docs(registry): rename Lookups tag, annotate source/member/discovered_from, /operator auth-aware note#3542
Merged
EmmaLouise2018 merged 3 commits intoApr 30, 2026
Conversation
This was referenced Apr 29, 2026
…_from, /operator auth-aware note Refs #3538. Three docs-IA cleanups for the Registry API. Source-side changes only — OpenAPI YAML regen lands in a separate commit so reviewers can see the intentional changes without skimming past 500 lines of mechanical diff. ## Tag rename: "Lookups & Authorization" -> "Authorization Lookups" The & in the tag name forced Mintlify to slugify the URL as lookups-%26-authorization, making /operator-lookup and the other 7 endpoints under that tag effectively unsearchable. 8 sites in registry-api.ts. ## Source / member / discovered_from descriptions server/src/schemas/registry.ts gains .openapi({ description }) on three fields that previously rendered as bare attributes: - source — explains 'registered' (AAO-attested, opt-in) vs 'discovered' (crawled from a publisher's adagents.json, no opt-in) and that they are different trust levels. - member — explains it is null for 'discovered' even when the publisher_domain is owned by a member (Problem 6 in #3538). - discovered_from — explains it is mutually exclusive with member. ## /api/registry/operator auth-aware description Endpoint description now spells out that the response shape changes by caller: anonymous gets 'public' only, AAO API-tier callers see 'members_only', profile owners see 'private'. This is the primary mechanism by which AAO membership unlocks deeper registry visibility — previously documented nowhere except the source.
Mechanical regen via npm run build:openapi after the source-side changes in
the previous commit. Captures:
- "Authorization Lookups" tag (8 sites) replacing the slug-breaking
"Lookups & Authorization".
- New .openapi({ description }) annotations on source, member, and
discovered_from in the registry response schema.
- /api/registry/operator auth-aware response-shape note.
Also picks up pre-existing drift from earlier PRs that didn't run
build:openapi: VerifiedBadge schema, declared_specialisms, check_interval_hours,
and verified-badge fields on agent responses. Pure mechanical catch-up; no
behavior change here that wasn't already in the source tree.
Split from the source-side commit so reviewers can scan the YAML diff as
hygiene, not feature work.
bece0d8 to
7b9056b
Compare
This was referenced Apr 29, 2026
Merged
EmmaLouise2018
added a commit
that referenced
this pull request
Apr 30, 2026
- Tag-group label is "Authorization Lookups" (renamed in #3542), not "Lookups & Authorization". - Reference deep links retarget to the Mintlify auto-generated per-endpoint pages (`/docs/registry/api-reference/authorization-lookups/{operator,publisher}-lookup`) — same pattern #3543 already uses on `registering-an-agent.mdx`. - Cited file:line on `registry-api.ts` updated to current main: `/operator` 5165→5486, `/publisher` 5229→5550 (drifted in the post-#3542 main merge). No prose-shape change beyond stale-reference fixes.
bokelley
pushed a commit
that referenced
this pull request
May 1, 2026
…s publisher (#3559) * docs(registry): three-endpoint overview table — catalog vs operator vs publisher Refs #3538 Problem 4 P1. Three overlapping lookup endpoints on the Registry API have no top-level prose tying them together. They live under two different tag groups in the docs, so a reader has to know which tag to start in. Adds an overview table to docs/registry/index.mdx covering: - /api/registry/agents — "give me the catalog" - /api/registry/operator?domain=X — "what does this entity operate?" - /api/registry/publisher?domain=X — "what does this entity publish?" Each row includes the question it answers, when to use it, auth-aware response-shape note where relevant. Auth-aware note on /operator added in #3542; /publisher parity tracked in #3546. Pure docs change. No schema or behavior change. * docs(registry): align overview table with post-#3542 canonical framing - Tag-group label is "Authorization Lookups" (renamed in #3542), not "Lookups & Authorization". - Reference deep links retarget to the Mintlify auto-generated per-endpoint pages (`/docs/registry/api-reference/authorization-lookups/{operator,publisher}-lookup`) — same pattern #3543 already uses on `registering-an-agent.mdx`. - Cited file:line on `registry-api.ts` updated to current main: `/operator` 5165→5486, `/publisher` 5229→5550 (drifted in the post-#3542 main merge). No prose-shape change beyond stale-reference fixes.
EmmaLouise2018
added a commit
that referenced
this pull request
May 1, 2026
…or (closes #3546) (#3569) * docs(registry): note that /publisher is unauthenticated and shape is fixed for every caller Contrasts with /operator (#3542) where AAO membership tier and profile ownership unlock members_only / private visibility. Documenting the asymmetry rather than introducing one — membership does not change the /publisher response today. Refs #3546. * docs(registry): regenerate OpenAPI YAML for /publisher description Mechanical output of `npm run build:openapi` for the previous commit's description change. No semantic delta beyond the /publisher entry. Refs #3546.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Refs #3538.
Three docs-IA cleanups for the Registry API. Two commits — source-side intentional changes, then mechanical OpenAPI regen — split for review hygiene so reviewers don't skim past the real changes in 500 lines of YAML.
Tag rename:
Lookups & Authorization→Authorization LookupsThe
&in the tag name forced Mintlify to slugify the URL aslookups-%26-authorization, making/operator-lookupand the other 7 endpoints under that tag effectively unsearchable and unshareable. 8 sites inserver/src/routes/registry-api.ts.Visible URL change:
https://docs.adcontextprotocol.org/docs/registry/api-reference/lookups-%26-authorization/operator-lookup→https://docs.adcontextprotocol.org/docs/registry/api-reference/authorization-lookups/operator-lookup.source/member/discovered_fromdescriptionsserver/src/schemas/registry.ts— adds.openapi({ description })on three fields that previously rendered as bare attributes:source— explainsregistered(AAO-attested, opt-in) vsdiscovered(crawled from a publisher's adagents.json, no opt-in) and that they are different trust levels.member— explains it isnullfordiscoveredagents even when the publisher_domain is owned by a member (decision(registry): how should discovered agents surface member-publisher endorsement (#3538 Problem 6) #3547 — separate decision issue).discovered_from— explains it is mutually exclusive withmember./api/registry/operatorauth-aware descriptionThe endpoint description now spells out that the response shape changes by caller:
publicagents onlymembers_onlyagentsprivateagentsThis is the primary mechanism by which AAO membership unlocks deeper registry visibility — previously documented nowhere except the source.
Commits
The first commit is 38 lines across 3 source files (changeset,
registry-api.ts,registry.ts) — that's the intentional change.The second commit is the mechanical
npm run build:openapiregen — 503 lines ofstatic/openapi/registry.yaml. It also picks up pre-existing drift from earlier PRs that didn't run the regen (verified-badge fields,declared_specialisms,check_interval_hours,VerifiedBadgeschema). Pure mechanical catch-up; no behavior change beyond what the source commit already contains.Reviewers should focus on commit 1. Commit 2 is hygiene.
Test plan
npx tsc --noEmit -p server/tsconfig.json— clean.npx vitest run server/tests/unit/openapi-coverage.test.ts— 3/3 pass.npm run build:openapiregenerates cleanly with stub WORKOS env vars.Stack ordering
Recommended merge order from #3538: 3540 → 3542 → 3543 → 3541. #3542 lands second so #3543 can use the new
authorization-lookupsURL slug directly without a follow-up TODO.Independent of #3540 (different lines in
registry-api.ts) and #3541 (no file overlap). The OpenAPI regen captures drift that may conflict with other in-flight PRs touching the registry API — first-merger may need a re-regen.Out of scope
/publisherauth-aware parity check (does the same caller-tier visibility logic apply to/publisher?).?source=query param + UI segmentation on/registry(Problem 3 P1 in Registry: follow-ups from #3495 — stale types, registered/discovered conflation, docs IA gaps, non-member path #3538).