OSuite Developer Platform

Plugin SDK

Build runtime adapters, identity bridges, security packs, trust providers, and vertical packs for OSuite without surrendering governance authority.

Manifest first

Every plugin begins as a signed manifest. The manifest declares plugin type, source role, runtime families, adapter modes, workspace scopes, and declared permissions before any workspace can enable it.

Workspace-scoped enablement

OSuite does not install plugins globally. A workspace owner or admin enables an approved pack inside a workspace, which keeps audit events, replay, and proof closure aligned with the same tenant boundary.

PCAA remains final authority

Plugins can enrich runtime decisions, trust materials, compliance mappings, or vertical posture. They cannot replace action certificates, proof bundles, or approval authority.

Curated exchange, not open marketplace

The SDK is designed for trusted internal modules, official bridges, and carefully-reviewed curated partners. Signing, scopes, and auditability matter more than listing volume.

Golden path

1. Request the SDK template from /api/plugins/sdk/template.
2. Fill in plugin type, scopes, runtime families, trust sources, and permissions.
3. Submit the module into the internal review flow and verify the signed manifest.
4. Publish as an official or curated listing so workspaces can enable it under audit.
Cookie settings

Essential cookies keep sign-in and workspace routing stable. You can separately choose Analytics cookies and Preference cookies.