance proposal, and notify the portfolio manager."
inputParameters:
- name: portfolio_id
in: body
type: string
description: "FactSet portfolio identifier."
- name: drift_threshold
in: body
type: number
description: "Maximum allowable drift percentage."
- name: pm_email
in: body
type: string
description: "Portfolio manager email address."
steps:
- name: get-drift
type: call
call: "factset.get-drift-analysis"
with:
portfolio_id: "{{portfolio_id}}"
threshold: "{{drift_threshold}}"
- name: store-proposal
type: call
call: "sharepoint.upload-file"
with:
site_id: "portfolio-management"
file_path: "Rebalance/{{portfolio_id}}/proposal_{{get-drift.analysis_date}}.json"
content: "{{get-drift.rebalance_proposal}}"
- name: notify-pm
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{pm_email}}"
text: "Portfolio {{portfolio_id}} has drifted beyond {{drift_threshold}}% threshold. Rebalance proposal ready: {{store-proposal.url}}"
consumes:
- type: http
namespace: factset
baseUri: "https://api.factset.com/portfolio/v1"
authentication:
type: basic
username: "$secrets.factset_user"
password: "$secrets.factset_password"
resources:
- name: drift-analysis
path: "/portfolios/{{portfolio_id}}/drift?threshold={{threshold}}"
inputParameters:
- name: portfolio_id
in: path
- name: threshold
in: query
operations:
- name: get-drift-analysis
method: GET
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0/sites"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: drive-items
path: "/{{site_id}}/drive/root:/{{file_path}}:/content"
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: upload-file
method: PUT
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chat-messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Incident Postmortem Pipeline
▼
incident-management postmortem pagerduty confluence
Creates postmortems at Fidelity.
naftiko: "0.5"
info:
label: "Incident Postmortem Pipeline"
description: "Creates postmortems at Fidelity."
tags:
- incident-management
- postmortem
- pagerduty
- confluence
capability:
exposes:
- type: mcp
namespace: postmortem
port: 8080
tools:
- name: create-postmortem
description: "Create postmortem at Fidelity."
inputParameters:
- name: incident_id
in: body
type: string
description: "Incident ID."
steps:
- name: timeline
type: call
call: "pagerduty.get-log"
with:
id: "{{incident_id}}"
- name: metrics
type: call
call: "datadog.get-metrics"
with:
incident: "{{incident_id}}"
- name: doc
type: call
call: "confluence.create-page"
with:
title: "Postmortem: {{timeline.title}}"
body: "Impact: {{metrics.impact}}"
- name: review
type: call
call: "calendar.create-event"
with:
title: "Review: {{timeline.title}}"
consumes:
- type: http
namespace: pagerduty
baseUri: "https://api.pagerduty.com"
authentication:
type: bearer
token: "$secrets.pagerduty_token"
resources:
- name: incidents
path: "/incidents/{{id}}/log_entries"
inputParameters:
- name: id
in: path
operations:
- name: get-log
method: GET
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v2"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: incidents
path: "/incidents"
operations:
- name: get-metrics
method: GET
- type: http
namespace: confluence
baseUri: "https://fidelity.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: calendar
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: events
path: "/users/sre/events"
operations:
- name: create-event
method: POST
Power BI Refresh Check
▼
analytics power-bi dashboards
Checks Power BI refresh at Fidelity.
naftiko: "0.5"
info:
label: "Power BI Refresh Check"
description: "Checks Power BI refresh at Fidelity."
tags:
- analytics
- power-bi
- dashboards
capability:
exposes:
- type: mcp
namespace: pbi-refresh
port: 8080
tools:
- name: check-refresh
description: "Check refresh at Fidelity."
inputParameters:
- name: dataset_id
in: body
type: string
description: "Dataset ID."
call: "power-bi.get-refresh"
with:
dataset_id: "{{dataset_id}}"
outputParameters:
- name: status
type: string
mapping: "$.value[0].status"
consumes:
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset_id}}/refreshes"
inputParameters:
- name: dataset_id
in: path
operations:
- name: get-refresh
method: GET
Prometheus Trading Latency Alert
▼
monitoring trading prometheus
Queries Prometheus for trading system latency metrics and returns P50, P95, and P99 percentiles for a given service.
naftiko: "0.5"
info:
label: "Prometheus Trading Latency Alert"
description: "Queries Prometheus for trading system latency metrics and returns P50, P95, and P99 percentiles for a given service."
tags:
- monitoring
- trading
- prometheus
capability:
exposes:
- type: mcp
namespace: latency-monitoring
port: 8080
tools:
- name: get-trading-latency
description: "Query Prometheus for trading service latency percentiles."
inputParameters:
- name: service_name
in: body
type: string
description: "Trading service name."
- name: time_range
in: body
type: string
description: "Time range for query (e.g., 5m, 1h)."
call: "prometheus.query-range"
with:
query: "histogram_quantile(0.99, rate(trade_execution_duration_seconds_bucket{service=\"{{service_name}}\"}[{{time_range}}]))"
consumes:
- type: http
namespace: prometheus
baseUri: "https://prometheus.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.prometheus_token"
resources:
- name: query
path: "/query"
operations:
- name: query-range
method: POST
Quarterly Compliance Report Pipeline
▼
compliance reporting snowflake power-bi
Generates compliance reports at Fidelity from Snowflake, Power BI, and email.
naftiko: "0.5"
info:
label: "Quarterly Compliance Report Pipeline"
description: "Generates compliance reports at Fidelity from Snowflake, Power BI, and email."
tags:
- compliance
- reporting
- snowflake
- power-bi
capability:
exposes:
- type: mcp
namespace: compliance-rpt
port: 8080
tools:
- name: gen-report
description: "Generate compliance reports at Fidelity."
inputParameters:
- name: quarter
in: body
type: string
description: "Quarter."
- name: type
in: body
type: string
description: "Type."
steps:
- name: data
type: call
call: "snowflake.query"
with:
query: "SELECT * FROM compliance WHERE q='{{quarter}}'"
- name: metrics
type: call
call: "analytics.compute"
with:
data: "{{data.results}}"
- name: refresh
type: call
call: "power-bi.refresh"
with:
dataset: "compliance"
- name: send
type: call
call: "email.send"
with:
to: "compliance@co.com"
subject: "{{type}} - {{quarter}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://fidelity.com.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: query
method: POST
- type: http
namespace: analytics
baseUri: "https://analytics.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: metrics
path: "/compute"
operations:
- name: compute
method: POST
- type: http
namespace: power-bi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.power_bi_token"
resources:
- name: datasets
path: "/datasets/{{dataset}}/refreshes"
inputParameters:
- name: dataset
in: path
operations:
- name: refresh
method: POST
- type: http
namespace: email
baseUri: "https://email.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
Redis Cache Invalidation and Reload
▼
operations caching redis snowflake
Invalidates Redis cache keys for trading reference data, then reloads fresh data from Snowflake to ensure downstream trading systems have current reference data.
naftiko: "0.5"
info:
label: "Redis Cache Invalidation and Reload"
description: "Invalidates Redis cache keys for trading reference data, then reloads fresh data from Snowflake to ensure downstream trading systems have current reference data."
tags:
- operations
- caching
- redis
- snowflake
capability:
exposes:
- type: mcp
namespace: cache-mgmt
port: 8080
tools:
- name: invalidate-and-reload-cache
description: "Delete cache keys from Redis and reload fresh reference data from Snowflake."
inputParameters:
- name: key_pattern
in: body
type: string
description: "Redis key pattern to invalidate (e.g., refdata:equity:*)."
- name: data_source_table
in: body
type: string
description: "Snowflake table to reload from."
steps:
- name: invalidate-keys
type: call
call: "redis.delete-keys"
with:
pattern: "{{key_pattern}}"
- name: reload-data
type: call
call: "snowflake.execute-query"
with:
statement: "CALL reload_cache_data('{{data_source_table}}', '{{key_pattern}}')"
consumes:
- type: http
namespace: redis
baseUri: "https://redis.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.redis_token"
resources:
- name: keys
path: "/keys/delete"
operations:
- name: delete-keys
method: POST
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Redis Cache Status
▼
caching redis infrastructure
Checks Redis at Fidelity.
naftiko: "0.5"
info:
label: "Redis Cache Status"
description: "Checks Redis at Fidelity."
tags:
- caching
- redis
- infrastructure
capability:
exposes:
- type: mcp
namespace: redis
port: 8080
tools:
- name: check-cache
description: "Check Redis at Fidelity."
inputParameters:
- name: instance
in: body
type: string
description: "Instance ID."
call: "redis.get-info"
with:
instance: "{{instance}}"
outputParameters:
- name: memory
type: string
mapping: "$.used_memory_human"
consumes:
- type: http
namespace: redis
baseUri: "https://redis.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.redis_token"
resources:
- name: instances
path: "/instances/{{instance}}/info"
inputParameters:
- name: instance
in: path
operations:
- name: get-info
method: GET
Regulatory Reporting Data Pipeline
▼
compliance regulatory-reporting simcorp-dimension bloomberg-enterprise-data apache-spark snowflake
Extracts position data from SimCorp Dimension, enriches it with market prices from Bloomberg Enterprise Data, transforms via Apache Spark, and loads into Snowflake for regulatory filing.
naftiko: "0.5"
info:
label: "Regulatory Reporting Data Pipeline"
description: "Extracts position data from SimCorp Dimension, enriches it with market prices from Bloomberg Enterprise Data, transforms via Apache Spark, and loads into Snowflake for regulatory filing."
tags:
- compliance
- regulatory-reporting
- simcorp-dimension
- bloomberg-enterprise-data
- apache-spark
- snowflake
capability:
exposes:
- type: mcp
namespace: regulatory-pipeline
port: 8080
tools:
- name: run-regulatory-extract
description: "Extract, enrich, and load position data for regulatory reporting."
inputParameters:
- name: report_date
in: body
type: string
description: "Reporting date in YYYY-MM-DD format."
- name: regulation_type
in: body
type: string
description: "Regulation type (form_pf, form_n_port, form_13f)."
steps:
- name: extract-positions
type: call
call: "simcorp.get-positions"
with:
as_of_date: "{{report_date}}"
- name: enrich-prices
type: call
call: "bloomberg.get-bulk-prices"
with:
securities: "{{extract-positions.security_ids}}"
date: "{{report_date}}"
- name: submit-transform
type: call
call: "spark.submit-job"
with:
job_name: "regulatory_transform_{{regulation_type}}"
params: "{\"positions\": \"{{extract-positions.output_path}}\", \"prices\": \"{{enrich-prices.output_path}}\", \"report_date\": \"{{report_date}}\"}"
- name: load-to-warehouse
type: call
call: "snowflake.execute-query"
with:
statement: "CALL load_regulatory_data('{{regulation_type}}', '{{report_date}}', '{{submit-transform.output_path}}')"
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.fidelity.com/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: positions
path: "/positions?as_of_date={{as_of_date}}"
inputParameters:
- name: as_of_date
in: query
operations:
- name: get-positions
method: GET
- type: http
namespace: bloomberg
baseUri: "https://api.bloomberg.com/eap/catalogs/bbg/datasets"
authentication:
type: bearer
token: "$secrets.bloomberg_api_token"
resources:
- name: bulk-prices
path: "/pricing"
operations:
- name: get-bulk-prices
method: POST
- type: http
namespace: spark
baseUri: "https://spark.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.spark_token"
resources:
- name: jobs
path: "/batches"
operations:
- name: submit-job
method: POST
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Release Readiness Pipeline
▼
release-management devops quality
Checks release readiness at Fidelity.
naftiko: "0.5"
info:
label: "Release Readiness Pipeline"
description: "Checks release readiness at Fidelity."
tags:
- release-management
- devops
- quality
capability:
exposes:
- type: mcp
namespace: release-ready
port: 8080
tools:
- name: check-release
description: "Check release at Fidelity."
inputParameters:
- name: release_id
in: body
type: string
description: "Release ID."
- name: project
in: body
type: string
description: "Project."
steps:
- name: tests
type: call
call: "azdo.get-tests"
with:
project: "{{project}}"
release: "{{release_id}}"
- name: quality
type: call
call: "sonarqube.get-gate"
with:
project: "{{project}}"
- name: security
type: call
call: "security.get-scan"
with:
project: "{{project}}"
- name: doc
type: call
call: "confluence.create-page"
with:
title: "Release - {{release_id}}"
body: "Tests: {{tests.pass_rate}}% Quality: {{quality.status}}"
consumes:
- type: http
namespace: azdo
baseUri: "https://dev.azure.com/fidelity.com"
authentication:
type: bearer
token: "$secrets.azdo_token"
resources:
- name: tests
path: "/{{project}}/_apis/test/runs"
inputParameters:
- name: project
in: path
operations:
- name: get-tests
method: GET
- type: http
namespace: sonarqube
baseUri: "https://sonarqube.fidelity.com/api"
authentication:
type: bearer
token: "$secrets.sonarqube_token"
resources:
- name: quality
path: "/qualitygates/project_status"
operations:
- name: get-gate
method: GET
- type: http
namespace: security
baseUri: "https://security.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.security_token"
resources:
- name: scans
path: "/results"
operations:
- name: get-scan
method: GET
- type: http
namespace: confluence
baseUri: "https://fidelity.com.atlassian.net/wiki/rest/api"
authentication:
type: bearer
token: "$secrets.confluence_token"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
Retirement Account Distribution Processor
▼
retirement compliance salesforce snowflake microsoft-outlook
Processes a retirement account distribution by validating eligibility in Salesforce, calculating tax withholding in Snowflake, creating the distribution record, and sending confirmation via Microsoft Outlook.
naftiko: "0.5"
info:
label: "Retirement Account Distribution Processor"
description: "Processes a retirement account distribution by validating eligibility in Salesforce, calculating tax withholding in Snowflake, creating the distribution record, and sending confirmation via Microsoft Outlook."
tags:
- retirement
- compliance
- salesforce
- snowflake
- microsoft-outlook
capability:
exposes:
- type: mcp
namespace: retirement-ops
port: 8080
tools:
- name: process-distribution
description: "Process a retirement account distribution with eligibility validation, tax calculation, and email confirmation."
inputParameters:
- name: account_number
in: body
type: string
description: "Retirement account number."
- name: distribution_amount
in: body
type: number
description: "Requested distribution amount in USD."
- name: distribution_type
in: body
type: string
description: "Type of distribution (normal, hardship, rmd)."
steps:
- name: validate-account
type: call
call: "salesforce.get-retirement-account"
with:
account_number: "{{account_number}}"
- name: calculate-withholding
type: call
call: "snowflake.run-tax-calc"
with:
statement: "SELECT calculate_withholding('{{account_number}}', {{distribution_amount}}, '{{distribution_type}}', '{{validate-account.state_of_residence}}') as withholding"
- name: create-distribution
type: call
call: "salesforce.create-distribution"
with:
account_id: "{{validate-account.Id}}"
amount: "{{distribution_amount}}"
withholding: "{{calculate-withholding.withholding}}"
type: "{{distribution_type}}"
- name: send-confirmation
type: call
call: "outlook.send-email"
with:
to: "{{validate-account.owner_email}}"
subject: "Distribution Confirmation - Account {{account_number}}"
body: "Your {{distribution_type}} distribution of ${{distribution_amount}} has been processed. Federal withholding: ${{calculate-withholding.withholding}}. Confirmation: {{create-distribution.confirmation_number}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: retirement-accounts
path: "/query/?q=SELECT+Id,Name,OwnerId,State__c+FROM+Retirement_Account__c+WHERE+AccountNumber__c='{{account_number}}'"
inputParameters:
- name: account_number
in: query
operations:
- name: get-retirement-account
method: GET
- name: distributions
path: "/sobjects/Distribution__c"
operations:
- name: create-distribution
method: POST
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-tax-calc
method: POST
- type: http
namespace: outlook
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/me/sendMail"
operations:
- name: send-email
method: POST
Salesforce Opportunity Pipeline Report
▼
sales reporting salesforce snowflake tableau
Queries Salesforce for wealth management opportunity pipeline data, transforms in Snowflake, and refreshes the Tableau sales dashboard.
naftiko: "0.5"
info:
label: "Salesforce Opportunity Pipeline Report"
description: "Queries Salesforce for wealth management opportunity pipeline data, transforms in Snowflake, and refreshes the Tableau sales dashboard."
tags:
- sales
- reporting
- salesforce
- snowflake
- tableau
capability:
exposes:
- type: mcp
namespace: sales-pipeline
port: 8080
tools:
- name: refresh-pipeline-report
description: "Extract opportunity data from Salesforce, load to Snowflake, and refresh the Tableau dashboard."
inputParameters:
- name: fiscal_quarter
in: body
type: string
description: "Fiscal quarter (e.g., FY2026-Q1)."
steps:
- name: extract-opportunities
type: call
call: "salesforce.query-opportunities"
with:
fiscal_quarter: "{{fiscal_quarter}}"
- name: load-data
type: call
call: "snowflake.execute-query"
with:
statement: "CALL load_opportunity_pipeline('{{fiscal_quarter}}', '{{extract-opportunities.records}}')"
- name: refresh-dashboard
type: call
call: "tableau.refresh-extract"
with:
datasource_id: "wealth-pipeline-ds"
consumes:
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/query/?q=SELECT+Id,Name,Amount,StageName,CloseDate,OwnerId+FROM+Opportunity+WHERE+FiscalQuarter='{{fiscal_quarter}}'"
inputParameters:
- name: fiscal_quarter
in: query
operations:
- name: query-opportunities
method: GET
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: tableau
baseUri: "https://tableau.fidelity.com/api/3.21"
authentication:
type: bearer
token: "$secrets.tableau_token"
resources:
- name: datasources
path: "/sites/default/datasources/{{datasource_id}}/refresh"
inputParameters:
- name: datasource_id
in: path
operations:
- name: refresh-extract
method: POST
SAP PO Check
▼
procurement sap purchase-orders
Checks SAP PO at Fidelity.
naftiko: "0.5"
info:
label: "SAP PO Check"
description: "Checks SAP PO at Fidelity."
tags:
- procurement
- sap
- purchase-orders
capability:
exposes:
- type: mcp
namespace: sap-po
port: 8080
tools:
- name: get-po
description: "Check PO at Fidelity."
inputParameters:
- name: po_number
in: body
type: string
description: "PO number."
call: "sap.get-po"
with:
po_number: "{{po_number}}"
outputParameters:
- name: vendor
type: string
mapping: "$.order.vendor"
- name: status
type: string
mapping: "$.order.status"
consumes:
- type: http
namespace: sap
baseUri: "https://sap.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.sap_token"
resources:
- name: purchase-orders
path: "/purchase-orders/{{po_number}}"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
Security Vulnerability Remediation Pipeline
▼
security vulnerability-management jira
Remediates vulnerabilities at Fidelity via scanning, Jira, and Slack.
naftiko: "0.5"
info:
label: "Security Vulnerability Remediation Pipeline"
description: "Remediates vulnerabilities at Fidelity via scanning, Jira, and Slack."
tags:
- security
- vulnerability-management
- jira
capability:
exposes:
- type: mcp
namespace: vuln-fix
port: 8080
tools:
- name: remediate
description: "Fix vulnerabilities at Fidelity."
inputParameters:
- name: target
in: body
type: string
description: "Target."
- name: policy
in: body
type: string
description: "Policy."
steps:
- name: scan
type: call
call: "qualys.scan"
with:
target: "{{target}}"
policy: "{{policy}}"
- name: prioritize
type: call
call: "security.prioritize"
with:
scan: "{{scan.id}}"
- name: ticket
type: call
call: "jira.create-issue"
with:
project: "SEC"
summary: "Vulns: {{prioritize.critical}} critical"
- name: notify
type: call
call: "slack.post-message"
with:
channel: "#security"
text: "Scan: {{prioritize.critical}} critical"
consumes:
- type: http
namespace: qualys
baseUri: "https://qualysapi.qualys.com/api/v2"
authentication:
type: bearer
token: "$secrets.qualys_token"
resources:
- name: scans
path: "/fo/scan"
operations:
- name: scan
method: POST
- type: http
namespace: security
baseUri: "https://security.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.security_token"
resources:
- name: vulns
path: "/prioritize"
operations:
- name: prioritize
method: POST
- type: http
namespace: jira
baseUri: "https://fidelity.com.atlassian.net/rest/api/3"
authentication:
type: bearer
token: "$secrets.jira_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
Seismic Sales Content Delivery
▼
sales marketing seismic salesforce microsoft-outlook
Fetches approved sales content from Seismic for a given product category, personalizes the delivery via Salesforce contact data, and sends via Microsoft Outlook to the prospect.
naftiko: "0.5"
info:
label: "Seismic Sales Content Delivery"
description: "Fetches approved sales content from Seismic for a given product category, personalizes the delivery via Salesforce contact data, and sends via Microsoft Outlook to the prospect."
tags:
- sales
- marketing
- seismic
- salesforce
- microsoft-outlook
capability:
exposes:
- type: mcp
namespace: sales-content
port: 8080
tools:
- name: deliver-sales-content
description: "Find and deliver personalized sales content from Seismic to a prospect."
inputParameters:
- name: product_category
in: body
type: string
description: "Product category (retirement, wealth, brokerage)."
- name: contact_id
in: body
type: string
description: "Salesforce contact ID."
steps:
- name: get-content
type: call
call: "seismic.search-content"
with:
category: "{{product_category}}"
status: "approved"
- name: get-contact
type: call
call: "salesforce.get-contact"
with:
contact_id: "{{contact_id}}"
- name: send-content
type: call
call: "outlook.send-email"
with:
to: "{{get-contact.Email}}"
subject: "Fidelity {{product_category}} Solutions for {{get-contact.Account.Name}}"
body: "Dear {{get-contact.FirstName}}, please find our latest {{product_category}} materials: {{get-content.content_link}}"
consumes:
- type: http
namespace: seismic
baseUri: "https://api.seismic.com/v2"
authentication:
type: bearer
token: "$secrets.seismic_token"
resources:
- name: content
path: "/content?category={{category}}&status={{status}}"
inputParameters:
- name: category
in: query
- name: status
in: query
operations:
- name: search-content
method: GET
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: contacts
path: "/sobjects/Contact/{{contact_id}}"
inputParameters:
- name: contact_id
in: path
operations:
- name: get-contact
method: GET
- type: http
namespace: outlook
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-mail
path: "/me/sendMail"
operations:
- name: send-email
method: POST
ServiceNow Incident Detail Check
▼
it-service servicenow incident-management
Checks IT incident in ServiceNow for Fidelity.
naftiko: "0.5"
info:
label: "ServiceNow Incident Detail Check"
description: "Checks IT incident in ServiceNow for Fidelity."
tags:
- it-service
- servicenow
- incident-management
capability:
exposes:
- type: mcp
namespace: snow-incident
port: 8080
tools:
- name: check-incident
description: "Check incident at Fidelity."
inputParameters:
- name: incident_number
in: body
type: string
description: "Incident number."
call: "servicenow.get-incident"
with:
number: "{{incident_number}}"
outputParameters:
- name: state
type: string
mapping: "$.result.state"
- name: priority
type: string
mapping: "$.result.priority"
consumes:
- type: http
namespace: servicenow
baseUri: "https://fidelity.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: get-incident
method: GET
SharePoint File Metadata
▼
document-management sharepoint collaboration
Retrieves SharePoint metadata at Fidelity.
naftiko: "0.5"
info:
label: "SharePoint File Metadata"
description: "Retrieves SharePoint metadata at Fidelity."
tags:
- document-management
- sharepoint
- collaboration
capability:
exposes:
- type: mcp
namespace: sp-docs
port: 8080
tools:
- name: get-file
description: "Look up file at Fidelity."
inputParameters:
- name: site_id
in: body
type: string
description: "Site ID."
- name: file_path
in: body
type: string
description: "Path."
call: "sharepoint.get-file"
with:
site_id: "{{site_id}}"
path: "{{file_path}}"
outputParameters:
- name: name
type: string
mapping: "$.name"
- name: size
type: number
mapping: "$.size"
consumes:
- type: http
namespace: sharepoint
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: files
path: "/sites/{{site_id}}/drive/root:/{{path}}"
inputParameters:
- name: site_id
in: path
- name: path
in: path
operations:
- name: get-file
method: GET
SimCorp Dimension NAV Lookup
▼
fund-accounting portfolio-management simcorp-dimension
Retrieves the latest net asset value for a fund from SimCorp Dimension, returning NAV, shares outstanding, and valuation date.
naftiko: "0.5"
info:
label: "SimCorp Dimension NAV Lookup"
description: "Retrieves the latest net asset value for a fund from SimCorp Dimension, returning NAV, shares outstanding, and valuation date."
tags:
- fund-accounting
- portfolio-management
- simcorp-dimension
capability:
exposes:
- type: mcp
namespace: fund-valuation
port: 8080
tools:
- name: get-fund-nav
description: "Get current NAV for a fund from SimCorp Dimension by fund code."
inputParameters:
- name: fund_code
in: body
type: string
description: "The SimCorp fund identifier."
call: "simcorp.get-nav"
with:
fund_code: "{{fund_code}}"
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.fidelity.com/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: funds
path: "/funds/{{fund_code}}/nav"
inputParameters:
- name: fund_code
in: path
operations:
- name: get-nav
method: GET
SLA Monitoring Pipeline
▼
operations sla datadog slack
Monitors SLAs at Fidelity via Datadog and Slack.
naftiko: "0.5"
info:
label: "SLA Monitoring Pipeline"
description: "Monitors SLAs at Fidelity via Datadog and Slack."
tags:
- operations
- sla
- datadog
- slack
capability:
exposes:
- type: mcp
namespace: sla-monitor
port: 8080
tools:
- name: check-sla
description: "Monitor SLAs at Fidelity."
inputParameters:
- name: service
in: body
type: string
description: "Service."
- name: target
in: body
type: number
description: "SLA target %."
steps:
- name: metrics
type: call
call: "datadog.get-sla"
with:
service: "{{service}}"
- name: check
type: call
call: "analytics.check-sla"
with:
uptime: "{{metrics.uptime}}"
target: "{{target}}"
- name: alert
type: call
call: "slack.post-message"
with:
channel: "#ops"
text: "SLA: {{service}} at {{metrics.uptime}}% (target: {{target}}%)"
- name: log
type: call
call: "servicenow.create-incident"
with:
desc: "SLA breach: {{service}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v2"
authentication:
type: bearer
token: "$secrets.datadog_api_key"
resources:
- name: metrics
path: "/metrics"
operations:
- name: get-sla
method: GET
- type: http
namespace: slack
baseUri: "https://slack.com/api"
authentication:
type: bearer
token: "$secrets.slack_token"
resources:
- name: messages
path: "/chat.postMessage"
operations:
- name: post-message
method: POST
- type: http
namespace: servicenow
baseUri: "https://fidelity.com.service-now.com/api/now"
authentication:
type: bearer
token: "$secrets.servicenow_token"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Snowflake Trade Volume Query
▼
trading data snowflake
Executes a parameterized query against a Snowflake warehouse to retrieve aggregate trade volumes by date range and instrument type.
naftiko: "0.5"
info:
label: "Snowflake Trade Volume Query"
description: "Executes a parameterized query against a Snowflake warehouse to retrieve aggregate trade volumes by date range and instrument type."
tags:
- trading
- data
- snowflake
capability:
exposes:
- type: mcp
namespace: trade-analytics
port: 8080
tools:
- name: query-trade-volumes
description: "Run a trade volume query on Snowflake by date range and instrument type."
inputParameters:
- name: start_date
in: body
type: string
description: "Start date in YYYY-MM-DD format."
- name: end_date
in: body
type: string
description: "End date in YYYY-MM-DD format."
- name: instrument_type
in: body
type: string
description: "Instrument type (equity, fixed_income, options, etf)."
call: "snowflake.execute-query"
with:
statement: "SELECT instrument_type, COUNT(*) as trade_count, SUM(notional) as total_notional FROM trades WHERE trade_date BETWEEN '{{start_date}}' AND '{{end_date}}' AND instrument_type = '{{instrument_type}}' GROUP BY instrument_type"
consumes:
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
Splunk Compliance Log Search and Archive
▼
compliance security splunk amazon-s3
Searches Splunk for compliance-related log events within a time window, then archives the results to Amazon S3 for long-term regulatory retention.
naftiko: "0.5"
info:
label: "Splunk Compliance Log Search and Archive"
description: "Searches Splunk for compliance-related log events within a time window, then archives the results to Amazon S3 for long-term regulatory retention."
tags:
- compliance
- security
- splunk
- amazon-s3
capability:
exposes:
- type: mcp
namespace: compliance-search
port: 8080
tools:
- name: search-and-archive-compliance-logs
description: "Search Splunk for compliance log events and archive results to S3."
inputParameters:
- name: search_query
in: body
type: string
description: "Splunk search query string."
- name: earliest_time
in: body
type: string
description: "Earliest time for search (e.g., -24h)."
- name: archive_bucket
in: body
type: string
description: "S3 bucket for archiving results."
steps:
- name: run-search
type: call
call: "splunk.create-search"
with:
search: "{{search_query}}"
earliest_time: "{{earliest_time}}"
- name: archive-results
type: call
call: "s3.put-object"
with:
bucket: "{{archive_bucket}}"
key: "compliance-logs/{{run-search.sid}}/results.json"
content: "{{run-search.results}}"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.fidelity.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search-jobs
path: "/search/jobs"
operations:
- name: create-search
method: POST
- type: http
namespace: s3
baseUri: "https://s3.us-east-1.amazonaws.com"
authentication:
type: aws-sigv4
key: "$secrets.aws_access_key"
resources:
- name: objects
path: "/{{bucket}}/{{key}}"
inputParameters:
- name: bucket
in: path
- name: key
in: path
operations:
- name: put-object
method: PUT
Splunk Log Search
▼
security splunk logging
Searches Splunk at Fidelity.
naftiko: "0.5"
info:
label: "Splunk Log Search"
description: "Searches Splunk at Fidelity."
tags:
- security
- splunk
- logging
capability:
exposes:
- type: mcp
namespace: splunk-search
port: 8080
tools:
- name: search-logs
description: "Search logs at Fidelity."
inputParameters:
- name: query
in: body
type: string
description: "SPL query."
call: "splunk.search"
with:
query: "{{query}}"
outputParameters:
- name: count
type: number
mapping: "$.results.count"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.fidelity.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: search
method: POST
Teams Channel Activity
▼
communications microsoft-teams analytics
Retrieves Teams activity at Fidelity.
naftiko: "0.5"
info:
label: "Teams Channel Activity"
description: "Retrieves Teams activity at Fidelity."
tags:
- communications
- microsoft-teams
- analytics
capability:
exposes:
- type: mcp
namespace: teams-activity
port: 8080
tools:
- name: get-activity
description: "Check Teams activity at Fidelity."
inputParameters:
- name: team_id
in: body
type: string
description: "Team ID."
- name: channel_id
in: body
type: string
description: "Channel ID."
call: "teams.get-messages"
with:
team_id: "{{team_id}}"
channel_id: "{{channel_id}}"
outputParameters:
- name: count
type: number
mapping: "$.value.length"
consumes:
- type: http
namespace: teams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: get-messages
method: GET
Terraform Infrastructure Deployment
▼
infrastructure deployment azure-devops datadog
Triggers a Terraform plan and apply via Azure DevOps pipeline for trading infrastructure changes, with approval gating and Datadog monitoring validation.
naftiko: "0.5"
info:
label: "Terraform Infrastructure Deployment"
description: "Triggers a Terraform plan and apply via Azure DevOps pipeline for trading infrastructure changes, with approval gating and Datadog monitoring validation."
tags:
- infrastructure
- deployment
- azure-devops
- datadog
capability:
exposes:
- type: mcp
namespace: infra-deploy
port: 8080
tools:
- name: deploy-infrastructure
description: "Trigger a Terraform deployment pipeline in Azure DevOps and validate via Datadog."
inputParameters:
- name: pipeline_id
in: body
type: string
description: "Azure DevOps pipeline ID."
- name: environment
in: body
type: string
description: "Target environment (staging, production)."
- name: terraform_workspace
in: body
type: string
description: "Terraform workspace name."
steps:
- name: trigger-pipeline
type: call
call: "azdevops.run-pipeline"
with:
pipeline_id: "{{pipeline_id}}"
parameters: "{\"environment\": \"{{environment}}\", \"workspace\": \"{{terraform_workspace}}\"}"
- name: verify-health
type: call
call: "datadog.check-monitors"
with:
tag_group: "env:{{environment}}"
consumes:
- type: http
namespace: azdevops
baseUri: "https://dev.azure.com/fidelity/_apis"
authentication:
type: basic
username: "$secrets.azdevops_user"
password: "$secrets.azdevops_pat"
resources:
- name: pipelines
path: "/pipelines/{{pipeline_id}}/runs?api-version=7.1"
inputParameters:
- name: pipeline_id
in: path
operations:
- name: run-pipeline
method: POST
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
key: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/search?query=tag:{{tag_group}}"
inputParameters:
- name: tag_group
in: query
operations:
- name: check-monitors
method: GET
Terraform Workspace Check
▼
infrastructure terraform iac
Checks Terraform workspace at Fidelity.
naftiko: "0.5"
info:
label: "Terraform Workspace Check"
description: "Checks Terraform workspace at Fidelity."
tags:
- infrastructure
- terraform
- iac
capability:
exposes:
- type: mcp
namespace: tf-ws
port: 8080
tools:
- name: check-ws
description: "Check workspace at Fidelity."
inputParameters:
- name: workspace_id
in: body
type: string
description: "Workspace ID."
call: "terraform.get-ws"
with:
workspace_id: "{{workspace_id}}"
outputParameters:
- name: name
type: string
mapping: "$.data.attributes.name"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/workspaces/{{workspace_id}}"
inputParameters:
- name: workspace_id
in: path
operations:
- name: get-ws
method: GET
Trade Execution and Compliance Check
▼
trading compliance bloomberg-aim snowflake servicenow
Submits a trade order via Bloomberg AIM, runs a pre-trade compliance check against internal rules in Snowflake, and logs the result in ServiceNow for audit.
naftiko: "0.5"
info:
label: "Trade Execution and Compliance Check"
description: "Submits a trade order via Bloomberg AIM, runs a pre-trade compliance check against internal rules in Snowflake, and logs the result in ServiceNow for audit."
tags:
- trading
- compliance
- bloomberg-aim
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: trade-compliance
port: 8080
tools:
- name: execute-compliant-trade
description: "Submit a trade through Bloomberg AIM with pre-trade compliance validation and audit logging."
inputParameters:
- name: portfolio_id
in: body
type: string
description: "Portfolio identifier."
- name: ticker
in: body
type: string
description: "Security ticker symbol."
- name: side
in: body
type: string
description: "BUY or SELL."
- name: quantity
in: body
type: integer
description: "Number of shares."
- name: trader_id
in: body
type: string
description: "Trader employee ID."
steps:
- name: compliance-check
type: call
call: "snowflake.run-compliance-query"
with:
statement: "SELECT check_trade_limits('{{portfolio_id}}', '{{ticker}}', '{{side}}', {{quantity}}) as compliant"
- name: submit-order
type: call
call: "aim.create-order"
with:
portfolio: "{{portfolio_id}}"
security: "{{ticker}}"
side: "{{side}}"
quantity: "{{quantity}}"
- name: log-audit
type: call
call: "servicenow.create-record"
with:
table: "u_trade_audit"
short_description: "Trade {{side}} {{quantity}} {{ticker}} for portfolio {{portfolio_id}}"
trader: "{{trader_id}}"
compliance_result: "{{compliance-check.compliant}}"
order_id: "{{submit-order.order_id}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-compliance-query
method: POST
- type: http
namespace: aim
baseUri: "https://aim.bloomberg.com/api/v1"
authentication:
type: bearer
token: "$secrets.bloomberg_aim_token"
resources:
- name: orders
path: "/orders"
operations:
- name: create-order
method: POST
- type: http
namespace: servicenow
baseUri: "https://fidelity.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tables
path: "/table/{{table}}"
inputParameters:
- name: table
in: path
operations:
- name: create-record
method: POST
Trade Settlement Reconciliation
▼
operations settlements simcorp-dimension snowflake salesforce microsoft-teams
Reconciles trade settlements by comparing SimCorp Dimension records with Snowflake clearing data, flags discrepancies in Salesforce, and notifies operations via Microsoft Teams.
naftiko: "0.5"
info:
label: "Trade Settlement Reconciliation"
description: "Reconciles trade settlements by comparing SimCorp Dimension records with Snowflake clearing data, flags discrepancies in Salesforce, and notifies operations via Microsoft Teams."
tags:
- operations
- settlements
- simcorp-dimension
- snowflake
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: settlement-recon
port: 8080
tools:
- name: reconcile-settlements
description: "Run trade settlement reconciliation across booking and clearing systems."
inputParameters:
- name: settlement_date
in: body
type: string
description: "Settlement date in YYYY-MM-DD format."
- name: ops_channel
in: body
type: string
description: "Microsoft Teams channel for operations notifications."
steps:
- name: get-booked-trades
type: call
call: "simcorp.get-settlements"
with:
settlement_date: "{{settlement_date}}"
- name: get-cleared-trades
type: call
call: "snowflake.execute-query"
with:
statement: "SELECT * FROM clearing.settled_trades WHERE settlement_date = '{{settlement_date}}'"
- name: run-recon
type: call
call: "snowflake.execute-recon"
with:
statement: "CALL run_settlement_reconciliation('{{settlement_date}}')"
- name: flag-breaks
type: call
call: "salesforce.create-case"
with:
subject: "Settlement Breaks: {{settlement_date}} - {{run-recon.break_count}} discrepancies"
type: "Operations"
priority: "High"
description: "{{run-recon.break_summary}}"
- name: notify-ops
type: call
call: "msteams.post-channel"
with:
channel_id: "{{ops_channel}}"
text: "Settlement recon for {{settlement_date}}: {{run-recon.matched_count}} matched, {{run-recon.break_count}} breaks. Case: {{flag-breaks.CaseNumber}}"
consumes:
- type: http
namespace: simcorp
baseUri: "https://simcorp.fidelity.com/api/v2"
authentication:
type: bearer
token: "$secrets.simcorp_token"
resources:
- name: settlements
path: "/settlements?date={{settlement_date}}"
inputParameters:
- name: settlement_date
in: query
operations:
- name: get-settlements
method: GET
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- name: execute-recon
method: POST
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: cases
path: "/sobjects/Case"
operations:
- name: create-case
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/channels/{{channel_id}}/messages"
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Tradeweb Fixed Income Quote
▼
trading fixed-income tradeweb
Retrieves a real-time quote for a fixed income security from Tradeweb, returning price, yield, spread, and dealer count.
naftiko: "0.5"
info:
label: "Tradeweb Fixed Income Quote"
description: "Retrieves a real-time quote for a fixed income security from Tradeweb, returning price, yield, spread, and dealer count."
tags:
- trading
- fixed-income
- tradeweb
capability:
exposes:
- type: mcp
namespace: fi-trading
port: 8080
tools:
- name: get-fi-quote
description: "Fetch a real-time fixed income quote from Tradeweb by CUSIP."
inputParameters:
- name: cusip
in: body
type: string
description: "CUSIP identifier for the bond."
call: "tradeweb.get-quote"
with:
cusip: "{{cusip}}"
consumes:
- type: http
namespace: tradeweb
baseUri: "https://api.tradeweb.com/v2"
authentication:
type: bearer
token: "$secrets.tradeweb_token"
resources:
- name: quotes
path: "/quotes/{{cusip}}"
inputParameters:
- name: cusip
in: path
operations:
- name: get-quote
method: GET
Trading Platform Incident Response
▼
operations incident-response datadog servicenow microsoft-teams splunk
When a Datadog alert fires for trading infrastructure, creates a ServiceNow P1 incident, pages the on-call engineer via Microsoft Teams, and captures a Splunk log snapshot for investigation.
naftiko: "0.5"
info:
label: "Trading Platform Incident Response"
description: "When a Datadog alert fires for trading infrastructure, creates a ServiceNow P1 incident, pages the on-call engineer via Microsoft Teams, and captures a Splunk log snapshot for investigation."
tags:
- operations
- incident-response
- datadog
- servicenow
- microsoft-teams
- splunk
capability:
exposes:
- type: mcp
namespace: trading-incident
port: 8080
tools:
- name: handle-trading-alert
description: "Orchestrate incident response for a trading platform alert across monitoring, ITSM, and communication systems."
inputParameters:
- name: alert_id
in: body
type: string
description: "Datadog alert ID."
- name: service_name
in: body
type: string
description: "Affected trading service name."
- name: oncall_email
in: body
type: string
description: "On-call engineer email."
steps:
- name: get-alert-details
type: call
call: "datadog.get-monitor"
with:
monitor_id: "{{alert_id}}"
- name: create-p1-incident
type: call
call: "servicenow.create-incident"
with:
short_description: "P1 Trading Alert: {{service_name}} - {{get-alert-details.name}}"
urgency: "1"
impact: "1"
category: "trading_infrastructure"
description: "Datadog alert {{alert_id}} triggered for {{service_name}}. Message: {{get-alert-details.message}}"
- name: capture-logs
type: call
call: "splunk.create-search"
with:
search: "index=trading service={{service_name}} level=ERROR earliest=-15m"
- name: page-oncall
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{oncall_email}}"
text: "P1 ALERT: {{service_name}} is degraded. Incident: {{create-p1-incident.number}}. Datadog: {{get-alert-details.name}}. Splunk job: {{capture-logs.sid}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
key: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/{{monitor_id}}"
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow
baseUri: "https://fidelity.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: splunk
baseUri: "https://splunk.fidelity.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search-jobs
path: "/search/jobs"
operations:
- name: create-search
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chat-messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Vault Secret Metadata
▼
security vault secrets-management
Checks Vault secret at Fidelity.
naftiko: "0.5"
info:
label: "Vault Secret Metadata"
description: "Checks Vault secret at Fidelity."
tags:
- security
- vault
- secrets-management
capability:
exposes:
- type: mcp
namespace: vault
port: 8080
tools:
- name: check-secret
description: "Check secret at Fidelity."
inputParameters:
- name: path
in: body
type: string
description: "Secret path."
call: "vault.get-metadata"
with:
path: "{{path}}"
outputParameters:
- name: version
type: number
mapping: "$.data.current_version"
consumes:
- type: http
namespace: vault
baseUri: "https://vault.fidelity.com/v1"
authentication:
type: bearer
token: "$secrets.vault_token"
resources:
- name: secrets
path: "/secret/metadata/{{path}}"
inputParameters:
- name: path
in: path
operations:
- name: get-metadata
method: GET
Vault Secret Rotation
▼
security infrastructure hashicorp-vault
Rotates a secret in HashiCorp Vault and updates the corresponding Azure Key Vault entry, used for credential lifecycle management in trading systems.
naftiko: "0.5"
info:
label: "Vault Secret Rotation"
description: "Rotates a secret in HashiCorp Vault and updates the corresponding Azure Key Vault entry, used for credential lifecycle management in trading systems."
tags:
- security
- infrastructure
- hashicorp-vault
capability:
exposes:
- type: mcp
namespace: secret-mgmt
port: 8080
tools:
- name: rotate-secret
description: "Rotate a secret in HashiCorp Vault and sync to Azure Key Vault."
inputParameters:
- name: secret_path
in: body
type: string
description: "Vault secret path."
- name: secret_value
in: body
type: string
description: "New secret value."
steps:
- name: write-vault
type: call
call: "vault.write-secret"
with:
path: "{{secret_path}}"
value: "{{secret_value}}"
- name: sync-azure
type: call
call: "azkv.set-secret"
with:
secret_name: "{{secret_path}}"
value: "{{secret_value}}"
consumes:
- type: http
namespace: vault
baseUri: "https://vault.fidelity.com/v1"
authentication:
type: bearer
token: "$secrets.vault_token"
resources:
- name: secrets
path: "/secret/data/{{path}}"
inputParameters:
- name: path
in: path
operations:
- name: write-secret
method: POST
- type: http
namespace: azkv
baseUri: "https://fidelity-kv.vault.azure.net"
authentication:
type: bearer
token: "$secrets.azure_kv_token"
resources:
- name: secrets
path: "/secrets/{{secret_name}}?api-version=7.4"
inputParameters:
- name: secret_name
in: path
operations:
- name: set-secret
method: PUT
Vendor Invoice Processing Pipeline
▼
finance accounts-payable sap oracle
Processes invoices at Fidelity via OCR, SAP matching, approval, and Oracle recording.
naftiko: "0.5"
info:
label: "Vendor Invoice Processing Pipeline"
description: "Processes invoices at Fidelity via OCR, SAP matching, approval, and Oracle recording."
tags:
- finance
- accounts-payable
- sap
- oracle
capability:
exposes:
- type: mcp
namespace: invoice-proc
port: 8080
tools:
- name: process-invoice
description: "Process invoices at Fidelity."
inputParameters:
- name: invoice_id
in: body
type: string
description: "Invoice ID."
- name: vendor_id
in: body
type: string
description: "Vendor ID."
steps:
- name: extract
type: call
call: "ocr.extract"
with:
doc: "{{invoice_id}}"
- name: match
type: call
call: "sap.match-po"
with:
vendor: "{{vendor_id}}"
amount: "{{extract.total}}"
- name: approve
type: call
call: "workflow.submit"
with:
invoice: "{{invoice_id}}"
- name: record
type: call
call: "oracle.create-payment"
with:
invoice: "{{invoice_id}}"
consumes:
- type: http
namespace: ocr
baseUri: "https://ocr.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.ocr_token"
resources:
- name: invoices
path: "/extract"
operations:
- name: extract
method: POST
- type: http
namespace: sap
baseUri: "https://sap.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.sap_token"
resources:
- name: pos
path: "/match"
operations:
- name: match-po
method: POST
- type: http
namespace: workflow
baseUri: "https://workflow.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.workflow_token"
resources:
- name: approvals
path: "/submit"
operations:
- name: submit
method: POST
- type: http
namespace: oracle
baseUri: "https://oracle.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.oracle_token"
resources:
- name: payments
path: "/payments"
operations:
- name: create-payment
method: POST
Quarterly Vendor Review Pipeline
▼
procurement vendor-management review
Reviews vendors at Fidelity.
naftiko: "0.5"
info:
label: "Quarterly Vendor Review Pipeline"
description: "Reviews vendors at Fidelity."
tags:
- procurement
- vendor-management
- review
capability:
exposes:
- type: mcp
namespace: vendor-review
port: 8080
tools:
- name: review-vendor
description: "Review vendors at Fidelity."
inputParameters:
- name: vendor_id
in: body
type: string
description: "Vendor ID."
- name: quarter
in: body
type: string
description: "Quarter."
steps:
- name: perf
type: call
call: "procurement.get-metrics"
with:
vendor: "{{vendor_id}}"
q: "{{quarter}}"
- name: scorecard
type: call
call: "analytics.scorecard"
with:
data: "{{perf.data}}"
- name: invite
type: call
call: "email.send"
with:
to: "{{perf.contact}}"
subject: "QBR - {{quarter}}"
- name: schedule
type: call
call: "calendar.create-event"
with:
title: "QBR - {{perf.name}}"
consumes:
- type: http
namespace: procurement
baseUri: "https://procurement.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.procurement_token"
resources:
- name: vendors
path: "/vendors/{{vendor}}/metrics"
inputParameters:
- name: vendor
in: path
operations:
- name: get-metrics
method: GET
- type: http
namespace: analytics
baseUri: "https://analytics.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.analytics_token"
resources:
- name: scorecards
path: "/compute"
operations:
- name: scorecard
method: POST
- type: http
namespace: email
baseUri: "https://email.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.email_token"
resources:
- name: messages
path: "/send"
operations:
- name: send
method: POST
- type: http
namespace: calendar
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.microsoft_graph_token"
resources:
- name: events
path: "/users/proc/events"
operations:
- name: create-event
method: POST
Wealth Transfer Request Pipeline
▼
wealth-management operations salesforce snowflake microsoft-teams servicenow
Processes an account transfer (ACAT) by creating the transfer request in Salesforce, submitting to the clearing system via Snowflake, notifying the receiving advisor via Microsoft Teams, and logging the transfer in ServiceNow.
naftiko: "0.5"
info:
label: "Wealth Transfer Request Pipeline"
description: "Processes an account transfer (ACAT) by creating the transfer request in Salesforce, submitting to the clearing system via Snowflake, notifying the receiving advisor via Microsoft Teams, and logging the transfer in ServiceNow."
tags:
- wealth-management
- operations
- salesforce
- snowflake
- microsoft-teams
- servicenow
capability:
exposes:
- type: mcp
namespace: wealth-transfer
port: 8080
tools:
- name: process-account-transfer
description: "Orchestrate an ACAT account transfer across CRM, clearing, notification, and audit systems."
inputParameters:
- name: source_account
in: body
type: string
description: "Source account number."
- name: destination_account
in: body
type: string
description: "Destination account number."
- name: transfer_type
in: body
type: string
description: "Transfer type (full, partial)."
- name: receiving_advisor_email
in: body
type: string
description: "Receiving advisor email."
steps:
- name: create-transfer-request
type: call
call: "salesforce.create-transfer"
with:
source: "{{source_account}}"
destination: "{{destination_account}}"
type: "{{transfer_type}}"
- name: submit-to-clearing
type: call
call: "snowflake.execute-query"
with:
statement: "CALL submit_acat_transfer('{{source_account}}', '{{destination_account}}', '{{transfer_type}}', '{{create-transfer-request.transfer_id}}')"
- name: notify-advisor
type: call
call: "msteams.send-message"
with:
recipient_upn: "{{receiving_advisor_email}}"
text: "ACAT Transfer initiated: {{transfer_type}} transfer from {{source_account}} to {{destination_account}}. Transfer ID: {{create-transfer-request.transfer_id}}. Estimated completion: {{submit-to-clearing.estimated_date}}"
- name: log-transfer
type: call
call: "servicenow.create-record"
with:
table: "u_account_transfers"
short_description: "ACAT Transfer: {{source_account}} to {{destination_account}}"
transfer_id: "{{create-transfer-request.transfer_id}}"
status: "submitted"
consumes:
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: transfers
path: "/sobjects/Account_Transfer__c"
operations:
- name: create-transfer
method: POST
- type: http
namespace: snowflake
baseUri: "https://fidelity.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: chat-messages
path: "/users/{{recipient_upn}}/sendMail"
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
- type: http
namespace: servicenow
baseUri: "https://fidelity.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tables
path: "/table/{{table}}"
inputParameters:
- name: table
in: path
operations:
- name: create-record
method: POST
Workday Employee Profile Lookup
▼
hr workday employee-directory
Retrieves employee profile from Workday for Fidelity.
naftiko: "0.5"
info:
label: "Workday Employee Profile Lookup"
description: "Retrieves employee profile from Workday for Fidelity."
tags:
- hr
- workday
- employee-directory
capability:
exposes:
- type: mcp
namespace: workday-profile
port: 8080
tools:
- name: get-employee-profile
description: "Look up Fidelity employee in Workday."
inputParameters:
- name: employee_id
in: body
type: string
description: "Employee ID."
call: "workday.get-worker"
with:
employee_id: "{{employee_id}}"
outputParameters:
- name: name
type: string
mapping: "$.worker.name"
- name: title
type: string
mapping: "$.worker.title"
consumes:
- type: http
namespace: workday
baseUri: "https://wd5.fidelity.com/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/workers/{{employee_id}}"
inputParameters:
- name: employee_id
in: path
operations:
- name: get-worker
method: GET
Zendesk Customer Inquiry Router
▼
customer-service zendesk salesforce servicenow
When a Zendesk ticket is created, enriches it with Salesforce client data, classifies the inquiry type, and routes to the appropriate team in ServiceNow.
naftiko: "0.5"
info:
label: "Zendesk Customer Inquiry Router"
description: "When a Zendesk ticket is created, enriches it with Salesforce client data, classifies the inquiry type, and routes to the appropriate team in ServiceNow."
tags:
- customer-service
- zendesk
- salesforce
- servicenow
capability:
exposes:
- type: mcp
namespace: inquiry-routing
port: 8080
tools:
- name: route-customer-inquiry
description: "Enrich and route a customer inquiry from Zendesk through Salesforce and ServiceNow."
inputParameters:
- name: zendesk_ticket_id
in: body
type: string
description: "Zendesk ticket ID."
steps:
- name: get-ticket
type: call
call: "zendesk.get-ticket"
with:
ticket_id: "{{zendesk_ticket_id}}"
- name: enrich-client
type: call
call: "salesforce.find-contact"
with:
email: "{{get-ticket.requester_email}}"
- name: create-service-request
type: call
call: "servicenow.create-record"
with:
table: "sc_request"
short_description: "{{get-ticket.subject}}"
description: "Client: {{enrich-client.Name}} ({{enrich-client.AccountType}}). Inquiry: {{get-ticket.description}}"
assigned_group: "{{get-ticket.category}}_team"
priority: "{{enrich-client.tier}}"
consumes:
- type: http
namespace: zendesk
baseUri: "https://fidelity.zendesk.com/api/v2"
authentication:
type: bearer
token: "$secrets.zendesk_token"
resources:
- name: tickets
path: "/tickets/{{ticket_id}}.json"
inputParameters:
- name: ticket_id
in: path
operations:
- name: get-ticket
method: GET
- type: http
namespace: salesforce
baseUri: "https://fidelity.my.salesforce.com/services/data/v59.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: contacts
path: "/query/?q=SELECT+Id,Name,Account.Name,Account.Type+FROM+Contact+WHERE+Email='{{email}}'"
inputParameters:
- name: email
in: query
operations:
- name: find-contact
method: GET
- type: http
namespace: servicenow
baseUri: "https://fidelity.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: tables
path: "/table/{{table}}"
inputParameters:
- name: table
in: path
operations:
- name: create-record
method: POST