{ "generated_at": "2026-04-10T10:31:25.552Z", "system": { "id": "topolo-auth", "name": "Topolo Auth", "slug": "topolo-auth", "kind": "service", "summary": "Central identity, authorization, service registry, and API key authority for the platform.", "aliases": [], "lifecycle": "active", "last_verified": "2026-04-10", "owners": [ "identity-platform" ], "repo_paths": [ "PlatformApplications/TopoloAuth" ], "service_ids": [ "svc_auth" ], "visibility": "public", "api_contract": { "type": "curated", "source": "PlatformApplications/TopoloAuth/src/controllers/auth.js", "notes": "Curated Topolo Auth reference supplements controller-backed route behavior, including TopoloOne developer-application intake, app-submission intake, the authenticated TopoloDevelopers profile/submission/build-request route family on developers.topolo.app, and operator review endpoints." }, "primary_hosts": [ "https://auth.topolo.app" ], "doc_paths": [ "applications/auth", "reference/api/topolo-auth", "internal/platform/auth-and-identity", "internal/apps/topolo-auth" ], "dependencies": [], "public_hub_url": "/systems/topolo-auth", "internal_hub_url": null, "application_api_url": null, "generated_openapi_url": null, "machine_urls": { "system": "/machine/systems/topolo-auth.json", "application": null } }, "docs": { "public": [ { "id": "applications/admin.mdx", "title": "Topolo Admin", "summary": "Public overview of the administrative interface used for org, user, service, and audit management across the Topolo platform.", "audience": "public", "tags": [ "admin", "auth", "organizations" ], "url": "/applications/admin.mdx", "last_verified": "2026-04-07" }, { "id": "applications/agent.mdx", "title": "Topolo Agent", "summary": "Public overview of the Cloudflare-first agent and automation platform in the Topolo portfolio.", "audience": "public", "tags": [ "agents", "automation", "workflows" ], "url": "/applications/agent.mdx", "last_verified": "2026-04-07" }, { "id": "applications/auth.mdx", "title": "Topolo Auth", "summary": "Public overview of identity, service registration, API keys, and permission ownership across the platform.", "audience": "public", "tags": [ "identity", "auth", "api-keys" ], "url": "/applications/auth.mdx", "last_verified": "2026-04-10" }, { "id": "applications/bugfix.mdx", "title": "Topolo BugFix", "summary": "Public overview of BugFix, including AI-assisted bug analysis, fix generation, and Nexus-backed provider usage.", "audience": "public", "tags": [ "bugs", "ai", "automation", "github" ], "url": "/applications/bugfix.mdx", "last_verified": "2026-04-07" }, { "id": "applications/bytes.mdx", "title": "Topolo Bytes", "summary": "Public overview of the media-management and sharing surface built around Cloudflare edge storage and media tooling.", "audience": "public", "tags": [ "media", "assets", "sharing" ], "url": "/applications/bytes.mdx", "last_verified": "2026-04-07" }, { "id": "applications/chat.mdx", "title": "Topolo Chat", "summary": "Public overview of the collaboration surface for channels, direct messages, meetings, guests, and remote-assist workflows.", "audience": "public", "tags": [ "chat", "meetings", "collaboration" ], "url": "/applications/chat.mdx", "last_verified": "2026-04-07" }, { "id": "applications/commerce.mdx", "title": "TopoloCommerce", "summary": "Public overview of the multi-vertical commerce platform for venue operations, guest runtimes, and staff execution.", "audience": "public", "tags": [ "commerce", "venues", "kiosk" ], "url": "/applications/commerce.mdx", "last_verified": "2026-04-10" }, { "id": "applications/crm.mdx", "title": "TopoloCRM", "summary": "Public overview of the CRM service, pipeline surface, SDR inbox control plane, and developer-key access model.", "audience": "public", "tags": [ "crm", "sales", "pipelines" ], "url": "/applications/crm.mdx", "last_verified": "2026-04-07" }, { "id": "applications/developers.mdx", "title": "Topolo Developers", "summary": "Public overview of the authenticated Topolo developer portal and its submission/request workflows.", "audience": "public", "tags": [ "developers", "portal", "auth" ], "url": "/applications/developers.mdx", "last_verified": "2026-04-10" }, { "id": "applications/forecast.mdx", "title": "Topolo Forecast", "summary": "Public overview of the forecasting product for cash-flow, P&L, KPI, and multi-scenario planning workflows.", "audience": "public", "tags": [ "forecasting", "finance", "planning" ], "url": "/applications/forecast.mdx", "last_verified": "2026-04-07" }, { "id": "applications/learn.mdx", "title": "TopoloLearn", "summary": "Public overview of the Topolo-native multi-tenant learning platform for branded education businesses, cohort delivery, assessment, and certification.", "audience": "public", "tags": [ "learning", "multi-tenant", "assessment", "certification" ], "url": "/applications/learn.mdx", "last_verified": "2026-04-09" }, { "id": "applications/mdm.mdx", "title": "TopoloMDM", "summary": "Public overview of the device-management cluster spanning the MDM API, operator console, and mobile scaffold.", "audience": "public", "tags": [ "mdm", "devices", "operations" ], "url": "/applications/mdm.mdx", "last_verified": "2026-04-07" }, { "id": "applications/nexus.mdx", "title": "Topolo Nexus", "summary": "Public overview of Nexus as the platform gateway for metered third-party API usage across Topolo applications.", "audience": "public", "tags": [ "ai", "gateway", "usage", "platform" ], "url": "/applications/nexus.mdx", "last_verified": "2026-04-07" }, { "id": "applications/nodo.mdx", "title": "Topolo Nodo", "summary": "Public overview of the Nodo-era product family spanning app distribution, feed delivery, analytics, Android playback, and provisioning surfaces.", "audience": "public", "tags": [ "nodo", "devices", "feeds" ], "url": "/applications/nodo.mdx", "last_verified": "2026-04-07" }, { "id": "applications/pay.mdx", "title": "Topolo Pay", "summary": "Public overview of the payment worker that handles orders, refunds, and payment operations.", "audience": "public", "tags": [ "payments", "orders", "worker" ], "url": "/applications/pay.mdx", "last_verified": "2026-04-07" }, { "id": "applications/one.mdx", "title": "TopoloOne", "summary": "Public overview of the TopoloOne dashboard, worker-backed growth surfaces, and the public developer-acquisition funnel.", "audience": "public", "tags": [ "dashboard", "operators", "api-keys" ], "url": "/applications/one.mdx", "last_verified": "2026-04-10" }, { "id": "applications/quro.mdx", "title": "Topolo Quro", "summary": "Public overview of the QR creation, redirect, analytics, and authenticated UI surface in the Topolo portfolio.", "audience": "public", "tags": [ "qr", "redirects", "analytics" ], "url": "/applications/quro.mdx", "last_verified": "2026-04-07" }, { "id": "applications/social-studio.mdx", "title": "Topolo Social Studio", "summary": "Public overview of the hybrid desktop and Cloudflare runtime used for AI-assisted social content planning and generation.", "audience": "public", "tags": [ "desktop", "social", "generation", "creative" ], "url": "/applications/social-studio.mdx", "last_verified": "2026-04-07" }, { "id": "applications/roadmapper.mdx", "title": "Topolo Roadmapper", "summary": "Public overview of Roadmapper, including AI-assisted project onboarding, durable planning sessions, and stakeholder presentation delivery.", "audience": "public", "tags": [ "roadmaps", "projects", "planning", "ai" ], "url": "/applications/roadmapper.mdx", "last_verified": "2026-04-08" }, { "id": "applications/socialize.mdx", "title": "Socialize", "summary": "Public overview of the social publishing platform, brand-scoped resource bindings, and content operations.", "audience": "public", "tags": [ "social", "publishing", "brands" ], "url": "/applications/socialize.mdx", "last_verified": "2026-04-07" }, { "id": "guides/authentication.mdx", "title": "Authentication", "summary": "How authentication and authorization flow through Topolo Auth and downstream services.", "audience": "public", "tags": [ "auth", "identity", "authorization" ], "url": "/guides/authentication.mdx", "last_verified": "2026-04-07" }, { "id": "guides/quick-start.mdx", "title": "Quick Start", "summary": "Fast onboarding path for developers integrating with Topolo services.", "audience": "public", "tags": [ "onboarding", "auth", "api-keys" ], "url": "/guides/quick-start.mdx", "last_verified": "2026-04-07" }, { "id": "guides/third-party-auth-integration.mdx", "title": "Third-Party Auth Integration", "summary": "Canonical guide for external developers integrating with Topolo Auth without relying on first-party repo docs.", "audience": "public", "tags": [ "auth", "integration", "third-party" ], "url": "/guides/third-party-auth-integration.mdx", "last_verified": "2026-04-07" }, { "id": "platform/architecture.mdx", "title": "Platform Architecture", "summary": "Top-level platform shape, authority boundaries, and how the unified documentation platform maps onto the codebase.", "audience": "public", "tags": [ "architecture", "platform", "systems" ], "url": "/platform/architecture.mdx", "last_verified": "2026-04-10" }, { "id": "platform/api-keys.mdx", "title": "API Keys", "summary": "Central API key model, scope ownership, and resource binding behavior across Topolo services.", "audience": "public", "tags": [ "api-keys", "security", "platform" ], "url": "/platform/api-keys.mdx", "last_verified": "2026-04-07" }, { "id": "reference/api/topolo-auth.mdx", "title": "Topolo Auth API", "summary": "Curated reference overlay for the Topolo Auth service where platform semantics matter more than raw route listing.", "audience": "public", "tags": [ "auth", "reference", "api" ], "url": "/reference/api/topolo-auth.mdx", "last_verified": "2026-04-08" } ], "internal": [], "runbooks": [] }, "authority": { "owners": [ "identity-platform" ], "repo_paths": [ "PlatformApplications/TopoloAuth" ], "service_ids": [ "svc_auth" ], "dependencies": [], "aliases": [] }, "interfaces": { "contract_type": "curated", "contract_source": "PlatformApplications/TopoloAuth/src/controllers/auth.js", "contract_source_exists": true, "openapi": null, "readme": { "path": "PlatformApplications/TopoloAuth/README.md", "intro": [ "Canonical documentation for Topolo Auth lives in `PlatformApplications/TopoloDocs`.", "Use this repository for implementation only. Local product and operational docs have been retired in favor of the docs application." ], "headings": [ "Topolo Auth" ], "routeHighlights": [], "commandHighlights": [] } }, "auth": { "depends_on_topolo_auth": true, "api_key_scopes": [ { "name": "users.read", "description": "View user accounts and profiles", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "users.write", "description": "Create and edit user accounts", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "users.delete", "description": "Delete or suspend user accounts", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "organizations.read", "description": "View organization details", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "organizations.write", "description": "Create and edit organizations", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "services.read", "description": "View registered services", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "services.write", "description": "Manage service registrations", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "permissions.read", "description": "View permission assignments", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "permissions.write", "description": "Manage user permissions", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "roles.read", "description": "View service role bundles", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "roles.write", "description": "Manage service role bundles", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "sessions.read", "description": "View user sessions and access state", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "sessions.write", "description": "Revoke or rotate user sessions", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "api_keys.read", "description": "View machine credentials", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "api_keys.write", "description": "Create or revoke machine credentials", "resourcePattern": null, "kind": "api_key_scope" }, { "name": "audit.read", "description": "View audit logs and security events", "resourcePattern": null, "kind": "api_key_scope" } ], "service_permissions": [ { "name": "users:read", "description": "View user accounts and profiles", "resourcePattern": null, "kind": "permission" }, { "name": "users:write", "description": "Create and edit user accounts", "resourcePattern": null, "kind": "permission" }, { "name": "users:delete", "description": "Delete or suspend user accounts", "resourcePattern": null, "kind": "permission" }, { "name": "organizations:read", "description": "View organization details", "resourcePattern": null, "kind": "permission" }, { "name": "organizations:write", "description": "Create and edit organizations", "resourcePattern": null, "kind": "permission" }, { "name": "services:read", "description": "View registered services", "resourcePattern": null, "kind": "permission" }, { "name": "services:write", "description": "Manage service registrations", "resourcePattern": null, "kind": "permission" }, { "name": "permissions:read", "description": "View permission assignments", "resourcePattern": null, "kind": "permission" }, { "name": "permissions:write", "description": "Manage user permissions", "resourcePattern": null, "kind": "permission" }, { "name": "roles:read", "description": "View service role bundles", "resourcePattern": null, "kind": "permission" }, { "name": "roles:write", "description": "Manage service role bundles", "resourcePattern": null, "kind": "permission" }, { "name": "sessions:read", "description": "View user sessions and access state", "resourcePattern": null, "kind": "permission" }, { "name": "sessions:write", "description": "Revoke or rotate user sessions", "resourcePattern": null, "kind": "permission" }, { "name": "api_keys:read", "description": "View machine credentials", "resourcePattern": null, "kind": "permission" }, { "name": "api_keys:write", "description": "Create or revoke machine credentials", "resourcePattern": null, "kind": "permission" }, { "name": "audit:read", "description": "View audit logs and security events", "resourcePattern": null, "kind": "permission" } ] }, "runtime": { "primary_hosts": [ "https://auth.topolo.app" ], "repo_entries": [ "PlatformApplications/TopoloAuth/README.md", "PlatformApplications/TopoloAuth/ROADMAP_HANDOFF_2026-03-31_topoloauth.md", "PlatformApplications/TopoloAuth/package-lock.json", "PlatformApplications/TopoloAuth/package.json", "PlatformApplications/TopoloAuth/schema-evolution-local.sql", "PlatformApplications/TopoloAuth/schema-evolution.sql", "PlatformApplications/TopoloAuth/schema-oauth.sql", "PlatformApplications/TopoloAuth/schema-update.sql", "PlatformApplications/TopoloAuth/schema.sql", "PlatformApplications/TopoloAuth/scripts/", "PlatformApplications/TopoloAuth/src/", "PlatformApplications/TopoloAuth/test/", "PlatformApplications/TopoloAuth/topolo.cloudcontrol.json", "PlatformApplications/TopoloAuth/wrangler.toml" ], "wrangler_surfaces": [ { "path": "PlatformApplications/TopoloAuth/wrangler.toml", "observabilityEnabled": false, "environments": [ "production" ], "routes": [ "auth-staging.topolo.app", "auth.topolo.app" ], "vars": [ "AUTH_ACCESS_TOKEN_TTL_SECONDS", "AUTH_ALLOW_REFRESH_TOKEN_IN_BODY", "AUTH_CLIENT_COMPAT_ALLOWLIST", "AUTH_COOKIE_DOMAIN", "AUTH_COOKIE_MODE_DEFAULT", "AUTH_LEGACY_TOKEN_DELIVERY_ENABLED", "AUTH_REFRESH_COOKIE_NAME", "AUTH_REFRESH_SKIP_SESSION_CHECK", "AUTH_REFRESH_TOKEN_TTL_SECONDS", "AUTH_SESSION_TTL_SECONDS", "ENVIRONMENT", "GITHUB_CLIENT_ID" ], "bindings": [ { "kind": "d1", "binding": "DB", "sourcePath": "PlatformApplications/TopoloAuth/wrangler.toml", "target": "437aad6b-7e22-4a11-b048-3b1fa32e9b43" }, { "kind": "d1", "binding": "DB", "environment": "production", "sourcePath": "PlatformApplications/TopoloAuth/wrangler.toml", "target": "9f2c0e78-738a-41c0-95bf-9968ff369926" } ], "cronTriggers": [], "workerName": "topolo-auth-staging", "main": "src/index.js", "compatibilityDate": "2025-07-04" } ], "packages": [ { "path": "PlatformApplications/TopoloAuth/package.json", "name": "topolo-auth", "description": "Authentication service for Nodo MDM multi-tenant system", "scripts": [ "dev", "build", "test", "deploy", "deploy:dry-run", "bootstrap", "local-dev", "remote-dev", "seed-test-data", "setup-oauth", "init-local-db", "dev:with-test-data", "dev:with-remote" ], "scriptCommands": [ { "name": "dev", "command": "wrangler dev" }, { "name": "build", "command": "wrangler deploy --dry-run --outdir .wrangler/build" }, { "name": "test", "command": "node --test" }, { "name": "deploy", "command": "wrangler deploy" }, { "name": "deploy:dry-run", "command": "wrangler deploy --dry-run --outdir .wrangler/build" }, { "name": "bootstrap", "command": "node scripts/bootstrap.js" }, { "name": "local-dev", "command": "node scripts/local-dev.js" }, { "name": "remote-dev", "command": "node scripts/local-dev.js --remote" }, { "name": "seed-test-data", "command": "node scripts/seed-test-data.js" }, { "name": "setup-oauth", "command": "node scripts/setup-oauth.js" }, { "name": "init-local-db", "command": "node scripts/initialize-local-db.js" }, { "name": "dev:with-test-data", "command": "node scripts/initialize-local-db.js && node scripts/local-dev.js" }, { "name": "dev:with-remote", "command": "node scripts/local-dev.js --remote" } ] } ] }, "data": { "env_vars": [ "AUTH_ACCESS_TOKEN_TTL_SECONDS", "AUTH_ALLOW_REFRESH_TOKEN_IN_BODY", "AUTH_CLIENT_COMPAT_ALLOWLIST", "AUTH_COOKIE_DOMAIN", "AUTH_COOKIE_MODE_DEFAULT", "AUTH_LEGACY_TOKEN_DELIVERY_ENABLED", "AUTH_REFRESH_COOKIE_NAME", "AUTH_REFRESH_SKIP_SESSION_CHECK", "AUTH_REFRESH_TOKEN_TTL_SECONDS", "AUTH_SESSION_TTL_SECONDS", "ENVIRONMENT", "GITHUB_CLIENT_ID" ], "bindings": [ { "kind": "d1", "binding": "DB", "sourcePath": "PlatformApplications/TopoloAuth/wrangler.toml", "target": "437aad6b-7e22-4a11-b048-3b1fa32e9b43" }, { "kind": "d1", "binding": "DB", "environment": "production", "sourcePath": "PlatformApplications/TopoloAuth/wrangler.toml", "target": "9f2c0e78-738a-41c0-95bf-9968ff369926" } ], "queue_bindings": [], "storage_kinds": [ "d1" ], "workflow_signals": [] }, "deployment": { "commands": [ { "name": "build", "command": "PlatformApplications/TopoloAuth/package.json :: wrangler deploy --dry-run --outdir .wrangler/build" }, { "name": "deploy", "command": "PlatformApplications/TopoloAuth/package.json :: wrangler deploy" }, { "name": "deploy:dry-run", "command": "PlatformApplications/TopoloAuth/package.json :: wrangler deploy --dry-run --outdir .wrangler/build" } ], "routes": [ "auth-staging.topolo.app", "auth.topolo.app" ], "environments": [ "production" ], "assets_directories": [], "observability_enabled": false }, "debugging": { "failure_modes": [], "entrypoints": [ "PlatformApplications/TopoloAuth/wrangler.toml", "PlatformApplications/TopoloAuth/src/controllers/auth.js", "PlatformApplications/TopoloAuth/README.md", "PlatformApplications/TopoloAuth/package.json" ] } }