# PlatPhorm Layout > Canonical public layout design, responsive grid builder, page composition, visual structure inspector, scoring, export, and MCP/API layout tooling for the PlatPhormNews web mesh. Base URL: https://layout.platphormnews.com Version: 0.0.1 Public access: enabled for public-safe Layout builder, templates, preview, scoring, audits, exports, discovery, health, and read-only MCP introspection. Future protected actions: PLATPHORM_API_KEY support is scaffolded and controlled by PLATPHORM_REQUIRE_API_KEY. Enforcement is off by default for Phase 2 public-safe flows. ## Layout Capabilities - Templates: 15 active public templates (article-brief, dashboard-command, card-grid, form-flow, docs-layout, gallery-wall, landing-system, news-feed, faq-knowledge, product-service, status-page, api-docs, mcp-capability, network-directory, report-page) - Viewports: narrow, mobile, tablet, desktop, wide - Scoring: deterministic, explainable, modelAssisted=false - Audits: deterministic config audit is active; public-safe URL audit reports degraded remote inspection when BrowserOps is not configured - Exports: json, html-css, react-tailwind, markdown, design-spec-json, report, spec - Local persistence: browser-local IndexedDB for non-sensitive drafts; no server persistence is claimed without DATABASE_URL. - Model scaffolding: degraded (No server-side model provider is configured. Layout guidance uses deterministic checks only.) ## API and MCP - API docs: https://layout.platphormnews.com/api/docs and https://layout.platphormnews.com/openapi.yaml - MCP metadata: https://layout.platphormnews.com/api/mcp - MCP JSON-RPC: POST https://layout.platphormnews.com/api/mcp - MCP tools: 27 real Layout tools - MCP resources: 12 - MCP prompts: 11 ## Route Compliance - Implemented route inventory: 44/44 - Degraded states: Server-side persistence is degraded without DATABASE_URL; browser local drafts are active.; Model suggestions are degraded unless a server-only model provider is configured.; Protected execution integrations are scaffolded and open only as public-safe degraded reports unless PLATPHORM_REQUIRE_API_KEY is enabled. ## Integrations - Phorm: degraded; Phorm handoff is scaffolded and reports degraded until a server endpoint is configured. - BrowserOps: degraded; BrowserOps execution is future protected and degraded until an endpoint is configured. - Docs: degraded; Docs report generation is scaffolded and degraded without a backend endpoint. - Decks: degraded; Deck summary generation is scaffolded and degraded without a backend endpoint. - Sheets: degraded; Sheets reporting is scaffolded and degraded without a backend endpoint. - Insights: degraded; Insights ranking/scoring handoff is scaffolded and degraded without a backend endpoint. - Trace: configured; Trace headers and public trace links are emitted for Layout operations. Server-side export is scaffolded. ## Trust and Trace Trusted domains default to *.platphormnews.com. Layout operations propagate W3C trace context and safe PlatPhorm headers. Secrets are not included in exports, local drafts, RSS, sitemap, llms files, model prompts, screenshots, or traces. Updated: 2026-05-25T08:34:46.538Z ## Public Pages - /: Layout workbench home - /builder: Responsive layout builder - /templates: Public layout template library - /preview: Viewport and responsive preview - /score: Deterministic layout scoring - /audit: URL/config layout audit - /export: JSON, HTML/CSS, React/Tailwind, Markdown, design spec, and report export - /gallery: Public layout examples - /docs: Human documentation - /faq: Layout FAQ - /privacy: Privacy policy - /terms: Terms of use ## REST Endpoints - GET /api/v1/templates: List real public layout templates; boundary=public-safe - GET /api/v1/templates/{slug}: Fetch one template; boundary=public-safe - GET/POST /api/v1/layouts: Ephemeral server layout drafts and local-first creation; boundary=public-safe - GET/PUT /api/v1/layouts/{id}: Ephemeral layout lookup/update when available; boundary=public-safe - POST /api/v1/layouts/preview: Generate deterministic responsive preview data; boundary=public-safe - POST /api/v1/layouts/score: Run deterministic Layout score; boundary=public-safe - POST /api/v1/layouts/export: Export JSON, HTML/CSS, React/Tailwind, Markdown, design spec JSON, or report output; boundary=public-safe - POST /api/v1/viewport/check: Check one viewport for overflow and tap-target risk; boundary=public-safe - POST /api/v1/grid/analyze: Analyze grid and region structure; boundary=public-safe - POST /api/v1/accessibility/check: Run deterministic accessibility hints; boundary=public-safe - POST /api/v1/responsive/check: Check configured breakpoints; boundary=public-safe - POST /api/v1/audit/url: Audit URL with deterministic layout checks and explicit degraded remote inspection state; boundary=public-safe - POST /api/v1/audit/config: Audit layout config with deterministic findings; boundary=public-safe - POST /api/v1/reports/layout: Create a degraded local report summary; boundary=future-protected - GET /api/v1/integrations/status: List Layout integration configuration/degraded state; boundary=public-safe - POST /api/v1/integrations/phorm: Future protected Phorm handoff scaffold; boundary=future-protected - POST /api/v1/integrations/browserops: Future protected BrowserOps layout check scaffold; boundary=future-protected - POST /api/v1/integrations/docs: Future protected Docs report scaffold; boundary=future-protected - POST /api/v1/integrations/decks: Future protected Deck summary scaffold; boundary=future-protected - POST /api/v1/integrations/sheets: Future protected Sheets report scaffold; boundary=future-protected - POST /api/v1/integrations/insights: Future protected Insights scoring handoff scaffold; boundary=future-protected - GET/POST /api/indexnow: Future protected IndexNow status/submission endpoint; boundary=future-protected - GET/POST /api/mcp: Layout MCP JSON-RPC endpoint; boundary=public-safe ## Discovery Routes - GET /api/health - GET /api/v1/health - GET /api/docs - GET /openapi.yaml - GET /openapi.json - GET /llms.txt - GET /llms-full.txt - GET /llms-index.json - GET /robots.txt - GET /sitemap.xml - GET /sitemap-main.xml - GET /sitemap-index.xml - GET /rss.xml - GET /feed.xml - GET /manifest.webmanifest - GET /.well-known/mcp.json - GET /.well-known/agents.json - GET /.well-known/ai-plugin.json - GET /.well-known/security.txt - GET /.well-known/trust.json - GET /api/mcp ## MCP Tools - list_layout_templates - get_layout_template - create_layout - preview_layout - score_layout - audit_layout_url - audit_layout_config - analyze_grid - check_responsive_layout - check_accessibility_layout - export_layout_json - export_layout_html_css - export_layout_react_tailwind - export_layout_spec - export_layout_markdown - export_layout_design_spec_json - export_layout_report - send_to_phorm - run_browserops_layout_check - get_health - get_info - get_route_compliance - get_discovery_compliance - create_docs_report - create_sheet_report - create_deck_summary - send_to_insights ## MCP Resources - layout://templates - layout://template/{slug} - layout://layouts - layout://layout/{id} - layout://examples - layout://audits/{id} - layout://standards - layout://scores/{id} - layout://faq - layout://openapi - layout://llms - layout://trust-policy ## MCP Prompts - generate_responsive_layout - improve_page_layout - analyze_layout_issues - create_dashboard_layout - create_article_layout - create_card_grid_layout - create_form_layout - create_platphorm_standard_layout - explain_layout_score - create_layout_export_plan - human_machine_layout_handoff ## Deterministic Scoring Checks include viewport overflow, horizontal scrolling risk, tap-target size hints, heading/layout hierarchy, grid consistency, spacing consistency, alignment consistency, content density, breakpoint coverage, mobile stacking behavior, image aspect/alt hints, form label hints, and semantic region hints. Layout does not claim full accessibility conformance unless a full external audit has run. ## Auth Policy Public-safe Phase 2 access is open. PLATPHORM_API_KEY support is scaffolded for future protected actions. Accepted future protected headers: Authorization: Bearer $PLATPHORM_API_KEY; X-PlatPhorm-API-Key: $PLATPHORM_API_KEY.