Core Primitives

Authority

Who can do what — and under what conditions. Authority objects define scoped permissions within an operation, controlling access to transitions, evidence, packets, and other actions.

The Authority object

Authority

{
  "id": "auth_jkl012",
  "operation_id": "op_abc123",
  "participant_id": "part_def456",
  "scope": "transition",
  "conditions": {
    "requires_attestation": true,
    "max_state": "escalated"
  },
  "granted_by": "part_admin001",
  "created_at": "2025-01-15T09:30:00Z",
  "expires_at": null
}

Parameter	Type	Description
`id`	string	Unique identifier. Prefixed with auth_
`operation_id`required	string	The operation this authority applies to
`participant_id`required	string	Who receives this authority
`scope`required	string	What action is authorized
`conditions`	object	Constraints on when the authority applies
`granted_by`	string	Who granted this authority
`created_at`	datetime	ISO 8601 timestamp
`expires_at`	datetime	When the authority expires (null = permanent)

Authority scopes

readwritetransitionattestpacket_generateevidence_attachparticipant_manageadmin

Endpoints

Grant authority

POST

/v1/operations/:id/authority

curl -X POST https://api.microndelta.com/v1/operations/op_abc123/authority \
  -H "Authorization: Bearer md_live_xxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "participant_id": "part_def456",
    "scope": "transition",
    "conditions": {
      "requires_attestation": true,
      "max_state": "escalated"
    }
  }'

List authority

GET

/v1/operations/:id/authority

Revoke authority

DELETE

/v1/authority/:id

Permanently revoke an authority grant

←Attestations Constraints→