{
  "id": "api_connector_registry",
  "label": "API Connector Registry Canonical",
  "phase": "phase-09",
  "category": "operational_flows",
  "status": "ACTIVE_DH_MIRROR",
  "purpose": "Maintain the governed inventory of API surfaces available to DEVON-DEV.",
  "function": "Define connector identity, auth model, allowed operations, rate limits, data scope and evidence requirements.",
  "technology_requirements": [
    {
      "technology": "API Connector Registry",
      "required_for": "Maintain the governed inventory of API surfaces available to DEVON-DEV.",
      "required_by_phase": "phase-09",
      "required_by_category": "api_connector_registry",
      "required_by_buckets": [
        "Prerequisites",
        "Installation",
        "Configuration",
        "Validation",
        "Observable Evidence",
        "Failure Modes & Recovery",
        "Completion & Promotion"
      ],
      "expected_version": "MISSING until API Connector Registry is implemented and validated in the future Execution & Monitoring Panel",
      "validation_command": "MISSING until api_connector_registry can prove scope, evidence, execution state and promotion decision",
      "evidence_path": "/home/yeff/public_html/devon/canon/execution/state/dh_sources/api_connector_registry.json",
      "status_source": "Documentation Hub + future Execution & Monitoring Panel",
      "blocking_if_missing": true,
      "failure_impact": "An API that exists only in code is not a governed capability. The registry prevents endpoints, scopes and credentials from becoming scattered assumptions. Its failure mode is unmanaged access: the system can connect, but cannot prove whether it was allowed to."
    }
  ],
  "depends_on": [
    "security_governance",
    "secrets_management",
    "integration_gateway"
  ],
  "used_by": [
    "integration_gateway",
    "webhook_handler",
    "external_knowledge_access"
  ],
  "overview": {
    "summary": "API Connector Registry Canonical owns the inventory of external API capability. It prevents DEVON-DEV from treating endpoints, credentials and payload formats as tribal knowledge hidden inside code.",
    "function": "FUNCTION: Register each connector with service identity, authentication mode, allowed operations, denied operations, data scope, environment, rate limit, owner and evidence requirement.",
    "system_position": "Integration Gateway executes only through this registry. Webhook Handler uses it to prove event origin. Security and Secrets Management use it to prevent credential sprawl. The registry is the contract before any API becomes a tool surface.",
    "failure_impact": "An API that exists only in code is not a governed capability. The registry prevents endpoints, scopes and credentials from becoming scattered assumptions. Its failure mode is unmanaged access: the system can connect, but cannot prove whether it was allowed to."
  },
  "failure_impact": "An API that exists only in code is not a governed capability. The registry prevents endpoints, scopes and credentials from becoming scattered assumptions. Its failure mode is unmanaged access: the system can connect, but cannot prove whether it was allowed to."
}
