Auth

experimental

EdDSA service-token mint/verify, scope checks, and JWKS for auth-gated inter-service communication.

2 hooks 2 events 3 permissions

Auth is source-visible, contract-first code — your agent reads the whole interface before it composes, never a black box.

Every hook has typed I/O and required tests, and the composition is pinned in microservices.lock.json — what you inspect here is exactly what pnpm microservices check verifies and deploys.

Typed hooks

Extension points with typed input/output and required tests — customize behavior without forking the module.

  • beforeMintToken
  • afterTokenMinted

Events emitted

A stable, documented event surface other modules can subscribe to.

  • auth.token_minted
  • auth.key_rotated

Permissions

Scoped capabilities the module declares; the gateway enforces them at the boundary.

  • auth.mint
  • auth.verify
  • auth.admin

Experimental listing. Generated from the canonical module manifest via `registry build`.