openapi: 3.1.0 info: title: Tenantial Public Trust Website Surface version: 0.1.0 summary: Observable HTTP contract for Spec 405 public website routes description: > This contract documents the public HTTP surface for the trust-related website flow in Spec 405. The implementation is a static Astro website that returns HTML pages, not a backend JSON API. OpenAPI is used here only to make the route-level obligations explicit. servers: - url: https://tenantial.com description: Production hostname - url: http://127.0.0.1:4321 description: Local preview using WEBSITE_PORT default tags: - name: public-website description: Static public website routes paths: /: get: tags: [public-website] summary: Render German homepage operationId: getHomeDe description: > Returns the default-locale homepage. The homepage is required to expose a trust teaser or equivalent summary with a real link to the canonical trust route. x-page-contract: locale: de requiredLinks: - label: Vertrauen href: /trust requiredSections: - hero - trust teaser - footer trust link requiredOutcomes: - buyer can discover the trust surface in one click forbiddenPatterns: - href="#" - lorem ipsum - DSGVO compliant - GDPR compliant - ISO certified responses: '200': description: Static HTML homepage content: text/html: schema: type: string /trust: get: tags: [public-website] summary: Render German trust page operationId: getTrustDe description: > Returns the German trust surface for DACH evaluation. x-page-contract: locale: de requiredSections: - hero - trust principles - claim status legend - hosting posture - privacy and DSGVO posture - AVV/DPA and TOM readiness - data categories - provider permissions - RBAC and least privilege - auditability - encryption and secrets posture - retention, export, and deletion posture - subprocessors - support access posture - security contact or trust handoff allowedClaimStatuses: - documented - on request - in preparation - planned - not claimed - not applicable primaryHandoff: route: /contact responses: '200': description: Static HTML trust page content: text/html: schema: type: string /contact: get: tags: [public-website] summary: Render German contact route operationId: getContactDe description: > Returns the existing contact route used as the trust-page request and escalation handoff when no dedicated document download or security mailbox is verified. x-page-contract: locale: de acceptedRoles: - walkthrough request - trust question - privacy/procurement follow-up constraints: - no secrets or credentials submitted via the public website responses: '200': description: Static HTML contact page content: text/html: schema: type: string /en/: get: tags: [public-website] summary: Render English homepage operationId: getHomeEn description: > Returns the English mirrored homepage with the same trust discoverability obligations as the default locale. x-page-contract: locale: en requiredLinks: - label: Trust href: /en/trust responses: '200': description: Static HTML homepage content: text/html: schema: type: string /en/trust: get: tags: [public-website] summary: Render English trust page operationId: getTrustEn description: > Returns the English mirrored trust surface with the same claim-status and topic coverage obligations as the German route. x-page-contract: locale: en mirrors: sourceRoute: /trust parityRequired: true primaryHandoff: route: /en/contact responses: '200': description: Static HTML trust page content: text/html: schema: type: string /en/contact: get: tags: [public-website] summary: Render English contact route operationId: getContactEn responses: '200': description: Static HTML contact page content: text/html: schema: type: string components: schemas: ClaimStatus: type: string enum: - documented - on request - in preparation - planned - not claimed - not applicable TrustTopic: type: object additionalProperties: false required: - slug - title - summary - claimStatus properties: slug: type: string title: type: string summary: type: string claimStatus: $ref: '#/components/schemas/ClaimStatus' requestPath: type: string description: Optional real route or mailto destination TrustPageContract: type: object additionalProperties: false required: - locale - requiredSections - primaryHandoff properties: locale: type: string enum: [de, en] requiredSections: type: array items: type: string primaryHandoff: type: object additionalProperties: false required: - route properties: route: type: string requiredTopics: type: array items: $ref: '#/components/schemas/TrustTopic'