EUDIPLO Service API main¶
This is the API documentation for the EUDIPLO Service, which provides credential issuance and verification services
Key¶
GET /key¶
Get all keys for the tenant.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Response 200 OK
POST /key¶
Add a new key to the key service.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
Response 201 Created
DELETE /key/{id}¶
Delete a key from the key service.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
Issuer management¶
GET /issuer-management/credentials¶
Returns the credential configurations for this tenant.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Response 200 OK
[
{
"id": "string",
"tenantId": "string",
"config": {},
"claims": {},
"disclosureFrame": {},
"vct": {
"vct": "string",
"name": "string",
"description": "string",
"extends": "string",
"extends#integrity": "string",
"schema_uri": "string",
"schema_uri#integrity": "string"
},
"schema": {
"$schema": {},
"type": {},
"properties": {},
"required": [
"string"
]
},
"credentialIssuanceBindings": [
{
"credentialConfigId": "string",
"issuanceConfigId": "string",
"credentialConfig": null,
"issuanceConfig": null,
"keyID": "string",
"createdAt": "2022-04-13T15:42:05.901Z"
}
]
}
]
POST /issuer-management/credentials¶
Stores the credential configuration for this tenant.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
{
"id": "string",
"tenantId": "string",
"config": {},
"claims": {},
"disclosureFrame": {},
"vct": {
"vct": "string",
"name": "string",
"description": "string",
"extends": "string",
"extends#integrity": "string",
"schema_uri": "string",
"schema_uri#integrity": "string"
},
"schema": {
"$schema": {},
"type": {},
"properties": {},
"required": [
"string"
]
},
"credentialIssuanceBindings": [
{
"credentialConfigId": "string",
"issuanceConfigId": "string",
"credentialConfig": null,
"issuanceConfig": null,
"keyID": "string",
"createdAt": "2022-04-13T15:42:05.901Z"
}
]
}
Schema of the request body
{
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "Unique identifier for the configuration to reference it."
},
"tenantId": {
"type": "string",
"description": "Tenant ID for the issuance configuration."
},
"config": {
"type": "object",
"description": "OID4VCI issuer metadata crddential configuration element."
},
"claims": {
"type": "object",
"description": "Claims that should be set by default when this credential is being issued. Will be overwritten when passed during a credential offer request."
},
"disclosureFrame": {
"type": "object",
"description": "Disclosure frame for the sd jwt vc."
},
"vct": {
"$ref": "#/components/schemas/VCT"
},
"schema": {
"$ref": "#/components/schemas/SchemaResponse"
},
"credentialIssuanceBindings": {
"description": "Link to all the issuance config bindings that are using this credential.",
"type": "array",
"items": {
"$ref": "#/components/schemas/CredentialIssuanceBinding"
}
}
},
"required": [
"id",
"tenantId",
"config",
"claims",
"disclosureFrame",
"credentialIssuanceBindings"
]
}
Response 201 Created
DELETE /issuer-management/credentials/{id}¶
Deletes an credential configuration.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
POST /issuer-management/offer¶
Create an offer for a credential. This endpoint may be protected
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
Schema of the request body
{
"type": "object",
"properties": {
"response_type": {
"example": "qrcode",
"enum": [
"qrcode",
"uri"
],
"type": "string",
"description": "The type of response expected for the offer request."
},
"issuanceId": {
"type": "string",
"example": "pid"
},
"credentialConfigurationIds": {
"example": [
"pid"
],
"type": "array",
"items": {
"type": "string"
}
}
},
"required": [
"response_type",
"issuanceId"
]
}
Response 201 Created
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
GET /issuer-management/issuance¶
Returns the issuance configurations for this tenant.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Response 200 OK
[
{
"id": "string",
"credentialIssuanceBindings": [
{
"credentialConfigId": "string",
"issuanceConfigId": "string",
"credentialConfig": null,
"issuanceConfig": null,
"keyID": "string",
"createdAt": "2022-04-13T15:42:05.901Z"
}
],
"authenticationConfig": {},
"createdAt": "2022-04-13T15:42:05.901Z",
"notifyWebhook": null
}
]
POST /issuer-management/issuance¶
Stores the issuance configuration for this tenant.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
{
"id": "string",
"credentialConfigs": [
{
"id": "string",
"keyId": "string"
}
],
"authenticationConfig": null,
"notifyWebhook": null
}
Schema of the request body
{
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "Unique identifier for the issuance configuration."
},
"credentialConfigs": {
"description": "Ids of the credential configurations associated with this issuance configuration.",
"type": "array",
"items": {
"$ref": "#/components/schemas/CredentialConfigMapping"
}
},
"authenticationConfig": {
"description": "Authentication configuration for the issuance process.\nThis includes details like the authentication method and any required parameters.",
"allOf": [
{
"$ref": "#/components/schemas/AuthenticationConfigDto"
}
]
},
"notifyWebhook": {
"description": "Optional webhook configuration to send the results of the notification response.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
}
},
"required": [
"id",
"credentialConfigs",
"authenticationConfig"
]
}
Response 201 Created
DELETE /issuer-management/issuance/{id}¶
Deletes an issuance configuration.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
Presentation management¶
POST /presentation-management/request¶
Create an presentation request that can be sent to the user
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
oauth2 |
header | string | N/A | No |
Request body
Schema of the request body
{
"type": "object",
"properties": {
"response_type": {
"type": "string",
"example": "qrcode",
"enum": [
"qrcode",
"uri"
]
},
"requestId": {
"type": "string",
"description": "Identifier of the presentation configuration",
"example": "pid"
},
"webhook": {
"description": "Webhook configuration to receive the response.\nIf not provided, the configured webhook from the configuration will be used.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
}
},
"required": [
"response_type",
"requestId"
]
}
Response 201 Created
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
GET /presentation-management¶
Returns the presentation request configurations.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Response 200 OK
POST /presentation-management¶
Store a presentation request configuration. If it already exists, it will be updated.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
{
"id": "string",
"dcql_query": {},
"registrationCert": null,
"webhook": null,
"createdAt": "2022-04-13T15:42:05.901Z"
}
Schema of the request body
{
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "Unique identifier for the VP request."
},
"dcql_query": {
"type": "object",
"description": "The DCQL query to be used for the VP request."
},
"registrationCert": {
"description": "The registration certificate request containing the necessary details.",
"allOf": [
{
"$ref": "#/components/schemas/RegistrationCertificateRequest"
}
]
},
"webhook": {
"description": "Optional webhook URL to receive the response.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"createdAt": {
"format": "date-time",
"type": "string",
"description": "The timestamp when the VP request was created."
}
},
"required": [
"id",
"dcql_query",
"registrationCert",
"createdAt"
]
}
Response 201 Created
{
"id": "string",
"dcql_query": {},
"registrationCert": null,
"webhook": null,
"createdAt": "2022-04-13T15:42:05.901Z"
}
Schema of the response body
{
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "Unique identifier for the VP request."
},
"dcql_query": {
"type": "object",
"description": "The DCQL query to be used for the VP request."
},
"registrationCert": {
"description": "The registration certificate request containing the necessary details.",
"allOf": [
{
"$ref": "#/components/schemas/RegistrationCertificateRequest"
}
]
},
"webhook": {
"description": "Optional webhook URL to receive the response.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"createdAt": {
"format": "date-time",
"type": "string",
"description": "The timestamp when the VP request was created."
}
},
"required": [
"id",
"dcql_query",
"registrationCert",
"createdAt"
]
}
DELETE /presentation-management/{id}¶
Deletes a presentation request configuration by its ID.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
Session management¶
GET /session¶
Retrieves all sessions.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Response 200 OK
[
{
"id": "string",
"issuanceId": "string",
"requestId": "string",
"credentials": [
{}
],
"authorization_code": "string",
"request_uri": "string",
"auth_queries": null,
"vp_nonce": "string",
"createdAt": "2022-04-13T15:42:05.901Z",
"offer": {},
"credentialPayload": null,
"webhook": null,
"notifyWebhook": null,
"notifications": [
{}
],
"tenantId": "string",
"status": {}
}
]
GET /session/{id}¶
Retrieves the session information for a given session ID.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No | |
id |
path | string | No |
Response 200 OK
{
"id": "string",
"issuanceId": "string",
"requestId": "string",
"credentials": [
{}
],
"authorization_code": "string",
"request_uri": "string",
"auth_queries": null,
"vp_nonce": "string",
"createdAt": "2022-04-13T15:42:05.901Z",
"offer": {},
"credentialPayload": null,
"webhook": null,
"notifyWebhook": null,
"notifications": [
{}
],
"tenantId": "string",
"status": {}
}
Schema of the response body
{
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "Unique identifier for the session."
},
"issuanceId": {
"type": "string"
},
"requestId": {
"type": "string",
"description": "The ID of the presentation configuration associated with the session."
},
"credentials": {
"description": "Verified credentials from the verification process.",
"type": "array",
"items": {
"type": "object"
}
},
"authorization_code": {
"type": "string",
"description": "Authorization code for the session."
},
"request_uri": {
"type": "string",
"description": "Request URI from the authorization request."
},
"auth_queries": {
"description": "Authorization queries associated with the session.",
"allOf": [
{
"$ref": "#/components/schemas/AuthorizeQueries"
}
]
},
"vp_nonce": {
"type": "string",
"description": "Noncce from the Verifiable Presentation request."
},
"createdAt": {
"format": "date-time",
"type": "string",
"description": "Credential offer object containing details about the credential offer or presentation request."
},
"offer": {
"type": "object",
"description": "Credential offer object containing details about the credential offer or presentation request."
},
"credentialPayload": {
"description": "Credential payload containing the offer request details.",
"allOf": [
{
"$ref": "#/components/schemas/OfferRequestDto"
}
]
},
"webhook": {
"description": "Webhook configuration to send result and may receive further information.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"notifyWebhook": {
"description": "Webhook configuration to send the result of the notification response.",
"allOf": [
{
"$ref": "#/components/schemas/WebhookConfig"
}
]
},
"notifications": {
"description": "Notifications associated with the session.",
"type": "array",
"items": {
"type": "object"
}
},
"tenantId": {
"type": "string",
"description": "Tenant ID for multi-tenancy support."
},
"status": {
"type": "object"
}
},
"required": [
"id",
"createdAt",
"notifications",
"tenantId",
"status"
]
}
POST /session/revoke¶
Update the status of the credentials of a specific session.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
oauth2 |
header | string | N/A | No |
Request body
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
Schema of the request body
{
"type": "object",
"properties": {
"sessionId": {
"type": "string",
"description": "The session ID of the user"
},
"credentialConfigurationId": {
"type": "string",
"description": "The ID of the credential configuration\nThis is optional, if not provided, all credentials will be revoked of the session."
},
"status": {
"type": "number",
"description": "The status of the credential\n0 = valid, 1 = revoked",
"enum": [
0,
1
]
}
},
"required": [
"sessionId",
"status"
]
}
Response 201 Created
Health¶
GET /health¶
Endpoint to check the health of the service.
Response 200 OK
{
"status": "ok",
"info": {
"database": {
"status": "up"
}
},
"error": {},
"details": {
"database": {
"status": "up"
}
}
}
Schema of the response body
{
"type": "object",
"properties": {
"status": {
"type": "string",
"example": "ok"
},
"info": {
"type": "object",
"example": {
"database": {
"status": "up"
}
},
"additionalProperties": {
"type": "object",
"required": [
"status"
],
"properties": {
"status": {
"type": "string"
}
},
"additionalProperties": true
},
"nullable": true
},
"error": {
"type": "object",
"example": {},
"additionalProperties": {
"type": "object",
"required": [
"status"
],
"properties": {
"status": {
"type": "string"
}
},
"additionalProperties": true
},
"nullable": true
},
"details": {
"type": "object",
"example": {
"database": {
"status": "up"
}
},
"additionalProperties": {
"type": "object",
"required": [
"status"
],
"properties": {
"status": {
"type": "string"
}
},
"additionalProperties": true
}
}
}
}
Response 503 Service Unavailable
{
"status": "error",
"info": {
"database": {
"status": "up"
}
},
"error": {
"redis": {
"status": "down",
"message": "Could not connect"
}
},
"details": {
"database": {
"status": "up"
},
"redis": {
"status": "down",
"message": "Could not connect"
}
}
}
Schema of the response body
{
"type": "object",
"properties": {
"status": {
"type": "string",
"example": "error"
},
"info": {
"type": "object",
"example": {
"database": {
"status": "up"
}
},
"additionalProperties": {
"type": "object",
"required": [
"status"
],
"properties": {
"status": {
"type": "string"
}
},
"additionalProperties": true
},
"nullable": true
},
"error": {
"type": "object",
"example": {
"redis": {
"status": "down",
"message": "Could not connect"
}
},
"additionalProperties": {
"type": "object",
"required": [
"status"
],
"properties": {
"status": {
"type": "string"
}
},
"additionalProperties": true
},
"nullable": true
},
"details": {
"type": "object",
"example": {
"database": {
"status": "up"
},
"redis": {
"status": "down",
"message": "Could not connect"
}
},
"additionalProperties": {
"type": "object",
"required": [
"status"
],
"properties": {
"status": {
"type": "string"
}
},
"additionalProperties": true
}
}
}
}
Authentication¶
POST /auth/oauth2/token¶
OAuth2 Token endpoint - supports client credentials flow only Accepts client credentials either in Authorization header (Basic auth) or request body
Request body
Response 200 OK
Response 201 Created
⚠️ This example has been generated automatically from the schema and it is not accurate. Refer to the schema for more information.
Response 401 Unauthorized
Prometheus¶
GET /metrics¶
Response 200 OK
Schemas¶
ApiKeyConfig¶
| Name | Type |
|---|---|
headerName |
string |
value |
string |
AuthenticationConfigDto¶
| Name | Type |
|---|---|
config |
|
method |
string |
AuthorizeQueries¶
| Name | Type |
|---|---|
auth_session |
string |
client_id |
string |
code_challenge |
string |
code_challenge_method |
string |
dpop_jkt |
string |
issuer_state |
string |
redirect_uri |
string |
request_uri |
string |
resource |
string |
response_type |
string |
scope |
string |
ClientCredentialsDto¶
| Name | Type |
|---|---|
client_id |
string |
client_secret |
string |
CredentialConfig¶
| Name | Type |
|---|---|
claims |
|
config |
|
credentialIssuanceBindings |
Array<CredentialIssuanceBinding> |
disclosureFrame |
|
id |
string |
schema |
SchemaResponse |
tenantId |
string |
vct |
VCT |
CredentialConfigMapping¶
| Name | Type |
|---|---|
id |
string |
keyId |
string |
CredentialIssuanceBinding¶
| Name | Type |
|---|---|
createdAt |
string(date-time) |
credentialConfig |
|
credentialConfigId |
string |
issuanceConfig |
|
issuanceConfigId |
string |
keyID |
string |
IssuanceConfig¶
| Name | Type |
|---|---|
authenticationConfig |
|
createdAt |
string(date-time) |
credentialIssuanceBindings |
Array<CredentialIssuanceBinding> |
id |
string |
notifyWebhook |
IssuanceDto¶
| Name | Type |
|---|---|
authenticationConfig |
|
credentialConfigs |
Array<CredentialConfigMapping> |
id |
string |
notifyWebhook |
Key¶
| Name | Type |
|---|---|
alg |
string |
crv |
string |
d |
string |
kid |
string |
kty |
string |
x |
string |
y |
string |
KeyImportDto¶
| Name | Type |
|---|---|
crt |
string |
privateKey |
KeyObj¶
OfferRequestDto¶
| Name | Type |
|---|---|
credentialConfigurationIds |
Array<string> |
issuanceId |
string |
response_type |
string |
OfferResponse¶
| Name | Type |
|---|---|
session |
string |
uri |
string |
PresentationConfig¶
| Name | Type |
|---|---|
createdAt |
string(date-time) |
dcql_query |
|
id |
string |
registrationCert |
|
webhook |
PresentationRequest¶
| Name | Type |
|---|---|
requestId |
string |
response_type |
string |
webhook |
RegistrationCertificateRequest¶
| Name | Type |
|---|---|
body |
|
id |
string |
SchemaResponse¶
| Name | Type |
|---|---|
$schema |
|
properties |
|
required |
Array<string> |
type |
Session¶
| Name | Type |
|---|---|
auth_queries |
|
authorization_code |
string |
createdAt |
string(date-time) |
credentialPayload |
|
credentials |
Array<> |
id |
string |
issuanceId |
string |
notifications |
Array<> |
notifyWebhook |
|
offer |
|
request_uri |
string |
requestId |
string |
status |
|
tenantId |
string |
vp_nonce |
string |
webhook |
StatusUpdateDto¶
| Name | Type |
|---|---|
credentialConfigurationId |
string |
sessionId |
string |
status |
number |
TokenResponse¶
| Name | Type |
|---|---|
access_token |
string |
expires_in |
number |
token_type |
string |
VCT¶
| Name | Type |
|---|---|
description |
string |
extends |
string |
extends#integrity |
string |
name |
string |
schema_uri |
string |
schema_uri#integrity |
string |
vct |
string |
WebHookAuthConfig¶
| Name | Type |
|---|---|
config |
|
type |
string |
WebhookConfig¶
| Name | Type |
|---|---|
auth |
|
url |
string |
Security schemes¶
| Name | Type | Scheme | Description |
|---|---|---|---|
| oauth2 | oauth2 |
More documentation¶
Documentation
For more information: https://openwallet-foundation-labs.github.io/eudiplo/latest/