Workflow-first MVPDocs Center liveHelp routes reservedProjects & Billing in codeSupply & Marketplace in code

Developers

Developers now acts as the Day 6 supply source of truth: supplier identity and provider endpoint access models are fixed before marketplace listings, live installs, and payout flows go live.

Help CenterDocs Center

Module Entry Map

Developers module entry map

Day 9 leaves the supplier-side subroutes in place now, so identity review, endpoint management, service offerings, and onboarding do not need to appear as late navigation after the first real mutation work starts.

Module 5 Day 9 shipped

Developers

把 developer identity、endpoint、offering、onboarding 这些二级入口提前固定下来,避免后面接审核或 mutation 时再返工导航。

打开模块查看文档

Identity Review

In Code

为个人、企业、域名所有者三类 developer identity 预留独立 verification / operator note 入口。

identity-reviewReserved route

Endpoint Catalog

In Code

为 first-party、remote API、self-hosted、domain-mapped endpoint 预留独立目录入口。

endpointsReserved route

Service Offerings

In Code

为 service offering、pricing model、install eligibility 与 commercial scope 预留独立目录入口。

offeringsReserved route

Onboarding Queue

In Code

为 supplier onboarding、identity readiness、endpoint readiness、payout readiness 预留统一队列入口。

onboardingReserved route

Developer Supply

Developer identity and endpoint access now share one supply foundation

Module 5 Day 6 now fixes how provider endpoints enter the supply side after identity selection but before live onboarding, verification automation, and marketplace installs. First-party, remote API, self-hosted, and domain-mapped access patterns now resolve through the same shared platform truth.

Service boundary: foundation-control-plane-service

State demoLiveEmptyError
Module 5 Day 6 shipped

Verified identities

1

Healthy endpoints

1

Active offerings

1

Identity type map

Day 5 fixed the supplier identity types. Day 6 now fixes the endpoint access contracts those identities can use.

Shared foundation truth

Individual developer

person-backed supplier identity

Best for indie builders, self-hosted experiments, and low-volume API supply that stays tied to one accountable operator.

An individual identity keeps onboarding lightweight, but the platform should still bind the commercial actor, payout owner, and endpoint operator to the same accountable person before public onboarding widens.

Verification focus

Verify the real operator and keep payout ownership aligned with that person before marketplace publication.

Domain rule

A branded domain is optional unless the supplier wants to claim domain-owned trust or domain-mapped exposure.

Recommended exposure

Self-hostedRemote API

Company developer

legal entity with delegated operators

Best for official product teams, brand-backed services, and supply that needs a durable commercial identity beyond one person.

A company identity separates the legal supplier from any single operator, which is important once endpoints, pricing, support, and future payout evidence need to survive role changes inside the team.

Verification focus

Verify the business identity and keep one accountable operator linked to the company before protected supply surfaces are enabled.

Domain rule

An official domain is strongly preferred so product, support, and public supply posture can stay aligned.

Recommended exposure

First-partyRemote API

Domain owner

verified domain-backed capability owner

Best when an existing site or product capability should be exposed through verified domain ownership instead of generic API branding.

A domain-owner identity exists to bridge site control into platform trust. The supplier may still be a person or company, but the domain proof becomes the critical boundary before domain-mapped onboarding can proceed.

Verification focus

Verify domain control first, then align the claiming operator or business with that verified domain before enabling installs.

Domain rule

A verified domain is mandatory because this identity type exists specifically to expose site-backed capability through domain control.

Recommended exposure

Domain-mappedRemote API

Provider endpoint access map

Day 6 fixes how first-party, remote API, self-hosted, and domain-mapped endpoints enter supply before health polling, domain automation, or live installs exist.

Shared endpoint contract

First-party

platform-operated official endpoint

Best for official Toolplane services where runtime, billing, support, and trust all stay inside the platform boundary.

First-party supply is the only exposure mode where the platform itself is the endpoint operator. It should stay clearly separated from third-party supply so later marketplace policy and settlement logic never confuse official services with partner-hosted ones.

Trust requirement

The platform already owns the brand and runtime, but it still needs an explicit project owner, endpoint contract, and commercial scope before installs rely on it.

Onboarding boundary

No external domain proof is required, yet the endpoint should remain attached to an internal project, accountable operators, and a stable billing contract.

Typical identity

Company developer

Remote API

externally hosted API behind a stable contract

Best when the supplier already runs a network-reachable service and Toolplane only needs a durable request, auth, and billing contract.

Remote API supply lets the developer keep hosting and runtime responsibility outside the platform, while Toolplane handles discovery, commercial gating, and later marketplace attachment. The platform should integrate against a narrow endpoint contract instead of inheriting trust from product copy alone.

Trust requirement

Verify who controls the service endpoint and keep auth posture, support ownership, and commercial owner aligned before installs widen.

Onboarding boundary

A remote API can onboard without domain-mapped trust, but it still needs explicit endpoint ownership evidence and project-scoped isolation.

Typical identity

Individual developerCompany developerDomain owner

Self-hosted

operator-run infrastructure outside platform runtime

Best for low-cost experiments, home-lab nodes, or niche services where the supplier hosts the MCP edge themselves.

Self-hosted supply stays farthest from platform-owned infrastructure, so operational isolation matters more than branding. It should remain clearly segregated from first-party trust and should not gain public exposure only because it responds to health probes.

Trust requirement

Verify the accountable operator, keep the endpoint isolated per supplier, and treat health or abuse posture as explicit gates before public rollout.

Onboarding boundary

Self-hosted onboarding can start without a branded domain, but it should not inherit company or domain-owner trust unless separate evidence exists.

Typical identity

Individual developerCompany developer

Domain-mapped

verified domain exposing site-backed capability

Best when an existing site or product capability should be surfaced through a verified domain instead of a generic API hostname.

Domain-mapped supply turns domain control into the primary trust anchor. The supplier may still call a remote system behind the scenes, but marketplace posture should depend on verified domain ownership rather than on an opaque upstream runtime.

Trust requirement

Verify domain control first, then confirm the claiming operator or business owns the mapped capability and support surface.

Onboarding boundary

A domain-mapped endpoint should stay blocked until the mapped domain, routing path, and accountable supplier identity all align.

Typical identity

Domain ownerCompany developer

Developer identities

Every supplier now resolves through one explicit identity type before endpoint access mode, marketplace posture, or payout policy is considered.

DeveloperIdentityStatusExposureServices

Supply access rules

Every supplier must declare one primary identity type

Individual, company, and domain-owner supply should remain explicit instead of being inferred from endpoint shape or marketplace copy.

Verification must match identity type

Person-backed, company-backed, and domain-backed suppliers each need different evidence, and the console should keep those verification burdens visible before public onboarding starts.

Exposure mode should align with identity trust

Domain-mapped supply should not bypass domain proof, and first-party or company-backed supply should not inherit domain-owner trust without explicit evidence.

Every provider endpoint must declare one access mode explicitly

First-party, remote API, self-hosted, and domain-mapped posture should be explicit instead of inferred from hostname, auth mode, or listing copy.

Trust must not leak across endpoint access modes

A self-hosted or remote API endpoint should not inherit first-party or domain-owned trust just because it is healthy, branded, or commercially important.

Endpoint access mode must align with supplier evidence

Domain-mapped supply requires domain proof, first-party supply stays platform-operated, and remote API or self-hosted access should keep accountable supplier ownership visible.