OIP system: Capabilities (tokens)
Capabilities (tokens)
A generated article for one OIP shelf. It lists every operation in this API/CLI/MCP/device/model/core subsystem, links each leaf article, and gives the ledger path for proof.
This page is the operating article for one build subsystem. It is generated from live directory rows. If a task belongs to this subsystem, scan the operations below, open the matching capability article, run only the exact object named there, and verify by receipt.
Kind: core. Capabilities: 3. Machine system map: /api/dispatch?map=CAP&format=markdown. Root: /a/oip.
Operations
CAP_MINT
Mint a scoped, short-lived, ledgered capability URL — delegated authority over exactly one row (or read/act tier), with TTL, use count, purpose, risk ceiling, and owner gate. Returns invoke_url + explain_url + fingerprint; the URL explains itself. Use when: Cyrus says "mint a token/capability/link for <KEY>", "give a model a 10 minute key to X", "one-shot link for NOW". Arguments: $1=scope (row|act|read), $2=row key (for scope row), $3=ttl seconds (default 600), $4=max uses (default 1, 0=unlimited), $5=purpose (plain english), $6=risk_ceiling (low|high, default low), $7=owner_gate (0|1, default 0).. Human article: /a/oip-capability-cap-mint. Machine doc: ?key=CAP_MINT&format=markdown. Invocation history: /api/invocations?object_id=CAP_MINT.
CAP_EXPLAIN
Explain a capability: what it may invoke, verbs, expiry + remaining TTL, uses left, risk ceiling, owner gate, revocation, ledger trail. Accepts the token itself (sh.…) or its fingerprint (cap_…). Never echoes the raw token. Use when: Cyrus asks "what can this token do", "explain this capability", "is cap_x still valid". Arguments: $1 = capability token or cap_ fingerprint.. Human article: /a/oip-capability-cap-explain. Machine doc: ?key=CAP_EXPLAIN&format=markdown. Invocation history: /api/invocations?object_id=CAP_EXPLAIN.
CAP_REVOKE
Revoke a capability by fingerprint — the URL dies immediately; further invokes are denied and ledgered. Use when: Cyrus says "revoke that token", "kill cap_x", "cut that model off". Arguments: $1 = cap_ fingerprint.. Human article: /a/oip-capability-cap-revoke. Machine doc: ?key=CAP_REVOKE&format=markdown. Invocation history: /api/invocations?object_id=CAP_REVOKE.