paybondpaybond
Sign in

Capabilities

Capability tokens, verification calls, and tenant-safe binding patterns.

Capabilities

Capabilities are intent-scoped authorizations. A capability token minted for intent A must not be used with intent B, even within the same tenant.

Verify before tool execution

Paybond’s recommended integration pattern is:

  1. Bind your tool execution context to (tenant, intent_id, capability_token).
  2. Call Harbor POST /verify to verify the capability for a specific operation.
  3. Only run the tool if verification succeeds.

This prevents accidental cross-tenant or cross-intent execution and creates an audit trail.

Operation names are yours

allowed_tools / allowedTools should use your own runtime's tool identifiers:

  • travel.planner.plan
  • travel.booker.purchase
  • crm.contact.enrich

Paybond does not define a fixed tool catalog here. Harbor simply compares the requested operation string at verify time against the names bound onto the intent.

TypeScript (binding pattern)

See the “Usage (capability verify)” section in TypeScript quickstart.

Python (binding pattern)

See the “Open a Harbor session” section in Python quickstart.