{
  "schema": "capps-chosen-access-registry-v1",
  "status": "public-production-chosen-access-registry-live",
  "publishedAt": "2026-06-15T14:45:00Z",
  "route": "/capps-chosen-access-registry.html",
  "positioning": "CAPPS Chosen Access Registry defines invite-only access roles, approval states, revocation, expiry and audit proof without exposing private people or contact data.",
  "accessStates": [
    "requested",
    "approved",
    "limited",
    "suspended",
    "revoked",
    "expired"
  ],
  "roleGates": [
    "parent pilot",
    "school pilot",
    "cyber reviewer",
    "developer partner",
    "operator"
  ],
  "approvalFields": [
    "role",
    "scope",
    "expiry",
    "policy version",
    "evidence hash",
    "review state"
  ],
  "publicProofOnly": [
    "role model",
    "state model",
    "revocation rule",
    "expiry rule",
    "evidence-hash format"
  ],
  "privateFieldsBlocked": [
    "names",
    "contact records",
    "identity evidence",
    "health records",
    "school records",
    "operator notes",
    "wallet signing credentials"
  ],
  "revocationTriggers": [
    "scope changed",
    "expiry reached",
    "unsafe request",
    "unsupported claim",
    "pilot phase ended",
    "operator review failed"
  ],
  "linkedRoutes": [
    "/capps-access-boundary.html",
    "/security-review-scope.html",
    "/capps-safety-suite.html",
    "/public-data/capps-chosen-access-registry.json"
  ]
}