Readonly Surfaces
Readonly18
Governance API surfaces visible without mutation authority
Astitva Governance Plane
Admin Governance
Readonly operational posture for tenant, domain, protocol, session, token, federation, audit, and observability governance.
Tenants
Tenant-aware3
Bootstrap tenant governance records
Domains
Domain-safe4
Shared and white-label identity domains
Mutation Authority
GuardedBlocked
/api/v1/governance/mutations
Governance Confidence Posture
The console leads with what remains controlled: readonly visibility, explicit mutation blocking, tenant-aware scope, and runtime/governance plane separation.
Readonly governance visibility
Runtime-plane authority blocked
Tenant scope preserved
Diagnostics rendered public-safe
Governance Navigation
Deterministic visibility sections for posture inspection. No production mutation workflow is rendered.
Overview
Runtime Readiness
Tenants
Domains
Branding
Redirect Policies
Runtime Policies
OIDC
Sessions
Tokens
Federation
Audit & Observability
Authorization
Roles
Permissions
Policies
Policy Evaluation
Diagnostics
Tenant Governance
Tenant posture remains readonly and diagnostics-safe.
| Tenant | Lifecycle | Governance | Runtime | Identity | Visibility |
|---|---|---|---|---|---|
| Navasoft (navasoft) | active_placeholder | readonly | Yes | Yes | safe |
| Example Tenant Alpha (example-alpha) | active_placeholder | readonly | Yes | Yes | safe |
| Example Tenant Beta (example-beta) | active_placeholder | readonly | Yes | Yes | safe |
Domain Governance
Domain ownership, routing, certificate posture, and normalized host visibility are shown without DNS or certificate workflows.
| Domain | Tenant | Type | Routing | Validation | Certificate |
|---|---|---|---|---|---|
| identity.navasoft.in | navasoft | shared_identity_domain | ready_placeholder | validated | issued_placeholder |
| login.navasoft.in | navasoft | shared_identity_domain | ready_placeholder | validated | issued_placeholder |
| identity-alpha.example.local | example-alpha | white_label_identity_domain | ready_placeholder | validated | issued_placeholder |
| identity-beta.example.local | example-beta | white_label_identity_domain | ready_placeholder | validated | issued_placeholder |
Branding Governance
Branding metadata is visible without upload or live theming controls.
| Profile | Tenant | Theme | Enabled |
|---|---|---|---|
| Navasoft | navasoft | system | Yes |
| Example Tenant Alpha | example-alpha | system | Yes |
| Example Tenant Beta | example-beta | system | Yes |
Redirect Policy Governance
Unsafe redirect shapes remain visibly rejected; OAuth client registration is not present.
| Redirect | Tenant | State | Reason |
|---|---|---|---|
| https://identity.navasoft.in/callback | navasoft | validation_ready | bootstrap_redirect_policy_visibility_only |
| https://identity-alpha.example.local/callback | example-alpha | validation_ready | bootstrap_redirect_policy_visibility_only |
| https://identity-beta.example.local/callback | example-beta | validation_ready | bootstrap_redirect_policy_visibility_only |
Runtime Policy Governance
PKCE-first posture and implicit-flow prohibition are rendered as readonly runtime policy evidence.
| Tenant | PKCE | Implicit Flow | Session | Token Lifetime | Federation |
|---|---|---|---|---|---|
| navasoft | Yes | No | Yes | short-lived-placeholder | Yes |
| example-alpha | Yes | No | Yes | short-lived-placeholder | Yes |
| example-beta | Yes | No | Yes | short-lived-placeholder | Yes |
OIDC, Session, Token, and Federation Posture
Protocol and identity-engine posture is visible without login, signing-key, token, session, or federation execution controls.
| Section | Readiness | Safety | Blocked Behavior |
|---|---|---|---|
| OIDC | skeleton-readonly-no-authentication | PKCE: Yes | implicit, resource_owner_password_credentials, tokens_in_query_parameters |
| Sessions | skeleton-readonly-no-session-mutation | Revocation: Yes | admin-session-mutation-workflows, user-session-termination-workflows, browser-session-persistence, real-session-issuance, token-issuance |
| Tokens | skeleton-readonly-no-production-token-issuance | Algorithms: RS256, ES256 | production-token-issuance, refresh-token-issuance, refresh-token-rotation, production-signing-infrastructure, signing-key-crud, token-introspection-workflows, client-secret-management |
| Federation | skeleton-readonly-no-live-federation-execution | oidc-authorization-code-pkce | provider-crud-workflows, secret-management-workflows, metadata-ingestion-workflows, live-federation-administration, production-trust-exchange, social-login-execution, saml-runtime-processing |
Audit & Observability Governance
Readonly propagation posture, sink warnings, and future Pramaana/Avalokana readiness.
| Area | Posture | Detail |
|---|---|---|
| Audit | Yes | non-production-in-memory-bootstrap |
| Telemetry | Yes | readonly-diagnostics-no-audit-mutation |
| Pramaana | Yes | Future integration readiness only |
| Avalokana | Yes | Future integration readiness only |
Authorization & Tenant Governance Contract
Readonly authorization contract posture for tenant-scoped roles, permissions, policies, Niyama readiness, and evaluation skeletons.
| Area | Posture | Detail |
|---|---|---|
| Authorization Contract | readonly-contract-ready-no-enforcement | Yes |
| Tenant Scope | Yes | No |
| Evaluation | Yes | Skeleton only; no request-blocking middleware |
| Niyama | Yes | Future policy integration readiness |
Role Posture
Role records are visible without assignment workflows.
| Role | Tenant | Scope | Runtime |
|---|---|---|---|
| identity_observer | navasoft | tenant | No |
| identity_observer | example-alpha | tenant | No |
| identity_observer | example-beta | tenant | No |
Permission Posture
Permission records expose scope and plane posture without entitlement execution.
| Permission | Scope | Runtime | Governance |
|---|---|---|---|
| authorization.posture.read | governance | No | Yes |
| runtime.policy.read | runtime | Yes | Yes |
Policy Posture
Policy contracts are readonly and evaluation-ready without policy editors or enforcement toggles.
| Policy | Tenant | Scope | Mode |
|---|---|---|---|
| tenant_authorization_contract | navasoft | tenant | skeleton_only_no_enforcement |
| tenant_authorization_contract | example-alpha | tenant | skeleton_only_no_enforcement |
| tenant_authorization_contract | example-beta | tenant | skeleton_only_no_enforcement |
Policy Evaluation Contract
Deterministic tenant-scoped evaluation posture for future Niyama integration without production policy execution.
| Area | Posture | Detail |
|---|---|---|
| Evaluation Contract | Yes | skeleton_only_no_production_execution |
| Determinism | Yes | No |
| Tenant Scope | Yes | Blocked and unresolved outcomes are explicit |
| Execution | No | No |
| Niyama | Yes | Future integration readiness only |
Cloud Deployment Posture
Cloudflare, Route53, ALB, container, rollback, and runtime/governance separation posture rendered without infrastructure controls.
| Area | Posture | Detail |
|---|---|---|
| Ingress | cloudflare-ready -> route53-ready -> aws-alb-ready | Cloud ingress posture ready |
| Deployment | local | local |
| Rollback | Yes | Container image rollback posture only |
| Runtime Separation | governance-plane-readonly-no-runtime-authority | No |
Diagnostics Safety
Rendered diagnostics avoid secrets, tokens, session identifiers, private keys, raw cookies, and runtime-plane authority.
| Guardrail | State |
|---|---|
| Runtime-plane admin authority | No |
| Sensitive event data exposed | No |
| Tokens in query parameters | redacted |
| URL session identifiers | redacted |