EUDIPLO Service API main¶
This is the API documentation for the EUDIPLO Service, which provides credential issuance and verification services
Tenant¶
GET /tenant¶
Get all tenants
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Response 200 OK
[
{
"id": "string",
"name": "string",
"description": "string",
"status": "string",
"clients": [
{
"clientId": "string",
"secret": "string",
"tenantId": "string",
"description": "string",
"roles": [
"presentation:manage"
],
"tenant": null
}
]
}
]
POST /tenant¶
Initialize a tenant
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
Schema of the request body
{
"type": "object",
"properties": {
"roles": {
"type": "array",
"items": {
"type": "string",
"enum": [
"presentation:manage",
"presentation:offer",
"issuance:manage",
"issuance:offer",
"clients:manage",
"tenants:manage"
]
}
},
"id": {
"type": "string",
"description": "The unique identifier for the tenant."
},
"name": {
"type": "string",
"description": "The name of the tenant."
},
"description": {
"type": "string",
"description": "The description of the tenant."
}
},
"required": [
"id",
"name"
]
}
Response 201 Created
GET /tenant/{id}¶
Get a tenant by ID
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
{
"id": "string",
"name": "string",
"description": "string",
"status": "string",
"clients": [
{
"clientId": "string",
"secret": "string",
"tenantId": "string",
"description": "string",
"roles": [
"presentation:manage"
],
"tenant": null
}
]
}
Schema of the response body
{
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "The unique identifier for the tenant."
},
"name": {
"type": "string",
"description": "The name of the tenant."
},
"description": {
"type": "string",
"description": "The description of the tenant."
},
"status": {
"type": "string",
"description": "The current status of the tenant."
},
"clients": {
"description": "The clients associated with the tenant.",
"type": "array",
"items": {
"$ref": "#/components/schemas/ClientEntity"
}
}
},
"required": [
"id",
"name",
"status",
"clients"
]
}
DELETE /tenant/{id}¶
Deletes a tenant by ID
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
client¶
GET /client¶
Get all clients for a user
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Response 200 OK
POST /client¶
Create a new client
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
Schema of the request body
{
"type": "object",
"properties": {
"clientId": {
"type": "string",
"description": "The unique identifier for the client."
},
"description": {
"type": "string",
"description": "The description of the client."
},
"roles": {
"type": "array",
"description": "The roles assigned to the client.",
"items": {
"type": "string",
"enum": [
"presentation:manage",
"presentation:offer",
"issuance:manage",
"issuance:offer",
"clients:manage",
"tenants:manage"
]
}
}
},
"required": [
"clientId",
"roles"
]
}
Response 201 Created
{
"clientId": "string",
"secret": "string",
"tenantId": "string",
"description": "string",
"roles": [
"presentation:manage"
],
"tenant": null
}
Schema of the response body
{
"type": "object",
"properties": {
"clientId": {
"type": "string",
"description": "The unique identifier for the client."
},
"secret": {
"type": "string",
"description": "The secret key for the client."
},
"tenantId": {
"type": "string",
"description": "The unique identifier for the tenant that the client belongs to. Only null for accounts that manage tenants, that do not belong to a client"
},
"description": {
"type": "string",
"description": "The description of the client."
},
"roles": {
"description": "The roles assigned to the client.",
"type": "array",
"items": {
"type": "string",
"enum": [
"presentation:manage",
"presentation:offer",
"issuance:manage",
"issuance:offer",
"clients:manage",
"tenants:manage"
]
}
},
"tenant": {
"description": "The tenant that the client belongs to.",
"allOf": [
{
"$ref": "#/components/schemas/TenantEntity"
}
]
}
},
"required": [
"clientId",
"roles"
]
}
GET /client/{id}¶
Get a client by its id
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
{
"clientId": "string",
"secret": "string",
"tenantId": "string",
"description": "string",
"roles": [
"presentation:manage"
],
"tenant": null
}
Schema of the response body
{
"type": "object",
"properties": {
"clientId": {
"type": "string",
"description": "The unique identifier for the client."
},
"secret": {
"type": "string",
"description": "The secret key for the client."
},
"tenantId": {
"type": "string",
"description": "The unique identifier for the tenant that the client belongs to. Only null for accounts that manage tenants, that do not belong to a client"
},
"description": {
"type": "string",
"description": "The description of the client."
},
"roles": {
"description": "The roles assigned to the client.",
"type": "array",
"items": {
"type": "string",
"enum": [
"presentation:manage",
"presentation:offer",
"issuance:manage",
"issuance:offer",
"clients:manage",
"tenants:manage"
]
}
},
"tenant": {
"description": "The tenant that the client belongs to.",
"allOf": [
{
"$ref": "#/components/schemas/TenantEntity"
}
]
}
},
"required": [
"clientId",
"roles"
]
}
PATCH /client/{id}¶
Update a client by its id
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Request body
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
Schema of the request body
{
"type": "object",
"properties": {
"description": {
"type": "string",
"description": "The description of the client."
},
"roles": {
"type": "array",
"description": "The roles assigned to the client.",
"items": {
"type": "string",
"enum": [
"presentation:manage",
"presentation:offer",
"issuance:manage",
"issuance:offer",
"clients:manage",
"tenants:manage"
]
}
}
},
"required": [
"roles"
]
}
Response 200 OK
DELETE /client/{id}¶
Get a client by its id
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
GET /client/{id}/secret¶
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
Key¶
GET /key¶
Get all keys for the tenant.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Response 200 OK
[
{
"id": "string",
"tenantId": "string",
"tenant": null,
"crt": "string",
"type": {},
"description": "string",
"createdAt": "2022-04-13T15:42:05.901Z",
"updatedAt": "2022-04-13T15:42:05.901Z"
}
]
POST /key¶
Add a new key to the key service.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
Schema of the request body
{
"type": "object",
"properties": {
"privateKey": {
"description": "The private key in JWK format.",
"allOf": [
{
"$ref": "#/components/schemas/Key"
}
]
},
"crt": {
"type": "string",
"description": "Optional certificate in PEM format."
},
"description": {
"type": "string",
"description": "Description of the key."
}
},
"required": [
"privateKey"
]
}
Response 201 Created
GET /key/{id}¶
Get a specific key by ID
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
{
"id": "string",
"tenantId": "string",
"tenant": null,
"crt": "string",
"type": {},
"description": "string",
"createdAt": "2022-04-13T15:42:05.901Z",
"updatedAt": "2022-04-13T15:42:05.901Z"
}
Schema of the response body
{
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "Unique identifier for the key."
},
"tenantId": {
"type": "string",
"description": "Tenant ID for the key."
},
"tenant": {
"description": "The tenant that owns this object.",
"allOf": [
{
"$ref": "#/components/schemas/TenantEntity"
}
]
},
"crt": {
"type": "string",
"description": "Certificate in PEM format."
},
"type": {
"type": "object",
"description": "Type of the certificate (access or signing)."
},
"description": {
"type": "string",
"description": "Description of the key."
},
"createdAt": {
"format": "date-time",
"type": "string",
"description": "The timestamp when the VP request was created."
},
"updatedAt": {
"format": "date-time",
"type": "string",
"description": "The timestamp when the VP request was last updated."
}
},
"required": [
"id",
"tenantId",
"tenant",
"crt",
"type",
"createdAt",
"updatedAt"
]
}
PUT /key/{id}¶
Updates an existing key in the key service.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Request body
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
Response 200 OK
DELETE /key/{id}¶
Delete a key from the key service.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
Presentation management¶
POST /presentation-management/request¶
Create an presentation request that can be sent to the user
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
Schema of the request body
{
"type": "object",
"properties": {
"response_type": {
"type": "string",
"description": "The type of response expected from the presentation request.",
"enum": [
"qrcode",
"uri",
"dc-api"
]
},
"requestId": {
"type": "string",
"description": "Identifier of the presentation configuration"
},
"webhook": {
"description": "Webhook configuration to receive the response.\nIf not provided, the configured webhook from the configuration will be used.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"redirectUri": {
"type": "string",
"description": "Optional redirect URI to which the user-agent should be redirected after the presentation is completed."
}
},
"required": [
"response_type",
"requestId"
]
}
Response 201 Created
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
GET /presentation-management¶
Returns the presentation request configurations.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Response 200 OK
[
{
"id": "string",
"tenant": null,
"description": "string",
"lifeTime": 10.12,
"dcql_query": null,
"registrationCert": null,
"webhook": null,
"createdAt": "2022-04-13T15:42:05.901Z",
"updatedAt": "2022-04-13T15:42:05.901Z",
"attached": [
{
"format": "string",
"data": {},
"credential_ids": [
"string"
]
}
],
"redirectUri": "string"
}
]
POST /presentation-management¶
Store a presentation request configuration. If it already exists, it will be updated.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
{
"id": "string",
"description": "string",
"lifeTime": 10.12,
"dcql_query": null,
"registrationCert": null,
"webhook": null,
"attached": [
{
"format": "string",
"data": {},
"credential_ids": [
"string"
]
}
],
"redirectUri": "string"
}
Schema of the request body
{
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "Unique identifier for the VP request."
},
"description": {
"type": "string",
"description": "Description of the presentation configuration."
},
"lifeTime": {
"type": "number",
"description": "Lifetime how long the presentation request is valid after creation, in seconds."
},
"dcql_query": {
"description": "The DCQL query to be used for the VP request.",
"allOf": [
{
"$ref": "#/components/schemas/DCQL"
}
]
},
"registrationCert": {
"description": "The registration certificate request containing the necessary details.",
"allOf": [
{
"$ref": "#/components/schemas/RegistrationCertificateRequest"
}
]
},
"webhook": {
"description": "Optional webhook URL to receive the response.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"attached": {
"description": "Attestation that should be attached",
"type": "array",
"items": {
"$ref": "#/components/schemas/PresentationAttachment"
}
},
"redirectUri": {
"type": "string",
"description": "Redirect URI to which the user-agent should be redirected after the presentation is completed."
}
},
"required": [
"id",
"dcql_query"
]
}
Response 201 Created
DELETE /presentation-management/{id}¶
Deletes a presentation request configuration by its ID.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
Session management¶
GET /session¶
Retrieves all sessions.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Response 200 OK
[
{
"status": "active",
"id": "string",
"createdAt": "2022-04-13T15:42:05.901Z",
"updatedAt": "2022-04-13T15:42:05.901Z",
"expiresAt": "2022-04-13T15:42:05.901Z",
"useDcApi": true,
"tenantId": "string",
"tenant": null,
"authorization_code": "string",
"request_uri": "string",
"auth_queries": null,
"offer": {},
"offerUrl": "string",
"credentialPayload": null,
"claimsWebhook": null,
"notifyWebhook": null,
"notifications": [
{}
],
"requestId": "string",
"requestUrl": "string",
"requestObject": "string",
"credentials": [
{}
],
"vp_nonce": "string",
"redirectUri": "string"
}
]
GET /session/{id}¶
Retrieves the session information for a given session ID.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No | The session ID |
Response 200 OK
{
"status": "active",
"id": "string",
"createdAt": "2022-04-13T15:42:05.901Z",
"updatedAt": "2022-04-13T15:42:05.901Z",
"expiresAt": "2022-04-13T15:42:05.901Z",
"useDcApi": true,
"tenantId": "string",
"tenant": null,
"authorization_code": "string",
"request_uri": "string",
"auth_queries": null,
"offer": {},
"offerUrl": "string",
"credentialPayload": null,
"claimsWebhook": null,
"notifyWebhook": null,
"notifications": [
{}
],
"requestId": "string",
"requestUrl": "string",
"requestObject": "string",
"credentials": [
{}
],
"vp_nonce": "string",
"redirectUri": "string"
}
Schema of the response body
{
"type": "object",
"properties": {
"status": {
"description": "Status of the session.",
"enum": [
"active",
"fetched",
"completed",
"expired",
"failed"
],
"type": "string"
},
"id": {
"type": "string",
"description": "Unique identifier for the session."
},
"createdAt": {
"format": "date-time",
"type": "string",
"description": "The timestamp when the request was created."
},
"updatedAt": {
"format": "date-time",
"type": "string",
"description": "The timestamp when the request was last updated."
},
"expiresAt": {
"format": "date-time",
"type": "string",
"description": "The timestamp when the request is set to expire."
},
"useDcApi": {
"type": "boolean",
"description": "Flag indicating whether to use the DC API for the presentation request."
},
"tenantId": {
"type": "string",
"description": "Tenant ID for multi-tenancy support."
},
"tenant": {
"description": "The tenant that owns this object.",
"allOf": [
{
"$ref": "#/components/schemas/TenantEntity"
}
]
},
"authorization_code": {
"type": "string"
},
"request_uri": {
"type": "string",
"description": "Request URI from the authorization request."
},
"auth_queries": {
"description": "Authorization queries associated with the session.",
"allOf": [
{
"$ref": "#/components/schemas/AuthorizeQueries"
}
]
},
"offer": {
"description": "Credential offer object containing details about the credential offer or presentation request.",
"type": "object"
},
"offerUrl": {
"type": "string",
"description": "Offer URL for the credential offer."
},
"credentialPayload": {
"description": "Credential payload containing the offer request details.",
"allOf": [
{
"$ref": "#/components/schemas/OfferRequestDto"
}
]
},
"claimsWebhook": {
"description": "Webhook configuration to send result and may receive further information.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"notifyWebhook": {
"description": "Webhook configuration to send the result of the notification response.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"notifications": {
"description": "Notifications associated with the session.",
"type": "array",
"items": {
"type": "object"
}
},
"requestId": {
"type": "string"
},
"requestUrl": {
"type": "string",
"description": "The URL of the presentation auth request."
},
"requestObject": {
"type": "string",
"description": "Signed presentation auth request."
},
"credentials": {
"description": "Verified credentials from the presentation process.",
"type": "array",
"items": {
"type": "object"
}
},
"vp_nonce": {
"type": "string",
"description": "Noncce from the Verifiable Presentation request."
},
"redirectUri": {
"type": "string",
"description": "Redirect URI to which the user-agent should be redirected after the presentation is completed."
}
},
"required": [
"status",
"id",
"createdAt",
"updatedAt",
"useDcApi",
"tenantId",
"tenant",
"notifications"
]
}
DELETE /session/{id}¶
Deletes a session by its ID
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
POST /session/revoke¶
Update the status of the credentials of a specific session.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
Schema of the request body
{
"type": "object",
"properties": {
"sessionId": {
"type": "string",
"description": "The session ID of the user"
},
"credentialConfigurationId": {
"type": "string",
"description": "The ID of the credential configuration\nThis is optional, if not provided, all credentials will be revoked of the session."
},
"status": {
"type": "number",
"description": "The status of the credential\n0 = valid, 1 = revoked, 2 = suspended"
}
},
"required": [
"sessionId",
"status"
]
}
Response 201 Created
Credentials¶
GET /issuer-management/credentials¶
Returns the credential configurations for this tenant.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Response 200 OK
[
{
"embeddedDisclosurePolicy": null,
"id": "string",
"description": "string",
"tenant": null,
"config": {
"format": "string",
"display": [
{
"name": "string",
"description": "string",
"locale": "string",
"background_color": "string",
"text_color": "string",
"background_image": {
"uri": "string"
},
"logo": null
}
],
"scope": "string"
},
"claims": {},
"claimsWebhook": null,
"notificationWebhook": null,
"disclosureFrame": {},
"vct": {
"vct": "string",
"name": "string",
"description": "string",
"extends": "string",
"extends#integrity": "string",
"schema_uri": "string",
"schema_uri#integrity": "string"
},
"keyBinding": true,
"keyId": "string",
"key": {
"id": "string",
"tenantId": "string",
"tenant": null,
"crt": "string",
"type": {},
"description": "string",
"createdAt": "2022-04-13T15:42:05.901Z",
"updatedAt": "2022-04-13T15:42:05.901Z"
},
"statusManagement": true,
"lifeTime": 10.12,
"schema": {
"$schema": "string",
"type": "string",
"properties": {},
"required": [
"string"
],
"title": "string",
"description": "string"
}
}
]
POST /issuer-management/credentials¶
Stores the credential configuration for this tenant.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
{
"embeddedDisclosurePolicy": null,
"id": "string",
"description": "string",
"config": {
"format": "string",
"display": [
{
"name": "string",
"description": "string",
"locale": "string",
"background_color": "string",
"text_color": "string",
"background_image": {
"uri": "string"
},
"logo": null
}
],
"scope": "string"
},
"claims": {},
"claimsWebhook": null,
"notificationWebhook": null,
"disclosureFrame": {},
"vct": {
"vct": "string",
"name": "string",
"description": "string",
"extends": "string",
"extends#integrity": "string",
"schema_uri": "string",
"schema_uri#integrity": "string"
},
"keyBinding": true,
"keyId": "string",
"statusManagement": true,
"lifeTime": 10.12,
"schema": {
"$schema": "string",
"type": "string",
"properties": {},
"required": [
"string"
],
"title": "string",
"description": "string"
}
}
Schema of the request body
{
"type": "object",
"properties": {
"embeddedDisclosurePolicy": {
"description": "Embedded disclosure policy (discriminated union by `policy`).\nThe discriminator makes class-transformer instantiate the right subclass,\nand then class-validator runs that subclass’s rules.",
"oneOf": [
{
"$ref": "#/components/schemas/AttestationBasedPolicy"
},
{
"$ref": "#/components/schemas/NoneTrustPolicy"
},
{
"$ref": "#/components/schemas/AllowListPolicy"
},
{
"$ref": "#/components/schemas/RootOfTrustPolicy"
}
],
"allOf": [
{
"$ref": "#/components/schemas/EmbeddedDisclosurePolicy"
}
]
},
"id": {
"type": "string"
},
"description": {
"type": "string"
},
"config": {
"$ref": "#/components/schemas/IssuerMetadataCredentialConfig"
},
"claims": {
"type": "object"
},
"claimsWebhook": {
"description": "Webhook to receive claims for the issuance process.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"notificationWebhook": {
"description": "Webhook to receive claims for the issuance process.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"disclosureFrame": {
"type": "object"
},
"vct": {
"$ref": "#/components/schemas/VCT"
},
"keyBinding": {
"type": "boolean"
},
"keyId": {
"type": "string"
},
"statusManagement": {
"type": "boolean"
},
"lifeTime": {
"type": "number"
},
"schema": {
"$ref": "#/components/schemas/SchemaResponse"
}
},
"required": [
"id",
"config"
]
}
Response 201 Created
DELETE /issuer-management/credentials/{id}¶
Deletes an credential configuration.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
Issuer management¶
POST /issuer-management/offer¶
Create an offer for a credential.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
{
"response_type": "qrcode",
"credentialConfigurationIds": [
"pid"
],
"flow": "pre_authorized_code"
}
Schema of the request body
{
"type": "object",
"properties": {
"response_type": {
"enum": [
"qrcode",
"uri",
"dc-api"
],
"type": "string",
"examples": [
{
"value": "qrcode"
}
],
"description": "The type of response expected for the offer request."
},
"claims": {
"type": "object",
"description": "Override the default values for the credential claims.",
"properties": {},
"examples": [
{
"pid": {
"given_name": "ERIKA",
"family_name": "MUSTERMANN"
}
}
]
},
"flow": {
"description": "The flow type for the offer request.",
"enum": [
"authorization_code",
"pre_authorized_code"
],
"type": "string"
},
"tx_code": {
"type": "string",
"description": "Transaction code for pre-authorized code flow."
},
"credentialConfigurationIds": {
"description": "List of credential configuration ids to be included in the offer.",
"type": "array",
"items": {
"type": "string"
}
},
"claimWebhook": {
"description": "Webhooks to fetch the claims dynamically.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"notifyWebhook": {
"description": "Webhook to notify about the status of the issuance process.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
}
},
"required": [
"response_type",
"flow",
"credentialConfigurationIds"
]
}
Response 201 Created
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
GET /issuer-management/issuance¶
Returns the issuance configurations for this tenant.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Response 200 OK
{
"tenant": null,
"authServers": [
"string"
],
"notifyWebhook": null,
"batchSize": 10.12,
"dPopRequired": true,
"display": [
{
"name": "string",
"locale": "string",
"logo": {
"uri": "string",
"alt_text": "string"
}
}
],
"createdAt": "2022-04-13T15:42:05.901Z",
"updatedAt": "2022-04-13T15:42:05.901Z"
}
Schema of the response body
{
"type": "object",
"properties": {
"tenant": {
"description": "The tenant that owns this object.",
"allOf": [
{
"$ref": "#/components/schemas/TenantEntity"
}
]
},
"authServers": {
"description": "Authentication server URL for the issuance process.",
"type": "array",
"items": {
"type": "string"
}
},
"notifyWebhook": {
"description": "Webhook to send the result of the notification response",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"batchSize": {
"type": "number",
"description": "Value to determine the amount of credentials that are issued in a batch.\nDefault is 1."
},
"dPopRequired": {
"type": "boolean",
"description": "Indicates whether DPoP is required for the issuance process. Default value is true."
},
"display": {
"type": "array",
"items": {
"$ref": "#/components/schemas/DisplayInfo"
}
},
"createdAt": {
"format": "date-time",
"type": "string",
"description": "The timestamp when the VP request was created."
},
"updatedAt": {
"format": "date-time",
"type": "string",
"description": "The timestamp when the VP request was last updated."
}
},
"required": [
"tenant",
"display",
"createdAt",
"updatedAt"
]
}
POST /issuer-management/issuance¶
Stores the issuance configuration for this tenant.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
{
"authServers": [
"string"
],
"notifyWebhook": null,
"batchSize": 10.12,
"dPopRequired": true,
"display": [
{
"name": "string",
"locale": "string",
"logo": {
"uri": "string",
"alt_text": "string"
}
}
]
}
Schema of the request body
{
"type": "object",
"properties": {
"authServers": {
"description": "Authentication server URL for the issuance process.",
"type": "array",
"items": {
"type": "string"
}
},
"notifyWebhook": {
"description": "Webhook to send the result of the notification response",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"batchSize": {
"type": "number",
"description": "Value to determine the amount of credentials that are issued in a batch.\nDefault is 1."
},
"dPopRequired": {
"type": "boolean",
"description": "Indicates whether DPoP is required for the issuance process. Default value is true."
},
"display": {
"type": "array",
"items": {
"$ref": "#/components/schemas/DisplayInfo"
}
}
},
"required": [
"display"
]
}
Response 201 Created
Health¶
GET /health¶
Endpoint to check the health of the service.
Response 200 OK
{
"status": "ok",
"info": {
"database": {
"status": "up"
}
},
"error": {},
"details": {
"database": {
"status": "up"
}
}
}
Schema of the response body
{
"type": "object",
"properties": {
"status": {
"type": "string",
"example": "ok"
},
"info": {
"type": "object",
"example": {
"database": {
"status": "up"
}
},
"additionalProperties": {
"type": "object",
"required": [
"status"
],
"properties": {
"status": {
"type": "string"
}
},
"additionalProperties": true
},
"nullable": true
},
"error": {
"type": "object",
"example": {},
"additionalProperties": {
"type": "object",
"required": [
"status"
],
"properties": {
"status": {
"type": "string"
}
},
"additionalProperties": true
},
"nullable": true
},
"details": {
"type": "object",
"example": {
"database": {
"status": "up"
}
},
"additionalProperties": {
"type": "object",
"required": [
"status"
],
"properties": {
"status": {
"type": "string"
}
},
"additionalProperties": true
}
}
}
}
Response 503 Service Unavailable
{
"status": "error",
"info": {
"database": {
"status": "up"
}
},
"error": {
"redis": {
"status": "down",
"message": "Could not connect"
}
},
"details": {
"database": {
"status": "up"
},
"redis": {
"status": "down",
"message": "Could not connect"
}
}
}
Schema of the response body
{
"type": "object",
"properties": {
"status": {
"type": "string",
"example": "error"
},
"info": {
"type": "object",
"example": {
"database": {
"status": "up"
}
},
"additionalProperties": {
"type": "object",
"required": [
"status"
],
"properties": {
"status": {
"type": "string"
}
},
"additionalProperties": true
},
"nullable": true
},
"error": {
"type": "object",
"example": {
"redis": {
"status": "down",
"message": "Could not connect"
}
},
"additionalProperties": {
"type": "object",
"required": [
"status"
],
"properties": {
"status": {
"type": "string"
}
},
"additionalProperties": true
},
"nullable": true
},
"details": {
"type": "object",
"example": {
"database": {
"status": "up"
},
"redis": {
"status": "down",
"message": "Could not connect"
}
},
"additionalProperties": {
"type": "object",
"required": [
"status"
],
"properties": {
"status": {
"type": "string"
}
},
"additionalProperties": true
}
}
}
}
Prometheus¶
GET /metrics¶
Response 200 OK
Storage¶
POST /storage¶
Upload files that belong to a tenant like images
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
Response 201 Created
GET /storage/{key}¶
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
key |
path | string | No |
Response 200 OK
Schemas¶
AllowListPolicy¶
| Name | Type |
|---|---|
policy |
string |
values |
Array<string> |
ApiKeyConfig¶
| Name | Type |
|---|---|
headerName |
string |
value |
string |
AttestationBasedPolicy¶
| Name | Type |
|---|---|
policy |
string |
values |
Array<PolicyCredential> |
AuthenticationMethodAuth¶
| Name | Type |
|---|---|
config |
AuthenticationUrlConfig |
method |
string |
AuthenticationMethodNone¶
| Name | Type |
|---|---|
method |
string |
AuthenticationMethodPresentation¶
| Name | Type |
|---|---|
config |
PresentationDuringIssuanceConfig |
method |
string |
AuthenticationUrlConfig¶
| Name | Type |
|---|---|
url |
string |
webhook |
AuthorizeQueries¶
| Name | Type |
|---|---|
auth_session |
string |
client_id |
string |
code_challenge |
string |
code_challenge_method |
string |
dpop_jkt |
string |
issuer_state |
string |
redirect_uri |
string |
request_uri |
string |
resource |
string |
response_type |
string |
scope |
string |
state |
string |
CertEntity¶
| Name | Type |
|---|---|
createdAt |
string(date-time) |
crt |
string |
description |
string |
id |
string |
tenant |
|
tenantId |
string |
type |
|
updatedAt |
string(date-time) |
Claim¶
| Name | Type |
|---|---|
path |
Array<string> |
ClaimsQuery¶
| Name | Type |
|---|---|
id |
string |
path |
Array<string> |
values |
Array<> |
ClientEntity¶
| Name | Type |
|---|---|
clientId |
string |
description |
string |
roles |
Array<string> |
secret |
string |
tenant |
|
tenantId |
string |
ClientSecretResponseDto¶
| Name | Type |
|---|---|
secret |
string |
CreateClientDto¶
| Name | Type |
|---|---|
clientId |
string |
description |
string |
roles |
Array<string> |
CreateTenantDto¶
| Name | Type |
|---|---|
description |
string |
id |
string |
name |
string |
roles |
Array<string> |
CredentialConfig¶
| Name | Type |
|---|---|
claims |
|
claimsWebhook |
|
config |
IssuerMetadataCredentialConfig |
description |
string |
disclosureFrame |
|
embeddedDisclosurePolicy |
|
id |
string |
key |
CertEntity |
keyBinding |
boolean |
keyId |
string |
lifeTime |
number |
notificationWebhook |
|
schema |
SchemaResponse |
statusManagement |
boolean |
tenant |
|
vct |
VCT |
CredentialConfigCreate¶
| Name | Type |
|---|---|
claims |
|
claimsWebhook |
|
config |
IssuerMetadataCredentialConfig |
description |
string |
disclosureFrame |
|
embeddedDisclosurePolicy |
|
id |
string |
keyBinding |
boolean |
keyId |
string |
lifeTime |
number |
notificationWebhook |
|
schema |
SchemaResponse |
statusManagement |
boolean |
vct |
VCT |
CredentialQuery¶
| Name | Type |
|---|---|
claims |
Array<Claim> |
format |
string |
id |
string |
meta |
|
multiple |
boolean |
trusted_authorities |
Array<TrustedAuthorityQuery> |
CredentialSetQuery¶
| Name | Type |
|---|---|
options |
Array<Array<string>> |
required |
boolean |
DCQL¶
| Name | Type |
|---|---|
credential_set |
Array<CredentialSetQuery> |
credentials |
Array<CredentialQuery> |
Display¶
| Name | Type |
|---|---|
background_color |
string |
background_image |
DisplayImage |
description |
string |
locale |
string |
logo |
DisplayImage |
name |
string |
text_color |
string |
DisplayImage¶
| Name | Type |
|---|---|
uri |
string |
DisplayInfo¶
| Name | Type |
|---|---|
locale |
string |
logo |
DisplayLogo |
name |
string |
DisplayLogo¶
| Name | Type |
|---|---|
alt_text |
string |
uri |
string |
EmbeddedDisclosurePolicy¶
| Name | Type |
|---|---|
policy |
string |
FileUploadDto¶
| Name | Type |
|---|---|
file |
string(binary) |
IssuanceConfig¶
| Name | Type |
|---|---|
authServers |
Array<string> |
batchSize |
number |
createdAt |
string(date-time) |
display |
Array<DisplayInfo> |
dPopRequired |
boolean |
notifyWebhook |
|
tenant |
|
updatedAt |
string(date-time) |
IssuanceDto¶
| Name | Type |
|---|---|
authServers |
Array<string> |
batchSize |
number |
display |
Array<DisplayInfo> |
dPopRequired |
boolean |
notifyWebhook |
IssuerMetadataCredentialConfig¶
| Name | Type |
|---|---|
display |
Array<Display> |
format |
string |
scope |
string |
Key¶
| Name | Type |
|---|---|
alg |
string |
crv |
string |
d |
string |
kid |
string |
kty |
string |
x |
string |
y |
string |
KeyImportDto¶
| Name | Type |
|---|---|
crt |
string |
description |
string |
privateKey |
NoneTrustPolicy¶
| Name | Type |
|---|---|
policy |
string |
OfferRequestDto¶
| Name | Type |
|---|---|
claims |
|
claimWebhook |
|
credentialConfigurationIds |
Array<string> |
flow |
string |
notifyWebhook |
|
response_type |
string |
tx_code |
string |
OfferResponse¶
| Name | Type |
|---|---|
session |
string |
uri |
string |
PolicyCredential¶
| Name | Type |
|---|---|
claims |
Array<ClaimsQuery> |
credential_sets |
Array<CredentialSetQuery> |
credentials |
Array<CredentialQuery> |
PresentationAttachment¶
| Name | Type |
|---|---|
credential_ids |
Array<string> |
data |
|
format |
string |
PresentationConfig¶
| Name | Type |
|---|---|
attached |
Array<PresentationAttachment> |
createdAt |
string(date-time) |
dcql_query |
|
description |
string |
id |
string |
lifeTime |
number |
redirectUri |
string |
registrationCert |
|
tenant |
|
updatedAt |
string(date-time) |
webhook |
PresentationConfigCreateDto¶
| Name | Type |
|---|---|
attached |
Array<PresentationAttachment> |
dcql_query |
|
description |
string |
id |
string |
lifeTime |
number |
redirectUri |
string |
registrationCert |
|
webhook |
PresentationDuringIssuanceConfig¶
| Name | Type |
|---|---|
type |
string |
PresentationRequest¶
| Name | Type |
|---|---|
redirectUri |
string |
requestId |
string |
response_type |
string |
webhook |
RegistrationCertificateRequest¶
| Name | Type |
|---|---|
body |
|
id |
string |
RootOfTrustPolicy¶
| Name | Type |
|---|---|
policy |
string |
values |
string |
SchemaResponse¶
| Name | Type |
|---|---|
$schema |
string |
description |
string |
properties |
|
required |
Array<string> |
title |
string |
type |
string |
Session¶
| Name | Type |
|---|---|
auth_queries |
|
authorization_code |
string |
claimsWebhook |
|
createdAt |
string(date-time) |
credentialPayload |
|
credentials |
Array<> |
expiresAt |
string(date-time) |
id |
string |
notifications |
Array<> |
notifyWebhook |
|
offer |
|
offerUrl |
string |
redirectUri |
string |
request_uri |
string |
requestId |
string |
requestObject |
string |
requestUrl |
string |
status |
string |
tenant |
|
tenantId |
string |
updatedAt |
string(date-time) |
useDcApi |
boolean |
vp_nonce |
string |
StatusUpdateDto¶
| Name | Type |
|---|---|
credentialConfigurationId |
string |
sessionId |
string |
status |
number |
TenantEntity¶
| Name | Type |
|---|---|
clients |
Array<ClientEntity> |
description |
string |
id |
string |
name |
string |
status |
string |
TrustedAuthorityQuery¶
| Name | Type |
|---|---|
type |
string |
values |
Array<string> |
UpdateClientDto¶
| Name | Type |
|---|---|
description |
string |
roles |
Array<string> |
UpdateKeyDto¶
| Name | Type |
|---|---|
crt |
string |
description |
string |
VCT¶
| Name | Type |
|---|---|
description |
string |
extends |
string |
extends#integrity |
string |
name |
string |
schema_uri |
string |
schema_uri#integrity |
string |
vct |
string |
WebHookAuthConfigHeader¶
| Name | Type |
|---|---|
config |
|
type |
string |
WebHookAuthConfigNone¶
| Name | Type |
|---|---|
type |
string |
WebhookConfig¶
| Name | Type |
|---|---|
auth |
|
url |
string |
Security schemes¶
| Name | Type | Scheme | Description |
|---|---|---|---|
| oauth2 | oauth2 |
More documentation¶
Documentation
For more information: https://openwallet-foundation-labs.github.io/eudiplo/latest/