API Services
Governance-first API Services Pool view for package catalog, engine bindings, validation posture, and provider-scoped secret hygiene.
3
API Service Packages
3
Tracked Credentials
0
Live API Leases
0
Usage Updates
API Services Pool
Approved API service packages that can be attached during governed provisioning.
Commerce baseline
Commerce API pool
Stripe + Cloudflare + Internal analyticsGovernance vault placeholderSaaS storefront / StableReadyFinance review bundle
Finance API pool
ERP bridge + Billing ledger + Audit feedGovernance vault placeholderSaaS and BaaS / StableReviewOperations integration bundle
Operations API pool
Notifications + Search + Workflow callbacksOperator-supplied secret setBaaS / StableReadyEngine Service Bindings
The service packages and production posture currently attached to managed engines.
- 01POD Engine Alpha -> SaaS Growth Planprod-node-01 / 3 of 6 used · Live frontend / Governed adminPOD Storefront Core 2026.03.1
- 02POD Engine Bravo -> SaaS Starter PlanPending placement · Staged frontend / Locked adminPOD Storefront Core 2026.03.1
- 03POD Engine Charlie -> BaaS Scale Planprod-node-02 / 5 of 6 used · Live frontend / Review adminPartner Workflow Orchestrator 2026.02.h
Credential Vault
Masked provider credentials for DNS, registrar, billing, and API service workflows.
| Credential | Engine | Provider | Scope | Status | Next Rotation | Validation |
|---|---|---|---|---|---|---|
| POD Engine Alpha | Cloudflare | DNS zone edit for acmeprints.example | Healthy | March 24, 2026 | Validated 2 hours ago | |
| POD Engine Bravo | LogicBoxes | Domain registration and nameserver sync | Rotation due | March 10, 2026 | Connectivity pending registrar cutover | |
| POD Engine Charlie | Stripe | Invoice sync and renewal reconciliation | Validation failed | March 14, 2026 | Validation failed 18 minutes ago |
Selected Credential
Workflow detail, status posture, and masked secret continuity for the active credential.
Cloudflare
Healthy
Validated 2 hours ago
March 24, 2026
cf_l...lphaFingerprint XALPHA | reveal disabled
February 24, 2026
- 01DNS automation connectedThe token supports record template sync and validation record refresh.No scope mismatch detected.
- 02Rotation window scheduledA routine rotation reminder is already attached to the next billing window.No immediate action required.
API Service Governance
Policy reminders that keep package attachment and secret handling inside the Governance Node model.
- 01API service packages are assigned during provisioningThe Governance Node binds approved API service packages before an engine is deployed to a Production Node.This keeps integrations inside the governed deployment package.
- 02Development Layer owns API service creationCodex and OpenClaw create the API services in the Development Layer, then the MCP attaches them from the API Services Pool.The MCP never authors provider integrations directly.
- 03Secret handling remains package-awareCredential rotation and validation still occur at the secret level, but the package and engine binding context stay visible.This prevents operators from treating credentials as isolated strings.
Credential Hygiene Notes
Operational reminders for masked value handling, validation, and rotation continuity.
- 01Credentials remain visibly scopedOperators can see provider ownership and intended surface without exposing raw secrets.
- 02Validation health stays local-firstThe vault surface can represent connectivity, rotation, and revocation posture before live adapters land.
- 03Secret masking remains intactOnly masked values are rendered in the local MCP seed data.