RTX Capabilities
Naftiko 0.5 capability definitions for RTX - 100 capabilities showing integration workflows and service orchestrations.
Sort
Expand
Access Certification Campaign Orchestrator
▼
security okta snowflake jira
Launches Okta certification, queries Snowflake for hierarchies, and creates Jira tracking task.
naftiko: "0.5"
info:
label: "Access Certification Campaign Orchestrator"
description: "Launches Okta certification, queries Snowflake for hierarchies, and creates Jira tracking task."
tags:
- security
- okta
- snowflake
- jira
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: access-orchestrate
description: "Launches Okta certification, queries Snowflake for hierarchies, and creates Jira tracking task."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "okta.get-user-groups"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: okta
baseUri: "https://rtx.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
APM Latency Alert Handler
▼
monitoring datadog jira microsoft-teams
When Datadog detects latency, creates Jira performance ticket and alerts engineering via Teams.
naftiko: "0.5"
info:
label: "APM Latency Alert Handler"
description: "When Datadog detects latency, creates Jira performance ticket and alerts engineering via Teams."
tags:
- monitoring
- datadog
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: monitoring
port: 8080
tools:
- name: apm-orchestrate
description: "When Datadog detects latency, creates Jira performance ticket and alerts engineering via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "datadog.get-monitor"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
header: "DD-API-KEY"
key: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/{{{{monitor_id}}}}"
operations:
- name: get-monitor
method: GET
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Azure Active Directory User License Assignment
▼
identity microsoft-365 azure hr license-management
Assigns the appropriate Microsoft 365 license SKU to a newly provisioned user in Microsoft Entra ID based on their department and role profile.
naftiko: "0.5"
info:
label: "Azure Active Directory User License Assignment"
description: "Assigns the appropriate Microsoft 365 license SKU to a newly provisioned user in Microsoft Entra ID based on their department and role profile."
tags:
- identity
- microsoft-365
- azure
- hr
- license-management
capability:
exposes:
- type: mcp
namespace: identity-licensing
port: 8080
tools:
- name: assign-user-license
description: "Given a user principal name and license SKU ID, assign the specified Microsoft 365 license in Entra ID. Use after account provisioning to enable product access."
inputParameters:
- name: user_upn
in: body
type: string
description: "The user principal name (UPN) of the newly provisioned employee."
- name: sku_id
in: body
type: string
description: "The Microsoft 365 license SKU ID to assign (e.g., M365 E5 SKU GUID)."
call: "msgraph-license.assign-license"
with:
userPrincipalName: "{{user_upn}}"
skuId: "{{sku_id}}"
outputParameters:
- name: assigned_licenses
type: array
mapping: "$.assignedLicenses"
consumes:
- type: http
namespace: msgraph-license
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: user-licenses
path: "/users/{{userPrincipalName}}/assignLicense"
inputParameters:
- name: userPrincipalName
in: path
operations:
- name: assign-license
method: POST
Azure AD User Lookup
▼
identity azure microsoft-graph
Retrieves an Azure AD user profile by UPN.
naftiko: "0.5"
info:
label: "Azure AD User Lookup"
description: "Retrieves an Azure AD user profile by UPN."
tags:
- identity
- azure
- microsoft-graph
capability:
exposes:
- type: mcp
namespace: identity
port: 8080
tools:
- name: get-azure-ad-user
description: "Retrieves an Azure AD user profile by UPN."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "msgraph.get-user"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: get-user
path: "/users/{{{{upn}}}}"
operations:
- name: get-user
method: GET
Azure Resource Group Cost Lookup
▼
cloud azure cost-management
Retrieves the current month cost summary for an Azure resource group.
naftiko: "0.5"
info:
label: "Azure Resource Group Cost Lookup"
description: "Retrieves the current month cost summary for an Azure resource group."
tags:
- cloud
- azure
- cost-management
capability:
exposes:
- type: mcp
namespace: cloud-finops
port: 8080
tools:
- name: get-resource-group-cost
description: "Retrieves the current month cost summary for an Azure resource group."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "azure.get-cost-summary"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: get-cost-summary
path: "/subscriptions/{{{{subscription_id}}}}/resourceGroups/{{{{resource_group}}}}/providers/Microsoft.CostManagement/query"
operations:
- name: get-cost-summary
method: POST
Azure VM Backup Verification
▼
cloud azure servicenow backup operations
Checks the backup status of critical Azure VMs in the RTX production subscription and creates a ServiceNow alert for any VM with a failed or missed backup.
naftiko: "0.5"
info:
label: "Azure VM Backup Verification"
description: "Checks the backup status of critical Azure VMs in the RTX production subscription and creates a ServiceNow alert for any VM with a failed or missed backup."
tags:
- cloud
- azure
- servicenow
- backup
- operations
capability:
exposes:
- type: mcp
namespace: cloud-backup
port: 8080
tools:
- name: verify-vm-backups
description: "Check Azure Recovery Services vault for failed or missed VM backups in the past 24 hours. Create a ServiceNow alert for each failure found."
inputParameters:
- name: subscription_id
in: body
type: string
description: "The Azure subscription ID to check for backup failures."
- name: vault_name
in: body
type: string
description: "The Azure Recovery Services vault name."
- name: resource_group
in: body
type: string
description: "The resource group containing the vault."
steps:
- name: get-backup-jobs
type: call
call: "azure-backup.list-backup-jobs"
with:
subscriptionId: "{{subscription_id}}"
vaultName: "{{vault_name}}"
resourceGroup: "{{resource_group}}"
- name: create-alert
type: call
call: "servicenow-backup.create-incident"
with:
short_description: "Azure backup failure in vault {{vault_name}}"
description: "Failed backup jobs: {{get-backup-jobs.failedJobs}}"
urgency: "2"
consumes:
- type: http
namespace: azure-backup
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: backup-jobs
path: "/subscriptions/{{subscriptionId}}/resourceGroups/{{resourceGroup}}/providers/Microsoft.RecoveryServices/vaults/{{vaultName}}/backupJobs"
inputParameters:
- name: subscriptionId
in: path
- name: resourceGroup
in: path
- name: vaultName
in: path
operations:
- name: list-backup-jobs
method: GET
- type: http
namespace: servicenow-backup
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Backlog Grooming Summary Generator
▼
devops jira confluence microsoft-teams
Queries Jira for ungroomed backlog, generates Confluence summary, and notifies team via Teams.
naftiko: "0.5"
info:
label: "Backlog Grooming Summary Generator"
description: "Queries Jira for ungroomed backlog, generates Confluence summary, and notifies team via Teams."
tags:
- devops
- jira
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: backlog-orchestrate
description: "Queries Jira for ungroomed backlog, generates Confluence summary, and notifies team via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "jira.create-issue"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "confluence.create-page"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: confluence
baseUri: "https://rtx.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_password"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Benefits Enrollment Verification
▼
hr workday sap microsoft-teams
Verifies Workday benefits enrollment, checks SAP payroll deductions, and sends Teams confirmation.
naftiko: "0.5"
info:
label: "Benefits Enrollment Verification"
description: "Verifies Workday benefits enrollment, checks SAP payroll deductions, and sends Teams confirmation."
tags:
- hr
- workday
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: benefits-orchestrate
description: "Verifies Workday benefits enrollment, checks SAP payroll deductions, and sends Teams confirmation."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "workday.get-worker"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "sap.get-po"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/rtx/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
BI Refresh Failure Escalation
▼
analytics power-bi jira microsoft-teams
Detects Power BI refresh failure, creates Jira ticket, and sends Teams notification.
naftiko: "0.5"
info:
label: "BI Refresh Failure Escalation"
description: "Detects Power BI refresh failure, creates Jira ticket, and sends Teams notification."
tags:
- analytics
- power-bi
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: analytics
port: 8080
tools:
- name: bi-orchestrate
description: "Detects Power BI refresh failure, creates Jira ticket, and sends Teams notification."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "powerbi.trigger-refresh"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: refreshes
path: "/datasets/{{{{dataset_id}}}}/refreshes"
operations:
- name: trigger-refresh
method: POST
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Branch Policy Enforcement Orchestrator
▼
devops github servicenow microsoft-teams
Audits GitHub repos for branch protection, applies policies, and reports via Teams.
naftiko: "0.5"
info:
label: "Branch Policy Enforcement Orchestrator"
description: "Audits GitHub repos for branch protection, applies policies, and reports via Teams."
tags:
- devops
- github
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: branch-orchestrate
description: "Audits GitHub repos for branch protection, applies policies, and reports via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "github.get-branch-protection"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{{{repo}}}}/branches/main/protection"
operations:
- name: get-branch-protection
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
CI/CD Pipeline Failure Response
▼
devops cicd github jira datadog microsoft-teams incident-response
On a protected-branch pipeline failure in GitHub Actions, creates a Jira bug, posts a Datadog event marker, and alerts the engineering team in Microsoft Teams.
naftiko: "0.5"
info:
label: "CI/CD Pipeline Failure Response"
description: "On a protected-branch pipeline failure in GitHub Actions, creates a Jira bug, posts a Datadog event marker, and alerts the engineering team in Microsoft Teams."
tags:
- devops
- cicd
- github
- jira
- datadog
- microsoft-teams
- incident-response
capability:
exposes:
- type: mcp
namespace: devops-cicd
port: 8080
tools:
- name: handle-pipeline-failure
description: "Given a GitHub Actions pipeline failure on a protected branch, open a Jira bug, record a Datadog deployment event, and notify the engineering team in Teams."
inputParameters:
- name: repo
in: body
type: string
description: "The GitHub repository full name (e.g., rtx/avionics-core)."
- name: branch
in: body
type: string
description: "The branch where the pipeline failed."
- name: run_id
in: body
type: string
description: "The GitHub Actions workflow run ID."
- name: commit_sha
in: body
type: string
description: "The commit SHA that triggered the pipeline."
- name: job_name
in: body
type: string
description: "The name of the failed job."
steps:
- name: create-bug
type: call
call: "jira-cicd.create-issue"
with:
project_key: "ENG"
issuetype: "Bug"
summary: "[CI Failure] {{repo}} / {{branch}} — {{job_name}}"
description: "Run: {{run_id}}\nCommit: {{commit_sha}}"
- name: post-datadog-event
type: call
call: "datadog.create-event"
with:
title: "CI Failure: {{repo}}"
text: "Branch {{branch}} failed on job {{job_name}}"
tags: "repo:{{repo}},branch:{{branch}}"
- name: notify-team
type: call
call: "msteams-cicd.post-message"
with:
channel: "engineering-alerts"
message: "Pipeline failure on {{repo}}/{{branch}} — Job: {{job_name}} | Jira: {{create-bug.key}} | Run: {{run_id}}"
consumes:
- type: http
namespace: jira-cicd
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: events
path: "/events"
operations:
- name: create-event
method: POST
- type: http
namespace: msteams-cicd
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Cloud Cost Anomaly Detection and Alert
▼
cloud finops aws servicenow microsoft-teams cost-management
Periodically queries AWS Cost Explorer for spend anomalies, and when a threshold is breached, creates a ServiceNow change request and notifies the cloud team in Teams.
naftiko: "0.5"
info:
label: "Cloud Cost Anomaly Detection and Alert"
description: "Periodically queries AWS Cost Explorer for spend anomalies, and when a threshold is breached, creates a ServiceNow change request and notifies the cloud team in Teams."
tags:
- cloud
- finops
- aws
- servicenow
- microsoft-teams
- cost-management
capability:
exposes:
- type: mcp
namespace: cloud-finops
port: 8080
tools:
- name: handle-cost-anomaly
description: "Given an AWS account ID and anomaly details, create a ServiceNow change request to investigate and notify the cloud team in Microsoft Teams."
inputParameters:
- name: account_id
in: body
type: string
description: "The AWS account ID where the cost anomaly was detected."
- name: anomaly_amount
in: body
type: number
description: "The unexpected spend amount in USD."
- name: service_name
in: body
type: string
description: "The AWS service with anomalous spend (e.g., EC2, S3)."
- name: detection_date
in: body
type: string
description: "Date the anomaly was detected in YYYY-MM-DD format."
steps:
- name: create-change
type: call
call: "servicenow-cost.create-change"
with:
short_description: "AWS cost anomaly: ${{anomaly_amount}} on {{service_name}} in account {{account_id}}"
category: "cloud_finops"
priority: "2"
- name: notify-team
type: call
call: "msteams-cost.post-message"
with:
channel: "cloud-cost-ops"
message: "Cost anomaly detected: {{service_name}} account {{account_id}} — ${{anomaly_amount}} on {{detection_date}} | SNOW: {{create-change.number}}"
consumes:
- type: http
namespace: servicenow-cost
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: create-change
method: POST
- type: http
namespace: msteams-cost
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Cloud Cost Review Orchestrator
▼
finops azure snowflake jira microsoft-teams
Pulls Azure cost data, compares Snowflake forecasts, creates Jira ticket, and notifies via Teams.
naftiko: "0.5"
info:
label: "Cloud Cost Review Orchestrator"
description: "Pulls Azure cost data, compares Snowflake forecasts, creates Jira ticket, and notifies via Teams."
tags:
- finops
- azure
- snowflake
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: finops
port: 8080
tools:
- name: cloud-orchestrate
description: "Pulls Azure cost data, compares Snowflake forecasts, creates Jira ticket, and notifies via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "azure.get-resources"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-4
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: resources
path: "/subscriptions"
operations:
- name: get-resources
method: GET
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Compensation Change Approval Workflow
▼
hr workday sap microsoft-teams
Processes compensation change with Workday data, SAP budget check, and Teams approval notification.
naftiko: "0.5"
info:
label: "Compensation Change Approval Workflow"
description: "Processes compensation change with Workday data, SAP budget check, and Teams approval notification."
tags:
- hr
- workday
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: compensation-orchestrate
description: "Processes compensation change with Workday data, SAP budget check, and Teams approval notification."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "workday.get-worker"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "sap.get-po"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/rtx/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Compliance Report Generator
▼
compliance splunk snowflake power-bi
Runs Splunk compliance search, exports to Snowflake, refreshes Power BI, and emails report.
naftiko: "0.5"
info:
label: "Compliance Report Generator"
description: "Runs Splunk compliance search, exports to Snowflake, refreshes Power BI, and emails report."
tags:
- compliance
- splunk
- snowflake
- power-bi
capability:
exposes:
- type: mcp
namespace: compliance
port: 8080
tools:
- name: compliance-orchestrate
description: "Runs Splunk compliance search, exports to Snowflake, refreshes Power BI, and emails report."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "splunk.run-search"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "powerbi.trigger-refresh"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.rtx.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: run-search
method: POST
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: refreshes
path: "/datasets/{{{{dataset_id}}}}/refreshes"
operations:
- name: trigger-refresh
method: POST
Confluence Page Lookup
▼
knowledge-management confluence documentation
Retrieves a Confluence page by ID.
naftiko: "0.5"
info:
label: "Confluence Page Lookup"
description: "Retrieves a Confluence page by ID."
tags:
- knowledge-management
- confluence
- documentation
capability:
exposes:
- type: mcp
namespace: knowledge
port: 8080
tools:
- name: get-confluence-page
description: "Retrieves a Confluence page by ID."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "confluence.get-page"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: confluence
baseUri: "https://rtx.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_password"
resources:
- name: get-page
path: "/content/{{{{page_id}}}}?expand=body.storage,version"
operations:
- name: get-page
method: GET
Contract Milestone Billing Workflow
▼
finance sap microsoft-teams
Retrieves SAP contract at milestone, creates billing document, and notifies manager via Teams.
naftiko: "0.5"
info:
label: "Contract Milestone Billing Workflow"
description: "Retrieves SAP contract at milestone, creates billing document, and notifies manager via Teams."
tags:
- finance
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: finance
port: 8080
tools:
- name: contract-orchestrate
description: "Retrieves SAP contract at milestone, creates billing document, and notifies manager via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Contract Renewal Alert Workflow
▼
sales salesforce snowflake jira
Detects expiring Salesforce contracts, pulls Snowflake spend data, and creates Jira renewal task.
naftiko: "0.5"
info:
label: "Contract Renewal Alert Workflow"
description: "Detects expiring Salesforce contracts, pulls Snowflake spend data, and creates Jira renewal task."
tags:
- sales
- salesforce
- snowflake
- jira
capability:
exposes:
- type: mcp
namespace: sales
port: 8080
tools:
- name: contract-orchestrate
description: "Detects expiring Salesforce contracts, pulls Snowflake spend data, and creates Jira renewal task."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "salesforce.get-opportunity"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: salesforce
baseUri: "https://rtx.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity"
operations:
- name: get-opportunity
method: GET
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Contractor Access Provisioning Workflow
▼
security azure okta servicenow
Provisions contractor with Azure AD guest account, Okta groups, and ServiceNow tracking ticket.
naftiko: "0.5"
info:
label: "Contractor Access Provisioning Workflow"
description: "Provisions contractor with Azure AD guest account, Okta groups, and ServiceNow tracking ticket."
tags:
- security
- azure
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: contractor-orchestrate
description: "Provisions contractor with Azure AD guest account, Okta groups, and ServiceNow tracking ticket."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "azure.get-resources"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "okta.get-user-groups"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: resources
path: "/subscriptions"
operations:
- name: get-resources
method: GET
- type: http
namespace: okta
baseUri: "https://rtx.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
CrowdStrike Endpoint Status Lookup
▼
security crowdstrike endpoint
Queries CrowdStrike Falcon for endpoint details by device ID.
naftiko: "0.5"
info:
label: "CrowdStrike Endpoint Status Lookup"
description: "Queries CrowdStrike Falcon for endpoint details by device ID."
tags:
- security
- crowdstrike
- endpoint
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: get-endpoint-status
description: "Queries CrowdStrike Falcon for endpoint details by device ID."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "crowdstrike.get-device"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: get-device
path: "/devices/entities/devices/v2?ids={{{{device_id}}}}"
operations:
- name: get-device
method: GET
CrowdStrike Endpoint Threat Triage
▼
security crowdstrike servicenow microsoft-teams incident-response soc
When CrowdStrike detects a high-severity endpoint detection, creates a P1 ServiceNow security incident and notifies the SOC team in Microsoft Teams.
naftiko: "0.5"
info:
label: "CrowdStrike Endpoint Threat Triage"
description: "When CrowdStrike detects a high-severity endpoint detection, creates a P1 ServiceNow security incident and notifies the SOC team in Microsoft Teams."
tags:
- security
- crowdstrike
- servicenow
- microsoft-teams
- incident-response
- soc
capability:
exposes:
- type: mcp
namespace: security-triage
port: 8080
tools:
- name: handle-endpoint-detection
description: "Given a CrowdStrike detection ID, fetch its details, create a P1 ServiceNow security incident, and page the SOC team via Teams."
inputParameters:
- name: detection_id
in: body
type: string
description: "The CrowdStrike detection ID to triage."
- name: hostname
in: body
type: string
description: "The hostname of the affected endpoint."
steps:
- name: get-detection
type: call
call: "crowdstrike-soc.get-detection"
with:
detection_id: "{{detection_id}}"
- name: create-incident
type: call
call: "servicenow-soc.create-incident"
with:
short_description: "CrowdStrike detection on {{hostname}}: {{get-detection.behaviorName}}"
category: "security_incident"
urgency: "1"
impact: "1"
- name: page-soc
type: call
call: "msteams-soc.post-message"
with:
channel: "soc-alerts"
message: "HIGH severity detection on {{hostname}} — {{get-detection.behaviorName}} | SNOW: {{create-incident.number}} | Detection: {{detection_id}}"
consumes:
- type: http
namespace: crowdstrike-soc
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: detections
path: "/detects/entities/detects/v2"
operations:
- name: get-detection
method: GET
- type: http
namespace: servicenow-soc
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams-soc
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Data Quality Alert Workflow
▼
data snowflake servicenow microsoft-teams
Runs Snowflake data quality check, logs in ServiceNow, and notifies data engineering via Teams.
naftiko: "0.5"
info:
label: "Data Quality Alert Workflow"
description: "Runs Snowflake data quality check, logs in ServiceNow, and notifies data engineering via Teams."
tags:
- data
- snowflake
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: data
port: 8080
tools:
- name: data-orchestrate
description: "Runs Snowflake data quality check, logs in ServiceNow, and notifies data engineering via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "snowflake.run-query"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Datadog Alert to ServiceNow Incident
▼
itsm observability datadog servicenow microsoft-teams incident-response
When a Datadog monitor triggers a critical alert, automatically creates a P1 ServiceNow incident and notifies the on-call team via Microsoft Teams.
naftiko: "0.5"
info:
label: "Datadog Alert to ServiceNow Incident"
description: "When a Datadog monitor triggers a critical alert, automatically creates a P1 ServiceNow incident and notifies the on-call team via Microsoft Teams."
tags:
- itsm
- observability
- datadog
- servicenow
- microsoft-teams
- incident-response
capability:
exposes:
- type: mcp
namespace: itsm-alerting
port: 8080
tools:
- name: handle-datadog-alert
description: "Given a Datadog monitor ID and alert body, create a P1 ServiceNow incident and notify the on-call channel in Teams. Use when a critical infrastructure alert fires."
inputParameters:
- name: monitor_id
in: body
type: string
description: "The Datadog monitor ID that fired."
- name: monitor_name
in: body
type: string
description: "The human-readable name of the Datadog monitor."
- name: alert_body
in: body
type: string
description: "The full alert message from Datadog."
- name: severity
in: body
type: string
description: "Alert severity: critical, warning, or info."
steps:
- name: create-incident
type: call
call: "servicenow-alert.create-incident"
with:
short_description: "Datadog Alert: {{monitor_name}}"
description: "{{alert_body}}"
urgency: "1"
impact: "1"
- name: notify-oncall
type: call
call: "msteams-alert.post-message"
with:
channel: "it-incidents"
message: "P1 Incident created: {{monitor_name}} | SNOW: {{create-incident.number}} | Severity: {{severity}}"
consumes:
- type: http
namespace: servicenow-alert
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams-alert
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Datadog Service Health Check
▼
monitoring datadog observability
Queries Datadog for the current health status of a monitored service.
naftiko: "0.5"
info:
label: "Datadog Service Health Check"
description: "Queries Datadog for the current health status of a monitored service."
tags:
- monitoring
- datadog
- observability
capability:
exposes:
- type: mcp
namespace: observability
port: 8080
tools:
- name: get-service-health
description: "Queries Datadog for the current health status of a monitored service."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "datadog.get-monitor"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
header: "DD-API-KEY"
key: "$secrets.datadog_api_key"
resources:
- name: get-monitor
path: "/monitor/{{{{monitor_id}}}}"
operations:
- name: get-monitor
method: GET
Datadog SLO Breach Report
▼
observability datadog microsoft-teams slo reporting
Retrieves current SLO compliance status from Datadog and generates a weekly digest posted to the engineering leadership Teams channel.
naftiko: "0.5"
info:
label: "Datadog SLO Breach Report"
description: "Retrieves current SLO compliance status from Datadog and generates a weekly digest posted to the engineering leadership Teams channel."
tags:
- observability
- datadog
- microsoft-teams
- slo
- reporting
capability:
exposes:
- type: mcp
namespace: observability-reporting
port: 8080
tools:
- name: digest-slo-status
description: "Retrieve all active SLO compliance percentages from Datadog and post a formatted weekly digest to the engineering leadership channel in Teams."
inputParameters:
- name: slo_tag
in: body
type: string
description: "A Datadog tag to filter SLOs by (e.g., team:avionics)."
steps:
- name: get-slos
type: call
call: "datadog-slo.list-slos"
with:
tags_query: "{{slo_tag}}"
- name: post-digest
type: call
call: "msteams-slo.post-message"
with:
channel: "engineering-leadership"
message: "Weekly SLO digest for {{slo_tag}}: {{get-slos.summary}}"
consumes:
- type: http
namespace: datadog-slo
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apikey
key: "DD-API-KEY"
value: "$secrets.datadog_api_key"
placement: header
resources:
- name: slos
path: "/slo"
operations:
- name: list-slos
method: GET
- type: http
namespace: msteams-slo
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Delivery Schedule Monitor and Alert
▼
logistics sap jira microsoft-teams
Monitors SAP delivery schedules, creates Jira follow-up task, and alerts supply chain via Teams.
naftiko: "0.5"
info:
label: "Delivery Schedule Monitor and Alert"
description: "Monitors SAP delivery schedules, creates Jira follow-up task, and alerts supply chain via Teams."
tags:
- logistics
- sap
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: logistics
port: 8080
tools:
- name: delivery-orchestrate
description: "Monitors SAP delivery schedules, creates Jira follow-up task, and alerts supply chain via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Dependabot to Jira Task Bridge
▼
devops github jira microsoft-teams
Retrieves GitHub Dependabot alerts, creates Jira tasks, and notifies security via Teams.
naftiko: "0.5"
info:
label: "Dependabot to Jira Task Bridge"
description: "Retrieves GitHub Dependabot alerts, creates Jira tasks, and notifies security via Teams."
tags:
- devops
- github
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: dependabot-orchestrate
description: "Retrieves GitHub Dependabot alerts, creates Jira tasks, and notifies security via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "github.get-branch-protection"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{{{repo}}}}/branches/main/protection"
operations:
- name: get-branch-protection
method: GET
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Device Compliance Remediation
▼
security crowdstrike servicenow microsoft-teams
Checks CrowdStrike for non-compliant endpoints, assigns policies, creates ServiceNow task, and alerts via Teams.
naftiko: "0.5"
info:
label: "Device Compliance Remediation"
description: "Checks CrowdStrike for non-compliant endpoints, assigns policies, creates ServiceNow task, and alerts via Teams."
tags:
- security
- crowdstrike
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: device-orchestrate
description: "Checks CrowdStrike for non-compliant endpoints, assigns policies, creates ServiceNow task, and alerts via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "crowdstrike.get-device"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: devices
path: "/devices/entities/devices/v2"
operations:
- name: get-device
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Employee Offboarding Workflow
▼
hr offboarding workday servicenow microsoft-365 identity
When an employee departure is recorded in Workday, revokes Microsoft 365 access, closes open ServiceNow tickets, and notifies the IT security team via Teams.
naftiko: "0.5"
info:
label: "Employee Offboarding Workflow"
description: "When an employee departure is recorded in Workday, revokes Microsoft 365 access, closes open ServiceNow tickets, and notifies the IT security team via Teams."
tags:
- hr
- offboarding
- workday
- servicenow
- microsoft-365
- identity
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: trigger-offboarding
description: "Given a Workday employee ID and termination date, disable the Microsoft 365 account, close open IT tickets in ServiceNow, and alert the security team in Teams."
inputParameters:
- name: employee_id
in: body
type: string
description: "The Workday worker ID of the departing employee."
- name: termination_date
in: body
type: string
description: "The employee's last working day in YYYY-MM-DD format."
steps:
- name: get-employee
type: call
call: "workday-lookup.get-worker"
with:
worker_id: "{{employee_id}}"
- name: disable-account
type: call
call: "msgraph-offboard.disable-user"
with:
userPrincipalName: "{{get-employee.workEmail}}"
- name: close-tickets
type: call
call: "servicenow-offboard.close-user-tickets"
with:
caller_id: "{{get-employee.workEmail}}"
- name: notify-security
type: call
call: "msteams-offboard.post-message"
with:
channel: "it-security-alerts"
message: "Offboarding complete for {{get-employee.displayName}} ({{termination_date}}). Account disabled, tickets closed."
consumes:
- type: http
namespace: workday-lookup
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/rtx/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: msgraph-offboard
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: users
path: "/users/{{userPrincipalName}}"
inputParameters:
- name: userPrincipalName
in: path
operations:
- name: disable-user
method: PATCH
- type: http
namespace: servicenow-offboard
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: close-user-tickets
method: PATCH
- type: http
namespace: msteams-offboard
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
ETL Failure Recovery Workflow
▼
data snowflake jira microsoft-teams
Detects Snowflake ETL failure, creates Jira ticket, retries pipeline, and notifies via Teams.
naftiko: "0.5"
info:
label: "ETL Failure Recovery Workflow"
description: "Detects Snowflake ETL failure, creates Jira ticket, retries pipeline, and notifies via Teams."
tags:
- data
- snowflake
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: data
port: 8080
tools:
- name: etl-orchestrate
description: "Detects Snowflake ETL failure, creates Jira ticket, retries pipeline, and notifies via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "snowflake.run-query"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Firewall Policy Change Approval
▼
security palo-alto-networks servicenow microsoft-teams
Submits firewall policy change, creates ServiceNow change, and notifies security via Teams.
naftiko: "0.5"
info:
label: "Firewall Policy Change Approval"
description: "Submits firewall policy change, creates ServiceNow change, and notifies security via Teams."
tags:
- security
- palo-alto-networks
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: firewall-orchestrate
description: "Submits firewall policy change, creates ServiceNow change, and notifies security via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "paloalto.get-security-rule"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: paloalto
baseUri: "https://panorama.rtx.com/restapi/v10.2"
authentication:
type: bearer
token: "$secrets.paloalto_token"
resources:
- name: security-rules
path: "/Policies/SecurityRules"
operations:
- name: get-security-rule
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
GitHub PR Security Review Orchestrator
▼
devops github crowdstrike
Runs GitHub security scan on PR, checks CrowdStrike for indicators, and posts review summary.
naftiko: "0.5"
info:
label: "GitHub PR Security Review Orchestrator"
description: "Runs GitHub security scan on PR, checks CrowdStrike for indicators, and posts review summary."
tags:
- devops
- github
- crowdstrike
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: github-orchestrate
description: "Runs GitHub security scan on PR, checks CrowdStrike for indicators, and posts review summary."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "github.get-branch-protection"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "crowdstrike.get-device"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{{{repo}}}}/branches/main/protection"
operations:
- name: get-branch-protection
method: GET
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: devices
path: "/devices/entities/devices/v2"
operations:
- name: get-device
method: GET
GitHub Pull Request Security Scan
▼
devops security github crowdstrike code-quality
On a new pull request in GitHub, triggers a CrowdStrike code security scan and posts the results as a PR comment, blocking merge if critical vulnerabilities are found.
naftiko: "0.5"
info:
label: "GitHub Pull Request Security Scan"
description: "On a new pull request in GitHub, triggers a CrowdStrike code security scan and posts the results as a PR comment, blocking merge if critical vulnerabilities are found."
tags:
- devops
- security
- github
- crowdstrike
- code-quality
capability:
exposes:
- type: mcp
namespace: devops-security
port: 8080
tools:
- name: scan-pull-request
description: "Given a GitHub pull request number and repo, trigger a CrowdStrike security scan on the PR branch and post scan results back to the PR as a review comment."
inputParameters:
- name: repo
in: body
type: string
description: "The GitHub repository full name (e.g., rtx/firmware-platform)."
- name: pr_number
in: body
type: integer
description: "The GitHub pull request number to scan."
- name: branch
in: body
type: string
description: "The source branch of the pull request."
steps:
- name: trigger-scan
type: call
call: "crowdstrike.submit-scan"
with:
repository: "{{repo}}"
branch: "{{branch}}"
- name: post-comment
type: call
call: "github.create-pr-comment"
with:
repo: "{{repo}}"
pr_number: "{{pr_number}}"
body: "Security scan submitted (ID: {{trigger-scan.scanId}}). Results will be posted when complete."
consumes:
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: scans
path: "/code-security/v1/scans"
operations:
- name: submit-scan
method: POST
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: pr-comments
path: "/repos/{{repo}}/issues/{{pr_number}}/comments"
inputParameters:
- name: repo
in: path
- name: pr_number
in: path
operations:
- name: create-pr-comment
method: POST
GitHub Repository Access Provisioning
▼
devops identity github workday access-management
When a new project team member is approved in Workday, adds them to the correct GitHub team with appropriate repository permissions.
naftiko: "0.5"
info:
label: "GitHub Repository Access Provisioning"
description: "When a new project team member is approved in Workday, adds them to the correct GitHub team with appropriate repository permissions."
tags:
- devops
- identity
- github
- workday
- access-management
capability:
exposes:
- type: mcp
namespace: devops-access
port: 8080
tools:
- name: provision-github-access
description: "Given a Workday employee ID and GitHub org team name, add the employee's GitHub username to the specified team with the requested permission level."
inputParameters:
- name: employee_id
in: body
type: string
description: "The Workday worker ID of the employee requiring access."
- name: github_org
in: body
type: string
description: "The GitHub organization name (e.g., rtx-engineering)."
- name: team_slug
in: body
type: string
description: "The GitHub team slug to add the member to."
- name: permission
in: body
type: string
description: "The permission level: pull, push, or admin."
steps:
- name: get-employee
type: call
call: "workday-access.get-worker"
with:
worker_id: "{{employee_id}}"
- name: add-to-team
type: call
call: "github-access.add-team-member"
with:
org: "{{github_org}}"
team_slug: "{{team_slug}}"
username: "{{get-employee.githubUsername}}"
role: "{{permission}}"
consumes:
- type: http
namespace: workday-access
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/rtx/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: github-access
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: team-members
path: "/orgs/{{org}}/teams/{{team_slug}}/memberships/{{username}}"
inputParameters:
- name: org
in: path
- name: team_slug
in: path
- name: username
in: path
operations:
- name: add-team-member
method: PUT
GitHub Repository Compliance Check
▼
devops github compliance
Checks a GitHub repository for branch protection compliance.
naftiko: "0.5"
info:
label: "GitHub Repository Compliance Check"
description: "Checks a GitHub repository for branch protection compliance."
tags:
- devops
- github
- compliance
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: check-repo-compliance
description: "Checks a GitHub repository for branch protection compliance."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "github.get-branch-protection"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: get-branch-protection
path: "/repos/{{{{repo}}}}/branches/main/protection"
operations:
- name: get-branch-protection
method: GET
GitHub Security Advisory Triage
▼
security github jira devops vulnerability-management
Fetches open Dependabot security advisories from GitHub repositories and creates Jira tickets for any critical or high severity vulnerabilities found.
naftiko: "0.5"
info:
label: "GitHub Security Advisory Triage"
description: "Fetches open Dependabot security advisories from GitHub repositories and creates Jira tickets for any critical or high severity vulnerabilities found."
tags:
- security
- github
- jira
- devops
- vulnerability-management
capability:
exposes:
- type: mcp
namespace: security-advisories
port: 8080
tools:
- name: triage-security-advisories
description: "Given a GitHub repository, fetch open Dependabot advisories and create Jira tickets for critical and high severity findings. Use for scheduled vulnerability triage."
inputParameters:
- name: repo
in: body
type: string
description: "The GitHub repository full name to scan for advisories."
- name: jira_project
in: body
type: string
description: "The Jira project key to create security tickets in."
steps:
- name: get-advisories
type: call
call: "github-sec.list-dependabot-alerts"
with:
repo: "{{repo}}"
- name: create-tickets
type: call
call: "jira-sec.create-issue"
with:
project_key: "{{jira_project}}"
issuetype: "Security"
summary: "Security advisory: {{get-advisories.packageName}} — {{get-advisories.severity}}"
description: "Repository: {{repo}}\nAdvisory: {{get-advisories.advisoryUrl}}"
consumes:
- type: http
namespace: github-sec
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: dependabot-alerts
path: "/repos/{{repo}}/dependabot/alerts"
inputParameters:
- name: repo
in: path
operations:
- name: list-dependabot-alerts
method: GET
- type: http
namespace: jira-sec
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Goods Receipt to Quality Inspection
▼
logistics sap servicenow microsoft-teams
Creates SAP quality inspection from goods receipt, logs in ServiceNow, and notifies QA via Teams.
naftiko: "0.5"
info:
label: "Goods Receipt to Quality Inspection"
description: "Creates SAP quality inspection from goods receipt, logs in ServiceNow, and notifies QA via Teams."
tags:
- logistics
- sap
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: logistics
port: 8080
tools:
- name: goods-orchestrate
description: "Creates SAP quality inspection from goods receipt, logs in ServiceNow, and notifies QA via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Headcount Forecast Report Generator
▼
hr snowflake power-bi microsoft-teams
Pulls Snowflake headcount, refreshes Power BI dashboard, and notifies leadership via Teams.
naftiko: "0.5"
info:
label: "Headcount Forecast Report Generator"
description: "Pulls Snowflake headcount, refreshes Power BI dashboard, and notifies leadership via Teams."
tags:
- hr
- snowflake
- power-bi
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: headcount-orchestrate
description: "Pulls Snowflake headcount, refreshes Power BI dashboard, and notifies leadership via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "snowflake.run-query"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "powerbi.trigger-refresh"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: refreshes
path: "/datasets/{{{{dataset_id}}}}/refreshes"
operations:
- name: trigger-refresh
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Incident to Problem Escalation Workflow
▼
itsm servicenow splunk jira
Escalates recurring ServiceNow incidents to problems, correlates Splunk events, and creates Jira tasks.
naftiko: "0.5"
info:
label: "Incident to Problem Escalation Workflow"
description: "Escalates recurring ServiceNow incidents to problems, correlates Splunk events, and creates Jira tasks."
tags:
- itsm
- servicenow
- splunk
- jira
capability:
exposes:
- type: mcp
namespace: itsm
port: 8080
tools:
- name: incident-orchestrate
description: "Escalates recurring ServiceNow incidents to problems, correlates Splunk events, and creates Jira tasks."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "servicenow.create-incident"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "splunk.run-search"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: splunk
baseUri: "https://splunk.rtx.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: run-search
method: POST
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
Intercompany Transfer Orchestrator
▼
logistics sap snowflake microsoft-teams
Processes SAP intercompany transfer, logs in Snowflake audit, and notifies logistics via Teams.
naftiko: "0.5"
info:
label: "Intercompany Transfer Orchestrator"
description: "Processes SAP intercompany transfer, logs in Snowflake audit, and notifies logistics via Teams."
tags:
- logistics
- sap
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: logistics
port: 8080
tools:
- name: intercompany-orchestrate
description: "Processes SAP intercompany transfer, logs in Snowflake audit, and notifies logistics via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Invoice Approval and ERP Posting
▼
finance procurement sap-ariba sap invoice approval
When a supplier invoice arrives in SAP Ariba, validates it against the matched PO in SAP S/4HANA and posts it for payment if within tolerance.
naftiko: "0.5"
info:
label: "Invoice Approval and ERP Posting"
description: "When a supplier invoice arrives in SAP Ariba, validates it against the matched PO in SAP S/4HANA and posts it for payment if within tolerance."
tags:
- finance
- procurement
- sap-ariba
- sap
- invoice
- approval
capability:
exposes:
- type: mcp
namespace: finance-invoicing
port: 8080
tools:
- name: process-invoice
description: "Given an Ariba invoice ID, fetch its details, validate against the SAP S/4HANA PO, and post for payment if within the approved tolerance threshold."
inputParameters:
- name: invoice_id
in: body
type: string
description: "The SAP Ariba invoice ID to process."
- name: tolerance_pct
in: body
type: number
description: "Acceptable variance percentage between invoice and PO amount (e.g., 2.5 for 2.5%)."
steps:
- name: get-invoice
type: call
call: "ariba.get-invoice"
with:
invoice_id: "{{invoice_id}}"
- name: get-po
type: call
call: "sap-invoice.get-po"
with:
po_number: "{{get-invoice.purchaseOrderId}}"
- name: post-payment
type: call
call: "sap-invoice.post-invoice"
with:
po_number: "{{get-invoice.purchaseOrderId}}"
invoice_amount: "{{get-invoice.totalAmount}}"
vendor_id: "{{get-po.vendorId}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/invoice/v1"
authentication:
type: apikey
key: "APIKey"
value: "$secrets.ariba_api_key"
placement: header
resources:
- name: invoices
path: "/invoices/{{invoice_id}}"
inputParameters:
- name: invoice_id
in: path
operations:
- name: get-invoice
method: GET
- type: http
namespace: sap-invoice
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{po_number}}')"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
outputRawFormat: xml
- name: invoice-postings
path: "/A_SupplierInvoice"
operations:
- name: post-invoice
method: POST
Invoice Three-Way Match Orchestrator
▼
finance sap servicenow
Compares invoice against SAP purchase order and goods receipt, then logs in ServiceNow.
naftiko: "0.5"
info:
label: "Invoice Three-Way Match Orchestrator"
description: "Compares invoice against SAP purchase order and goods receipt, then logs in ServiceNow."
tags:
- finance
- sap
- servicenow
capability:
exposes:
- type: mcp
namespace: finance
port: 8080
tools:
- name: invoice-orchestrate
description: "Compares invoice against SAP purchase order and goods receipt, then logs in ServiceNow."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Jira Defect to ServiceNow Incident Bridge
▼
itsm devops jira servicenow incident-response
When a Jira bug is escalated to production severity, automatically creates a linked ServiceNow P1 incident and assigns it to the appropriate support group.
naftiko: "0.5"
info:
label: "Jira Defect to ServiceNow Incident Bridge"
description: "When a Jira bug is escalated to production severity, automatically creates a linked ServiceNow P1 incident and assigns it to the appropriate support group."
tags:
- itsm
- devops
- jira
- servicenow
- incident-response
capability:
exposes:
- type: mcp
namespace: itsm-bridge
port: 8080
tools:
- name: escalate-bug-to-incident
description: "Given a Jira bug key, create a linked ServiceNow P1 incident and notify the on-call team. Use when a software defect impacts production systems."
inputParameters:
- name: jira_key
in: body
type: string
description: "The Jira issue key (e.g., ENG-1234)."
- name: support_group
in: body
type: string
description: "The ServiceNow assignment group to handle the incident."
steps:
- name: get-jira-issue
type: call
call: "jira-bridge.get-issue"
with:
issue_key: "{{jira_key}}"
- name: create-snow-incident
type: call
call: "servicenow-bridge.create-incident"
with:
short_description: "Prod defect: {{get-jira-issue.summary}}"
description: "Jira: {{jira_key}} — {{get-jira-issue.description}}"
assignment_group: "{{support_group}}"
urgency: "1"
- name: update-jira-link
type: call
call: "jira-bridge.add-comment"
with:
issue_key: "{{jira_key}}"
comment: "ServiceNow incident created: {{create-snow-incident.number}}"
consumes:
- type: http
namespace: jira-bridge
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue/{{issue_key}}"
inputParameters:
- name: issue_key
in: path
operations:
- name: get-issue
method: GET
- name: add-comment
method: POST
- type: http
namespace: servicenow-bridge
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Jira Issue Detail Lookup
▼
devops jira project-management
Retrieves a Jira issue by key, returning summary, status, and assignee.
naftiko: "0.5"
info:
label: "Jira Issue Detail Lookup"
description: "Retrieves a Jira issue by key, returning summary, status, and assignee."
tags:
- devops
- jira
- project-management
capability:
exposes:
- type: mcp
namespace: project-management
port: 8080
tools:
- name: get-jira-issue
description: "Retrieves a Jira issue by key, returning summary, status, and assignee."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "jira.get-issue"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: get-issue
path: "/issue/{{{{issue_key}}}}"
operations:
- name: get-issue
method: GET
Jira Issue Status Lookup
▼
devops jira itsm triage
Returns the current status, assignee, and priority of a Jira issue by key. A quick single-call lookup for agent and human triage.
naftiko: "0.5"
info:
label: "Jira Issue Status Lookup"
description: "Returns the current status, assignee, and priority of a Jira issue by key. A quick single-call lookup for agent and human triage."
tags:
- devops
- jira
- itsm
- triage
capability:
exposes:
- type: mcp
namespace: jira-lookup
port: 8080
tools:
- name: get-issue-status
description: "Given a Jira issue key, return its current status, assignee, priority, and summary. Use for rapid triage or before creating a linked ServiceNow record."
inputParameters:
- name: issue_key
in: body
type: string
description: "The Jira issue key (e.g., ENG-4567)."
call: "jira-status.get-issue"
with:
issue_key: "{{issue_key}}"
outputParameters:
- name: status
type: string
mapping: "$.fields.status.name"
- name: assignee
type: string
mapping: "$.fields.assignee.displayName"
- name: priority
type: string
mapping: "$.fields.priority.name"
- name: summary
type: string
mapping: "$.fields.summary"
consumes:
- type: http
namespace: jira-status
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: issues
path: "/issue/{{issue_key}}"
inputParameters:
- name: issue_key
in: path
operations:
- name: get-issue
method: GET
Jira Sprint Velocity Report
▼
devops reporting jira microsoft-teams agile
Retrieves completed story points from the current and previous Jira sprints and posts a velocity digest to the engineering team channel in Microsoft Teams.
naftiko: "0.5"
info:
label: "Jira Sprint Velocity Report"
description: "Retrieves completed story points from the current and previous Jira sprints and posts a velocity digest to the engineering team channel in Microsoft Teams."
tags:
- devops
- reporting
- jira
- microsoft-teams
- agile
capability:
exposes:
- type: mcp
namespace: devops-reporting
port: 8080
tools:
- name: digest-sprint-velocity
description: "Given a Jira board ID, retrieve velocity data for the last two sprints and post a formatted digest to the Teams engineering channel."
inputParameters:
- name: board_id
in: body
type: string
description: "The Jira board ID to retrieve sprint velocity for."
- name: team_channel
in: body
type: string
description: "The Microsoft Teams channel name to post the digest to."
steps:
- name: get-velocity
type: call
call: "jira-velocity.get-board-sprints"
with:
board_id: "{{board_id}}"
- name: post-digest
type: call
call: "msteams-velocity.post-message"
with:
channel: "{{team_channel}}"
message: "Sprint velocity for board {{board_id}}: {{get-velocity.summary}}"
consumes:
- type: http
namespace: jira-velocity
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_api_token"
resources:
- name: board-sprints
path: "/board/{{board_id}}/sprint"
inputParameters:
- name: board_id
in: path
operations:
- name: get-board-sprints
method: GET
- type: http
namespace: msteams-velocity
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Knowledge Article Auto-Publisher
▼
itsm servicenow microsoft-teams
Generates ServiceNow knowledge article from resolved incident and shares via Teams.
naftiko: "0.5"
info:
label: "Knowledge Article Auto-Publisher"
description: "Generates ServiceNow knowledge article from resolved incident and shares via Teams."
tags:
- itsm
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: itsm
port: 8080
tools:
- name: knowledge-orchestrate
description: "Generates ServiceNow knowledge article from resolved incident and shares via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "servicenow.create-incident"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
License Reconciliation Workflow
▼
identity azure snowflake servicenow
Compares Azure AD licenses against Snowflake headcount and creates ServiceNow optimization task.
naftiko: "0.5"
info:
label: "License Reconciliation Workflow"
description: "Compares Azure AD licenses against Snowflake headcount and creates ServiceNow optimization task."
tags:
- identity
- azure
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: identity
port: 8080
tools:
- name: license-orchestrate
description: "Compares Azure AD licenses against Snowflake headcount and creates ServiceNow optimization task."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "azure.get-resources"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: resources
path: "/subscriptions"
operations:
- name: get-resources
method: GET
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
LinkedIn Job Posting Publication
▼
hr recruiting linkedin workday talent-acquisition
Creates and publishes a new job posting on LinkedIn using approved requisition data from Workday, enabling rapid talent acquisition for RTX roles.
naftiko: "0.5"
info:
label: "LinkedIn Job Posting Publication"
description: "Creates and publishes a new job posting on LinkedIn using approved requisition data from Workday, enabling rapid talent acquisition for RTX roles."
tags:
- hr
- recruiting
- linkedin
- workday
- talent-acquisition
capability:
exposes:
- type: mcp
namespace: hr-recruiting
port: 8080
tools:
- name: publish-job-posting
description: "Given a Workday job requisition ID, retrieve its details and publish a formatted job posting to LinkedIn. Use to accelerate open role publication."
inputParameters:
- name: requisition_id
in: body
type: string
description: "The Workday job requisition ID to publish."
- name: linkedin_company_id
in: body
type: string
description: "RTX's LinkedIn company page ID for job posting."
steps:
- name: get-requisition
type: call
call: "workday-recruit.get-job-requisition"
with:
requisition_id: "{{requisition_id}}"
- name: post-job
type: call
call: "linkedin.create-job-posting"
with:
companyId: "{{linkedin_company_id}}"
title: "{{get-requisition.jobTitle}}"
description: "{{get-requisition.jobDescription}}"
location: "{{get-requisition.location}}"
consumes:
- type: http
namespace: workday-recruit
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: job-requisitions
path: "/rtx/jobRequisitions/{{requisition_id}}"
inputParameters:
- name: requisition_id
in: path
operations:
- name: get-job-requisition
method: GET
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: job-postings
path: "/jobPostings"
operations:
- name: create-job-posting
method: POST
Major Incident Communication Orchestrator
▼
itsm servicenow microsoft-teams
Retrieves P1 incident details, creates Teams bridge channel, and posts stakeholder updates.
naftiko: "0.5"
info:
label: "Major Incident Communication Orchestrator"
description: "Retrieves P1 incident details, creates Teams bridge channel, and posts stakeholder updates."
tags:
- itsm
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: itsm
port: 8080
tools:
- name: major-orchestrate
description: "Retrieves P1 incident details, creates Teams bridge channel, and posts stakeholder updates."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "servicenow.create-incident"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Microsoft Teams Channel Notification
▼
collaboration microsoft-teams communication
Sends a notification message to a Microsoft Teams channel.
naftiko: "0.5"
info:
label: "Microsoft Teams Channel Notification"
description: "Sends a notification message to a Microsoft Teams channel."
tags:
- collaboration
- microsoft-teams
- communication
capability:
exposes:
- type: mcp
namespace: collaboration
port: 8080
tools:
- name: send-channel-notification
description: "Sends a notification message to a Microsoft Teams channel."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "msteams.send-channel-message"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: send-channel-message
path: "/teams/{{{{team_id}}}}/channels/{{{{channel_id}}}}/messages"
operations:
- name: send-channel-message
method: POST
Monitoring Alert to Jira Bridge
▼
monitoring datadog jira microsoft-teams
When Datadog alert fires, creates Jira incident ticket and posts Teams notification.
naftiko: "0.5"
info:
label: "Monitoring Alert to Jira Bridge"
description: "When Datadog alert fires, creates Jira incident ticket and posts Teams notification."
tags:
- monitoring
- datadog
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: monitoring
port: 8080
tools:
- name: monitoring-orchestrate
description: "When Datadog alert fires, creates Jira incident ticket and posts Teams notification."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "datadog.get-monitor"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
header: "DD-API-KEY"
key: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/{{{{monitor_id}}}}"
operations:
- name: get-monitor
method: GET
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
New Hire Onboarding Orchestrator
▼
hr onboarding workday servicenow microsoft-teams microsoft-365
When a new employee record is created in Workday, opens a ServiceNow onboarding ticket, provisions Microsoft 365 access, and sends a Teams welcome message.
naftiko: "0.5"
info:
label: "New Hire Onboarding Orchestrator"
description: "When a new employee record is created in Workday, opens a ServiceNow onboarding ticket, provisions Microsoft 365 access, and sends a Teams welcome message."
tags:
- hr
- onboarding
- workday
- servicenow
- microsoft-teams
- microsoft-365
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-onboarding
description: "Given a Workday employee ID and start date, orchestrate the full onboarding sequence: create a ServiceNow ticket, provision Microsoft 365, and send a Teams welcome message."
inputParameters:
- name: employee_id
in: body
type: string
description: "The Workday worker ID for the new hire."
- name: start_date
in: body
type: string
description: "The employee's start date in YYYY-MM-DD format."
- name: department
in: body
type: string
description: "The department name the new hire is joining."
steps:
- name: get-employee
type: call
call: "workday.get-worker"
with:
worker_id: "{{employee_id}}"
- name: create-ticket
type: call
call: "servicenow.create-incident"
with:
short_description: "New hire onboarding: {{get-employee.displayName}}"
category: "hr_onboarding"
assigned_group: "IT_Onboarding"
- name: provision-m365
type: call
call: "msgraph.create-user"
with:
displayName: "{{get-employee.displayName}}"
userPrincipalName: "{{get-employee.workEmail}}"
department: "{{department}}"
- name: send-welcome
type: call
call: "msteams.post-message"
with:
recipient: "{{get-employee.workEmail}}"
message: "Welcome to RTX, {{get-employee.firstName}}! Your IT ticket is {{create-ticket.number}}."
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/rtx/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: users
path: "/users"
operations:
- name: create-user
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/chats/{{chat_id}}/messages"
inputParameters:
- name: chat_id
in: path
operations:
- name: post-message
method: POST
Okta User Group Membership Lookup
▼
security okta identity
Retrieves all Okta group memberships for a user.
naftiko: "0.5"
info:
label: "Okta User Group Membership Lookup"
description: "Retrieves all Okta group memberships for a user."
tags:
- security
- okta
- identity
capability:
exposes:
- type: mcp
namespace: identity
port: 8080
tools:
- name: get-user-groups
description: "Retrieves all Okta group memberships for a user."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "okta.get-user-groups"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: okta
baseUri: "https://rtx.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: get-user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
Org Change to Identity Sync
▼
hr workday okta azure servicenow
Detects Workday org changes, updates Okta groups and Azure AD, and logs in ServiceNow.
naftiko: "0.5"
info:
label: "Org Change to Identity Sync"
description: "Detects Workday org changes, updates Okta groups and Azure AD, and logs in ServiceNow."
tags:
- hr
- workday
- okta
- azure
- servicenow
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: org-orchestrate
description: "Detects Workday org changes, updates Okta groups and Azure AD, and logs in ServiceNow."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "workday.get-worker"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "okta.get-user-groups"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "azure.get-resources"
with:
input: "{{step-1.result}}"
- name: step-4
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/rtx/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://rtx.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: resources
path: "/subscriptions"
operations:
- name: get-resources
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Palo Alto Firewall Rule Lookup
▼
security palo-alto-networks firewall
Retrieves a firewall security rule from Palo Alto Panorama by rule name.
naftiko: "0.5"
info:
label: "Palo Alto Firewall Rule Lookup"
description: "Retrieves a firewall security rule from Palo Alto Panorama by rule name."
tags:
- security
- palo-alto-networks
- firewall
capability:
exposes:
- type: mcp
namespace: network-security
port: 8080
tools:
- name: get-firewall-rule
description: "Retrieves a firewall security rule from Palo Alto Panorama by rule name."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "paloalto.get-security-rule"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: paloalto
baseUri: "https://panorama.rtx.com/restapi/v10.2"
authentication:
type: bearer
token: "$secrets.paloalto_token"
resources:
- name: get-security-rule
path: "/Policies/SecurityRules?name={{{{rule_name}}}}"
operations:
- name: get-security-rule
method: GET
Palo Alto Networks Firewall Policy Lookup
▼
security network palo-alto-networks compliance
Retrieves the current security policy ruleset from Palo Alto Networks for a specified device group and surfaces it for compliance review.
naftiko: "0.5"
info:
label: "Palo Alto Networks Firewall Policy Lookup"
description: "Retrieves the current security policy ruleset from Palo Alto Networks for a specified device group and surfaces it for compliance review."
tags:
- security
- network
- palo-alto-networks
- compliance
capability:
exposes:
- type: mcp
namespace: security-network
port: 8080
tools:
- name: get-firewall-policy
description: "Look up the active security policy rules on a Palo Alto Networks device for a given device group. Use for compliance audits and change verification."
inputParameters:
- name: device_group
in: body
type: string
description: "The Palo Alto Networks device group name to query rules for."
call: "paloalto.get-security-rules"
with:
device_group: "{{device_group}}"
outputParameters:
- name: rules
type: array
mapping: "$.result.entry"
consumes:
- type: http
namespace: paloalto
baseUri: "https://rtx-panorama.rtx.com/restapi/v10.1"
authentication:
type: apikey
key: "X-PAN-KEY"
value: "$secrets.paloalto_api_key"
placement: header
resources:
- name: security-rules
path: "/Policies/SecurityRules"
operations:
- name: get-security-rules
method: GET
Power BI Dataset Refresh Status
▼
analytics power-bi reporting
Checks the refresh status of a Power BI dataset.
naftiko: "0.5"
info:
label: "Power BI Dataset Refresh Status"
description: "Checks the refresh status of a Power BI dataset."
tags:
- analytics
- power-bi
- reporting
capability:
exposes:
- type: mcp
namespace: analytics
port: 8080
tools:
- name: get-dataset-refresh-status
description: "Checks the refresh status of a Power BI dataset."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "powerbi.get-refresh-history"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: get-refresh-history
path: "/datasets/{{{{dataset_id}}}}/refreshes?$top=1"
operations:
- name: get-refresh-history
method: GET
Power BI Financial Dashboard Refresh
▼
finance analytics power-bi microsoft-teams reporting
Triggers a Power BI dataset refresh for the RTX financial KPI dashboard and notifies finance stakeholders in Teams when the refresh is complete.
naftiko: "0.5"
info:
label: "Power BI Financial Dashboard Refresh"
description: "Triggers a Power BI dataset refresh for the RTX financial KPI dashboard and notifies finance stakeholders in Teams when the refresh is complete."
tags:
- finance
- analytics
- power-bi
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: finance-reporting
port: 8080
tools:
- name: refresh-financial-dashboard
description: "Trigger a Power BI dataset refresh for the financial KPI dashboard and notify finance stakeholders in Teams upon completion."
inputParameters:
- name: dataset_id
in: body
type: string
description: "The Power BI dataset ID for the financial dashboard."
- name: workspace_id
in: body
type: string
description: "The Power BI workspace (group) ID containing the dataset."
steps:
- name: trigger-refresh
type: call
call: "powerbi.refresh-dataset"
with:
groupId: "{{workspace_id}}"
datasetId: "{{dataset_id}}"
- name: notify-finance
type: call
call: "msteams-finance.post-message"
with:
channel: "finance-analytics"
message: "Power BI financial dashboard refresh triggered for dataset {{dataset_id}}. Check back in a few minutes for updated data."
consumes:
- type: http
namespace: powerbi
baseUri: "https://api.powerbi.com/v1.0/myorg"
authentication:
type: bearer
token: "$secrets.powerbi_token"
resources:
- name: dataset-refreshes
path: "/groups/{{groupId}}/datasets/{{datasetId}}/refreshes"
inputParameters:
- name: groupId
in: path
- name: datasetId
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: msteams-finance
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Program Budget Alert Workflow
▼
finance sap snowflake microsoft-teams
Queries SAP for budget utilization, checks Snowflake analytics, and sends Teams alert when spending exceeds threshold.
naftiko: "0.5"
info:
label: "Program Budget Alert Workflow"
description: "Queries SAP for budget utilization, checks Snowflake analytics, and sends Teams alert when spending exceeds threshold."
tags:
- finance
- sap
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: finance
port: 8080
tools:
- name: program-orchestrate
description: "Queries SAP for budget utilization, checks Snowflake analytics, and sends Teams alert when spending exceeds threshold."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Purchase Requisition Approval Routing
▼
procurement sap workday microsoft-teams
Retrieves SAP purchase requisition, identifies Workday approver, and sends Teams approval request.
naftiko: "0.5"
info:
label: "Purchase Requisition Approval Routing"
description: "Retrieves SAP purchase requisition, identifies Workday approver, and sends Teams approval request."
tags:
- procurement
- sap
- workday
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: purchase-orchestrate
description: "Retrieves SAP purchase requisition, identifies Workday approver, and sends Teams approval request."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "sap.get-po"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "workday.get-worker"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/rtx/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Recruiting Pipeline to Workday Sync
▼
hr linkedin workday microsoft-teams
Pulls LinkedIn pipeline, creates Workday requisition, and notifies hiring manager via Teams.
naftiko: "0.5"
info:
label: "Recruiting Pipeline to Workday Sync"
description: "Pulls LinkedIn pipeline, creates Workday requisition, and notifies hiring manager via Teams."
tags:
- hr
- linkedin
- workday
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: recruiting-orchestrate
description: "Pulls LinkedIn pipeline, creates Workday requisition, and notifies hiring manager via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "linkedin.get-job-pipeline"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "workday.get-worker"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: linkedin
baseUri: "https://api.linkedin.com/v2"
authentication:
type: bearer
token: "$secrets.linkedin_token"
resources:
- name: postings
path: "/jobPostings"
operations:
- name: get-job-pipeline
method: GET
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/rtx/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Release Documentation Generator
▼
devops jira confluence microsoft-teams
Gathers completed Jira issues, generates Confluence release notes, and notifies stakeholders via Teams.
naftiko: "0.5"
info:
label: "Release Documentation Generator"
description: "Gathers completed Jira issues, generates Confluence release notes, and notifies stakeholders via Teams."
tags:
- devops
- jira
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: release-orchestrate
description: "Gathers completed Jira issues, generates Confluence release notes, and notifies stakeholders via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "jira.create-issue"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "confluence.create-page"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: confluence
baseUri: "https://rtx.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_password"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Release to Deployment Pipeline
▼
devops github servicenow terraform microsoft-teams
Creates ServiceNow change for GitHub release, triggers Terraform deployment, and posts Teams notification.
naftiko: "0.5"
info:
label: "Release to Deployment Pipeline"
description: "Creates ServiceNow change for GitHub release, triggers Terraform deployment, and posts Teams notification."
tags:
- devops
- github
- servicenow
- terraform
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: release-orchestrate
description: "Creates ServiceNow change for GitHub release, triggers Terraform deployment, and posts Teams notification."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "github.get-branch-protection"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "terraform.get-workspace"
with:
input: "{{step-1.result}}"
- name: step-4
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: github
baseUri: "https://api.github.com"
authentication:
type: bearer
token: "$secrets.github_token"
resources:
- name: repos
path: "/repos/{{{{repo}}}}/branches/main/protection"
operations:
- name: get-branch-protection
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/organizations/rtx/workspaces"
operations:
- name: get-workspace
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
RFQ to Vendor Notification
▼
procurement sap-ariba microsoft-graph salesforce
Retrieves SAP Ariba RFQ, sends vendor notification via Graph, and updates Salesforce opportunity.
naftiko: "0.5"
info:
label: "RFQ to Vendor Notification"
description: "Retrieves SAP Ariba RFQ, sends vendor notification via Graph, and updates Salesforce opportunity."
tags:
- procurement
- sap-ariba
- microsoft-graph
- salesforce
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: rfq-orchestrate
description: "Retrieves SAP Ariba RFQ, sends vendor notification via Graph, and updates Salesforce opportunity."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "ariba.get-vendor"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "msgraph.send-mail"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "salesforce.get-opportunity"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/procurement/v2"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: vendors
path: "/vendors/{{{{vendor_id}}}}"
operations:
- name: get-vendor
method: GET
- type: http
namespace: msgraph
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: mail
path: "/me/sendMail"
operations:
- name: send-mail
method: POST
- type: http
namespace: salesforce
baseUri: "https://rtx.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: opportunities
path: "/sobjects/Opportunity"
operations:
- name: get-opportunity
method: GET
Salesforce Opportunity Lookup
▼
sales salesforce crm
Retrieves a Salesforce opportunity by ID.
naftiko: "0.5"
info:
label: "Salesforce Opportunity Lookup"
description: "Retrieves a Salesforce opportunity by ID."
tags:
- sales
- salesforce
- crm
capability:
exposes:
- type: mcp
namespace: crm
port: 8080
tools:
- name: get-opportunity
description: "Retrieves a Salesforce opportunity by ID."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "salesforce.get-opportunity"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: salesforce
baseUri: "https://rtx.my.salesforce.com/services/data/v58.0"
authentication:
type: bearer
token: "$secrets.salesforce_token"
resources:
- name: get-opportunity
path: "/sobjects/Opportunity/{{{{id}}}}"
operations:
- name: get-opportunity
method: GET
SAP Ariba Contract Expiry Alert
▼
procurement sap-ariba microsoft-teams contract-management alerts
Scans SAP Ariba for contracts expiring within 90 days and notifies the procurement owner in Microsoft Teams with renewal instructions.
naftiko: "0.5"
info:
label: "SAP Ariba Contract Expiry Alert"
description: "Scans SAP Ariba for contracts expiring within 90 days and notifies the procurement owner in Microsoft Teams with renewal instructions."
tags:
- procurement
- sap-ariba
- microsoft-teams
- contract-management
- alerts
capability:
exposes:
- type: mcp
namespace: procurement-contracts
port: 8080
tools:
- name: alert-expiring-contracts
description: "Query SAP Ariba for contracts expiring within the specified number of days and notify each contract owner in Teams. Use for proactive renewal management."
inputParameters:
- name: days_threshold
in: body
type: integer
description: "Number of days ahead to check for expiring contracts (e.g., 90)."
steps:
- name: get-contracts
type: call
call: "ariba-contracts.get-expiring-contracts"
with:
expiryDays: "{{days_threshold}}"
- name: notify-owners
type: call
call: "msteams-contracts.post-message"
with:
channel: "procurement-ops"
message: "Contracts expiring within {{days_threshold}} days: {{get-contracts.summary}}. Please initiate renewal."
consumes:
- type: http
namespace: ariba-contracts
baseUri: "https://openapi.ariba.com/api/contract/v1"
authentication:
type: apikey
key: "APIKey"
value: "$secrets.ariba_api_key"
placement: header
resources:
- name: contracts
path: "/contracts"
operations:
- name: get-expiring-contracts
method: GET
- type: http
namespace: msteams-contracts
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
SAP Concur Expense Report Approval
▼
finance expense-management sap-concur microsoft-teams approval
Retrieves pending expense reports from SAP Concur and routes them to the appropriate approver in Microsoft Teams for one-click approval.
naftiko: "0.5"
info:
label: "SAP Concur Expense Report Approval"
description: "Retrieves pending expense reports from SAP Concur and routes them to the appropriate approver in Microsoft Teams for one-click approval."
tags:
- finance
- expense-management
- sap-concur
- microsoft-teams
- approval
capability:
exposes:
- type: mcp
namespace: finance-expenses
port: 8080
tools:
- name: route-expense-for-approval
description: "Given an SAP Concur expense report ID, retrieve its details and send an approval request to the manager in Teams. Use for accelerating expense approval cycles."
inputParameters:
- name: report_id
in: body
type: string
description: "The SAP Concur expense report ID."
- name: approver_email
in: body
type: string
description: "The Teams UPN of the approving manager."
steps:
- name: get-report
type: call
call: "concur.get-expense-report"
with:
report_id: "{{report_id}}"
- name: notify-approver
type: call
call: "msteams-expense.post-message"
with:
recipient: "{{approver_email}}"
message: "Expense report {{report_id}} from {{get-report.employeeName}} — Total: {{get-report.total}} {{get-report.currency}}. Please review in Concur."
consumes:
- type: http
namespace: concur
baseUri: "https://www.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: expense-reports
path: "/expense/reportdigests/{{report_id}}"
inputParameters:
- name: report_id
in: path
operations:
- name: get-expense-report
method: GET
- type: http
namespace: msteams-expense
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/chats/{{chat_id}}/messages"
inputParameters:
- name: chat_id
in: path
operations:
- name: post-message
method: POST
SAP Cost Center Budget Lookup
▼
finance sap budget
Retrieves budget vs. actuals for a SAP cost center and fiscal period.
naftiko: "0.5"
info:
label: "SAP Cost Center Budget Lookup"
description: "Retrieves budget vs. actuals for a SAP cost center and fiscal period."
tags:
- finance
- sap
- budget
capability:
exposes:
- type: mcp
namespace: erp-finance
port: 8080
tools:
- name: get-cost-center-budget
description: "Retrieves budget vs. actuals for a SAP cost center and fiscal period."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "sap.get-budget"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/API_CSTCTRBUDGET_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: get-budget
path: "/A_CostCenterBudget(CostCenter='{{{{cost_center}}}}',FiscalYear='{{{{fiscal_year}}}}')"
operations:
- name: get-budget
method: GET
SAP Goods Receipt Lookup
▼
logistics sap warehouse
Retrieves a goods receipt document from SAP by material document number.
naftiko: "0.5"
info:
label: "SAP Goods Receipt Lookup"
description: "Retrieves a goods receipt document from SAP by material document number."
tags:
- logistics
- sap
- warehouse
capability:
exposes:
- type: mcp
namespace: erp-logistics
port: 8080
tools:
- name: get-goods-receipt
description: "Retrieves a goods receipt document from SAP by material document number."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "sap.get-goods-receipt"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_DOCUMENT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: get-goods-receipt
path: "/A_MaterialDocumentHeader('{{{{doc_number}}}}')"
operations:
- name: get-goods-receipt
method: GET
SAP Material Master Lookup
▼
procurement sap materials
Retrieves material master data from SAP S/4HANA by material number.
naftiko: "0.5"
info:
label: "SAP Material Master Lookup"
description: "Retrieves material master data from SAP S/4HANA by material number."
tags:
- procurement
- sap
- materials
capability:
exposes:
- type: mcp
namespace: erp
port: 8080
tools:
- name: get-material
description: "Retrieves material master data from SAP S/4HANA by material number."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "sap.get-material"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/API_PRODUCT_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: get-material
path: "/A_Product('{{{{material}}}}')"
operations:
- name: get-material
method: GET
SAP Purchase Order Lookup
▼
finance procurement sap erp
Retrieves a SAP S/4HANA purchase order by PO number, returning header status, vendor details, and open line items for procurement review.
naftiko: "0.5"
info:
label: "SAP Purchase Order Lookup"
description: "Retrieves a SAP S/4HANA purchase order by PO number, returning header status, vendor details, and open line items for procurement review."
tags:
- finance
- procurement
- sap
- erp
capability:
exposes:
- type: mcp
namespace: erp-procurement
port: 8080
tools:
- name: get-purchase-order
description: "Look up a SAP S/4HANA purchase order by PO number. Returns vendor name, total value, currency, and overall status. Use for procurement approvals and spend visibility."
inputParameters:
- name: po_number
in: body
type: string
description: "The SAP purchase order number (e.g., 4500012345)."
call: "sap-po.get-po"
with:
po_number: "{{po_number}}"
outputParameters:
- name: status
type: string
mapping: "$.d.OverallStatus"
- name: vendor
type: string
mapping: "$.d.Supplier.CompanyName"
- name: total_value
type: string
mapping: "$.d.TotalAmount"
- name: currency
type: string
mapping: "$.d.TransactionCurrency"
consumes:
- type: http
namespace: sap-po
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{po_number}}')"
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
outputRawFormat: xml
SAP S/4HANA Budget vs Actuals Report
▼
finance sap microsoft-teams reporting budget
Pulls cost center budget and actual spend data from SAP S/4HANA and posts a monthly variance report to the finance leadership channel in Teams.
naftiko: "0.5"
info:
label: "SAP S/4HANA Budget vs Actuals Report"
description: "Pulls cost center budget and actual spend data from SAP S/4HANA and posts a monthly variance report to the finance leadership channel in Teams."
tags:
- finance
- sap
- microsoft-teams
- reporting
- budget
capability:
exposes:
- type: mcp
namespace: finance-budget
port: 8080
tools:
- name: report-budget-variance
description: "Given an SAP cost center ID and fiscal period, retrieve budget vs. actuals from SAP S/4HANA and post a variance summary to the finance Teams channel."
inputParameters:
- name: cost_center
in: body
type: string
description: "The SAP cost center ID (e.g., CC1001)."
- name: fiscal_period
in: body
type: string
description: "The fiscal period in YYYYMM format (e.g., 202503)."
steps:
- name: get-actuals
type: call
call: "sap-budget.get-cost-center-actuals"
with:
costCenter: "{{cost_center}}"
fiscalPeriod: "{{fiscal_period}}"
- name: post-report
type: call
call: "msteams-budget.post-message"
with:
channel: "finance-leadership"
message: "Budget vs Actuals for {{cost_center}} ({{fiscal_period}}): Budget={{get-actuals.budget}}, Actual={{get-actuals.actual}}, Variance={{get-actuals.variance}}"
consumes:
- type: http
namespace: sap-budget
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/API_COSTCENTER_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: cost-center-actuals
path: "/A_CostCenter('{{costCenter}}')"
inputParameters:
- name: costCenter
in: path
operations:
- name: get-cost-center-actuals
method: GET
outputRawFormat: xml
- type: http
namespace: msteams-budget
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
SAP Vendor Master Data Lookup
▼
finance procurement sap vendor-management
Retrieves vendor master record details from SAP S/4HANA for a given vendor ID, returning contact, payment terms, and compliance status.
naftiko: "0.5"
info:
label: "SAP Vendor Master Data Lookup"
description: "Retrieves vendor master record details from SAP S/4HANA for a given vendor ID, returning contact, payment terms, and compliance status."
tags:
- finance
- procurement
- sap
- vendor-management
capability:
exposes:
- type: mcp
namespace: erp-vendor
port: 8080
tools:
- name: get-vendor-record
description: "Look up a SAP S/4HANA vendor master record by vendor ID. Returns company name, payment terms, bank details, and compliance flags. Use before approving new POs."
inputParameters:
- name: vendor_id
in: body
type: string
description: "The SAP vendor ID (also known as supplier ID)."
call: "sap-vendor.get-vendor"
with:
vendor_id: "{{vendor_id}}"
outputParameters:
- name: company_name
type: string
mapping: "$.d.BusinessPartnerFullName"
- name: payment_terms
type: string
mapping: "$.d.PaymentTerms"
- name: currency
type: string
mapping: "$.d.Currency"
consumes:
- type: http
namespace: sap-vendor
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: vendors
path: "/A_Supplier('{{vendor_id}}')"
inputParameters:
- name: vendor_id
in: path
operations:
- name: get-vendor
method: GET
outputRawFormat: xml
Secret Rotation Orchestrator
▼
security azure terraform servicenow
Detects expiring Azure Key Vault secrets, rotates them, updates Terraform, and creates ServiceNow change.
naftiko: "0.5"
info:
label: "Secret Rotation Orchestrator"
description: "Detects expiring Azure Key Vault secrets, rotates them, updates Terraform, and creates ServiceNow change."
tags:
- security
- azure
- terraform
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: secret-orchestrate
description: "Detects expiring Azure Key Vault secrets, rotates them, updates Terraform, and creates ServiceNow change."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "azure.get-resources"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "terraform.get-workspace"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: resources
path: "/subscriptions"
operations:
- name: get-resources
method: GET
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/organizations/rtx/workspaces"
operations:
- name: get-workspace
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Security Clearance Verification Workflow
▼
security workday okta servicenow
Queries Workday for employee data, checks Okta group assignments, and logs verification in ServiceNow.
naftiko: "0.5"
info:
label: "Security Clearance Verification Workflow"
description: "Queries Workday for employee data, checks Okta group assignments, and logs verification in ServiceNow."
tags:
- security
- workday
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: security-orchestrate
description: "Queries Workday for employee data, checks Okta group assignments, and logs verification in ServiceNow."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "workday.get-worker"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "okta.get-user-groups"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/rtx/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://rtx.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
ServiceNow Change Request Approval
▼
itsm change-management servicenow microsoft-teams approval
Looks up a pending ServiceNow change request by number and submits it for CAB approval, then notifies the requester via Microsoft Teams.
naftiko: "0.5"
info:
label: "ServiceNow Change Request Approval"
description: "Looks up a pending ServiceNow change request by number and submits it for CAB approval, then notifies the requester via Microsoft Teams."
tags:
- itsm
- change-management
- servicenow
- microsoft-teams
- approval
capability:
exposes:
- type: mcp
namespace: itsm-change
port: 8080
tools:
- name: submit-change-for-approval
description: "Given a ServiceNow change request number, advance it to the CAB approval state and notify the requester in Teams. Use when a change is ready for review board."
inputParameters:
- name: change_number
in: body
type: string
description: "The ServiceNow change request number (e.g., CHG0012345)."
- name: requester_email
in: body
type: string
description: "The Microsoft Teams UPN of the change requester to notify."
steps:
- name: get-change
type: call
call: "servicenow-chg.get-change"
with:
number: "{{change_number}}"
- name: submit-approval
type: call
call: "servicenow-chg.update-change"
with:
sys_id: "{{get-change.sys_id}}"
state: "approval"
- name: notify-requester
type: call
call: "msteams-chg.post-message"
with:
recipient: "{{requester_email}}"
message: "Your change request {{change_number}} has been submitted for CAB approval."
consumes:
- type: http
namespace: servicenow-chg
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: changes
path: "/table/change_request"
operations:
- name: get-change
method: GET
- name: update-change
method: PATCH
- type: http
namespace: msteams-chg
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/chats/{{chat_id}}/messages"
inputParameters:
- name: chat_id
in: path
operations:
- name: post-message
method: POST
ServiceNow Incident Status Lookup
▼
itsm servicenow incident
Looks up a ServiceNow incident by number and returns state, priority, and assignment group.
naftiko: "0.5"
info:
label: "ServiceNow Incident Status Lookup"
description: "Looks up a ServiceNow incident by number and returns state, priority, and assignment group."
tags:
- itsm
- servicenow
- incident
capability:
exposes:
- type: mcp
namespace: itsm
port: 8080
tools:
- name: get-incident-status
description: "Looks up a ServiceNow incident by number and returns state, priority, and assignment group."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "servicenow.get-incident"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: get-incident
path: "/table/incident?sysparm_query=number={{{{number}}}}"
operations:
- name: get-incident
method: GET
SIEM Alert to Endpoint Isolation
▼
security splunk crowdstrike servicenow
Responds to Splunk alert by isolating CrowdStrike endpoint and creating ServiceNow incident.
naftiko: "0.5"
info:
label: "SIEM Alert to Endpoint Isolation"
description: "Responds to Splunk alert by isolating CrowdStrike endpoint and creating ServiceNow incident."
tags:
- security
- splunk
- crowdstrike
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: siem-orchestrate
description: "Responds to Splunk alert by isolating CrowdStrike endpoint and creating ServiceNow incident."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "splunk.run-search"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "crowdstrike.get-device"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.rtx.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: run-search
method: POST
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: devices
path: "/devices/entities/devices/v2"
operations:
- name: get-device
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Snowflake Data Pipeline Health Check
▼
data analytics snowflake microsoft-teams monitoring
Queries Snowflake for recent pipeline execution status across all active tables and posts a health summary to the data engineering Teams channel.
naftiko: "0.5"
info:
label: "Snowflake Data Pipeline Health Check"
description: "Queries Snowflake for recent pipeline execution status across all active tables and posts a health summary to the data engineering Teams channel."
tags:
- data
- analytics
- snowflake
- microsoft-teams
- monitoring
capability:
exposes:
- type: mcp
namespace: data-ops
port: 8080
tools:
- name: check-pipeline-health
description: "Query Snowflake for task execution history and identify any failed or delayed pipeline steps. Post a health summary to the data engineering channel in Teams."
inputParameters:
- name: database
in: body
type: string
description: "The Snowflake database name to check pipeline health for."
- name: hours_back
in: body
type: integer
description: "Number of hours of task history to review (e.g., 24)."
steps:
- name: get-task-history
type: call
call: "snowflake.query-task-history"
with:
database: "{{database}}"
hoursBack: "{{hours_back}}"
- name: post-summary
type: call
call: "msteams-data.post-message"
with:
channel: "data-engineering"
message: "Snowflake pipeline health for {{database}} (last {{hours_back}}h): {{get-task-history.summary}}"
consumes:
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: task-history
path: "/databases/{{database}}/tasks/history"
inputParameters:
- name: database
in: path
operations:
- name: query-task-history
method: GET
- type: http
namespace: msteams-data
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Snowflake Query Execution Status
▼
data snowflake monitoring
Checks the execution status of a Snowflake query by ID.
naftiko: "0.5"
info:
label: "Snowflake Query Execution Status"
description: "Checks the execution status of a Snowflake query by ID."
tags:
- data
- snowflake
- monitoring
capability:
exposes:
- type: mcp
namespace: data-platform
port: 8080
tools:
- name: get-query-status
description: "Checks the execution status of a Snowflake query by ID."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "snowflake.get-query-status"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: get-query-status
path: "/statements/{{{{query_id}}}}"
operations:
- name: get-query-status
method: GET
Snowflake Query Performance Digest
▼
data snowflake microsoft-teams performance analytics
Identifies the top 10 slowest queries in Snowflake over the past 24 hours and posts an optimization digest to the data engineering channel.
naftiko: "0.5"
info:
label: "Snowflake Query Performance Digest"
description: "Identifies the top 10 slowest queries in Snowflake over the past 24 hours and posts an optimization digest to the data engineering channel."
tags:
- data
- snowflake
- microsoft-teams
- performance
- analytics
capability:
exposes:
- type: mcp
namespace: data-performance
port: 8080
tools:
- name: digest-slow-queries
description: "Query Snowflake's query history to identify the 10 slowest-running queries in the last 24 hours and post an optimization digest to the data engineering Teams channel."
inputParameters:
- name: warehouse
in: body
type: string
description: "The Snowflake virtual warehouse to analyze query performance for."
steps:
- name: get-slow-queries
type: call
call: "snowflake-perf.query-history"
with:
warehouse: "{{warehouse}}"
- name: post-digest
type: call
call: "msteams-perf.post-message"
with:
channel: "data-engineering"
message: "Top slow queries in {{warehouse}} (last 24h): {{get-slow-queries.summary}}"
consumes:
- type: http
namespace: snowflake-perf
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: query-history
path: "/warehouses/{{warehouse}}/queries"
inputParameters:
- name: warehouse
in: path
operations:
- name: query-history
method: GET
- type: http
namespace: msteams-perf
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
SOP Review Cycle Orchestrator
▼
knowledge-management confluence jira microsoft-teams
Identifies stale Confluence SOPs, creates Jira review tasks, and sends reminders via Teams.
naftiko: "0.5"
info:
label: "SOP Review Cycle Orchestrator"
description: "Identifies stale Confluence SOPs, creates Jira review tasks, and sends reminders via Teams."
tags:
- knowledge-management
- confluence
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: knowledge_management
port: 8080
tools:
- name: sop-orchestrate
description: "Identifies stale Confluence SOPs, creates Jira review tasks, and sends reminders via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "confluence.create-page"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "jira.create-issue"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: confluence
baseUri: "https://rtx.atlassian.net/wiki/rest/api"
authentication:
type: basic
username: "$secrets.confluence_user"
password: "$secrets.confluence_password"
resources:
- name: pages
path: "/content"
operations:
- name: create-page
method: POST
- type: http
namespace: jira
baseUri: "https://rtx.atlassian.net/rest/api/3"
authentication:
type: basic
username: "$secrets.jira_user"
password: "$secrets.jira_password"
resources:
- name: issues
path: "/issue"
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Splunk Saved Search Results Lookup
▼
security splunk siem
Retrieves the latest results from a Splunk saved search.
naftiko: "0.5"
info:
label: "Splunk Saved Search Results Lookup"
description: "Retrieves the latest results from a Splunk saved search."
tags:
- security
- splunk
- siem
capability:
exposes:
- type: mcp
namespace: siem
port: 8080
tools:
- name: get-saved-search-results
description: "Retrieves the latest results from a Splunk saved search."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "splunk.get-saved-search"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: splunk
baseUri: "https://splunk.rtx.com:8089/servicesNS/admin/search"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: get-saved-search
path: "/saved/searches/{{{{search_name}}}}/history"
operations:
- name: get-saved-search
method: GET
Supplier Risk Assessment Orchestrator
▼
procurement sap-ariba snowflake servicenow
Retrieves Ariba supplier profile, Snowflake performance data, and creates ServiceNow risk record.
naftiko: "0.5"
info:
label: "Supplier Risk Assessment Orchestrator"
description: "Retrieves Ariba supplier profile, Snowflake performance data, and creates ServiceNow risk record."
tags:
- procurement
- sap-ariba
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: supplier-orchestrate
description: "Retrieves Ariba supplier profile, Snowflake performance data, and creates ServiceNow risk record."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "ariba.get-vendor"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/procurement/v2"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: vendors
path: "/vendors/{{{{vendor_id}}}}"
operations:
- name: get-vendor
method: GET
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Suspicious Login Response Workflow
▼
security okta crowdstrike servicenow
Responds to suspicious Okta login by checking CrowdStrike endpoint and creating ServiceNow incident.
naftiko: "0.5"
info:
label: "Suspicious Login Response Workflow"
description: "Responds to suspicious Okta login by checking CrowdStrike endpoint and creating ServiceNow incident."
tags:
- security
- okta
- crowdstrike
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: suspicious-orchestrate
description: "Responds to suspicious Okta login by checking CrowdStrike endpoint and creating ServiceNow incident."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "okta.get-user-groups"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "crowdstrike.get-device"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: okta
baseUri: "https://rtx.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: devices
path: "/devices/entities/devices/v2"
operations:
- name: get-device
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
System Access Request Orchestrator
▼
security workday okta servicenow microsoft-teams
Processes access request by verifying identity in Workday, provisioning Okta group, creating ServiceNow request, and notifying via Teams.
naftiko: "0.5"
info:
label: "System Access Request Orchestrator"
description: "Processes access request by verifying identity in Workday, provisioning Okta group, creating ServiceNow request, and notifying via Teams."
tags:
- security
- workday
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: system-orchestrate
description: "Processes access request by verifying identity in Workday, provisioning Okta group, creating ServiceNow request, and notifying via Teams."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "workday.get-worker"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "okta.get-user-groups"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
- name: step-4
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/rtx/workers/{{worker_id}}"
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: "https://rtx.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Termination to Access Revocation
▼
hr azure okta servicenow
Disables Azure AD account, suspends Okta sessions, and creates ServiceNow asset recovery ticket.
naftiko: "0.5"
info:
label: "Termination to Access Revocation"
description: "Disables Azure AD account, suspends Okta sessions, and creates ServiceNow asset recovery ticket."
tags:
- hr
- azure
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: termination-orchestrate
description: "Disables Azure AD account, suspends Okta sessions, and creates ServiceNow asset recovery ticket."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "azure.get-resources"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "okta.get-user-groups"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: azure
baseUri: "https://management.azure.com"
authentication:
type: bearer
token: "$secrets.azure_token"
resources:
- name: resources
path: "/subscriptions"
operations:
- name: get-resources
method: GET
- type: http
namespace: okta
baseUri: "https://rtx.okta.com/api/v1"
authentication:
type: bearer
token: "$secrets.okta_token"
resources:
- name: user-groups
path: "/users/{{{{user_id}}}}/groups"
operations:
- name: get-user-groups
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Terraform Cloud Deployment Approval Gate
▼
cloud infrastructure terraform microsoft-teams approval devops
When a Terraform Cloud run is pending approval, fetches the plan summary and notifies the platform team in Teams with approve/reject context before proceeding.
naftiko: "0.5"
info:
label: "Terraform Cloud Deployment Approval Gate"
description: "When a Terraform Cloud run is pending approval, fetches the plan summary and notifies the platform team in Teams with approve/reject context before proceeding."
tags:
- cloud
- infrastructure
- terraform
- microsoft-teams
- approval
- devops
capability:
exposes:
- type: mcp
namespace: infra-terraform
port: 8080
tools:
- name: review-terraform-run
description: "Given a Terraform Cloud run ID, retrieve the plan summary and post it to the Teams platform channel for approval review. Use before applying infrastructure changes."
inputParameters:
- name: run_id
in: body
type: string
description: "The Terraform Cloud run ID pending approval (e.g., run-AbCdEfGh)."
- name: workspace
in: body
type: string
description: "The Terraform Cloud workspace name."
steps:
- name: get-run
type: call
call: "terraform.get-run"
with:
run_id: "{{run_id}}"
- name: notify-team
type: call
call: "msteams-tf.post-message"
with:
channel: "platform-engineering"
message: "Terraform run {{run_id}} in workspace {{workspace}} is pending approval. Changes: {{get-run.resourceChanges}}. Status: {{get-run.status}}."
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: runs
path: "/runs/{{run_id}}"
inputParameters:
- name: run_id
in: path
operations:
- name: get-run
method: GET
- type: http
namespace: msteams-tf
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Terraform Drift Detection and Remediation
▼
devops terraform servicenow
Checks Terraform workspace for drift, creates ServiceNow change, and triggers remediation plan.
naftiko: "0.5"
info:
label: "Terraform Drift Detection and Remediation"
description: "Checks Terraform workspace for drift, creates ServiceNow change, and triggers remediation plan."
tags:
- devops
- terraform
- servicenow
capability:
exposes:
- type: mcp
namespace: devops
port: 8080
tools:
- name: terraform-orchestrate
description: "Checks Terraform workspace for drift, creates ServiceNow change, and triggers remediation plan."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "terraform.get-workspace"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/organizations/rtx/workspaces"
operations:
- name: get-workspace
method: GET
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Terraform Workspace Status Lookup
▼
devops terraform infrastructure
Retrieves current status of a Terraform Cloud workspace.
naftiko: "0.5"
info:
label: "Terraform Workspace Status Lookup"
description: "Retrieves current status of a Terraform Cloud workspace."
tags:
- devops
- terraform
- infrastructure
capability:
exposes:
- type: mcp
namespace: infrastructure
port: 8080
tools:
- name: get-workspace-status
description: "Retrieves current status of a Terraform Cloud workspace."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "terraform.get-workspace"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: get-workspace
path: "/organizations/rtx/workspaces/{{{{workspace}}}}"
operations:
- name: get-workspace
method: GET
Threat Intel to Log Search
▼
security crowdstrike splunk servicenow
Pulls CrowdStrike threat indicators, runs Splunk search, and creates ServiceNow security incident.
naftiko: "0.5"
info:
label: "Threat Intel to Log Search"
description: "Pulls CrowdStrike threat indicators, runs Splunk search, and creates ServiceNow security incident."
tags:
- security
- crowdstrike
- splunk
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: threat-orchestrate
description: "Pulls CrowdStrike threat indicators, runs Splunk search, and creates ServiceNow security incident."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "crowdstrike.get-device"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "splunk.run-search"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: crowdstrike
baseUri: "https://api.crowdstrike.com"
authentication:
type: bearer
token: "$secrets.crowdstrike_token"
resources:
- name: devices
path: "/devices/entities/devices/v2"
operations:
- name: get-device
method: GET
- type: http
namespace: splunk
baseUri: "https://splunk.rtx.com:8089/services"
authentication:
type: bearer
token: "$secrets.splunk_token"
resources:
- name: search
path: "/search/jobs"
operations:
- name: run-search
method: POST
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
Travel Request Approval Orchestrator
▼
travel sap-concur sap microsoft-teams
Retrieves Concur travel request, validates SAP budget, and sends Teams approval request.
naftiko: "0.5"
info:
label: "Travel Request Approval Orchestrator"
description: "Retrieves Concur travel request, validates SAP budget, and sends Teams approval request."
tags:
- travel
- sap-concur
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: travel
port: 8080
tools:
- name: travel-orchestrate
description: "Retrieves Concur travel request, validates SAP budget, and sends Teams approval request."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "concur.get-travel-request"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "sap.get-po"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "msteams.send-message"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: concur
baseUri: "https://us.api.concursolutions.com/api/v3.0"
authentication:
type: bearer
token: "$secrets.concur_token"
resources:
- name: travel-requests
path: "/travelrequest/requests/{{{{request_id}}}}"
operations:
- name: get-travel-request
method: GET
- type: http
namespace: sap
baseUri: "https://rtx-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV"
authentication:
type: basic
username: "$secrets.sap_user"
password: "$secrets.sap_password"
resources:
- name: purchase-orders
path: "/A_PurchaseOrder('{{{{po_number}}}}')"
operations:
- name: get-po
method: GET
- type: http
namespace: msteams
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channels
path: "/teams/rtx/channels/general/messages"
operations:
- name: send-message
method: POST
Vendor Compliance Audit Orchestrator
▼
procurement sap-ariba snowflake servicenow
Runs vendor compliance check with SAP Ariba data, Snowflake contract history, and ServiceNow audit task.
naftiko: "0.5"
info:
label: "Vendor Compliance Audit Orchestrator"
description: "Runs vendor compliance check with SAP Ariba data, Snowflake contract history, and ServiceNow audit task."
tags:
- procurement
- sap-ariba
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: vendor-orchestrate
description: "Runs vendor compliance check with SAP Ariba data, Snowflake contract history, and ServiceNow audit task."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "ariba.get-vendor"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "snowflake.run-query"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "servicenow.create-incident"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: ariba
baseUri: "https://openapi.ariba.com/api/procurement/v2"
authentication:
type: bearer
token: "$secrets.ariba_token"
resources:
- name: vendors
path: "/vendors/{{{{vendor_id}}}}"
operations:
- name: get-vendor
method: GET
- type: http
namespace: snowflake
baseUri: "https://rtx.snowflakecomputing.com/api/v2"
authentication:
type: bearer
token: "$secrets.snowflake_token"
resources:
- name: statements
path: "/statements"
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
VM Patching Orchestrator
▼
cloud servicenow terraform datadog
Creates ServiceNow change for VM patching, triggers Terraform apply, and validates with Datadog.
naftiko: "0.5"
info:
label: "VM Patching Orchestrator"
description: "Creates ServiceNow change for VM patching, triggers Terraform apply, and validates with Datadog."
tags:
- cloud
- servicenow
- terraform
- datadog
capability:
exposes:
- type: mcp
namespace: cloud
port: 8080
tools:
- name: vm-orchestrate
description: "Creates ServiceNow change for VM patching, triggers Terraform apply, and validates with Datadog."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "servicenow.create-incident"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "terraform.get-workspace"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "datadog.get-monitor"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/organizations/rtx/workspaces"
operations:
- name: get-workspace
method: GET
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
header: "DD-API-KEY"
key: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/{{{{monitor_id}}}}"
operations:
- name: get-monitor
method: GET
Vulnerability Patch Deployment Orchestrator
▼
security servicenow terraform datadog
Creates ServiceNow change for patching, triggers Terraform deployment, and validates with Datadog.
naftiko: "0.5"
info:
label: "Vulnerability Patch Deployment Orchestrator"
description: "Creates ServiceNow change for patching, triggers Terraform deployment, and validates with Datadog."
tags:
- security
- servicenow
- terraform
- datadog
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: vulnerability-orchestrate
description: "Creates ServiceNow change for patching, triggers Terraform deployment, and validates with Datadog."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary input parameter for this workflow."
steps:
- name: step-1
type: call
call: "servicenow.create-incident"
with:
input: "{{param_1}}"
- name: step-2
type: call
call: "terraform.get-workspace"
with:
input: "{{step-1.result}}"
- name: step-3
type: call
call: "datadog.get-monitor"
with:
input: "{{step-1.result}}"
consumes:
- type: http
namespace: servicenow
baseUri: "https://rtx.service-now.com/api/now"
authentication:
type: basic
username: "$secrets.servicenow_user"
password: "$secrets.servicenow_password"
resources:
- name: incidents
path: "/table/incident"
operations:
- name: create-incident
method: POST
- type: http
namespace: terraform
baseUri: "https://app.terraform.io/api/v2"
authentication:
type: bearer
token: "$secrets.terraform_token"
resources:
- name: workspaces
path: "/organizations/rtx/workspaces"
operations:
- name: get-workspace
method: GET
- type: http
namespace: datadog
baseUri: "https://api.datadoghq.com/api/v1"
authentication:
type: apiKey
header: "DD-API-KEY"
key: "$secrets.datadog_api_key"
resources:
- name: monitors
path: "/monitor/{{{{monitor_id}}}}"
operations:
- name: get-monitor
method: GET
Workday Employee Directory Lookup
▼
hr workday directory
Retrieves an employee record from Workday by worker ID, returning name, department, and manager.
naftiko: "0.5"
info:
label: "Workday Employee Directory Lookup"
description: "Retrieves an employee record from Workday by worker ID, returning name, department, and manager."
tags:
- hr
- workday
- directory
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: get-employee
description: "Retrieves an employee record from Workday by worker ID, returning name, department, and manager."
inputParameters:
- name: param_1
in: body
type: string
description: "Primary lookup parameter."
call: "workday.get-worker"
with:
param_1: "{{param_1}}"
outputParameters:
- name: result
type: string
mapping: "$.result"
consumes:
- type: http
namespace: workday
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: get-worker
path: "/rtx/workers/{{{{worker_id}}}}"
operations:
- name: get-worker
method: GET
Workday Payroll Headcount Snapshot
▼
hr finance workday reporting headcount
Exports the current headcount by department and cost center from Workday for use in financial planning and headcount reporting.
naftiko: "0.5"
info:
label: "Workday Payroll Headcount Snapshot"
description: "Exports the current headcount by department and cost center from Workday for use in financial planning and headcount reporting."
tags:
- hr
- finance
- workday
- reporting
- headcount
capability:
exposes:
- type: mcp
namespace: hr-reporting
port: 8080
tools:
- name: get-headcount-snapshot
description: "Returns active headcount grouped by department and cost center from Workday. Use for quarterly planning, budgeting, or workforce analytics."
call: "workday-hc.get-workers"
outputParameters:
- name: employees
type: array
mapping: "$.data"
items:
- name: employee_id
type: string
mapping: "$.workdayId"
- name: full_name
type: string
mapping: "$.name"
- name: department
type: string
mapping: "$.department"
- name: cost_center
type: string
mapping: "$.costCenter"
consumes:
- type: http
namespace: workday-hc
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers-export
path: "/rtx/workers"
operations:
- name: get-workers
method: GET
Workday Role Change Access Sync
▼
hr identity workday microsoft-365 access-management role-change
When an employee's role changes in Workday, updates their Microsoft Entra group memberships and notifies IT of any elevated permissions requiring review.
naftiko: "0.5"
info:
label: "Workday Role Change Access Sync"
description: "When an employee's role changes in Workday, updates their Microsoft Entra group memberships and notifies IT of any elevated permissions requiring review."
tags:
- hr
- identity
- workday
- microsoft-365
- access-management
- role-change
capability:
exposes:
- type: mcp
namespace: hr-access-sync
port: 8080
tools:
- name: sync-role-change-access
description: "Given a Workday employee ID and new role, update the employee's Microsoft Entra group memberships to reflect the new role's access profile and alert IT if privileged groups are involved."
inputParameters:
- name: employee_id
in: body
type: string
description: "The Workday worker ID of the employee whose role changed."
- name: new_role
in: body
type: string
description: "The new job title or role name from Workday."
- name: old_role
in: body
type: string
description: "The previous job title or role name from Workday."
steps:
- name: get-employee
type: call
call: "workday-role.get-worker"
with:
worker_id: "{{employee_id}}"
- name: update-groups
type: call
call: "msgraph-role.update-member-groups"
with:
userId: "{{get-employee.entraObjectId}}"
newRole: "{{new_role}}"
- name: notify-it
type: call
call: "msteams-role.post-message"
with:
channel: "it-access-reviews"
message: "Role change for {{get-employee.displayName}}: {{old_role}} → {{new_role}}. Entra groups updated. Review if elevated access applied."
consumes:
- type: http
namespace: workday-role
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: workers
path: "/rtx/workers/{{worker_id}}"
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: msgraph-role
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: user-groups
path: "/users/{{userId}}/memberOf"
inputParameters:
- name: userId
in: path
operations:
- name: update-member-groups
method: POST
- type: http
namespace: msteams-role
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: channel-messages
path: "/teams/{{team_id}}/channels/{{channel_id}}/messages"
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Workday Time-Off Request Notification
▼
hr workday microsoft-teams leave-management
When a time-off request is submitted in Workday, notifies the employee's manager via Microsoft Teams and creates a coverage reminder in the team calendar.
naftiko: "0.5"
info:
label: "Workday Time-Off Request Notification"
description: "When a time-off request is submitted in Workday, notifies the employee's manager via Microsoft Teams and creates a coverage reminder in the team calendar."
tags:
- hr
- workday
- microsoft-teams
- leave-management
capability:
exposes:
- type: mcp
namespace: hr-leave
port: 8080
tools:
- name: notify-timeoff-request
description: "Given a Workday time-off request ID, notify the employee's manager in Teams and post a coverage note to the team calendar. Use after a leave request is submitted."
inputParameters:
- name: request_id
in: body
type: string
description: "The Workday time-off request ID."
steps:
- name: get-request
type: call
call: "workday-leave.get-timeoff-request"
with:
request_id: "{{request_id}}"
- name: notify-manager
type: call
call: "msteams-leave.post-message"
with:
recipient: "{{get-request.managerEmail}}"
message: "{{get-request.employeeName}} has submitted a time-off request from {{get-request.startDate}} to {{get-request.endDate}}. Please review in Workday."
consumes:
- type: http
namespace: workday-leave
baseUri: "https://wd2-impl-services1.workday.com/ccx/api/v1"
authentication:
type: bearer
token: "$secrets.workday_token"
resources:
- name: timeoff-requests
path: "/rtx/timeOffRequests/{{request_id}}"
inputParameters:
- name: request_id
in: path
operations:
- name: get-timeoff-request
method: GET
- type: http
namespace: msteams-leave
baseUri: "https://graph.microsoft.com/v1.0"
authentication:
type: bearer
token: "$secrets.msgraph_token"
resources:
- name: messages
path: "/chats/{{chat_id}}/messages"
inputParameters:
- name: chat_id
in: path
operations:
- name: post-message
method: POST