iSHARE Test Environment - Detailed API specification API Reference

This page describes the iSHARE Test Environment APIs. Specifications listed on this page are functional Test Parties within iSHARE. They reflect what actual implementations of the generic API specifications look like.

Please contact tooling@ishareworks.org to apply for an iSHARE Test Certificate. Please provide your company EORI number, company name and country with this certificate request, otherwise we can not process your request. Please note that the Test environment currently does not provide an iSHARE Identity Provider, thus Human2Machine interaction is not supported yet.

API Endpoints base URL
https://party.isharetest.net
Request Content-Types: application/json, application/x-www-form-urlencoded
Schemes: https
Version: 1.10

Scheme Owner

Base URL https://scheme.isharetest.net - EORI=EU.EORI.NL000000000

Postman Collection: Scheme Owner

Obtains access token

POST /connect/token

Used to obtain an OAuth access token from the Scheme Owner. The format of access_token is not defined by this specification. They are left to the server and should be opaque to the Service Consumer. Refer to the iSHARE OAuth 2.0 documentation on the Technical Agreements page for additional information on the expected values from this access token request body.

grant_type
in formData
string

OAuth 2.0 grant type. MUST contain "client_credentials"

scope
in formData
string

OAuth 2.0 scope. Defaults to "iSHARE", indicating all rights of the Service Consumer are requested. Other values allow the Service Consumer to get tokens that do not include all rights the Service Consumer has.

client_id
in formData
string

OpenID Connect 1.0 client ID. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain a valid iSHARE identifier of the Service Consumer

client_assertion_type
in formData
string

OpenID Connect 1.0 client assertion type. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"

client_assertion
in formData
string

OpenID Connect 1.0 client assertion. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain JWT token conform iSHARE specifications, signed by the client.

Request body Example application/x-www-form-urlencoded
grant_type=client_credentials&scope=iSHARE&client_id=EU.EORI.NL000000001&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFZ1RDQ0FtbWdBd0lCQWdJSU45VmlDRGkzQndzd0RRWUpLb1pJaHZjTkFRRUxCUUF3U0RFWk1CY0dBMVVFQXd3UWFWTklRVkpGVkdWemRFTkJYMVJNVXpFTk1Bc0dBMVVFQ3d3RVZHVnpkREVQTUEwR0ExVUVDZ3dHYVZOSVFWSkZNUXN3Q1FZRFZRUUdFd0pPVERBZUZ3MHhPVEF5TVRVeE1UUTJNVFZhRncweU1UQXlNVFF4TVRRMk1UVmFNRUl4RlRBVEJnTlZCQU1NREVGQ1F5QlVjblZqYTJsdVp6RWNNQm9HQTFVRUJSTVRSVlV1UlU5U1NTNU9UREF3TURBd01EQXdNVEVMTUFrR0ExVUVCaE1DVGt3d2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUMwTzRoVWhEK1ZvT0tWSVpTTk1OVGZ6YzBPMmtZaitaenBRRUFCWkd0UHR5MGtLUEplcDArbzV4c3RvdTFLK1V4dkhmeEVwSHhIR1RkdHFadWMyOExoVTRDZUNnb2VETURUK0NIUzNOb3NpRVNRTXdoL1paZVRjOS9lS0NvNTY5R0NuKzJYdFRpR1NwQlN3TVNXcU5IZ3BBWllLZEhyVC9rRU1JeVRLb2F1dWlLUThjVXA3b3c3bVp6LzlLK3FWM3M5TDAzMFc4SWF3TEpCSksvMmFwQXQ1amgxajQvbUY3ZjBxOHpoemhyQzh2MDFQTGxaZHVUempqQnJlN216K3lpL3ZsWXovZWFwMGVZVGpoeElhdHlWOUZGd2xtaTRGQzFDTmNNdExoOG5zaUpvZTVjQm0xM0xLYlFGdTNHWUg3Nm9lTFp2V3FiUGJwMTFteGxIYS9LZEFnTUJBQUdqZFRCek1Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVUZqem5JT25XbE84ZjVhTHh1UHkrNnQ4c040RXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUhBd0V3SFFZRFZSME9CQllFRkFQSCs4VXJZaVZMWGFLUFJHZmxrQStjdXNRN01BNEdBMVVkRHdFQi93UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVlsNXRXSDBZdFlTOUp5cXlsWkpXb21BNTVTaEtsbGFCUmN2cm82Q0h4bGxKV0hvMHFDOVpUTWN2Q3l3TXYxNFZKeVFkNmVGWnFjVnRPbHVHclJaQmtsSDlBYW5rb3ZwMkpMYXFjRDc5dDFDeXVYWm5JelRGbC9Ca01zRTZ3bEFKWFkvc2Fybm94ZWllalA0RS9FZi8wZXVJRnZCYUlDQ0YrS2QyV0pZYmJuMFd5MGRINDg0UUpiSHlNdFZmcjQyb0lwVU5WdUxTdTg0eUtZQWVtOUpCdVlUcDNZMEsyaGlFQVcvYk9LRHZ2SGV0VmY1ZnU2NnlmZWtEWDUzajNOS2lGSkNYUzJyS0lab0R1TUZ1eHBTeVZrUzJrYldrMSs1Sm95N3FPU05BTlJGUGxwSGNnekxRWnA4SHJndmhzbWhJdDFWVFZZa3l4Y2Q4cVhBbGh3cVZnT3E1TmdMeGtxdWw5aE5NR2lNN3NxK0g3M1EvRmk4aWY3Z1A4SVZBU3pRR3d1SGcyWjg3aWI2QTJ2b24wZlJKWnEzZkl1YkhveEk2M0FUd2ZjUks4NnkxNzJ4YkZFM1ZVMGR1TjF0STVaMFRDZzBHQUpZdEpwYm52ZXhJdDVsazVGSWs0VGh2UjBMOG1OTHkxRFVhMTFOK0VNeGtxYmZxbFR1ckI4WmczQ1kvUWFTS21YWTVDTVV3V2VFQlhSSGh5ZmtaUTVqUFBVSHJGYW95T1JYOHAxRXJZRGt0QjFLOW80am11RVZwQjMzY3ZnWUJFaUF5VjV6NDQyNkZ1VkNNYkhhRkRWN2lLVzllQmxYb3hlWm80WFg4K2pYeVNMNUdXOFh3TlJUSzVjNHZXMDJRM1ZKeVlWZTV1bWVzdHNLUStMUjhpQXpvVVNyZUsxOCtKa0FqQUpVPSJdfQ.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAxIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMSIsImp0aSI6ImE1MjJjZWZkNGNmNjQyMWE4ZGUzOGJjYjBjMDhlYjliIiwiaWF0IjoxNTU2MDM0NzM0LCJuYmYiOjE1NTYwMzQ3MzQsImV4cCI6MTU1NjAzNDc2NCwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCJ9.SU59EXhAukbDVP0Y8Yb_1-5Za7QCgAtgq_bh9qRKNY0t3P7nodr2b6ue2DqmIZ_bvysC77zX01QCiCCT3vT7iU4ee4HINMP9gsujoNC0L1ONL2twoJeE91hWUke8dBL9m_ipP0x5-XivQAdS9vJTHQu1A_m5VB0O_XD4JGLwrwjD2d-UE4Fhyy4ilKSPKFpqhoAi2qPkmonZki-RaYoPkrq49LW_v8OVKW7yFJvEDIwph0hEcWxl0udyeu3Cy35NWMnLZdu6gp2f4yxOq3FPrufO5bT0aihioI04V8avggzVJdVcrDTK9Q0Hzhs-22VamkncUZqPvRmo_uwypNHFBg
Request body Example formatted for visibility

  {
  "grant_type": "client_credentials",
  "scope": "iSHARE",
  "client_id": "EU.EORI.NL000000001",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
  "client_assertion": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFZ1RDQ0FtbWdBd0lCQWdJSU45VmlDRGkzQndzd0RRWUpLb1pJaHZjTkFRRUxCUUF3U0RFWk1CY0dBMVVFQXd3UWFWTklRVkpGVkdWemRFTkJYMVJNVXpFTk1Bc0dBMVVFQ3d3RVZHVnpkREVQTUEwR0ExVUVDZ3dHYVZOSVFWSkZNUXN3Q1FZRFZRUUdFd0pPVERBZUZ3MHhPVEF5TVRVeE1UUTJNVFZhRncweU1UQXlNVFF4TVRRMk1UVmFNRUl4RlRBVEJnTlZCQU1NREVGQ1F5QlVjblZqYTJsdVp6RWNNQm9HQTFVRUJSTVRSVlV1UlU5U1NTNU9UREF3TURBd01EQXdNVEVMTUFrR0ExVUVCaE1DVGt3d2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUMwTzRoVWhEK1ZvT0tWSVpTTk1OVGZ6YzBPMmtZaitaenBRRUFCWkd0UHR5MGtLUEplcDArbzV4c3RvdTFLK1V4dkhmeEVwSHhIR1RkdHFadWMyOExoVTRDZUNnb2VETURUK0NIUzNOb3NpRVNRTXdoL1paZVRjOS9lS0NvNTY5R0NuKzJYdFRpR1NwQlN3TVNXcU5IZ3BBWllLZEhyVC9rRU1JeVRLb2F1dWlLUThjVXA3b3c3bVp6LzlLK3FWM3M5TDAzMFc4SWF3TEpCSksvMmFwQXQ1amgxajQvbUY3ZjBxOHpoemhyQzh2MDFQTGxaZHVUempqQnJlN216K3lpL3ZsWXovZWFwMGVZVGpoeElhdHlWOUZGd2xtaTRGQzFDTmNNdExoOG5zaUpvZTVjQm0xM0xLYlFGdTNHWUg3Nm9lTFp2V3FiUGJwMTFteGxIYS9LZEFnTUJBQUdqZFRCek1Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVUZqem5JT25XbE84ZjVhTHh1UHkrNnQ4c040RXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUhBd0V3SFFZRFZSME9CQllFRkFQSCs4VXJZaVZMWGFLUFJHZmxrQStjdXNRN01BNEdBMVVkRHdFQi93UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVlsNXRXSDBZdFlTOUp5cXlsWkpXb21BNTVTaEtsbGFCUmN2cm82Q0h4bGxKV0hvMHFDOVpUTWN2Q3l3TXYxNFZKeVFkNmVGWnFjVnRPbHVHclJaQmtsSDlBYW5rb3ZwMkpMYXFjRDc5dDFDeXVYWm5JelRGbC9Ca01zRTZ3bEFKWFkvc2Fybm94ZWllalA0RS9FZi8wZXVJRnZCYUlDQ0YrS2QyV0pZYmJuMFd5MGRINDg0UUpiSHlNdFZmcjQyb0lwVU5WdUxTdTg0eUtZQWVtOUpCdVlUcDNZMEsyaGlFQVcvYk9LRHZ2SGV0VmY1ZnU2NnlmZWtEWDUzajNOS2lGSkNYUzJyS0lab0R1TUZ1eHBTeVZrUzJrYldrMSs1Sm95N3FPU05BTlJGUGxwSGNnekxRWnA4SHJndmhzbWhJdDFWVFZZa3l4Y2Q4cVhBbGh3cVZnT3E1TmdMeGtxdWw5aE5NR2lNN3NxK0g3M1EvRmk4aWY3Z1A4SVZBU3pRR3d1SGcyWjg3aWI2QTJ2b24wZlJKWnEzZkl1YkhveEk2M0FUd2ZjUks4NnkxNzJ4YkZFM1ZVMGR1TjF0STVaMFRDZzBHQUpZdEpwYm52ZXhJdDVsazVGSWs0VGh2UjBMOG1OTHkxRFVhMTFOK0VNeGtxYmZxbFR1ckI4WmczQ1kvUWFTS21YWTVDTVV3V2VFQlhSSGh5ZmtaUTVqUFBVSHJGYW95T1JYOHAxRXJZRGt0QjFLOW80am11RVZwQjMzY3ZnWUJFaUF5VjV6NDQyNkZ1VkNNYkhhRkRWN2lLVzllQmxYb3hlWm80WFg4K2pYeVNMNUdXOFh3TlJUSzVjNHZXMDJRM1ZKeVlWZTV1bWVzdHNLUStMUjhpQXpvVVNyZUsxOCtKa0FqQUpVPSJdfQ.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAxIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMSIsImp0aSI6ImE1MjJjZWZkNGNmNjQyMWE4ZGUzOGJjYjBjMDhlYjliIiwiaWF0IjoxNTU2MDM0NzM0LCJuYmYiOjE1NTYwMzQ3MzQsImV4cCI6MTU1NjAzNDc2NCwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCJ9.SU59EXhAukbDVP0Y8Yb_1-5Za7QCgAtgq_bh9qRKNY0t3P7nodr2b6ue2DqmIZ_bvysC77zX01QCiCCT3vT7iU4ee4HINMP9gsujoNC0L1ONL2twoJeE91hWUke8dBL9m_ipP0x5-XivQAdS9vJTHQu1A_m5VB0O_XD4JGLwrwjD2d-UE4Fhyy4ilKSPKFpqhoAi2qPkmonZki-RaYoPkrq49LW_v8OVKW7yFJvEDIwph0hEcWxl0udyeu3Cy35NWMnLZdu6gp2f4yxOq3FPrufO5bT0aihioI04V8avggzVJdVcrDTK9Q0Hzhs-22VamkncUZqPvRmo_uwypNHFBg",
  }
200 OK
access_token

string

token_type

string

expires_in

integer

Response Example (200 OK)
{
  "access_token""eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwMjEyOTUsImV4cCI6MTU1NjAyNDg5NSwiaXNzIjoiaHR0cHM6Ly9zY2hlbWUuaXNoYXJldGVzdC5uZXQvIiwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCIsImNsaWVudF9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJzY29wZSI6WyJpU0hBUkUiXX0.vk4aRhGKxqpX7TrdfBS6xP0mL1V7ZmNNF-6eQDRhcCHK4Y5j0zzMxKE6GkRQjf0pBeOupPENJJGQCk6pp9jqbxWJ7RxHqSmS_9NVd5sC98SyEszuiFqkyQi_ff7LbvJ5d2ZVN8u1w_VeszpIUin2wZqi20WBi1M35zrHumBYHfRFWdgh0XpBuzgIzAZ40ujLWvyz3Tl4MALiRxOI5uBsLferE7YR8cmRjfMR4od7U33ZB5SKvp0qlIEVvEkWrzlAXeSkHyMMePfmWXVimxsIQbqlRFh6EBdIUv4S3EIh_aW2ys9NGE8RjHPZ4mytQivkWJO5HGQCYJ7VyMBGGDLIOw",
  "token_type": "Bearer",
  "expires_in": 3600
}

Retrieves iSHARE capabilities

GET /capabilities

Retrieves the iSHARE capabilities (supported versions & optional features) of the iSHARE Scheme Owner. Server response is an iSHARE signed JSON Web Token. Please refer to the models ‘jwt_header’ and ‘jwt_payload_capabilities’ which indicate what the decoded response will look like.

Will only return the public endpoints if no access token is provided. For more information see the Technical Agreements page.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Do-Not-Sign
in header
boolean

Optional iSHARE specific boolean indicating the response SHALL not be signed. For testing purposes only, certified party response in production environment MUST always be signed.

Request Example (In Header)
{
  "Authorization":"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwMTYyNjIsImV4cCI6MTU1NjAxOTg2MiwiaXNzIjoiaHR0cHM6Ly9zY2hlbWUuaXNoYXJldGVzdC5uZXQvIiwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCIsImNsaWVudF9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJzY29wZSI6WyJpU0hBUkUiXX0.Yy8lJhCsOC1tU_A6bLQvWF6Ydm_XsH80HcOHPri6YJKUMU_fJUvZs6hnitgtwAHuTDPn5Ngdir6W4HhVTI8XSWerbJzdmbYKg5q8YDMo1QG3K_Dsu_Z6KLI91kMauFx_skx79z-kC-t_V0CSBRThq_Ij08qMmVkbWWpj6x0sJ1P7Pd0A1otYoOjSfYRRtTAm1IsJXHuAIe7lErR4uuQr8uKlljPIUh69kl5NAtj8l31uR1Kuqp1KfzZUeEPFM0m1efhK609Tjq4sxn8PG5HMthkc2snO8BcI53FYWuQ71txFEaCxTHYQipUhcxWVUczDjIosW9eKYVD7O6r1th0cVw"
}
capabilities_token

string

Response Example (200 OK)
{
  "capabilities_token":"eyJ4NWMiOlsiTUlJSTZEQ0NCdENnQXdJQkFnSVVLVm1hcWhmSEE2NGJ3dElWSGplRkUrUlVWdm93RFFZSktvWklodmNOQVFFTEJRQXdnWUl4Q3pBSkJnTlZCQVlUQWs1TU1TQXdIZ1lEVlFRS0RCZFJkVzlXWVdScGN5QlVjblZ6ZEd4cGJtc2dRaTVXTGpFWE1CVUdBMVVFWVF3T1RsUlNUa3d0TXpBeU16YzBOVGt4T0RBMkJnTlZCQU1NTDFGMWIxWmhaR2x6SUZCTFNXOTJaWEpvWldsa0lFOXlaMkZ1YVhOaGRHbGxJRk5sY25abGNpQkRRU0F0SUVjek1CNFhEVEU1TURNd05EQTRNakkxTkZvWERUSXhNRE13TkRBNE16SXdNRm93Z1p3eEhUQWJCZ05WQkFVVEZEQXdNREF3TURBek56TXdOVGd5T0Rrd01EQXdNUXN3Q1FZRFZRUUdFd0pPVERFV01CUUdBMVVFQ0F3TlRtOXZjbVF0U0c5c2JHRnVaREVTTUJBR0ExVUVCd3dKUVcxemRHVnlaR0Z0TVNRd0lnWURWUVFLREJ0VGRHbGphSFJwYm1jZ2FWTklRVkpGSUVadmRXNWtZWFJwYjI0eEhEQWFCZ05WQkFNTUUzZDNkeTVwYzJoaGNtVjNiM0pyY3k1dmNtY3dnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFETzI5SzY3ZkkrL1FJbFdGemNNa09qUWF2QUxzR2dxcHQyaytYM1hWOWVWM0JLeFB4QXVRbWpDNkVON2xFWktoMTdnMGcyejVVT3lRaFBwQ0JBaHhKbVUyeFdWajlhVWh6OW8ySWh5dUVRSk5XNTlmWmlVQW1DWW5OMWV6NkR0VjhSZ3JlWktIM1FTNGowT2xpdWtnVlo2NldidkQ3QlpiNVVGSjEvUXZnbXcyc0VJV0VlSHFGMzF5WHhsellUdW54TFFjM1pxRVdFOUVwWnNROCtYbVVvMGlaQm9WWnBEVE92cXZDdWd2QjB2QXdFd2IvdHJmQlR0M2xwVjU5ZzVtL1JqeWhOcmVpR0h4Y2lvRGkzeGxObnc1end1YXRzWTJsRStHM1hpSFhJN2tMOEprckUrOCtTWkhId1Y3aC8weXVrbWtsM2dWTVNDeFZpWHp1T0xZSFpBZ01CQUFHamdnUTRNSUlFTkRBZkJnTlZIU01FR0RBV2dCUzM2ZERwLzJjTzJad01CeTZYMUg1TGVYajBJREI3QmdnckJnRUZCUWNCQVFSdk1HMHdQQVlJS3dZQkJRVUhNQUtHTUdoMGRIQTZMeTkwY25WemRDNXhkVzkyWVdScGMyZHNiMkpoYkM1amIyMHZjR3RwYjNObGNuWmxjbWN6TG1OeWREQXRCZ2dyQmdFRkJRY3dBWVloYUhSMGNEb3ZMM05zTG05amMzQXVjWFZ2ZG1Ga2FYTm5iRzlpWVd3dVkyOXRNRU1HQTFVZEVRUThNRHFDRTNkM2R5NXBjMmhoY21WM2IzSnJjeTV2Y21lQ0VuTnZMbWx6YUdGeVpYZHZjbXR6TG05eVo0SVBhWE5vWVhKbGQyOXlhM011YjNKbk1JSUJPZ1lEVlIwZ0JJSUJNVENDQVMwd2dnRWZCZ3BnaEJBQmgyc0JBZ1VHTUlJQkR6QTBCZ2dyQmdFRkJRY0NBUllvYUhSMGNEb3ZMM2QzZHk1eGRXOTJZV1JwYzJkc2IySmhiQzVqYjIwdmNtVndiM05wZEc5eWVUQ0IxZ1lJS3dZQkJRVUhBZ0l3Z2NrTWdjWlNaV3hwWVc1alpTQnZiaUIwYUdseklHTmxjblJwWm1sallYUmxJR0o1SUdGdWVTQndZWEowZVNCaGMzTjFiV1Z6SUdGalkyVndkR0Z1WTJVZ2IyWWdkR2hsSUhKbGJHVjJZVzUwSUZGMWIxWmhaR2x6SUVObGNuUnBabWxqWVhScGIyNGdVSEpoWTNScFkyVWdVM1JoZEdWdFpXNTBJR0Z1WkNCdmRHaGxjaUJrYjJOMWJXVnVkSE1nYVc0Z2RHaGxJRkYxYjFaaFpHbHpJSEpsY0c5emFYUnZjbmtnS0doMGRIQTZMeTkzZDNjdWNYVnZkbUZrYVhObmJHOWlZV3d1WTI5dEtTNHdDQVlHWjRFTUFRSUNNQjBHQTFVZEpRUVdNQlFHQ0NzR0FRVUZCd01DQmdnckJnRUZCUWNEQVRBL0JnTlZIUjhFT0RBMk1EU2dNcUF3aGk1b2RIUndPaTh2WTNKc0xuRjFiM1poWkdseloyeHZZbUZzTG1OdmJTOXdhMmx2YzJWeWRtVnlaek11WTNKc01CMEdBMVVkRGdRV0JCUlQ0c0xrY1lpdzNUblpWMHJCL1h0NVJIV1JHekFPQmdOVkhROEJBZjhFQkFNQ0JhQXdnZ0dBQmdvckJnRUVBZFo1QWdRQ0JJSUJjQVNDQVd3QmFnQjNBRzlUZHF3eDhERVoySmtBcEZFVi8zY1ZIQkhaQXNFQUtRYU5zZ2lhTjlrVEFBQUJhVWZWbkJVQUFBUURBRWd3UmdJaEFMSGlreW8wdkhUSnU1TXdua0RaWXkyTm9LSGlMZFgwMnV5dXZ1UVIvTWIzQWlFQTdsUVcrbDl3VUhzRGFxaXBCTGNGVXRCRnZPMm54d3VnazdBWnlIMzVCMDBBZHdEdVM3MjNkYzVndXVGQ2FSK3I0WjVtb3c5K1g3QnkySU1BeEh1SmVxajl5d0FBQVdsSDFacXlBQUFFQXdCSU1FWUNJUUNYYnpaOStHYzUwVXVVVTlCT1FSaE90NXEvS3oxU1FKK0xDUi9yUzBwYld3SWhBSXdXbCtDbE52U05nSGFsUWNhYkh4YTVCc0hUUDAvZmQ5VHA0SmY5OWVQeUFIWUFWWUhVd2hhUU5nRks2Z3ViVnp4VDhNRGtPSGh3SlFnWEw2T3FIUWNUMHd3QUFBRnBSOVdhK0FBQUJBTUFSekJGQWlFQStJeXR1U3l6S0puU2lVZXVCbG1VbkQwV3c0eFE2UWF3M3JheEVzUm9ITW9DSUJ3RlRRS0hZSUk1VXViTlZ4Vk8zN3FaZTJaZmY5Z1luMDllaW5Zb1dvNXdNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUNBUUNUWklTK1B0bFFBS2l4WVo0c3h6YWZIQmFCdldsUlJVdTJaRWxHVFVmWmVQOFp0Q3lyOFJkaVNGZ0x5RlB5WXJ6Q2lUQW9SNFg1ZXFrRUhtbUUwN1pZdmVPTWhmaGoxS2thaVJ4d3l6VlFUeTQzaEZlSGQrMFdDODFnT1dVT3dlWnYyUE5BclYyUVByT2hEKzMxTTV6WEY0UzNCcFVRdXRBYUlScGZtazRYNkxFNk5iM3lUendaVzRtYVFkV1dZZlhEc3ozSUlNSm5xS2xtRTJWV0JrNGhGeW5HN0pySUYwc2NZMnNWN0djbHJ6NFlqcERnMXhzVndhcHpMdnVjNW1HcHVjeGhIaEJwLzI2d2Z3dVVGSDVKdThOVlFVYzcyL2xCYkNSZEVPVFQ5eTdTUWdDVXFEa0dsYnNsc0Qzc1JsMWd4NTNhQ0JCWG9WTVdWdHpaaEd0WkVZdTNtNWtQV1dpQkNZY3BtVFdWTFZ1dnRCUHRWZ1VXNEJtU3FkSUZRbWpjMmZvaG05aXJKNmRiemU5V2t6N3NDMG9KbHJ3Y1ltZE5IeG5kTHd6eWdPbWFKeXNyRzVTZHNlcHE5TTNtdHYzdHBLOFp4OGd1N1VSODI4L2FvRTlZeXNXMThrZWNVRjBybytBZEZhb1crWEhsQmJzQXdVSXBsZ1VqK1lySW01MElnSzlFcUtHMzk0eEUvUmk3ODkyOVNHYzJtT2FsenRUYmp5UGoyYmJ2UEpTempHTGU3R0d2cGd0UFFDYjE0N1oyZ2JjT0ZSU1hySU5JUlpCOG5LY1JueHJmQmpYTFRxV1pQSVZCR0tXb1REeU1qM1ltVWdUVlI0M3JmcHkwOEpyRFU1MmMwbWtlWFQ5WW84OGNnd2pudFBzQ2lkR29JTUFwMHdLa2RpMjV2QT09Il0sImFsZyI6IlJTMjU2IiwidHlwIjoiSldUIn0.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAwIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCIsImp0aSI6IjQ3YzI4N2E1OTJlNTQ4YjBiY2FmMTQ3YWY5MThkOWY0IiwiaWF0IjoxNTU2MDM3OTI2LCJleHAiOjE1NTYwMzc5NTYsImNhcGFiaWxpdGllc19pbmZvIjp7InBhcnR5X2lkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCIsImlzaGFyZV9yb2xlcyI6W3sicm9sZSI6IlNjaGVtZSBPd25lciJ9XSwic3VwcG9ydGVkX3ZlcnNpb25zIjpbeyJ2ZXJzaW9uIjoiMS43Iiwic3VwcG9ydGVkX2ZlYXR1cmVzIjpbeyJwdWJsaWMiOlt7ImlkIjoiMzY5NUMyNzMtM0NBOC00ODJBLUJEMUMtMTg1QUYyRkZGMTNFIiwiZmVhdHVyZSI6ImNhcGFiaWxpdGllcyIsImRlc2NyaXB0aW9uIjoiUmV0cmlldmVzIGlTSEFSRSBjYXBhYmlsaXRpZXMiLCJ1cmwiOiJodHRwczovL3NvLmlzaGFyZXdvcmtzLm9yZy9jYXBhYmlsaXRpZXMiLCJ0b2tlbl9lbmRwb2ludCI6Imh0dHBzOi8vc28uaXNoYXJld29ya3Mub3JnL2Nvbm5lY3QvdG9rZW4ifSx7ImlkIjoiRTdFREUyQ0MtQUE4Mi00NTYzLUI0RTMtQkU2MjY4QTRGQkQ4IiwiZmVhdHVyZSI6ImFjY2VzcyB0b2tlbiIsImRlc2NyaXB0aW9uIjoiT2J0YWlucyBhY2Nlc3MgdG9rZW4iLCJ1cmwiOiJodHRwczovL3NvLmlzaGFyZXdvcmtzLm9yZy9jb25uZWN0L3Rva2VuIn0seyJpZCI6IjU1MzA3MURDLUQ0NDctNDg4MC04NDZFLUE2MUIxNkUxMjNBNCIsImZlYXR1cmUiOiJwYXJ0aWVzIGluZm9ybWF0aW9uIiwiZGVzY3JpcHRpb24iOiJPYnRhaW5zIGluZm9ybWF0aW9uIG9uIGlTSEFSRSBwYXJ0aWVzIiwidXJsIjoiaHR0cHM6Ly9zby5pc2hhcmV3b3Jrcy5vcmcvcGFydGllcyIsInRva2VuX2VuZHBvaW50IjoiaHR0cHM6Ly9zby5pc2hhcmV3b3Jrcy5vcmcvY29ubmVjdC90b2tlbiJ9LHsiaWQiOiJGOTRDMUU2Ni1FREJDLTQ5Q0EtODE4Ny01M0RGOEUwNjRGMTgiLCJmZWF0dXJlIjoicGFydHkgaW5mb3JtYXRpb24iLCJkZXNjcmlwdGlvbiI6Ik9idGFpbnMgaW5mb3JtYXRpb24gb24gaVNIQVJFIHBhcnR5IiwidXJsIjoiaHR0cHM6Ly9zby5pc2hhcmV3b3Jrcy5vcmcvcGFydGllcy97cGFydHlJZH0iLCJ0b2tlbl9lbmRwb2ludCI6Imh0dHBzOi8vc28uaXNoYXJld29ya3Mub3JnL2Nvbm5lY3QvdG9rZW4ifSx7ImlkIjoiQjkzRjk1NUItQTdGQy00OTVGLTkxQjctQjFDNDFDOTBFNEQ1IiwiZmVhdHVyZSI6InRydXN0ZWRfbGlzdCIsImRlc2NyaXB0aW9uIjoiT2J0YWlucyBsaXN0IG9mIGlTSEFSRSB0cnVzdGVkIENlcnRpZmljYXRlIEF1dGhvcml0aWVzIiwidXJsIjoiaHR0cHM6Ly9zby5pc2hhcmV3b3Jrcy5vcmcvdHJ1c3RlZF9saXN0IiwidG9rZW5fZW5kcG9pbnQiOiJodHRwczovL3NvLmlzaGFyZXdvcmtzLm9yZy9jb25uZWN0L3Rva2VuIn1dfV19XX19.JtUMkYMXtYV_Cf0UgKHTnO7Vo-QeIifTLfbnHvdolrIKn1Eiij7RLnSWrnYinfbYIZmw25_viZbcmfIL7VFlj6koLUR6hMM42NrooFe3kxyTV8so3-LNXDuWWEhdhicLx_3Vlvr4r-FPhUpdiATvcjwpbw8Y__Dg633vUKuKjcEe7Ah_dY_DjFxdS4vupILak4PnBuy2Z463WtMLh5-ijwFdIsj_NJRJRC38BB8Khko-xN_PNxPr99-moTi6SOcyuJwYhBeSWVtBrKnqHgonheDClRaKEywfbbluVxoBzvkC4y7vxHbq91C0LVTqb0uCSK_xFeo1bgrVYCIl-MhxxA"
}
Decoded Response Example (JWT Payload)
{
  "party_id": "EU.EORI.NL000000000",
  "ishare_roles": [
    {
      "role": "Scheme Owner"
    }
  ],
  "supported_versions": [
    {
      "version": "1.7",
      "supported_features": [
        {
          "public": [
            {          
              "id": "3695C273-3CA8-482A-BD1C-185AF2FFF13E",
              "feature": "capabilities",
              "description": "Retrieves iSHARE capabilities",
              "url": "https://so.ishareworks.org/capabilities",
              "token_endpoint": "https://so.ishareworks.org/connect/token"
           },
           {          
              "id": "E7EDE2CC-AA82-4563-B4E3-BE6268A4FBD8",
              "feature": "access token",
              "description": "Obtains access token",
              "url": "https://so.ishareworks.org/connect/token"
           },
           {          
              "id": "553071DC-D447-4880-846E-A61B16E123A4",
              "feature": "parties information",
              "description": "Obtains information on iSHARE parties",
              "url": "https://so.ishareworks.org/parties",
              "token_endpoint": "https://so.ishareworks.org/connect/token"
           }
          ]
        }
      ]
    }
  ]
}

Obtains information on an iSHARE party

GET /parties

Used to obtain information on iSHARE participants from the iSHARE Scheme owner. Should be used to verify the status of an iSHARE participant. Furthermore offers limited search functionality through 'name' and 'eori' parameters, and 'certified_only' and 'active_only' booleans (which enables the restricion to certified parties only and active parties only). Server response is an iSHARE signed JSON Web Token. Please refer to the models ‘jwt_header’ and and ‘jwt_payload_parties’ which indicate what the decoded response will look like.

Authorization
in header
string

Oauth 2.0 authorization based on bearer token. MUST contain ”Bearer” + access token value

Do-Not-Sign
in header
string

Optional iSHARE specific boolean indicating the response SHALL not be signed.

name
in query
string

Optional parameter used to search by party's name. Can contain a single * as wildcard.

eori
in query
string

Optional parameter used to search by party's EORI. Can contain a single * as wildcard.

certified_only
in query
boolean

Optional parameter used to search all certified parties.

active_only
in query
boolean

Optional parameter used to search all active parties.

certificate_subject_name
in query
string

subjectName as encoded in the X.509 certificate which corresponds with the party_id that is being requested from the Scheme Owner. Used by the Scheme Owner to match the certificate identifier and party_id. Only returns info if combined with the valid eori associated to it.

page
in query
integer

Optional parameter used for navigation in case the result contains more than 10 parties.

date_time
in query
string

Date time for which the information is requested. If provided the result becomes final and therefore MUST be cacheable.

Request Example (Requesting info on Warehouse 13)


Query:
/parties?eori=EU.EORI.NL000000003
Header
{ "Authorization":"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwMTYyNjIsImV4cCI6MTU1NjAxOTg2MiwiaXNzIjoiaHR0cHM6Ly9zY2hlbWUuaXNoYXJldGVzdC5uZXQvIiwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCIsImNsaWVudF9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJzY29wZSI6WyJpU0hBUkUiXX0.Yy8lJhCsOC1tU_A6bLQvWF6Ydm_XsH80HcOHPri6YJKUMU_fJUvZs6hnitgtwAHuTDPn5Ngdir6W4HhVTI8XSWerbJzdmbYKg5q8YDMo1QG3K_Dsu_Z6KLI91kMauFx_skx79z-kC-t_V0CSBRThq_Ij08qMmVkbWWpj6x0sJ1P7Pd0A1otYoOjSfYRRtTAm1IsJXHuAIe7lErR4uuQr8uKlljPIUh69kl5NAtj8l31uR1Kuqp1KfzZUeEPFM0m1efhK609Tjq4sxn8PG5HMthkc2snO8BcI53FYWuQ71txFEaCxTHYQipUhcxWVUczDjIosW9eKYVD7O6r1th0cVw" }
parties_token

string

Response Example (200 OK)
{
  "parties_token":"eyJ4NWMiOlsiTUlJRWlEQ0NBbkNnQXdJQkFnSUllRElyZG5ZbzJuZ3dEUVlKS29aSWh2Y05BUUVMQlFBd1NERVpNQmNHQTFVRUF3d1FhVk5JUVZKRlZHVnpkRU5CWDFSTVV6RU5NQXNHQTFVRUN3d0VWR1Z6ZERFUE1BMEdBMVVFQ2d3R2FWTklRVkpGTVFzd0NRWURWUVFHRXdKT1REQWVGdzB4T1RBeU1UVXhNVFEyTlRoYUZ3MHlNVEF5TVRReE1UUTJOVGhhTUVreEhEQWFCZ05WQkFNTUUybFRTRUZTUlNCVFkyaGxiV1VnVDNkdVpYSXhIREFhQmdOVkJBVVRFMFZWTGtWUFVra3VUa3d3TURBd01EQXdNREF4Q3pBSkJnTlZCQVlUQWs1TU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBMFJvb2hlUEwwMk52NEJaVEoza3A3bktzaHNtanJjcjhNQmFBaFFwWlpBc2dUQWxtUWlDVFBtM2M4cVlQcU4rVHVnZ0ZXQ05uKzlXNTRDNVVHcXNJd3RYVGszWWV4QXdaNG9qUlJ0bzhsMUhQRFZBUzZXdlc3NEFDTlpsRWdHd2pyQ0d5MitNNVFQN083d0IwVDZvRkJvZlJ3SFpHemdidFNiU1FodXF3VXhmMEdaSTh4QWwyL0dUSDI1VmZwOVQ3MUpFcG9aOWtzUDNDSWk1QkhrbGJUNUdLeEVPRmZkTU11cFg3bVduTlFiTHh1UXBBdEdDdW9yR2ZQRkU3RjVldkUxem9wd2NlQTVGc0UxTGFCUnF0K0VPcFBJbVNhalIwMmJjaEs5alM2bllFV3MvRlpHTHRKYWxsNUwzU25aTTZPaFd4TStsS0d6Rkt3NVRJWE45RE13SURBUUFCbzNVd2N6QU1CZ05WSFJNQkFmOEVBakFBTUI4R0ExVWRJd1FZTUJhQUZCWTg1eURwMXBUdkgrV2k4Ymo4dnVyZkxEZUJNQk1HQTFVZEpRUU1NQW9HQ0NzR0FRVUZCd01CTUIwR0ExVWREZ1FXQkJSZndpalQ3NWRJS1BsRkMvQ3RSRHFVS1g5VE5qQU9CZ05WSFE4QkFmOEVCQU1DQmFBd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dJQkFLNFBXVHEvZHF0Vm0rNFdDZDFLUUo0dGorbjRjY0lBWUxETXFZU0JKc042UTJjdE1SQy8rK3lNL293UEhCcmlUendXL2pvQXBOUGVaaDFJVFRnU3phMzhtM2h4b0RxMXV4NkhWR3lLNVFDUW9qRmRsZWM3dE9IbG1jYnV5VjRDRXlNWmJHK3lMbVZESTNxNTNWQVBnV3ZLSWkyUlVwc1BOdzJsbzZINjZ2SE5wNWZpcEIvdEU0Q0RsYS9UYU41MWxOM2xYT3c0bHRiWmJ6YmQ2TXhJbEVDUWZKSDVlUHJpcGFrSmhuaVZrWnZRVmthS0FlcFNYMGFEWUxPcFFRbmV0RFdab1ZKS0FzR0VMM0hMaWhxWXNEejcvQlQzRHdUMEtDNSs5OGdqR1p3dkx3ZXRKOTZLWFRBRTUwMmYzak95UDdERDZ1SytKS2d2UVp5dkk1L0V1cDBUdE5sUmZKeThhZDhweCszOG9JeEdBbGJzS29XbXowb2FNR0MrbFZHTlAyTTQ4TTdWa3RCVHB5bXF4Vnd0VGt2TVBqWldIS2xYdDJXMzNtTktHakpTOTVJNXZxT0tQV1NTc1dkSlJZSkNsbUVybWlkTlczMWxXQVZQcjFpU1M0SlhEdllQTENQNDRhNGVkMEdhV1pSdi9iK0QyK1FVZ09iOFN6bWpQdmYvMkdOdHFXUmR5WXRYWjl2eDAzNGkrWEYveWU4c2lOK1grd0ZIdFJ1bXRzd2Irc2NRZjRmVTZNaktCS1VzUERBUkFHakhqNXhIQkRqcTg0bmpHdVFjbDBoYlMzK1pTVjROcWtKSVVzMkxVdDlFdjFYN2FCNy85NUVYQWNnTlhkM0tQVm0zcDhORDc1QXFNMEZHUUVhUXlPd3FLY3FUQ2xKQ3VmR3NVWTRzN3JXUiJdLCJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAwIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCIsImp0aSI6IjVjZjk4YTJjNzEzZDQ1MWViZjIxMTRjYzAyYTdiMmRmIiwiaWF0IjoxNTU2MDIzODc2LCJleHAiOjE1NTYwMjM5MDYsImF1ZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJwYXJ0aWVzX2luZm8iOnsiY291bnQiOjEsImRhdGEiOlt7InBhcnR5X2lkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMyIsInBhcnR5X25hbWUiOiJXYXJlaG91c2UgMTMgQi5WLiIsImFkaGVyZW5jZSI6eyJzdGF0dXMiOiJBY3RpdmUiLCJzdGFydF9kYXRlIjoiMjAxOC0wNC0yNlQwMDowMDowMCIsImVuZF9kYXRlIjoiMjAxOS0wNy0yNVQwMDowMDowMCJ9LCJjZXJ0aWZpY2F0aW9ucyI6W10sImNhcGFiaWxpdHlfdXJsIjoiaHR0cHM6Ly93MTMuaXNoYXJldGVzdC5uZXQvY2FwYWJpbGl0aWVzIn1dfX0.XY5ebg1wNEmv1ll1jQ90fm84uk_j5NKBBUckJaUPLMf85polj8Zm5xNUGZhJTj5cYyz0p9lzhfJ-DAHEVEG2Xzy0eEoBuvZqA5PVtx4STsDeR-7uyDk-3rTPn9U1yIgeguBD6NXLAVNVsDBNz5UOyIOZVsAf2ZdUr0khzvM1hUwBeLuDwzU2d8EOH0_mRYUlu2BnDvGgW2i_rWXhIbafMMPCfmDRXh1KESC0WSMo0nJgJdVY9S0a2TKd-rbTaVx5WL2IL3avLrANyWonQ6HJEPMT80ql5ccABZa2KeTtVDTXSnqWGuxi4otb5lm3HS7UYwxKM8bXF7CQRn56pi5NKw"
}
Decoded Response Example (JWT Payload)
{
  "count": 1,
  "data": [
    {
      "party_id": "EU.EORI.NL000000003",
      "party_name": "Warehouse 13 B.V.",
      "adherence": {
            "status": "Active",
            "start_date": "2018-04-26T00:00:00",
            "end_date": "2019-07-25T00:00:00"
      },
      "certifications": [],
      "capability_url": "https://w13.isharetest.net/capabilities",
    }
  ]
}

Obtains information on an iSHARE party

GET /parties/{party_id}

Used to obtain information on an iSHARE participant from the iSHARE Scheme owner. By default returns current state. Server response is an iSHARE signed JSON Web Token. Please refer to the models ‘jwt_header’ and ‘jwt_payload_party’ which indicate what the decoded response will look like.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Do-Not-Sign
in header
boolean

Optional iSHARE specific boolean indicating the response SHALL not be signed. For testing purposes only, certified party response in production environment MUST always be signed.

party_id
in path
string

iSHARE specific identifier of the party for which information is requested

date_time
in query
string

Date time for which the information is requested. If provided the result becomes final and therefore MUST be cacheable

certificate_subject_name
in query
string

subjectName as encoded in the X.509 certificate which corresponds with the party_id that is being requested from the Scheme Owner. Used by the Scheme Owner to match the certificate identifier and party_id

Request Example (Requesting info on Warehouse 13)


Path:
/parties/EU.EORI.NL000000003
Header:
{ "Authorization":"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwMTYyNjIsImV4cCI6MTU1NjAxOTg2MiwiaXNzIjoiaHR0cHM6Ly9zY2hlbWUuaXNoYXJldGVzdC5uZXQvIiwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCIsImNsaWVudF9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJzY29wZSI6WyJpU0hBUkUiXX0.Yy8lJhCsOC1tU_A6bLQvWF6Ydm_XsH80HcOHPri6YJKUMU_fJUvZs6hnitgtwAHuTDPn5Ngdir6W4HhVTI8XSWerbJzdmbYKg5q8YDMo1QG3K_Dsu_Z6KLI91kMauFx_skx79z-kC-t_V0CSBRThq_Ij08qMmVkbWWpj6x0sJ1P7Pd0A1otYoOjSfYRRtTAm1IsJXHuAIe7lErR4uuQr8uKlljPIUh69kl5NAtj8l31uR1Kuqp1KfzZUeEPFM0m1efhK609Tjq4sxn8PG5HMthkc2snO8BcI53FYWuQ71txFEaCxTHYQipUhcxWVUczDjIosW9eKYVD7O6r1th0cVw" }
party_token

string

Response Example (200 OK)
{
  "party_token":"eyJ4NWMiOlsiTUlJRWlEQ0NBbkNnQXdJQkFnSUllRElyZG5ZbzJuZ3dEUVlKS29aSWh2Y05BUUVMQlFBd1NERVpNQmNHQTFVRUF3d1FhVk5JUVZKRlZHVnpkRU5CWDFSTVV6RU5NQXNHQTFVRUN3d0VWR1Z6ZERFUE1BMEdBMVVFQ2d3R2FWTklRVkpGTVFzd0NRWURWUVFHRXdKT1REQWVGdzB4T1RBeU1UVXhNVFEyTlRoYUZ3MHlNVEF5TVRReE1UUTJOVGhhTUVreEhEQWFCZ05WQkFNTUUybFRTRUZTUlNCVFkyaGxiV1VnVDNkdVpYSXhIREFhQmdOVkJBVVRFMFZWTGtWUFVra3VUa3d3TURBd01EQXdNREF4Q3pBSkJnTlZCQVlUQWs1TU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBMFJvb2hlUEwwMk52NEJaVEoza3A3bktzaHNtanJjcjhNQmFBaFFwWlpBc2dUQWxtUWlDVFBtM2M4cVlQcU4rVHVnZ0ZXQ05uKzlXNTRDNVVHcXNJd3RYVGszWWV4QXdaNG9qUlJ0bzhsMUhQRFZBUzZXdlc3NEFDTlpsRWdHd2pyQ0d5MitNNVFQN083d0IwVDZvRkJvZlJ3SFpHemdidFNiU1FodXF3VXhmMEdaSTh4QWwyL0dUSDI1VmZwOVQ3MUpFcG9aOWtzUDNDSWk1QkhrbGJUNUdLeEVPRmZkTU11cFg3bVduTlFiTHh1UXBBdEdDdW9yR2ZQRkU3RjVldkUxem9wd2NlQTVGc0UxTGFCUnF0K0VPcFBJbVNhalIwMmJjaEs5alM2bllFV3MvRlpHTHRKYWxsNUwzU25aTTZPaFd4TStsS0d6Rkt3NVRJWE45RE13SURBUUFCbzNVd2N6QU1CZ05WSFJNQkFmOEVBakFBTUI4R0ExVWRJd1FZTUJhQUZCWTg1eURwMXBUdkgrV2k4Ymo4dnVyZkxEZUJNQk1HQTFVZEpRUU1NQW9HQ0NzR0FRVUZCd01CTUIwR0ExVWREZ1FXQkJSZndpalQ3NWRJS1BsRkMvQ3RSRHFVS1g5VE5qQU9CZ05WSFE4QkFmOEVCQU1DQmFBd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dJQkFLNFBXVHEvZHF0Vm0rNFdDZDFLUUo0dGorbjRjY0lBWUxETXFZU0JKc042UTJjdE1SQy8rK3lNL293UEhCcmlUendXL2pvQXBOUGVaaDFJVFRnU3phMzhtM2h4b0RxMXV4NkhWR3lLNVFDUW9qRmRsZWM3dE9IbG1jYnV5VjRDRXlNWmJHK3lMbVZESTNxNTNWQVBnV3ZLSWkyUlVwc1BOdzJsbzZINjZ2SE5wNWZpcEIvdEU0Q0RsYS9UYU41MWxOM2xYT3c0bHRiWmJ6YmQ2TXhJbEVDUWZKSDVlUHJpcGFrSmhuaVZrWnZRVmthS0FlcFNYMGFEWUxPcFFRbmV0RFdab1ZKS0FzR0VMM0hMaWhxWXNEejcvQlQzRHdUMEtDNSs5OGdqR1p3dkx3ZXRKOTZLWFRBRTUwMmYzak95UDdERDZ1SytKS2d2UVp5dkk1L0V1cDBUdE5sUmZKeThhZDhweCszOG9JeEdBbGJzS29XbXowb2FNR0MrbFZHTlAyTTQ4TTdWa3RCVHB5bXF4Vnd0VGt2TVBqWldIS2xYdDJXMzNtTktHakpTOTVJNXZxT0tQV1NTc1dkSlJZSkNsbUVybWlkTlczMWxXQVZQcjFpU1M0SlhEdllQTENQNDRhNGVkMEdhV1pSdi9iK0QyK1FVZ09iOFN6bWpQdmYvMkdOdHFXUmR5WXRYWjl2eDAzNGkrWEYveWU4c2lOK1grd0ZIdFJ1bXRzd2Irc2NRZjRmVTZNaktCS1VzUERBUkFHakhqNXhIQkRqcTg0bmpHdVFjbDBoYlMzK1pTVjROcWtKSVVzMkxVdDlFdjFYN2FCNy85NUVYQWNnTlhkM0tQVm0zcDhORDc1QXFNMEZHUUVhUXlPd3FLY3FUQ2xKQ3VmR3NVWTRzN3JXUiJdLCJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAwIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCIsImp0aSI6ImUxNGVjY2Q2ZTgwZjRhZjViYTc0NWJlMWViNzE5MDM0IiwiaWF0IjoxNTU2MDI0NDAwLCJleHAiOjE1NTYwMjQ0MzAsImF1ZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJwYXJ0eV9pbmZvIjp7InBhcnR5X2lkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMyIsInBhcnR5X25hbWUiOiJXYXJlaG91c2UgMTMgQi5WLiIsImFkaGVyZW5jZSI6eyJzdGF0dXMiOiJBY3RpdmUiLCJzdGFydF9kYXRlIjoiMjAxOC0wNC0yNlQwMDowMDowMCIsImVuZF9kYXRlIjoiMjAxOS0wNy0yNVQwMDowMDowMCJ9LCJjZXJ0aWZpY2F0aW9ucyI6W10sImNhcGFiaWxpdHlfdXJsIjoiaHR0cHM6Ly93MTMuaXNoYXJldGVzdC5uZXQvY2FwYWJpbGl0aWVzIn19.l0qJfclzG6wz8MCe0MQREz_OhUpGfwQNVFu080_NHc109TKecxWeYQwy7i3OYuY1SIvMSfbBrf1-QVydCkKkM-zRpJkPXfME90n0JPW74opVnw50NPMcNiou4HkV0F8WiBoOebq6e_UM1nvx76xfbFy5YuGvfqcs97usL8vUDRaT5PZK_WVhT7USPHHJk7kXqVBL0BCSqutL1U4ITdnh9NM3N7p7QzIh0IAbQyLC-cbh27B9y-A9A9lKf7z22MDpKKLDoGGNb_Cm6lty8vjoPu1VHVi9gL5DYCKxC9qCZD8L7HYHRslkf8uX9GBEpzn6A8JSgXXATQE8D3077eLiQA"
}
Decoded Response Example (JWT Payload)

{
  "party_id": "EU.EORI.NL000000003",
  "party_name": "Warehouse 13 B.V.",
  "adherence": {
        "status": "Active",
        "start_date": "2018-04-26T00:00:00",
        "end_date": "2019-07-25T00:00:00"
  },
  "certifications": [],
  "capability_url": "https://w13.isharetest.net/capabilities",
}

Obtains iSHARE trusted list

GET /scheme_owner/trusted_list

Used to obtain the iSHARE trusted list of certificate authorities. In Test environment, this will return the iSHARE Test CAs which issue Test certificates. In the production environment, this will return PKIoverheid and eIDAS-qualified CAs. Server response is an iSHARE signed JSON Web Token. Please refer to the models ‘jwt_header’ and and ‘jwt_payload_trusted_list_token’ which indicate what the decoded response will look like. The certificate_fingerprint is the SHA256-fingerprint of the certificate.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Request Example (Requesting the trusted list)
Header:
{ "Authorization":"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwMTYyNjIsImV4cCI6MTU1NjAxOTg2MiwiaXNzIjoiaHR0cHM6Ly9zY2hlbWUuaXNoYXJldGVzdC5uZXQvIiwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCIsImNsaWVudF9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJzY29wZSI6WyJpU0hBUkUiXX0.Yy8lJhCsOC1tU_A6bLQvWF6Ydm_XsH80HcOHPri6YJKUMU_fJUvZs6hnitgtwAHuTDPn5Ngdir6W4HhVTI8XSWerbJzdmbYKg5q8YDMo1QG3K_Dsu_Z6KLI91kMauFx_skx79z-kC-t_V0CSBRThq_Ij08qMmVkbWWpj6x0sJ1P7Pd0A1otYoOjSfYRRtTAm1IsJXHuAIe7lErR4uuQr8uKlljPIUh69kl5NAtj8l31uR1Kuqp1KfzZUeEPFM0m1efhK609Tjq4sxn8PG5HMthkc2snO8BcI53FYWuQ71txFEaCxTHYQipUhcxWVUczDjIosW9eKYVD7O6r1th0cVw" }
trusted_list_token

string

Response Example (200 OK)
{
  "trusted_list_token":"eyJ4NWMiOlsiTUlJRWlEQ0NBbkNnQXdJQkFnSUllRElyZG5ZbzJuZ3dEUVlKS29aSWh2Y05BUUVMQlFBd1NERVpNQmNHQTFVRUF3d1FhVk5JUVZKRlZHVnpkRU5CWDFSTVV6RU5NQXNHQTFVRUN3d0VWR1Z6ZERFUE1BMEdBMVVFQ2d3R2FWTklRVkpGTVFzd0NRWURWUVFHRXdKT1REQWVGdzB4T1RBeU1UVXhNVFEyTlRoYUZ3MHlNVEF5TVRReE1UUTJOVGhhTUVreEhEQWFCZ05WQkFNTUUybFRTRUZTUlNCVFkyaGxiV1VnVDNkdVpYSXhIREFhQmdOVkJBVVRFMFZWTGtWUFVra3VUa3d3TURBd01EQXdNREF4Q3pBSkJnTlZCQVlUQWs1TU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBMFJvb2hlUEwwMk52NEJaVEoza3A3bktzaHNtanJjcjhNQmFBaFFwWlpBc2dUQWxtUWlDVFBtM2M4cVlQcU4rVHVnZ0ZXQ05uKzlXNTRDNVVHcXNJd3RYVGszWWV4QXdaNG9qUlJ0bzhsMUhQRFZBUzZXdlc3NEFDTlpsRWdHd2pyQ0d5MitNNVFQN083d0IwVDZvRkJvZlJ3SFpHemdidFNiU1FodXF3VXhmMEdaSTh4QWwyL0dUSDI1VmZwOVQ3MUpFcG9aOWtzUDNDSWk1QkhrbGJUNUdLeEVPRmZkTU11cFg3bVduTlFiTHh1UXBBdEdDdW9yR2ZQRkU3RjVldkUxem9wd2NlQTVGc0UxTGFCUnF0K0VPcFBJbVNhalIwMmJjaEs5alM2bllFV3MvRlpHTHRKYWxsNUwzU25aTTZPaFd4TStsS0d6Rkt3NVRJWE45RE13SURBUUFCbzNVd2N6QU1CZ05WSFJNQkFmOEVBakFBTUI4R0ExVWRJd1FZTUJhQUZCWTg1eURwMXBUdkgrV2k4Ymo4dnVyZkxEZUJNQk1HQTFVZEpRUU1NQW9HQ0NzR0FRVUZCd01CTUIwR0ExVWREZ1FXQkJSZndpalQ3NWRJS1BsRkMvQ3RSRHFVS1g5VE5qQU9CZ05WSFE4QkFmOEVCQU1DQmFBd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dJQkFLNFBXVHEvZHF0Vm0rNFdDZDFLUUo0dGorbjRjY0lBWUxETXFZU0JKc042UTJjdE1SQy8rK3lNL293UEhCcmlUendXL2pvQXBOUGVaaDFJVFRnU3phMzhtM2h4b0RxMXV4NkhWR3lLNVFDUW9qRmRsZWM3dE9IbG1jYnV5VjRDRXlNWmJHK3lMbVZESTNxNTNWQVBnV3ZLSWkyUlVwc1BOdzJsbzZINjZ2SE5wNWZpcEIvdEU0Q0RsYS9UYU41MWxOM2xYT3c0bHRiWmJ6YmQ2TXhJbEVDUWZKSDVlUHJpcGFrSmhuaVZrWnZRVmthS0FlcFNYMGFEWUxPcFFRbmV0RFdab1ZKS0FzR0VMM0hMaWhxWXNEejcvQlQzRHdUMEtDNSs5OGdqR1p3dkx3ZXRKOTZLWFRBRTUwMmYzak95UDdERDZ1SytKS2d2UVp5dkk1L0V1cDBUdE5sUmZKeThhZDhweCszOG9JeEdBbGJzS29XbXowb2FNR0MrbFZHTlAyTTQ4TTdWa3RCVHB5bXF4Vnd0VGt2TVBqWldIS2xYdDJXMzNtTktHakpTOTVJNXZxT0tQV1NTc1dkSlJZSkNsbUVybWlkTlczMWxXQVZQcjFpU1M0SlhEdllQTENQNDRhNGVkMEdhV1pSdi9iK0QyK1FVZ09iOFN6bWpQdmYvMkdOdHFXUmR5WXRYWjl2eDAzNGkrWEYveWU4c2lOK1grd0ZIdFJ1bXRzd2Irc2NRZjRmVTZNaktCS1VzUERBUkFHakhqNXhIQkRqcTg0bmpHdVFjbDBoYlMzK1pTVjROcWtKSVVzMkxVdDlFdjFYN2FCNy85NUVYQWNnTlhkM0tQVm0zcDhORDc1QXFNMEZHUUVhUXlPd3FLY3FUQ2xKQ3VmR3NVWTRzN3JXUiJdLCJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAwIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCIsImp0aSI6IjgxYmExMGU0NjJlODRmOTBiODM0NDE4ZmJlZDU0ZWE3IiwiaWF0IjoxNTU2MDM0MjU1LCJleHAiOjE1NTYwMzQyODUsImF1ZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJ0cnVzdGVkX2xpc3QiOlt7InN1YmplY3QiOiJDPU5MLCBPPVN0YWF0IGRlciBOZWRlcmxhbmRlbiwgQ049VEVTVCBTdGFhdCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgU2VydmljZXMgQ0EgLSBHMyIsImNlcnRpZmljYXRlX2ZpbmdlcnByaW50IjoiREMxM0ZDOTRGRjAxNDlERTFCMDdGNzk2NUY2NTVBRUQ1NEM2QTZCREE3QURGNzFBNzMyRkZDRkFCQzQ1NEM3QSIsInZhbGlkaXR5IjoidmFsaWQiLCJzdGF0dXMiOiJncmFudGVkIn0seyJzdWJqZWN0IjoiQz1OTCwgTz1pU0hBUkUgRm91bmRhdGlvbiwgQ049VEVTVCBpU0hBUkUgRm91bmRhdGlvbiBQS0lvdmVyaGVpZCBPcmdhbmlzYXRpZSBTZXJ2ZXIgQ0EgLSBHMyIsImNlcnRpZmljYXRlX2ZpbmdlcnByaW50IjoiRjIxODEzM0NEM0FDMkQ5NzBEMTBDQTQ2QkIwM0Y4MzI0NTMzMjRCMEY0QUY1QzNGNjFCQUQ2RkRFRUM1RUI4MyIsInZhbGlkaXR5IjoidmFsaWQiLCJzdGF0dXMiOiJncmFudGVkIn0seyJzdWJqZWN0IjoiQz1OTCwgTz1URVNUIFN0YWF0IGRlciBOZWRlcmxhbmRlbiwgQ049VEVTVCBTdGFhdCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEczIiwiY2VydGlmaWNhdGVfZmluZ2VycHJpbnQiOiI5OEM5QzE0RjdGMUY5QTgzQTc0NEUwQUNCQTlEQTZBNDdFRTk2RTA1M0Q3Mjc5NTQ1N0E1QkMwMjA3MjI5RDQzIiwidmFsaWRpdHkiOiJ2YWxpZCIsInN0YXR1cyI6ImdyYW50ZWQifSx7InN1YmplY3QiOiJDPU5MLCBPPWlTSEFSRSwgT1U9VGVzdCwgQ049aVNIQVJFVGVzdENBIiwiY2VydGlmaWNhdGVfZmluZ2VycHJpbnQiOiJBNzhGREY3QkExM0JCRDk1QzYyMzY5NzJERDAwM0ZBRTA3RjRFNDQ3Qjc5MUI2RUY2NzM3QUQyMkYwQjYxODYyIiwidmFsaWRpdHkiOiJ2YWxpZCIsInN0YXR1cyI6ImdyYW50ZWQifSx7InN1YmplY3QiOiJDPU5MLCBPPWlTSEFSRSwgT1U9VGVzdCwgQ049aVNIQVJFVGVzdENBX1RMUyIsImNlcnRpZmljYXRlX2ZpbmdlcnByaW50IjoiREYyRkY1MUQxQjI1NTlENjg2NzIzQzk3MDM3REM5RDVDNTg5NDA2Q0FDNEY4NEMyOUFCM0Q0M0UwMTI2MjUxRCIsInZhbGlkaXR5IjoidmFsaWQiLCJzdGF0dXMiOiJncmFudGVkIn1dfQ.ogJV2tcJvYNN-4ps9mzX9RiOCZQr7liD7DVqCH9fXjcOa_SXSlVkvSXcwWYL91ov-c9EtWhFJKI3GP_8aX0a_ss6FgfzLYAjRTU5Pc5qA544Y5IJrhANOCMXgZV4IHV6Lmf9jeti7jmLFMDWCpLedmxWV4zSYYIDl1X6KkuAopJVtltRVpZVlAVBWGYnS7b1Z4BJ5-ii5F4JMPmscZRu7TkMHhRDSCTEM5UGWNOiuQVhJOkQQmpkuMcDzt6jN8ijD8f37x6mzeHBN1N0Zc6oijbHRFC-SPgJZRnTTzb-8q7SAAzJz3p37In6oWBmcv-grbOghIB77zzqbC78xIAPOw"
}
Decoded Response Example (JWT Payload)

{
  "trusted_list": [
      {
            "subject": "C=NL, O=iSHARE, OU=Test, CN=iSHARETestCA",
            "certificate_fingerprint": "A78FDF7BA13BBD95C6236972DD003FAE07F4E447B791B6EF6737AD22F0B61862",
            "validity": "valid",
            "status": "granted"
      },
      {
            "subject": "C=NL, O=iSHARE, OU=Test, CN=iSHARETestCA_TLS",
            "certificate_fingerprint": "DF2FF51D1B2559D686723C97037DC9D5C589406CAC4F84C29AB3D43E0126251D",
            "validity": "valid",
            "status": "granted"
      },
    ]
}

Checks validity of PKI certificate

POST /certificate_validation

Used to assess whether a PKI certificate is valid and trusted under iSHARE. SHOULD not be used more than x per y for each certificate. This certificate_validation endpoint SHOULD only be used in the early implementation phases of iSHARE. iSHARE parties SHOULD replace this endpoint with internal capabilities for certificate validation as soon as possible. This endpoint is subject for removal from the Scheme Owner capabilities in due time.

Request body which contains certificates to be validated within the scope of iSHARE. Provide certificate in X.509 DER format that is base_64 encoded. Note that the entire value MUST be URL encoded.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Do-Not-Sign
in header
boolean

Optional iSHARE specific boolean indicating the response SHALL not be signed. For testing purposes only, certified party response in production environment MUST always be signed.

date_time
in query
string

Date time for which the certificate information is requested. If provided the result becomes final and therefore MUST be cacheable

Request Example
[
  "certificatestring"
]
Response Example (200 OK)
{
  "date_time": "string",
  "validity": "boolean",
  "certificate_fingerprint": "string"
}

Generates test client assertion

POST /testing/generate-jws

Used to create an iSHARE-compliant client assertion JWS for testing purposes. Can only be used with an iSHARE Test certificate and MUST NOT be used with official certificates and private keys.

PEM-format RSA private key that will sign the JWS assertion. The key is discarded once the operation has completed. MUST NOT be encrypted.

alg
in header
string

Value for the "alg" field in the iSHARE Client Assertion JWS specifications. Refers to the algorithm used for signing the generated JWS. Should be "RS256" in iSHARE.

typ
in header
string

Value for the “typ” field in the iSHARE Client Assertion JWS specifications. Refers to the type of the generated JWS. Should be "JWT" in iSHARE

aud
in header
string

Value for the “aud” field in the iSHARE Client Assertion JWS specifications. Refers to the iSHARE identifier of the audience, the expected recipient of the generated JWS.

iss
in header
string

Value for the “iss” field in the iSHARE Client Assertion JWS specifications. Refers to the iSHARE identifier of the issuer, the issuer of the generated JWS.

x5c
in header
array[string]

Value for the “x5c” field in the iSHARE Client Assertion JWS specifications. Contains the complete certificate chain used for validating the generated JWS’s signature.

Request Example (a client assertion from ABC Trucking to Warehouse 13)
Header:
{ "alg": "RS256", "typ": "JWT", "aud": "EU.EORI.NL000000003", "iss": "EU.EORI.NL000000001", "x5c": "MIIEgTCCAmmgAwIBAgIIN9ViCDi3BwswDQYJKoZIhvcNAQELBQAwSDEZMBcGA1UEAwwQaVNIQVJFVGVzdENBX1RMUzENMAsGA1UECwwEVGVzdDEPMA0GA1UECgwGaVNIQVJFMQswCQYDVQQGEwJOTDAeFw0xOTAyMTUxMTQ2MTVaFw0yMTAyMTQxMTQ2MTVaMEIxFTATBgNVBAMMDEFCQyBUcnVja2luZzEcMBoGA1UEBRMTRVUuRU9SSS5OTDAwMDAwMDAwMTELMAkGA1UEBhMCTkwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0O4hUhD+VoOKVIZSNMNTfzc0O2kYj+ZzpQEABZGtPty0kKPJep0+o5xstou1K+UxvHfxEpHxHGTdtqZuc28LhU4CeCgoeDMDT+CHS3NosiESQMwh/ZZeTc9/eKCo569GCn+2XtTiGSpBSwMSWqNHgpAZYKdHrT/kEMIyTKoauuiKQ8cUp7ow7mZz/9K+qV3s9L030W8IawLJBJK/2apAt5jh1j4/mF7f0q8zhzhrC8v01PLlZduTzjjBre7mz+yi/vlYz/eap0eYTjhxIatyV9FFwlmi4FC1CNcMtLh8nsiJoe5cBm13LKbQFu3GYH76oeLZvWqbPbp11mxlHa/KdAgMBAAGjdTBzMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUFjznIOnWlO8f5aLxuPy+6t8sN4EwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFAPH+8UrYiVLXaKPRGflkA+cusQ7MA4GA1UdDwEB/wQEAwIFoDANBgkqhkiG9w0BAQsFAAOCAgEAYl5tWH0YtYS9JyqylZJWomA55ShKllaBRcvro6CHxllJWHo0qC9ZTMcvCywMv14VJyQd6eFZqcVtOluGrRZBklH9Aankovp2JLaqcD79t1CyuXZnIzTFl/BkMsE6wlAJXY/sarnoxeiejP4E/Ef/0euIFvBaICCF+Kd2WJYbbn0Wy0dH484QJbHyMtVfr42oIpUNVuLSu84yKYAem9JBuYTp3Y0K2hiEAW/bOKDvvHetVf5fu66yfekDX53j3NKiFJCXS2rKIZoDuMFuxpSyVkS2kbWk1+5Joy7qOSNANRFPlpHcgzLQZp8HrgvhsmhIt1VTVYkyxcd8qXAlhwqVgOq5NgLxkqul9hNMGiM7sq+H73Q/Fi8if7gP8IVASzQGwuHg2Z87ib6A2von0fRJZq3fIubHoxI63ATwfcRK86y172xbFE3VU0duN1tI5Z0TCg0GAJYtJpbnvexIt5lk5FIk4ThvR0L8mNLy1DUa11N+EMxkqbfqlTurB8Zg3CY/QaSKmXY5CMUwWeEBXRHhyfkZQ5jPPUHrFaoyORX8p1ErYDktB1K9o4jmuEVpB33cvgYBEiAyV5z4426FuVCMbHaFDV7iKW9eBlXoxeZo4XX8+jXySL5GW8XwNRTK5c4vW02Q3VJyYVe5umestsKQ+LR8iAzoUSreK18+JkAjAJU=" }
Body:
-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAtDuIVIQ/laDilSGUjTDU383NDtpGI/mc6UBAAWRrT7ctJCjy [redacted] f+8namfLH2H5UWmEzhLwNKIBJIbz+OOIXaf6Tix0vh3nCmClt7v7lA== -----END RSA PRIVATE KEY-----
200 OK

string

Response Example (200 OK)
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFZ1RDQ0FtbWdBd0lCQWdJSU45VmlDRGkzQndzd0RRWUpLb1pJaHZjTkFRRUxCUUF3U0RFWk1CY0dBMVVFQXd3UWFWTklRVkpGVkdWemRFTkJYMVJNVXpFTk1Bc0dBMVVFQ3d3RVZHVnpkREVQTUEwR0ExVUVDZ3dHYVZOSVFWSkZNUXN3Q1FZRFZRUUdFd0pPVERBZUZ3MHhPVEF5TVRVeE1UUTJNVFZhRncweU1UQXlNVFF4TVRRMk1UVmFNRUl4RlRBVEJnTlZCQU1NREVGQ1F5QlVjblZqYTJsdVp6RWNNQm9HQTFVRUJSTVRSVlV1UlU5U1NTNU9UREF3TURBd01EQXdNVEVMTUFrR0ExVUVCaE1DVGt3d2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUMwTzRoVWhEK1ZvT0tWSVpTTk1OVGZ6YzBPMmtZaitaenBRRUFCWkd0UHR5MGtLUEplcDArbzV4c3RvdTFLK1V4dkhmeEVwSHhIR1RkdHFadWMyOExoVTRDZUNnb2VETURUK0NIUzNOb3NpRVNRTXdoL1paZVRjOS9lS0NvNTY5R0NuKzJYdFRpR1NwQlN3TVNXcU5IZ3BBWllLZEhyVC9rRU1JeVRLb2F1dWlLUThjVXA3b3c3bVp6LzlLK3FWM3M5TDAzMFc4SWF3TEpCSksvMmFwQXQ1amgxajQvbUY3ZjBxOHpoemhyQzh2MDFQTGxaZHVUempqQnJlN216K3lpL3ZsWXovZWFwMGVZVGpoeElhdHlWOUZGd2xtaTRGQzFDTmNNdExoOG5zaUpvZTVjQm0xM0xLYlFGdTNHWUg3Nm9lTFp2V3FiUGJwMTFteGxIYS9LZEFnTUJBQUdqZFRCek1Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVUZqem5JT25XbE84ZjVhTHh1UHkrNnQ4c040RXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUhBd0V3SFFZRFZSME9CQllFRkFQSCs4VXJZaVZMWGFLUFJHZmxrQStjdXNRN01BNEdBMVVkRHdFQi93UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVlsNXRXSDBZdFlTOUp5cXlsWkpXb21BNTVTaEtsbGFCUmN2cm82Q0h4bGxKV0hvMHFDOVpUTWN2Q3l3TXYxNFZKeVFkNmVGWnFjVnRPbHVHclJaQmtsSDlBYW5rb3ZwMkpMYXFjRDc5dDFDeXVYWm5JelRGbC9Ca01zRTZ3bEFKWFkvc2Fybm94ZWllalA0RS9FZi8wZXVJRnZCYUlDQ0YrS2QyV0pZYmJuMFd5MGRINDg0UUpiSHlNdFZmcjQyb0lwVU5WdUxTdTg0eUtZQWVtOUpCdVlUcDNZMEsyaGlFQVcvYk9LRHZ2SGV0VmY1ZnU2NnlmZWtEWDUzajNOS2lGSkNYUzJyS0lab0R1TUZ1eHBTeVZrUzJrYldrMSs1Sm95N3FPU05BTlJGUGxwSGNnekxRWnA4SHJndmhzbWhJdDFWVFZZa3l4Y2Q4cVhBbGh3cVZnT3E1TmdMeGtxdWw5aE5NR2lNN3NxK0g3M1EvRmk4aWY3Z1A4SVZBU3pRR3d1SGcyWjg3aWI2QTJ2b24wZlJKWnEzZkl1YkhveEk2M0FUd2ZjUks4NnkxNzJ4YkZFM1ZVMGR1TjF0STVaMFRDZzBHQUpZdEpwYm52ZXhJdDVsazVGSWs0VGh2UjBMOG1OTHkxRFVhMTFOK0VNeGtxYmZxbFR1ckI4WmczQ1kvUWFTS21YWTVDTVV3V2VFQlhSSGh5ZmtaUTVqUFBVSHJGYW95T1JYOHAxRXJZRGt0QjFLOW80am11RVZwQjMzY3ZnWUJFaUF5VjV6NDQyNkZ1VkNNYkhhRkRWN2lLVzllQmxYb3hlWm80WFg4K2pYeVNMNUdXOFh3TlJUSzVjNHZXMDJRM1ZKeVlWZTV1bWVzdHNLUStMUjhpQXpvVVNyZUsxOCtKa0FqQUpVPSJdfQ.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAxIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMSIsImp0aSI6IjhlNzE2MjljZjhiZTRjYTk5YTg2NjM4NGI2ZjgzMmFiIiwiaWF0IjoxNTU2MDM5MDA2LCJuYmYiOjE1NTYwMzkwMDYsImV4cCI6MTU1NjAzOTAzNiwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMyJ9.eCq6nSWJnexx1eh97QFHEMZIiIFkjzM49ASJ4_Ss6VkQjr6sElB6xQItQRX3zaSIyGbxwPT4aZlxE5Vhd-B_86hIk9Rtc7yeFdDd-T7A-hELQXDs3OMhNxKv13jYiELGhS6ihN9ve_iq1jiHDKaDGvKIILKBmVrVoLBESP1oEtom7MhhyiKsdrkiXMWU1AgscvQaQ_NRXa8qCcQTdMzuKBrpw4iqC47JNmb_mGiLLUfzrPjdojxR9qvK7C_rq6ZZ9nZH8Mzb9J_nF7YnOZxNULQhE4r-fbaLnnZHuY-cJoYc2NlUxwiTddaWn5AqQlh4NkvL5Sn6RxE8SWCgjCVQIw

Mock service - Displays client info

GET /me

Displays information off the client to which the access token was issued

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

OK

Response Example (200 OK)
{
  "client_details": "string"
}

Service Provider - Warehouse 13

base URL https://w13.isharetest.net - EORI=EU.EORI.NL000000003

Postman Collection: Warehouse 13

Obtains access token

POST /connect/token

Used to obtain an OAuth access token from the Warehouse 13. The format of access_token is not defined by this specification. They are left to the server and should be opaque to the Service Consumer. Refer to the iSHARE OAuth 2.0 documentation on the Technical Agreements page for additional information on the expected values from this access token request body.

grant_type
in formData
string

OAuth 2.0 grant type. MUST contain "client_credentials"

scope
in formData
string

OAuth 2.0 scope. Defaults to "iSHARE", indicating all rights of the Service Consumer are requested. Other values allow the Service Consumer to get tokens that do not include all rights the Service Consumer has.

client_id
in formData
string

OpenID Connect 1.0 client ID. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain a valid iSHARE identifier of the Service Consumer

client_assertion_type
in formData
string

OpenID Connect 1.0 client assertion type. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"

client_assertion
in formData
string

OpenID Connect 1.0 client assertion. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain JWT token conform iSHARE specifications, signed by the client.

Request body Example application/x-www-form-urlencoded
grant_type=client_credentials&scope=iSHARE&client_id=EU.EORI.NL000000001&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFZ1RDQ0FtbWdBd0lCQWdJSU45VmlDRGkzQndzd0RRWUpLb1pJaHZjTkFRRUxCUUF3U0RFWk1CY0dBMVVFQXd3UWFWTklRVkpGVkdWemRFTkJYMVJNVXpFTk1Bc0dBMVVFQ3d3RVZHVnpkREVQTUEwR0ExVUVDZ3dHYVZOSVFWSkZNUXN3Q1FZRFZRUUdFd0pPVERBZUZ3MHhPVEF5TVRVeE1UUTJNVFZhRncweU1UQXlNVFF4TVRRMk1UVmFNRUl4RlRBVEJnTlZCQU1NREVGQ1F5QlVjblZqYTJsdVp6RWNNQm9HQTFVRUJSTVRSVlV1UlU5U1NTNU9UREF3TURBd01EQXdNVEVMTUFrR0ExVUVCaE1DVGt3d2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUMwTzRoVWhEK1ZvT0tWSVpTTk1OVGZ6YzBPMmtZaitaenBRRUFCWkd0UHR5MGtLUEplcDArbzV4c3RvdTFLK1V4dkhmeEVwSHhIR1RkdHFadWMyOExoVTRDZUNnb2VETURUK0NIUzNOb3NpRVNRTXdoL1paZVRjOS9lS0NvNTY5R0NuKzJYdFRpR1NwQlN3TVNXcU5IZ3BBWllLZEhyVC9rRU1JeVRLb2F1dWlLUThjVXA3b3c3bVp6LzlLK3FWM3M5TDAzMFc4SWF3TEpCSksvMmFwQXQ1amgxajQvbUY3ZjBxOHpoemhyQzh2MDFQTGxaZHVUempqQnJlN216K3lpL3ZsWXovZWFwMGVZVGpoeElhdHlWOUZGd2xtaTRGQzFDTmNNdExoOG5zaUpvZTVjQm0xM0xLYlFGdTNHWUg3Nm9lTFp2V3FiUGJwMTFteGxIYS9LZEFnTUJBQUdqZFRCek1Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVUZqem5JT25XbE84ZjVhTHh1UHkrNnQ4c040RXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUhBd0V3SFFZRFZSME9CQllFRkFQSCs4VXJZaVZMWGFLUFJHZmxrQStjdXNRN01BNEdBMVVkRHdFQi93UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVlsNXRXSDBZdFlTOUp5cXlsWkpXb21BNTVTaEtsbGFCUmN2cm82Q0h4bGxKV0hvMHFDOVpUTWN2Q3l3TXYxNFZKeVFkNmVGWnFjVnRPbHVHclJaQmtsSDlBYW5rb3ZwMkpMYXFjRDc5dDFDeXVYWm5JelRGbC9Ca01zRTZ3bEFKWFkvc2Fybm94ZWllalA0RS9FZi8wZXVJRnZCYUlDQ0YrS2QyV0pZYmJuMFd5MGRINDg0UUpiSHlNdFZmcjQyb0lwVU5WdUxTdTg0eUtZQWVtOUpCdVlUcDNZMEsyaGlFQVcvYk9LRHZ2SGV0VmY1ZnU2NnlmZWtEWDUzajNOS2lGSkNYUzJyS0lab0R1TUZ1eHBTeVZrUzJrYldrMSs1Sm95N3FPU05BTlJGUGxwSGNnekxRWnA4SHJndmhzbWhJdDFWVFZZa3l4Y2Q4cVhBbGh3cVZnT3E1TmdMeGtxdWw5aE5NR2lNN3NxK0g3M1EvRmk4aWY3Z1A4SVZBU3pRR3d1SGcyWjg3aWI2QTJ2b24wZlJKWnEzZkl1YkhveEk2M0FUd2ZjUks4NnkxNzJ4YkZFM1ZVMGR1TjF0STVaMFRDZzBHQUpZdEpwYm52ZXhJdDVsazVGSWs0VGh2UjBMOG1OTHkxRFVhMTFOK0VNeGtxYmZxbFR1ckI4WmczQ1kvUWFTS21YWTVDTVV3V2VFQlhSSGh5ZmtaUTVqUFBVSHJGYW95T1JYOHAxRXJZRGt0QjFLOW80am11RVZwQjMzY3ZnWUJFaUF5VjV6NDQyNkZ1VkNNYkhhRkRWN2lLVzllQmxYb3hlWm80WFg4K2pYeVNMNUdXOFh3TlJUSzVjNHZXMDJRM1ZKeVlWZTV1bWVzdHNLUStMUjhpQXpvVVNyZUsxOCtKa0FqQUpVPSJdfQ.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAxIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMSIsImp0aSI6ImQyNjY3Y2ZmZWM5MDRlZDlhOGRhODkxNGU1MjI3NDVkIiwiaWF0IjoxNTU2MDM0ODI0LCJuYmYiOjE1NTYwMzQ4MjQsImV4cCI6MTU1NjAzNDg1NCwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMyJ9.YA5gzhWkDOXw_2d7krDAS9j1bsvqBmYap6qAHinHYpW-HkPR3fQQl-6yyaCPMRscesMIf14SEP0hiwvk-PhfLq7WzLEucwkk8DMysxTi3ju6cTXglY1X3SwNmeCB6VAyqIVgj0wNj_PG0aFJD23HXtFXvlcx8TqkmNIV7HFWEncjPBBAEoOOjXhlzIsg7T0l0tU4eyF_lX3pHBEU5QApyWK9rfMxw2CNGwfnlah1x4XUjM-khr3I7bolRmIqo5OoNqGw4jE7CGxGlNdW_c0LJbRSlDmYZrY42pWY8j8bnvJiV1CJmiOKmNOCInLW9fJgqyxbfl1_a-TQEshGhKiETQ
Request body Example formatted for visibility

  {
  "grant_type": "client_credentials",
  "scope": "iSHARE",
  "client_id": "EU.EORI.NL000000001",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
  "client_assertion": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFZ1RDQ0FtbWdBd0lCQWdJSU45VmlDRGkzQndzd0RRWUpLb1pJaHZjTkFRRUxCUUF3U0RFWk1CY0dBMVVFQXd3UWFWTklRVkpGVkdWemRFTkJYMVJNVXpFTk1Bc0dBMVVFQ3d3RVZHVnpkREVQTUEwR0ExVUVDZ3dHYVZOSVFWSkZNUXN3Q1FZRFZRUUdFd0pPVERBZUZ3MHhPVEF5TVRVeE1UUTJNVFZhRncweU1UQXlNVFF4TVRRMk1UVmFNRUl4RlRBVEJnTlZCQU1NREVGQ1F5QlVjblZqYTJsdVp6RWNNQm9HQTFVRUJSTVRSVlV1UlU5U1NTNU9UREF3TURBd01EQXdNVEVMTUFrR0ExVUVCaE1DVGt3d2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUMwTzRoVWhEK1ZvT0tWSVpTTk1OVGZ6YzBPMmtZaitaenBRRUFCWkd0UHR5MGtLUEplcDArbzV4c3RvdTFLK1V4dkhmeEVwSHhIR1RkdHFadWMyOExoVTRDZUNnb2VETURUK0NIUzNOb3NpRVNRTXdoL1paZVRjOS9lS0NvNTY5R0NuKzJYdFRpR1NwQlN3TVNXcU5IZ3BBWllLZEhyVC9rRU1JeVRLb2F1dWlLUThjVXA3b3c3bVp6LzlLK3FWM3M5TDAzMFc4SWF3TEpCSksvMmFwQXQ1amgxajQvbUY3ZjBxOHpoemhyQzh2MDFQTGxaZHVUempqQnJlN216K3lpL3ZsWXovZWFwMGVZVGpoeElhdHlWOUZGd2xtaTRGQzFDTmNNdExoOG5zaUpvZTVjQm0xM0xLYlFGdTNHWUg3Nm9lTFp2V3FiUGJwMTFteGxIYS9LZEFnTUJBQUdqZFRCek1Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVUZqem5JT25XbE84ZjVhTHh1UHkrNnQ4c040RXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUhBd0V3SFFZRFZSME9CQllFRkFQSCs4VXJZaVZMWGFLUFJHZmxrQStjdXNRN01BNEdBMVVkRHdFQi93UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVlsNXRXSDBZdFlTOUp5cXlsWkpXb21BNTVTaEtsbGFCUmN2cm82Q0h4bGxKV0hvMHFDOVpUTWN2Q3l3TXYxNFZKeVFkNmVGWnFjVnRPbHVHclJaQmtsSDlBYW5rb3ZwMkpMYXFjRDc5dDFDeXVYWm5JelRGbC9Ca01zRTZ3bEFKWFkvc2Fybm94ZWllalA0RS9FZi8wZXVJRnZCYUlDQ0YrS2QyV0pZYmJuMFd5MGRINDg0UUpiSHlNdFZmcjQyb0lwVU5WdUxTdTg0eUtZQWVtOUpCdVlUcDNZMEsyaGlFQVcvYk9LRHZ2SGV0VmY1ZnU2NnlmZWtEWDUzajNOS2lGSkNYUzJyS0lab0R1TUZ1eHBTeVZrUzJrYldrMSs1Sm95N3FPU05BTlJGUGxwSGNnekxRWnA4SHJndmhzbWhJdDFWVFZZa3l4Y2Q4cVhBbGh3cVZnT3E1TmdMeGtxdWw5aE5NR2lNN3NxK0g3M1EvRmk4aWY3Z1A4SVZBU3pRR3d1SGcyWjg3aWI2QTJ2b24wZlJKWnEzZkl1YkhveEk2M0FUd2ZjUks4NnkxNzJ4YkZFM1ZVMGR1TjF0STVaMFRDZzBHQUpZdEpwYm52ZXhJdDVsazVGSWs0VGh2UjBMOG1OTHkxRFVhMTFOK0VNeGtxYmZxbFR1ckI4WmczQ1kvUWFTS21YWTVDTVV3V2VFQlhSSGh5ZmtaUTVqUFBVSHJGYW95T1JYOHAxRXJZRGt0QjFLOW80am11RVZwQjMzY3ZnWUJFaUF5VjV6NDQyNkZ1VkNNYkhhRkRWN2lLVzllQmxYb3hlWm80WFg4K2pYeVNMNUdXOFh3TlJUSzVjNHZXMDJRM1ZKeVlWZTV1bWVzdHNLUStMUjhpQXpvVVNyZUsxOCtKa0FqQUpVPSJdfQ.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAxIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMSIsImp0aSI6ImQyNjY3Y2ZmZWM5MDRlZDlhOGRhODkxNGU1MjI3NDVkIiwiaWF0IjoxNTU2MDM0ODI0LCJuYmYiOjE1NTYwMzQ4MjQsImV4cCI6MTU1NjAzNDg1NCwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMyJ9.YA5gzhWkDOXw_2d7krDAS9j1bsvqBmYap6qAHinHYpW-HkPR3fQQl-6yyaCPMRscesMIf14SEP0hiwvk-PhfLq7WzLEucwkk8DMysxTi3ju6cTXglY1X3SwNmeCB6VAyqIVgj0wNj_PG0aFJD23HXtFXvlcx8TqkmNIV7HFWEncjPBBAEoOOjXhlzIsg7T0l0tU4eyF_lX3pHBEU5QApyWK9rfMxw2CNGwfnlah1x4XUjM-khr3I7bolRmIqo5OoNqGw4jE7CGxGlNdW_c0LJbRSlDmYZrY42pWY8j8bnvJiV1CJmiOKmNOCInLW9fJgqyxbfl1_a-TQEshGhKiETQ",
  }
200 OK
access_token

string

token_type

string

expires_in

integer

Response Example (200 OK)
{
  "access_token""eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwMzQ5MzEsImV4cCI6MTU1NjAzODUzMSwiaXNzIjoiaHR0cHM6Ly93MTMuaXNoYXJldGVzdC5uZXQvIiwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMyIsImNsaWVudF9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJzY29wZSI6WyJpU0hBUkUiXX0.QSPTgpktC3hYjNGMzR-LSial3AZbbUjFHRIMnNipgYQronq5h2W2MWUnXv2dm4iDCw9TK193s-hizGLZ-e11NHEgAR8ifX2d3TkwDjMpBNERXeH0o8FOapUAjJaGJ_wwfp9-hcyKgijSsbUkqbkNxgWKrzmIV88Fk4vUxQuEW6yvrpPyLr0Vqb7Ex-j44Cnj7MWjT0FZR0PWv5gm8rsy-nuyQPw9Z8eVlRG23E33NpKDwYf23vXIIcKuxX-kEJIfFeKCnqC9DxDTj5X5mCY8_Fz3R5OUQGDeNb1A7juS99eRmPmhYa1ihVdl0lf2fZAy72I3iEsoijplJU6a2PZSoA",
  "token_type": "Bearer",
  "expires_in": 3600
}

Retrieves iSHARE capabilities

GET /capabilities

Retrieves the iSHARE capabilities (supported versions & optional features) of Warehouse 13. Server response is an iSHARE signed JSON Web Token. Please refer to the models ‘jwt_header’ and ‘jwt_payload_capabilities’ which indicate what the decoded response will look like.

The capabilities endpoint should only return the public endpoints if no access token is provided. If an access token is provided, the capabilities endpoint will also provide the restricted endpoints. The capabilities and token endpoint MUST be public endpoints. It is up to parties themselves whether or not they restrict other endpoints.

A party may also have private endpoints, which are endpoints for their own internal organization. These endpoints should only be acccessible with a private access token, and are not within the scope of iSHARE.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Do-Not-Sign
in header
boolean

Optional iSHARE specific boolean indicating the response SHALL not be signed. For testing purposes only, certified party response in production environment MUST always be signed.

Request Example (In Header, use of Access Token is optional)
{
  "Authorization":"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwMTYyNjIsImV4cCI6MTU1NjAxOTg2MiwiaXNzIjoiaHR0cHM6Ly9zY2hlbWUuaXNoYXJldGVzdC5uZXQvIiwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCIsImNsaWVudF9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJzY29wZSI6WyJpU0hBUkUiXX0.Yy8lJhCsOC1tU_A6bLQvWF6Ydm_XsH80HcOHPri6YJKUMU_fJUvZs6hnitgtwAHuTDPn5Ngdir6W4HhVTI8XSWerbJzdmbYKg5q8YDMo1QG3K_Dsu_Z6KLI91kMauFx_skx79z-kC-t_V0CSBRThq_Ij08qMmVkbWWpj6x0sJ1P7Pd0A1otYoOjSfYRRtTAm1IsJXHuAIe7lErR4uuQr8uKlljPIUh69kl5NAtj8l31uR1Kuqp1KfzZUeEPFM0m1efhK609Tjq4sxn8PG5HMthkc2snO8BcI53FYWuQ71txFEaCxTHYQipUhcxWVUczDjIosW9eKYVD7O6r1th0cVw"
}
capabilities_token

string

Response Example (200 OK, from Warehouse 13)
{
  "capabilities_token":"eyJ4NWMiOlsiTUlJRWdUQ0NBbW1nQXdJQkFnSUlTOTBLKzFROUhPa3dEUVlKS29aSWh2Y05BUUVMQlFBd1NERVpNQmNHQTFVRUF3d1FhVk5JUVZKRlZHVnpkRU5CWDFSTVV6RU5NQXNHQTFVRUN3d0VWR1Z6ZERFUE1BMEdBMVVFQ2d3R2FWTklRVkpGTVFzd0NRWURWUVFHRXdKT1REQWVGdzB4T1RBeU1UVXhNVFEzTVRWYUZ3MHlNVEF5TVRReE1UUTNNVFZhTUVJeEZUQVRCZ05WQkFNTURGZGhjbVZvYjNWelpTQXhNekVjTUJvR0ExVUVCUk1UUlZVdVJVOVNTUzVPVERBd01EQXdNREF3TXpFTE1Ba0dBMVVFQmhNQ1Rrd3dnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDd2FEQXpFSjI4REtURmRQUHU5b0o0SnQ2NHBLeEFIc1AzRkhMeVk1N1VpcGRCOW1vMTU3eGY5MXo1dlpNY05NdXFVdWF1OE9IVHpseWtQQTl0Q0VPb2NFMERZd1I3RzBFM1F6bnE5VjhVRy9oY242eGVxY1J2NTV3RS9sZDdFUVV1SnhZaHJ1VVVwNnc4S3lYQnZWdHRkVzhFMnlxa3lDVmFCRTUwRHNzaFlxazdnaVFDSExtVlhSSm44dDZDdW52dGlIdHVuTzBaM1hlM0U1TVJma0NqTm5jajdPTVRNQ1h2OHVDTlNkOE4ydGV1YmhUM2dBQnpXMlBqdTJFeU54SmV6eWRTSXU5eTNYa3VnZUNKSUdIRlk4TEtSZXU5YUV6dDhhTC9NeTdaOENKaklWRzFjRDBmREZ0NEpaeHVZd1c4RC9uamw0Q21PTERhR2VwZ0dHd2ZBZ01CQUFHamRUQnpNQXdHQTFVZEV3RUIvd1FDTUFBd0h3WURWUjBqQkJnd0ZvQVVGanpuSU9uV2xPOGY1YUx4dVB5KzZ0OHNONEV3RXdZRFZSMGxCQXd3Q2dZSUt3WUJCUVVIQXdFd0hRWURWUjBPQkJZRUZHYm92VjdGTE01MkZjYStZRTJkRXFvK0tveHFNQTRHQTFVZER3RUIvd1FFQXdJRm9EQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FnRUFKdHZFMmlBYXB1Rzh5cm9WeWVpNEd2dGpmTStJT3RoczFWd2ozWjR0TnRXalc4VTFZcXFnd2ZBSThnUHVDekk2SEdNRDBycnZ6SVM2dGc0cGVUekRFZFk2VmZDNGx0bWNTNWNwaFlZcXM2WDB3aWZUcDRWVmJQdCs2R3hwTWU5b01CVGNBR1JIVGF4VzJmYVBzclFtZkRuaGNoSEZsU2FqaHF4RDVnUi9GWXZYZUFHc29QMEJCcW1SUkRiUnR5ZFB4Qnd1WVFyVTdUSmQraXJQdmhDVm9BMENPQ0FZM2loU3N5UHBuK0xDYnJsQ2JkNVNGRHBIOWFXdHQ2MmlqQ3M4TWRETk1QMmw1bGJ3clFCN3YxYnNGelkxU3hTQ0QxRTh5bVhrQlFSaENCY2cwbWszRXNTVmpkL0dCWG52Q3RCNzdlVUY4MGdMMUR4VzJwT2huTU5DdDMwcTFnemQvajJ0bWNLb0tvR3puUFFDL3NkNWs0c29tLytIdE9ZUWJTbVliQW5LcmFJVWdqUmQzYTN1UzFYQkZHWjMvem9JTXNuMXFOdnI1cENPRkJWcXlLVEp0S1ZjRzcvZi9ncXgxdGplOGVzV0c4bjZReUlPWjBXbWEzVnBaVnFEZGFYRHIrSi9rQ2FZcC9IbUZ2RjhDVkNDQlJSV082ajR6UXh0dXJxL1ZhZUxMOCtJYjlTb1FvRld5UnBMbkZpeXU3em81cUxBNlg1UThTY3owL0pONElOcW5EaFBMYWRrL0p3ZEF0RC80eFBZVlZUYUFYc2hlQmtlKy85QS9nZ0tJakpoazlhUEV2OE1KcnhDa0F1Zm1iVS9pVFVYYXVpUGhjaGM4RmEwZ05IV0RrOW1nMDcyek5HRW1hUlNQSjJQZm52dzNuTXhDanpleDVOdzB0ND0iXSwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAzIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMyIsImp0aSI6ImNmMzJlYzI0MWU0YTQzYThhZTNiYWVmNjU2NzljNTVmIiwiaWF0IjoxNTU2MDM5ODIxLCJleHAiOjE1NTYwMzk4NTEsImNhcGFiaWxpdGllc19pbmZvIjp7InBhcnR5X2lkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMyIsImlzaGFyZV9yb2xlcyI6W3sicm9sZSI6IlNlcnZpY2UgUHJvdmlkZXIifV0sInN1cHBvcnRlZF92ZXJzaW9ucyI6W3sidmVyc2lvbiI6IjEuNyIsInN1cHBvcnRlZF9mZWF0dXJlcyI6W3sicHVibGljIjpbeyJpZCI6IkE1MUQ0MTNGLUIzQ0MtNDc3RC05NkM0LUUzN0E5MDAzQkZFMyIsImZlYXR1cmUiOiJjYXBhYmlsaXRpZXMiLCJkZXNjcmlwdGlvbiI6IlJldHJpZXZlcyBpU0hBUkUgY2FwYWJpbGl0aWVzIiwidXJsIjoiaHR0cHM6Ly93MTMuaXNoYXJldGVzdC5uZXQvY2FwYWJpbGl0aWVzIiwidG9rZW5fZW5kcG9pbnQiOiJodHRwczovL3cxMy5pc2hhcmV0ZXN0Lm5ldC9jb25uZWN0L3Rva2VuIn0seyJpZCI6IjQ5RjZFNjYyLUYwNTUtNEFBQy05NkIyLUU4MzNGQTVGNTQxNCIsImZlYXR1cmUiOiJhY2Nlc3MgdG9rZW4iLCJkZXNjcmlwdGlvbiI6Ik9idGFpbnMgYWNjZXNzIHRva2VuIiwidXJsIjoiaHR0cHM6Ly93MTMuaXNoYXJldGVzdC5uZXQvY29ubmVjdC90b2tlbiJ9LHsiaWQiOiIwNTM1N0IxQy1BOTM0LTRCQjItQTdDRC00Mjk0OERBNTIzNzkiLCJmZWF0dXJlIjoiYm9vbSBhY2Nlc3MiLCJkZXNjcmlwdGlvbiI6IlJlcXVlc3QgYm9vbSBhY2Nlc3MgYmFzZWQgb24gdXNlciBpbmZvcm1hdGlvbiIsInVybCI6Imh0dHBzOi8vdzEzLmlzaGFyZXRlc3QubmV0L2Jvb21fYWNjZXNzIiwidG9rZW5fZW5kcG9pbnQiOiJodHRwczovL3cxMy5pc2hhcmV0ZXN0Lm5ldC9jb25uZWN0L3Rva2VuIn0seyJpZCI6IjEwNUQxOUM3LTAyQjEtNDgxRi04Qjk4LTBDMEYyRjVFQkI0QiIsImZlYXR1cmUiOiJyZXR1cm4gY2xpZW50IGluZm9ybWF0aW9uIiwiZGVzY3JpcHRpb24iOiJEaXNwbGF5cyBpZGVudGl0eSBvZiBjbGllbnQgdG8gd2hpY2ggYWNjZXNzIHRva2VuIHdhcyBpc3N1ZWQiLCJ1cmwiOiJodHRwczovL3cxMy5pc2hhcmV0ZXN0Lm5ldC9tZSIsInRva2VuX2VuZHBvaW50IjoiaHR0cHM6Ly93MTMuaXNoYXJldGVzdC5uZXQvY29ubmVjdC90b2tlbiJ9XX1dfV19fQ.Sxyo5Abt5u2eiE0JVSYl1ciVG1Fr6zqSxs7zTTeiBSytsJig7U2pDAnfhzFBF0F822UIXIyxJIJKgjx57q001Jm1oHP6m2nPFcgvMMlzhJzjtRnT3G_UJsJn1XrtMNAUmKPoBsrqezgSswnL-Xk0Lx2H8fs8rj7t9feVQNZFA93BwJ6vmq9IptKFY6o676L3CPFDuxA07kVItPFaRLtDbkOKDHe5iRcl2e5639PdHePcPuQYPV9lbyUQFStdqRc5D_23GP7ZNI47uCh1JISgLteXJ2IE8HFCA3F139cBrIyxOwLpWldDiwPyr4kVIwy8zisfT_h4NH85vwl-zcqr3Q"
}
Decoded Response Example (JWT Payload, from Warehouse 13)
{
  "party_id": "EU.EORI.NL000000003",
  "ishare_roles": [
    {
      "role": "Service Provider"
    }
  ],
  "supported_versions": [
    {
      "version": "1.7",
      "supported_features": [
        {
          "public": [
            {          
              "id": "A51D413F-B3CC-477D-96C4-E37A9003BFE3",
              "feature": "capabilities",
              "description": "Retrieves iSHARE capabilities",
              "url": "https://w13.isharetest.net/capabilities",
              "token_endpoint": "https://w13.isharetest.net/connect/token"
           },
           {          
              "id": "49F6E662-F055-4AAC-96B2-E833FA5F5414",
              "feature": "access token",
              "description": "Obtains access token",
              "url": "https://w13.isharetest.net/connect/token"
           },
           {          
              "id": "05357B1C-A934-4BB2-A7CD-42948DA52379",
              "feature": "boom access",
              "description": "Request boom access based on user information",
              "url": "https://w13.isharetest.net/boom_access",
              "token_endpoint": "https://w13.isharetest.net/connect/token"
           },
           {          
              "id": "105D19C7-02B1-481F-8B98-0C0F2F5EBB4B",
              "feature": "return client information",
              "description": "Displays identity of client to which access token was issued",
              "url": "https://w13.isharetest.net/me",
              "token_endpoint": "https://w13.isharetest.net/connect/token"
           }
          ]
        }
      ]
    }
  ]
}

Mock service - Requests access for user

POST /boom_access

Fictional service. Client can send random data to this endpoint, and the service will simply respond with "true". The request body will not be evaluated in any manner by the server. Used as a mock service, endpoint will for example be provided with user info, indicating a boom access request for this user.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Do-Not-Sign
in header
boolean

Optional iSHARE specific boolean indicating the response SHALL not be signed. For testing purposes only, certified party response in production environment MUST always be signed.

Request Example (In Header)
{
  "Authorization":"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwMTYyNjIsImV4cCI6MTU1NjAxOTg2MiwiaXNzIjoiaHR0cHM6Ly9zY2hlbWUuaXNoYXJldGVzdC5uZXQvIiwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMCIsImNsaWVudF9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJzY29wZSI6WyJpU0hBUkUiXX0.Yy8lJhCsOC1tU_A6bLQvWF6Ydm_XsH80HcOHPri6YJKUMU_fJUvZs6hnitgtwAHuTDPn5Ngdir6W4HhVTI8XSWerbJzdmbYKg5q8YDMo1QG3K_Dsu_Z6KLI91kMauFx_skx79z-kC-t_V0CSBRThq_Ij08qMmVkbWWpj6x0sJ1P7Pd0A1otYoOjSfYRRtTAm1IsJXHuAIe7lErR4uuQr8uKlljPIUh69kl5NAtj8l31uR1Kuqp1KfzZUeEPFM0m1efhK609Tjq4sxn8PG5HMthkc2snO8BcI53FYWuQ71txFEaCxTHYQipUhcxWVUczDjIosW9eKYVD7O6r1th0cVw"
}
200 OK

boom_access

validity

boolean

Response Example (200 OK)
{
  "validity"true
}

Mock service - Displays client info

GET /me

Displays information off the client to which the access token was issued

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

200 OK

client_details

client_details

string

Response Example (200 OK)
{
  "client_details": "string"
}

Service Provider - Awesome Widgets

Base URL https://awesome.isharetest.net - EORI=EU.EORI.NL000000002

Postman Collection: Awesome Widgets

Obtains access token

POST /connect/token

Used to obtain an OAuth access token from Awesome Widgets. The format of access_token is not defined by this specification. They are left to the Service Provider and should be opaque to the Service Consumer. Refer to the iSHARE JWT and iSHARE OAuth sections on the Technical Agreements page for detailed explanation on how to create this request body

grant_type
in formData
string

OAuth 2.0 grant type. MUST contain "client_credentials"

scope
in formData
string

OAuth 2.0 scope. Defaults to "iSHARE", indicating all rights of the Service Consumer are requested. Other values allow the Service Consumer to get tokens that do not include all rights the Service Consumer has.

client_id
in formData
string

OpenID Connect 1.0 client ID. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain a valid iSHARE identifier of the Service Consumer

client_assertion_type
in formData
string

OpenID Connect 1.0 client assertion type. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"

client_assertion
in formData
string

OpenID Connect 1.0 client assertion. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain JWT token conform iSHARE specifications, signed by the client.

Request body Example application/x-www-form-urlencoded
grant_type=client_credentials&scope=iSHARE&client_id=EU.EORI.NL000000001&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFZ1RDQ0FtbWdBd0lCQWdJSU45VmlDRGkzQndzd0RRWUpLb1pJaHZjTkFRRUxCUUF3U0RFWk1CY0dBMVVFQXd3UWFWTklRVkpGVkdWemRFTkJYMVJNVXpFTk1Bc0dBMVVFQ3d3RVZHVnpkREVQTUEwR0ExVUVDZ3dHYVZOSVFWSkZNUXN3Q1FZRFZRUUdFd0pPVERBZUZ3MHhPVEF5TVRVeE1UUTJNVFZhRncweU1UQXlNVFF4TVRRMk1UVmFNRUl4RlRBVEJnTlZCQU1NREVGQ1F5QlVjblZqYTJsdVp6RWNNQm9HQTFVRUJSTVRSVlV1UlU5U1NTNU9UREF3TURBd01EQXdNVEVMTUFrR0ExVUVCaE1DVGt3d2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUMwTzRoVWhEK1ZvT0tWSVpTTk1OVGZ6YzBPMmtZaitaenBRRUFCWkd0UHR5MGtLUEplcDArbzV4c3RvdTFLK1V4dkhmeEVwSHhIR1RkdHFadWMyOExoVTRDZUNnb2VETURUK0NIUzNOb3NpRVNRTXdoL1paZVRjOS9lS0NvNTY5R0NuKzJYdFRpR1NwQlN3TVNXcU5IZ3BBWllLZEhyVC9rRU1JeVRLb2F1dWlLUThjVXA3b3c3bVp6LzlLK3FWM3M5TDAzMFc4SWF3TEpCSksvMmFwQXQ1amgxajQvbUY3ZjBxOHpoemhyQzh2MDFQTGxaZHVUempqQnJlN216K3lpL3ZsWXovZWFwMGVZVGpoeElhdHlWOUZGd2xtaTRGQzFDTmNNdExoOG5zaUpvZTVjQm0xM0xLYlFGdTNHWUg3Nm9lTFp2V3FiUGJwMTFteGxIYS9LZEFnTUJBQUdqZFRCek1Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVUZqem5JT25XbE84ZjVhTHh1UHkrNnQ4c040RXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUhBd0V3SFFZRFZSME9CQllFRkFQSCs4VXJZaVZMWGFLUFJHZmxrQStjdXNRN01BNEdBMVVkRHdFQi93UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVlsNXRXSDBZdFlTOUp5cXlsWkpXb21BNTVTaEtsbGFCUmN2cm82Q0h4bGxKV0hvMHFDOVpUTWN2Q3l3TXYxNFZKeVFkNmVGWnFjVnRPbHVHclJaQmtsSDlBYW5rb3ZwMkpMYXFjRDc5dDFDeXVYWm5JelRGbC9Ca01zRTZ3bEFKWFkvc2Fybm94ZWllalA0RS9FZi8wZXVJRnZCYUlDQ0YrS2QyV0pZYmJuMFd5MGRINDg0UUpiSHlNdFZmcjQyb0lwVU5WdUxTdTg0eUtZQWVtOUpCdVlUcDNZMEsyaGlFQVcvYk9LRHZ2SGV0VmY1ZnU2NnlmZWtEWDUzajNOS2lGSkNYUzJyS0lab0R1TUZ1eHBTeVZrUzJrYldrMSs1Sm95N3FPU05BTlJGUGxwSGNnekxRWnA4SHJndmhzbWhJdDFWVFZZa3l4Y2Q4cVhBbGh3cVZnT3E1TmdMeGtxdWw5aE5NR2lNN3NxK0g3M1EvRmk4aWY3Z1A4SVZBU3pRR3d1SGcyWjg3aWI2QTJ2b24wZlJKWnEzZkl1YkhveEk2M0FUd2ZjUks4NnkxNzJ4YkZFM1ZVMGR1TjF0STVaMFRDZzBHQUpZdEpwYm52ZXhJdDVsazVGSWs0VGh2UjBMOG1OTHkxRFVhMTFOK0VNeGtxYmZxbFR1ckI4WmczQ1kvUWFTS21YWTVDTVV3V2VFQlhSSGh5ZmtaUTVqUFBVSHJGYW95T1JYOHAxRXJZRGt0QjFLOW80am11RVZwQjMzY3ZnWUJFaUF5VjV6NDQyNkZ1VkNNYkhhRkRWN2lLVzllQmxYb3hlWm80WFg4K2pYeVNMNUdXOFh3TlJUSzVjNHZXMDJRM1ZKeVlWZTV1bWVzdHNLUStMUjhpQXpvVVNyZUsxOCtKa0FqQUpVPSJdfQ.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAxIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMSIsImp0aSI6IjJlMDE1NDExYzJjMjQwOTBhMTE0YjYwOGNjM2I5ZWQ3IiwiaWF0IjoxNTU2MDk1Nzg3LCJuYmYiOjE1NTYwOTU3ODcsImV4cCI6MTU1NjA5NTgxNywiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMiJ9.GYeZdVKmV4XZBatcuWDnsrwXAwAdsPDp-II2X7jpRZ-PNuNhqOBKJbqcaob0Z_Pc6ZhWhGHMJqZj1q1g3PVa4n8ojkhweWHEKQf8fdqQCiU0SP2u2jURA3KDckkSYaTD72pJlj4zAELRUQC48bonMsgWku5Q2buw_pK2h_vZ5l1k8JmA3q06A3_ca_feS-42fjBW-BnDQTiGQWng8o0Myu2qLI_uU-v7Ox7FZcQnDrw99071J2_2DNNimqxeP_O5l0JB7bbnkdkboBQdHv4onE6Lt2qCxBZF_xD68d6f87VmTkqyyJ2oG-MPMEq3nLW8rIdhvohWIp2cfwB65VYDXg
Request body Example formatted for visibility

  {
  "grant_type": "client_credentials",
  "scope": "iSHARE",
  "client_id": "EU.EORI.NL000000001",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
  "client_assertion": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFZ1RDQ0FtbWdBd0lCQWdJSU45VmlDRGkzQndzd0RRWUpLb1pJaHZjTkFRRUxCUUF3U0RFWk1CY0dBMVVFQXd3UWFWTklRVkpGVkdWemRFTkJYMVJNVXpFTk1Bc0dBMVVFQ3d3RVZHVnpkREVQTUEwR0ExVUVDZ3dHYVZOSVFWSkZNUXN3Q1FZRFZRUUdFd0pPVERBZUZ3MHhPVEF5TVRVeE1UUTJNVFZhRncweU1UQXlNVFF4TVRRMk1UVmFNRUl4RlRBVEJnTlZCQU1NREVGQ1F5QlVjblZqYTJsdVp6RWNNQm9HQTFVRUJSTVRSVlV1UlU5U1NTNU9UREF3TURBd01EQXdNVEVMTUFrR0ExVUVCaE1DVGt3d2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUMwTzRoVWhEK1ZvT0tWSVpTTk1OVGZ6YzBPMmtZaitaenBRRUFCWkd0UHR5MGtLUEplcDArbzV4c3RvdTFLK1V4dkhmeEVwSHhIR1RkdHFadWMyOExoVTRDZUNnb2VETURUK0NIUzNOb3NpRVNRTXdoL1paZVRjOS9lS0NvNTY5R0NuKzJYdFRpR1NwQlN3TVNXcU5IZ3BBWllLZEhyVC9rRU1JeVRLb2F1dWlLUThjVXA3b3c3bVp6LzlLK3FWM3M5TDAzMFc4SWF3TEpCSksvMmFwQXQ1amgxajQvbUY3ZjBxOHpoemhyQzh2MDFQTGxaZHVUempqQnJlN216K3lpL3ZsWXovZWFwMGVZVGpoeElhdHlWOUZGd2xtaTRGQzFDTmNNdExoOG5zaUpvZTVjQm0xM0xLYlFGdTNHWUg3Nm9lTFp2V3FiUGJwMTFteGxIYS9LZEFnTUJBQUdqZFRCek1Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVUZqem5JT25XbE84ZjVhTHh1UHkrNnQ4c040RXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUhBd0V3SFFZRFZSME9CQllFRkFQSCs4VXJZaVZMWGFLUFJHZmxrQStjdXNRN01BNEdBMVVkRHdFQi93UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVlsNXRXSDBZdFlTOUp5cXlsWkpXb21BNTVTaEtsbGFCUmN2cm82Q0h4bGxKV0hvMHFDOVpUTWN2Q3l3TXYxNFZKeVFkNmVGWnFjVnRPbHVHclJaQmtsSDlBYW5rb3ZwMkpMYXFjRDc5dDFDeXVYWm5JelRGbC9Ca01zRTZ3bEFKWFkvc2Fybm94ZWllalA0RS9FZi8wZXVJRnZCYUlDQ0YrS2QyV0pZYmJuMFd5MGRINDg0UUpiSHlNdFZmcjQyb0lwVU5WdUxTdTg0eUtZQWVtOUpCdVlUcDNZMEsyaGlFQVcvYk9LRHZ2SGV0VmY1ZnU2NnlmZWtEWDUzajNOS2lGSkNYUzJyS0lab0R1TUZ1eHBTeVZrUzJrYldrMSs1Sm95N3FPU05BTlJGUGxwSGNnekxRWnA4SHJndmhzbWhJdDFWVFZZa3l4Y2Q4cVhBbGh3cVZnT3E1TmdMeGtxdWw5aE5NR2lNN3NxK0g3M1EvRmk4aWY3Z1A4SVZBU3pRR3d1SGcyWjg3aWI2QTJ2b24wZlJKWnEzZkl1YkhveEk2M0FUd2ZjUks4NnkxNzJ4YkZFM1ZVMGR1TjF0STVaMFRDZzBHQUpZdEpwYm52ZXhJdDVsazVGSWs0VGh2UjBMOG1OTHkxRFVhMTFOK0VNeGtxYmZxbFR1ckI4WmczQ1kvUWFTS21YWTVDTVV3V2VFQlhSSGh5ZmtaUTVqUFBVSHJGYW95T1JYOHAxRXJZRGt0QjFLOW80am11RVZwQjMzY3ZnWUJFaUF5VjV6NDQyNkZ1VkNNYkhhRkRWN2lLVzllQmxYb3hlWm80WFg4K2pYeVNMNUdXOFh3TlJUSzVjNHZXMDJRM1ZKeVlWZTV1bWVzdHNLUStMUjhpQXpvVVNyZUsxOCtKa0FqQUpVPSJdfQ.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAxIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMSIsImp0aSI6IjJlMDE1NDExYzJjMjQwOTBhMTE0YjYwOGNjM2I5ZWQ3IiwiaWF0IjoxNTU2MDk1Nzg3LCJuYmYiOjE1NTYwOTU3ODcsImV4cCI6MTU1NjA5NTgxNywiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMiJ9.GYeZdVKmV4XZBatcuWDnsrwXAwAdsPDp-II2X7jpRZ-PNuNhqOBKJbqcaob0Z_Pc6ZhWhGHMJqZj1q1g3PVa4n8ojkhweWHEKQf8fdqQCiU0SP2u2jURA3KDckkSYaTD72pJlj4zAELRUQC48bonMsgWku5Q2buw_pK2h_vZ5l1k8JmA3q06A3_ca_feS-42fjBW-BnDQTiGQWng8o0Myu2qLI_uU-v7Ox7FZcQnDrw99071J2_2DNNimqxeP_O5l0JB7bbnkdkboBQdHv4onE6Lt2qCxBZF_xD68d6f87VmTkqyyJ2oG-MPMEq3nLW8rIdhvohWIp2cfwB65VYDXg",
  }
200 OK
access_token

string

token_type

string

expires_in

integer

Response Example (200 OK)
{
  "access_token""eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwOTU3OTksImV4cCI6MTU1NjA5OTM5OSwiaXNzIjoiaHR0cHM6Ly9hd2Vzb21lLmlzaGFyZXRlc3QubmV0LyIsImF1ZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDIiLCJjbGllbnRfaWQiOiJFVS5FT1JJLk5MMDAwMDAwMDAxIiwic2NvcGUiOlsiaVNIQVJFIl19.lmwKDXpkcq3FxOrhvNBN-0wNA2WoNSIvjmOH9h7_qm-UBwEd3DqZWabxg3wGFen4sJjH_vflp6SjL-hSu6EZYDJMS-3zi4MSabOCQJMCKav3jJZYuDQCFzPqopKIuwNN89X9oqON_1h9Uks1bgFomFx21IDq_Ly36zPsMR4Cb7RbTWDiruwRb5to38WYOBWcW4uxDuTmlgENLLFgm_DyArayp6rLpuMlYmZcKjSDQV4vdRfeROo_nTLaMOZhALPbAmMUad1Aa3qGbpEwmIillPn4gpCFHLs5o7nXrgon7qadaGWJ8DihHHaK7ynWa2GUpyEBF_wkUEm3H16noE1UUw",
  "token_type": "Bearer",
  "expires_in": 3600
}

Retrieves iSHARE capabilities

GET /capabilities

Retrieves the iSHARE capabilities (supported versions & optional features) of Awesome Widgets. Server response is an iSHARE signed JSON Web Token. Please refer to the models ‘jwt_header’ and ‘jwt_payload_capabilities’ which indicate what the decoded response will look like.

The capabilities endpoint should only return the public endpoints if no access token is provided. If an access token is provided, the capabilities endpoint will also provide the restricted endpoints. The capabilities and token endpoint MUST be public endpoints. It is up to parties themselves whether or not they restrict other endpoints.

A party may also have private endpoints, which are endpoints for their own internal organization. These endpoints should only be acccessible with a private access token, and are not within the scope of iSHARE.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Do-Not-Sign
in header
boolean

Optional iSHARE specific boolean indicating the response SHALL not be signed. For testing purposes only, certified party response in production environment MUST always be signed.

Request Example (In Header, use of Access Token is optional)
{
  "Authorization":"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwOTU3OTksImV4cCI6MTU1NjA5OTM5OSwiaXNzIjoiaHR0cHM6Ly9hd2Vzb21lLmlzaGFyZXRlc3QubmV0LyIsImF1ZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDIiLCJjbGllbnRfaWQiOiJFVS5FT1JJLk5MMDAwMDAwMDAxIiwic2NvcGUiOlsiaVNIQVJFIl19.lmwKDXpkcq3FxOrhvNBN-0wNA2WoNSIvjmOH9h7_qm-UBwEd3DqZWabxg3wGFen4sJjH_vflp6SjL-hSu6EZYDJMS-3zi4MSabOCQJMCKav3jJZYuDQCFzPqopKIuwNN89X9oqON_1h9Uks1bgFomFx21IDq_Ly36zPsMR4Cb7RbTWDiruwRb5to38WYOBWcW4uxDuTmlgENLLFgm_DyArayp6rLpuMlYmZcKjSDQV4vdRfeROo_nTLaMOZhALPbAmMUad1Aa3qGbpEwmIillPn4gpCFHLs5o7nXrgon7qadaGWJ8DihHHaK7ynWa2GUpyEBF_wkUEm3H16noE1UUw"
}
capabilities_token

string

Response Example (200 OK, from Scheme Owner)
{
  "capabilities_token":"eyJ4NWMiOlsiTUlJRWhEQ0NBbXlnQXdJQkFnSUlSSEpabWpSamlzQXdEUVlKS29aSWh2Y05BUUVMQlFBd1NERVpNQmNHQTFVRUF3d1FhVk5JUVZKRlZHVnpkRU5CWDFSTVV6RU5NQXNHQTFVRUN3d0VWR1Z6ZERFUE1BMEdBMVVFQ2d3R2FWTklRVkpGTVFzd0NRWURWUVFHRXdKT1REQWVGdzB4T1RBeU1UVXhNekE0TURSYUZ3MHlNVEF5TVRReE16QTRNRFJhTUVVeEdEQVdCZ05WQkFNTUQwRjNaWE52YldVZ1YybGtaMlYwY3pFY01Cb0dBMVVFQlJNVFJWVXVSVTlTU1M1T1REQXdNREF3TURBd01qRUxNQWtHQTFVRUJoTUNUa3d3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQ2c2Tlc0dVNNYnNsK2cycjZEMW9FNG5lcTdHVEFLVm5ZN3pmZFhTM1p1ZHRLQUp5VWMzM1B0YnVFeGpjZmlOVlk1emhFa0hkTS9zVXdkb0kzaE84OURHV2ZRYm9VSGRZT0hUT0xjdFR6VHMwS0FEd1FlSFRvMjloQU5maEY0VVhNY2dmQTRDSzg3YitaMVc4dWFoS3pwUHpObXVQTUJ0V0cyeTcrcFBpZERXQXR4Z2c1NWU4Y0s1Mks1TUxFb2k4blF2emY1SHY5SmpCQi92K013bE9qUU9adi9XSEI2djBaalB4Q3hOdWpCUll0ZjRpZFEzbUhxcGJGLzJQZGk5RVh0aWJxVU8wQ1ZoL0NBQUFCallTNms0ejN4OFFVV2czbnEzclUrdFNib0hEbFBRSVR5dWswOTVwWEhvNHJ1cS9hQU9YTGlNc2ZXZW5sRzNXTDh6elZUQWdNQkFBR2pkVEJ6TUF3R0ExVWRFd0VCL3dRQ01BQXdId1lEVlIwakJCZ3dGb0FVRmp6bklPbldsTzhmNWFMeHVQeSs2dDhzTjRFd0V3WURWUjBsQkF3d0NnWUlLd1lCQlFVSEF3RXdIUVlEVlIwT0JCWUVGSE5TNVpnM2hUZS9BVnRybk83ZWQ4bWdPNXd4TUE0R0ExVWREd0VCL3dRRUF3SUZvREFOQmdrcWhraUc5dzBCQVFzRkFBT0NBZ0VBdzlUTSt5azBySkl6MkZDSzMwczRXMzR6R3pXdVhNdmRZa0VHTmU4ZWE4cHdYNXI4MFNzOStZQmgzL3F5OEVwd2NPWVh6aExkYVdTUVVqNTVhZDVXSGRKYm85b0xOS2RvWFB0RFROK2tjVjYzaWU4dkJvdjUyb2t1SENWblp2WUphWXB1djdVZmZoU3l6RGxCcVRySUN3TWlHeVhhVlB5RnFMd0kxWW93OWZWNnhUMDlvdzdWNmNxQ2pnN2dYclpqcUJsZHJrdmF6RlhWODNMaHE2TnBrVHNMYmZkK01leEZVd0JCdGg4OS80TkhYVnhrbHZDZEVxdkdGRXRtUjdLRVlwNU5ZSDQrcFA4bkJqNHRJZmh0QzZKa3VyVjBhazF6d0tSeEZydzhNTmQ4bDQwWVdyelFyMis5S3lBczdETXRKQUQ3bmJrc2pzdklFMldoVStMVytyUVoycmJacndFT3g3OHQrM3FXekpRZFcvZ0lXcEFNUHRkR013OUlpUzkwa2l1SlRDb3dQTDFXaHdTVkJDUmlQcnRObEdIcEZwb0tOL3M2TUxaN0lIWW03QUNDcU8yRjRCazByMERjT1VKbTZKbU11UHYyS0RzUU5uMUJYaFNVdmlOOFJMT0pPWWJTbHZzYktEdWh0V1JDSzdsa29OTWxPRGJSNjhOSm1PVk1YdGNqa0xtOGh3V3NaSEJCSFAwR2d2V3dmTGtiMDUxOE1IcFBzRmVYdTVlck95SUhjWjRNbTZhTVNGNStnQ1VhYXpTMjFOQzFRcEx2NlhNWmhrRWROalAvK3NTWTFHRVdCWFFkQzZZNDZNb3dEZE1KdEhXQTZHcDJWc3RGQUtMMDRWVUhEZzY0SlY5YW8yUjZNWnFNeFB1NjZFL2hTTjFBT0VQbkN6MXNYSHM9Il0sImFsZyI6IlJTMjU2IiwidHlwIjoiSldUIn0.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAyIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMiIsImp0aSI6ImQ3OWJmOTI1ODY2ODRjNjZhM2Y1YzdiZWM0MDE3ZTcyIiwiaWF0IjoxNTU2MDk1OTY1LCJleHAiOjE1NTYwOTU5OTUsImF1ZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJjYXBhYmlsaXRpZXNfaW5mbyI6eyJwYXJ0eV9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDIiLCJpc2hhcmVfcm9sZXMiOlt7InJvbGUiOiJTZXJ2aWNlIFByb3ZpZGVyIn1dLCJzdXBwb3J0ZWRfdmVyc2lvbnMiOlt7InZlcnNpb24iOiIxLjciLCJzdXBwb3J0ZWRfZmVhdHVyZXMiOlt7InB1YmxpYyI6W3siaWQiOiIxNUYzODk4Ni01Qjc5LTQ0QUItQjJGNi04ODRBMTRCQ0U2RDciLCJmZWF0dXJlIjoiY2FwYWJpbGl0aWVzIiwiZGVzY3JpcHRpb24iOiJSZXRyaWV2ZXMgaVNIQVJFIGNhcGFiaWxpdGllcyIsInVybCI6Imh0dHBzOi8vYXdlc29tZS5pc2hhcmV0ZXN0Lm5ldC9jYXBhYmlsaXRpZXMiLCJ0b2tlbl9lbmRwb2ludCI6Imh0dHBzOi8vYXdlc29tZS5pc2hhcmV0ZXN0Lm5ldC9jb25uZWN0L3Rva2VuIn0seyJpZCI6IkNCNTc4MUFBLUVBMzItNDUzNS1BQTIxLTkyMDM1RTAzMTIxRSIsImZlYXR1cmUiOiJhY2Nlc3MgdG9rZW4iLCJkZXNjcmlwdGlvbiI6Ik9idGFpbnMgYWNjZXNzIHRva2VuIiwidXJsIjoiaHR0cHM6Ly9hd2Vzb21lLmlzaGFyZXRlc3QubmV0L2Nvbm5lY3QvdG9rZW4ifSx7ImlkIjoiQTQ2RjgzOTgtNjhEQS00MzdBLTg2NDgtNjE1RDYxN0JBRUU4IiwiZmVhdHVyZSI6ImJvb20gYWNjZXNzIiwiZGVzY3JpcHRpb24iOiJSZXF1ZXN0IGJvb20gYWNjZXNzIGJhc2VkIG9uIHVzZXIgaW5mb3JtYXRpb24iLCJ1cmwiOiJodHRwczovL2F3ZXNvbWUuaXNoYXJldGVzdC5uZXQvYm9vbV9hY2Nlc3MiLCJ0b2tlbl9lbmRwb2ludCI6Imh0dHBzOi8vYXdlc29tZS5pc2hhcmV0ZXN0Lm5ldC9jb25uZWN0L3Rva2VuIn0seyJpZCI6IkQyREE4MzIyLTgzOTEtNEUwMS1BMEUzLTJDQUFDQjNCOEFEOCIsImZlYXR1cmUiOiJyZXR1cm4gY2xpZW50IGluZm9ybWF0aW9uIiwiZGVzY3JpcHRpb24iOiJEaXNwbGF5cyBpZGVudGl0eSBvZiBjbGllbnQgdG8gd2hpY2ggYWNjZXNzIHRva2VuIHdhcyBpc3N1ZWQiLCJ1cmwiOiJodHRwczovL2F3ZXNvbWUuaXNoYXJldGVzdC5uZXQvbWUiLCJ0b2tlbl9lbmRwb2ludCI6Imh0dHBzOi8vYXdlc29tZS5pc2hhcmV0ZXN0Lm5ldC9jb25uZWN0L3Rva2VuIn1dLCJyZXN0cmljdGVkIjpbXX1dfV19fQ.N5WGUsRrMlSgJUUxTxKMuubsDjsaTzviuoe12lrK2YJjSfOm6juSL1vqkryENjjKC4h4Bw45vT61FUSjxTk-HvEe9GyFyI98SbTrGw-Ar04HMeIkG7U--IUsM43q5uFgfVeyaxG4J-CCkUZXeR09pfpWAB6ag7SUrjfVP8lw-yFVgEXbuf9OEFxBbv2BB_V3YqHoQDO2cmf4rFPmD1jvXPzdPnAlG4E3bwGX7iJNPsJp698H1XLCBQ2HyqUK_OcBB0y4hu2cmfqVZ4TTOBpvdx_SZkJFtf7qjYwxGe9na4ZWPk2SbygLCt_EaGabAXZSu4zrHvY4ODXbmpP6KIOYJQ"
}
Decoded Response Example (JWT Payload, from Scheme Owner)
{
  "party_id": "EU.EORI.NL000000002",
  "ishare_roles": [
    {
      "role": "Service Provider"
    }
  ],
  "supported_versions": [
    {
      "version": "1.7",
      "supported_features": [
        {
          "public": [
            {          
              "id": "15F38986-5B79-44AB-B2F6-884A14BCE6D7",
              "feature": "capabilities",
              "description": "Retrieves iSHARE capabilities",
              "url": "https://awesome.isharetest.net/capabilities",
              "token_endpoint": "https://awesome.isharetest.net/connect/token"
           },
           {          
              "id": "CB5781AA-EA32-4535-AA21-92035E03121E",
              "feature": "access token",
              "description": "Obtains access token",
              "url": "https://awesome.isharetest.net/connect/token"
           },
           {          
              "id": "A46F8398-68DA-437A-8648-615D617BAEE8",
              "feature": "boom access",
              "description": "Request boom access based on user information",
              "url": "https://awesome.isharetest.net/boom_access",
              "token_endpoint": "https://awesome.isharetest.net/connect/token"
           },
           {          
              "id": "D2DA8322-8391-4E01-A0E3-2CAACB3B8AD8",
              "feature": "boom access",
              "description": "Displays identity of client to which access token was issued",
              "url": "https://awesome.isharetest.net/me",
              "token_endpoint": "https://awesome.isharetest.net/connect/token"
           }
          ],
          "restricted": []
        }
      ]
    }
  ]
}

Mock service - Requests access for user

POST /boom_access

Fictional service. Client can send random data to this endpoint, and the service will simply respond with "true". The request body will not be evaluated in any manner by the server. Used as a mock service, endpoint will for example be provided with user info, indicating a boom access request for this user.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Do-Not-Sign
in header
boolean

Optional iSHARE specific boolean indicating the response SHALL not be signed. For testing purposes only, certified party response in production environment MUST always be signed.

Request Example (In Header)
{
  "Authorization":"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwOTU3OTksImV4cCI6MTU1NjA5OTM5OSwiaXNzIjoiaHR0cHM6Ly9hd2Vzb21lLmlzaGFyZXRlc3QubmV0LyIsImF1ZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDIiLCJjbGllbnRfaWQiOiJFVS5FT1JJLk5MMDAwMDAwMDAxIiwic2NvcGUiOlsiaVNIQVJFIl19.lmwKDXpkcq3FxOrhvNBN-0wNA2WoNSIvjmOH9h7_qm-UBwEd3DqZWabxg3wGFen4sJjH_vflp6SjL-hSu6EZYDJMS-3zi4MSabOCQJMCKav3jJZYuDQCFzPqopKIuwNN89X9oqON_1h9Uks1bgFomFx21IDq_Ly36zPsMR4Cb7RbTWDiruwRb5to38WYOBWcW4uxDuTmlgENLLFgm_DyArayp6rLpuMlYmZcKjSDQV4vdRfeROo_nTLaMOZhALPbAmMUad1Aa3qGbpEwmIillPn4gpCFHLs5o7nXrgon7qadaGWJ8DihHHaK7ynWa2GUpyEBF_wkUEm3H16noE1UUw"
}
200 OK

boom_access

validity

boolean

Response Example (200 OK)
{
  "validity"true
}

Mock service - Displays client info

GET /me

Displays information off the client to which the access token was issued

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

200 OK

client_details

client_details

string

Response Example (200 OK)
{
  "client_details": "string"
}

Entitled Party - Banana&Co

Base URL https://banana.isharetest.net - EORI=EU.EORI.NL000000005

Postman Collection: Banana & Co.

Obtains access token

POST /connect/token

Used to obtain an OAuth access token from Banana & Co. The format of access_token is not defined by this specification. They are left to the server and should be opaque to the Service Consumer. Refer to the iSHARE OAuth 2.0 documentation on the Technical Agreements page for additional information on the expected values from this access token request body.

grant_type
in formData
string

OAuth 2.0 grant type. MUST contain "client_credentials"

scope
in formData
string

OAuth 2.0 scope. Defaults to "iSHARE", indicating all rights of the Service Consumer are requested. Other values allow the Service Consumer to get tokens that do not include all rights the Service Consumer has.

client_id
in formData
string

OpenID Connect 1.0 client ID. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain a valid iSHARE identifier of the Service Consumer

client_assertion_type
in formData
string

OpenID Connect 1.0 client assertion type. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"

client_assertion
in formData
string

OpenID Connect 1.0 client assertion. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain JWT token conform iSHARE specifications, signed by the client.

Request body Example application/x-www-form-urlencoded
grant_type=client_credentials&scope=iSHARE&client_id=EU.EORI.NL000000001&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFZ1RDQ0FtbWdBd0lCQWdJSU45VmlDRGkzQndzd0RRWUpLb1pJaHZjTkFRRUxCUUF3U0RFWk1CY0dBMVVFQXd3UWFWTklRVkpGVkdWemRFTkJYMVJNVXpFTk1Bc0dBMVVFQ3d3RVZHVnpkREVQTUEwR0ExVUVDZ3dHYVZOSVFWSkZNUXN3Q1FZRFZRUUdFd0pPVERBZUZ3MHhPVEF5TVRVeE1UUTJNVFZhRncweU1UQXlNVFF4TVRRMk1UVmFNRUl4RlRBVEJnTlZCQU1NREVGQ1F5QlVjblZqYTJsdVp6RWNNQm9HQTFVRUJSTVRSVlV1UlU5U1NTNU9UREF3TURBd01EQXdNVEVMTUFrR0ExVUVCaE1DVGt3d2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUMwTzRoVWhEK1ZvT0tWSVpTTk1OVGZ6YzBPMmtZaitaenBRRUFCWkd0UHR5MGtLUEplcDArbzV4c3RvdTFLK1V4dkhmeEVwSHhIR1RkdHFadWMyOExoVTRDZUNnb2VETURUK0NIUzNOb3NpRVNRTXdoL1paZVRjOS9lS0NvNTY5R0NuKzJYdFRpR1NwQlN3TVNXcU5IZ3BBWllLZEhyVC9rRU1JeVRLb2F1dWlLUThjVXA3b3c3bVp6LzlLK3FWM3M5TDAzMFc4SWF3TEpCSksvMmFwQXQ1amgxajQvbUY3ZjBxOHpoemhyQzh2MDFQTGxaZHVUempqQnJlN216K3lpL3ZsWXovZWFwMGVZVGpoeElhdHlWOUZGd2xtaTRGQzFDTmNNdExoOG5zaUpvZTVjQm0xM0xLYlFGdTNHWUg3Nm9lTFp2V3FiUGJwMTFteGxIYS9LZEFnTUJBQUdqZFRCek1Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVUZqem5JT25XbE84ZjVhTHh1UHkrNnQ4c040RXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUhBd0V3SFFZRFZSME9CQllFRkFQSCs4VXJZaVZMWGFLUFJHZmxrQStjdXNRN01BNEdBMVVkRHdFQi93UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVlsNXRXSDBZdFlTOUp5cXlsWkpXb21BNTVTaEtsbGFCUmN2cm82Q0h4bGxKV0hvMHFDOVpUTWN2Q3l3TXYxNFZKeVFkNmVGWnFjVnRPbHVHclJaQmtsSDlBYW5rb3ZwMkpMYXFjRDc5dDFDeXVYWm5JelRGbC9Ca01zRTZ3bEFKWFkvc2Fybm94ZWllalA0RS9FZi8wZXVJRnZCYUlDQ0YrS2QyV0pZYmJuMFd5MGRINDg0UUpiSHlNdFZmcjQyb0lwVU5WdUxTdTg0eUtZQWVtOUpCdVlUcDNZMEsyaGlFQVcvYk9LRHZ2SGV0VmY1ZnU2NnlmZWtEWDUzajNOS2lGSkNYUzJyS0lab0R1TUZ1eHBTeVZrUzJrYldrMSs1Sm95N3FPU05BTlJGUGxwSGNnekxRWnA4SHJndmhzbWhJdDFWVFZZa3l4Y2Q4cVhBbGh3cVZnT3E1TmdMeGtxdWw5aE5NR2lNN3NxK0g3M1EvRmk4aWY3Z1A4SVZBU3pRR3d1SGcyWjg3aWI2QTJ2b24wZlJKWnEzZkl1YkhveEk2M0FUd2ZjUks4NnkxNzJ4YkZFM1ZVMGR1TjF0STVaMFRDZzBHQUpZdEpwYm52ZXhJdDVsazVGSWs0VGh2UjBMOG1OTHkxRFVhMTFOK0VNeGtxYmZxbFR1ckI4WmczQ1kvUWFTS21YWTVDTVV3V2VFQlhSSGh5ZmtaUTVqUFBVSHJGYW95T1JYOHAxRXJZRGt0QjFLOW80am11RVZwQjMzY3ZnWUJFaUF5VjV6NDQyNkZ1VkNNYkhhRkRWN2lLVzllQmxYb3hlWm80WFg4K2pYeVNMNUdXOFh3TlJUSzVjNHZXMDJRM1ZKeVlWZTV1bWVzdHNLUStMUjhpQXpvVVNyZUsxOCtKa0FqQUpVPSJdfQ.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAxIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMSIsImp0aSI6ImIzNWM0Zjc1YWJlYzQyMzZhZDlmZTE4ZjZhNWRjZWZkIiwiaWF0IjoxNTU2MDk2NzY5LCJuYmYiOjE1NTYwOTY3NjksImV4cCI6MTU1NjA5Njc5OSwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwNSJ9.VIe3MKpGkWz5sZoZF7zDhMCH_RFGLU5XAqaSQ1XMncwIRmbTO4sAEgEUjAogz8hArff6_JCBhRrYfwn9NefGrgvxdDjdqpYJ7KRTrzf4kAbfE-qFIwuG89YrWzCtAVqQslImosEn82T7UBugLckeDu5hl_G5Y6IjHumScSCDInUBZ1rB62inAUsexVlTOS8Jy5yVMy5cyjfhLsWCARb9AwmqxCzDr-AnrdcRfrQsWaXS4vBm2KpyBtXGEyRYJe1YIniP6kJ1fNMGJrF9uV6JGA1NOB88LCAqlnFnF-0oWj4oE_znYLlThgQm6yydsD9dfHC9tsr-JwpegGMa0cwj6g
Request body Example formatted for visibility

  {
  "grant_type": "client_credentials",
  "scope": "iSHARE",
  "client_id": "EU.EORI.NL000000001",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
  "client_assertion": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFZ1RDQ0FtbWdBd0lCQWdJSU45VmlDRGkzQndzd0RRWUpLb1pJaHZjTkFRRUxCUUF3U0RFWk1CY0dBMVVFQXd3UWFWTklRVkpGVkdWemRFTkJYMVJNVXpFTk1Bc0dBMVVFQ3d3RVZHVnpkREVQTUEwR0ExVUVDZ3dHYVZOSVFWSkZNUXN3Q1FZRFZRUUdFd0pPVERBZUZ3MHhPVEF5TVRVeE1UUTJNVFZhRncweU1UQXlNVFF4TVRRMk1UVmFNRUl4RlRBVEJnTlZCQU1NREVGQ1F5QlVjblZqYTJsdVp6RWNNQm9HQTFVRUJSTVRSVlV1UlU5U1NTNU9UREF3TURBd01EQXdNVEVMTUFrR0ExVUVCaE1DVGt3d2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUMwTzRoVWhEK1ZvT0tWSVpTTk1OVGZ6YzBPMmtZaitaenBRRUFCWkd0UHR5MGtLUEplcDArbzV4c3RvdTFLK1V4dkhmeEVwSHhIR1RkdHFadWMyOExoVTRDZUNnb2VETURUK0NIUzNOb3NpRVNRTXdoL1paZVRjOS9lS0NvNTY5R0NuKzJYdFRpR1NwQlN3TVNXcU5IZ3BBWllLZEhyVC9rRU1JeVRLb2F1dWlLUThjVXA3b3c3bVp6LzlLK3FWM3M5TDAzMFc4SWF3TEpCSksvMmFwQXQ1amgxajQvbUY3ZjBxOHpoemhyQzh2MDFQTGxaZHVUempqQnJlN216K3lpL3ZsWXovZWFwMGVZVGpoeElhdHlWOUZGd2xtaTRGQzFDTmNNdExoOG5zaUpvZTVjQm0xM0xLYlFGdTNHWUg3Nm9lTFp2V3FiUGJwMTFteGxIYS9LZEFnTUJBQUdqZFRCek1Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVUZqem5JT25XbE84ZjVhTHh1UHkrNnQ4c040RXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUhBd0V3SFFZRFZSME9CQllFRkFQSCs4VXJZaVZMWGFLUFJHZmxrQStjdXNRN01BNEdBMVVkRHdFQi93UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVlsNXRXSDBZdFlTOUp5cXlsWkpXb21BNTVTaEtsbGFCUmN2cm82Q0h4bGxKV0hvMHFDOVpUTWN2Q3l3TXYxNFZKeVFkNmVGWnFjVnRPbHVHclJaQmtsSDlBYW5rb3ZwMkpMYXFjRDc5dDFDeXVYWm5JelRGbC9Ca01zRTZ3bEFKWFkvc2Fybm94ZWllalA0RS9FZi8wZXVJRnZCYUlDQ0YrS2QyV0pZYmJuMFd5MGRINDg0UUpiSHlNdFZmcjQyb0lwVU5WdUxTdTg0eUtZQWVtOUpCdVlUcDNZMEsyaGlFQVcvYk9LRHZ2SGV0VmY1ZnU2NnlmZWtEWDUzajNOS2lGSkNYUzJyS0lab0R1TUZ1eHBTeVZrUzJrYldrMSs1Sm95N3FPU05BTlJGUGxwSGNnekxRWnA4SHJndmhzbWhJdDFWVFZZa3l4Y2Q4cVhBbGh3cVZnT3E1TmdMeGtxdWw5aE5NR2lNN3NxK0g3M1EvRmk4aWY3Z1A4SVZBU3pRR3d1SGcyWjg3aWI2QTJ2b24wZlJKWnEzZkl1YkhveEk2M0FUd2ZjUks4NnkxNzJ4YkZFM1ZVMGR1TjF0STVaMFRDZzBHQUpZdEpwYm52ZXhJdDVsazVGSWs0VGh2UjBMOG1OTHkxRFVhMTFOK0VNeGtxYmZxbFR1ckI4WmczQ1kvUWFTS21YWTVDTVV3V2VFQlhSSGh5ZmtaUTVqUFBVSHJGYW95T1JYOHAxRXJZRGt0QjFLOW80am11RVZwQjMzY3ZnWUJFaUF5VjV6NDQyNkZ1VkNNYkhhRkRWN2lLVzllQmxYb3hlWm80WFg4K2pYeVNMNUdXOFh3TlJUSzVjNHZXMDJRM1ZKeVlWZTV1bWVzdHNLUStMUjhpQXpvVVNyZUsxOCtKa0FqQUpVPSJdfQ.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAxIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMSIsImp0aSI6ImIzNWM0Zjc1YWJlYzQyMzZhZDlmZTE4ZjZhNWRjZWZkIiwiaWF0IjoxNTU2MDk2NzY5LCJuYmYiOjE1NTYwOTY3NjksImV4cCI6MTU1NjA5Njc5OSwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwNSJ9.VIe3MKpGkWz5sZoZF7zDhMCH_RFGLU5XAqaSQ1XMncwIRmbTO4sAEgEUjAogz8hArff6_JCBhRrYfwn9NefGrgvxdDjdqpYJ7KRTrzf4kAbfE-qFIwuG89YrWzCtAVqQslImosEn82T7UBugLckeDu5hl_G5Y6IjHumScSCDInUBZ1rB62inAUsexVlTOS8Jy5yVMy5cyjfhLsWCARb9AwmqxCzDr-AnrdcRfrQsWaXS4vBm2KpyBtXGEyRYJe1YIniP6kJ1fNMGJrF9uV6JGA1NOB88LCAqlnFnF-0oWj4oE_znYLlThgQm6yydsD9dfHC9tsr-JwpegGMa0cwj6g",
  }
200 OK
access_token

string

token_type

string

expires_in

integer

Response Example (200 OK)
{
  "access_token""eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwOTY3NzYsImV4cCI6MTU1NjEwMDM3NiwiaXNzIjoiaHR0cHM6Ly9iYW5hbmEuaXNoYXJldGVzdC5uZXQvIiwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwNSIsImNsaWVudF9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJzY29wZSI6WyJpU0hBUkUiXX0.fEZ-dClNBliOayPSlyidYTT1wjUl1fpmJQVAFL8AP5UqugcAdh1YN7X4SKbsQ3uOqTeSx_TOI9YLivWPb7b6UUp6c1jMCiFQ5DEg-HTam03Yw7Q3ENWsJJKrVMMbJrVZpfWx1vBK0tErdWHVH49K7A70EeCXTEbsB3UIOBnhlykYzu4CUuxCg7z_7YkwoXOwN0uylb9U8J1Eryx0mu7KMVfkUMbr-zJCk68IkZhdzAdCbSU-dfWbooCzc26bVeotnThWpojm9hGwpPpbDfXATsL8atlya5VQ4ZyiJYi37xB3tCZXLo2MRotQahLU7j0k3ivLBrCY584mgzxfy4LdiA",
  "token_type": "Bearer",
  "expires_in": 3600
}

Retrieves iSHARE capabilities

GET /capabilities

Retrieves the iSHARE capabilities (supported versions & optional features) of Banana & Co. Server response is an iSHARE signed JSON Web Token. Please refer to the models ‘jwt_header’ and ‘jwt_payload_capabilities’ which indicate what the decoded response will look like.

Will only return the public endpoints if no access token is provided. For more information see the Technical Agreements page.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Do-Not-Sign
in header
boolean

Optional iSHARE specific boolean indicating the response SHALL not be signed. For testing purposes only, certified party response in production environment MUST always be signed.

Request Example (In Header, use of Access Token is optional)
{
  "Authorization":"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwOTY3NzYsImV4cCI6MTU1NjEwMDM3NiwiaXNzIjoiaHR0cHM6Ly9iYW5hbmEuaXNoYXJldGVzdC5uZXQvIiwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwNSIsImNsaWVudF9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJzY29wZSI6WyJpU0hBUkUiXX0.fEZ-dClNBliOayPSlyidYTT1wjUl1fpmJQVAFL8AP5UqugcAdh1YN7X4SKbsQ3uOqTeSx_TOI9YLivWPb7b6UUp6c1jMCiFQ5DEg-HTam03Yw7Q3ENWsJJKrVMMbJrVZpfWx1vBK0tErdWHVH49K7A70EeCXTEbsB3UIOBnhlykYzu4CUuxCg7z_7YkwoXOwN0uylb9U8J1Eryx0mu7KMVfkUMbr-zJCk68IkZhdzAdCbSU-dfWbooCzc26bVeotnThWpojm9hGwpPpbDfXATsL8atlya5VQ4ZyiJYi37xB3tCZXLo2MRotQahLU7j0k3ivLBrCY584mgzxfy4LdiA"
}
capabilities_token

string

Response Example (200 OK, from Scheme Owner)
{
  "capabilities_token":"eyJ4NWMiOlsiTUlJRWd6Q0NBbXVnQXdJQkFnSUlFelUrUjFtbGpPQXdEUVlKS29aSWh2Y05BUUVMQlFBd1NERVpNQmNHQTFVRUF3d1FhVk5JUVZKRlZHVnpkRU5CWDFSTVV6RU5NQXNHQTFVRUN3d0VWR1Z6ZERFUE1BMEdBMVVFQ2d3R2FWTklRVkpGTVFzd0NRWURWUVFHRXdKT1REQWVGdzB4T0RFd01UZ3hORFU0TlRWYUZ3MHlNREV3TVRjeE5EVTROVFZhTUVReEZ6QVZCZ05WQkFNTURrSmhibUZ1WVNBbUlFTnZJRUpXTVJ3d0dnWURWUVFGRXhORlZTNUZUMUpKTGs1TU1EQXdNREF3TURBMU1Rc3dDUVlEVlFRR0V3Sk9URENDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFMYTl6c29ZdUtNdFhkbnFldm1yaE0xY0Y2VW8rR2twRXBxTXNuUFhwT21zQzIyUWVTcFhvYkJ4Y3FIUG9yMVFPdXZQcEZscGszeTF5K0g1ZVJSdUxNeW0xaW95bjBjdUVaODNXRUJJdEduQjVtQUI5bHNnNXE5MEZpMG9UKzBvRXlYV1V2dWF3dWllNWQ4T25Ga1JlTlhrQVFDVTF3R2ZTMkNYb0s1YzFHNisrWUlkeXlwbWZqMkRpcUNwck94NXZxemd2U09wL2hTVG1GcTZ3TTJRZTNBR3E4MjIvekgzMS9zS3VEMDlFWXUvZUUzV3BJNFJodUlZUUpzR3RKYnkvc0lpSTF3TzdsMFZad1p3T3RLdENvQlN5WEI3L09oRmNha29jUFBtNDNrQTBJS3R2aVZQbHRuSWtKRE85Ylp6YWxwTzVnYmhFSVB6d3k5V2RPZFhMT1VDQXdFQUFhTjFNSE13REFZRFZSMFRBUUgvQkFJd0FEQWZCZ05WSFNNRUdEQVdnQlFXUE9jZzZkYVU3eC9sb3ZHNC9MN3EzeXczZ1RBVEJnTlZIU1VFRERBS0JnZ3JCZ0VGQlFjREFUQWRCZ05WSFE0RUZnUVVJTzlNN25raVNXNzMzdGhTalBKeDY5cFlGVmN3RGdZRFZSMFBBUUgvQkFRREFnV2dNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUNBUUJTalRkRkFqOHN1MmR6Y1ZzTXNkdVV3dGNPM3pTUnNNWngrZHlUbGdpb05qVHdETC9GaU13UXo0RGduTE9ieWxoYjBpQUxnODZBbTkwRmN2aFRlZWJiL0crRnNRUzJzUVFMRTFhcng4clNqbzlPZ2diTFFRekNFOUJ1eU5pK0Zoc1JpWXh6ckhkSkZ4aHRuWlorS0VsbUJ2QkRDTVJaQ0F0a3RidjM4ZWhEOHRJR3dqSkxDQTF0RWtaM0ZsbUdYT0RiMnZhWGJIelV4SWo4TndINTdlSGo0MXZjc2dzK2ZrZ2YxeHRyRTZacDVVVGRGdk5xV3hnZHUwdXg0U0JGL2VQYXBxalJ5TUhad3dwUGtzWU5FUDBSZTV0WVJiQUY3MWpKRnJpVklqVVhUeGxBM1N5ZmxNZEVyQkVYNXhEamIyb20yMzlaZnlFME1Wc1dCYU5xMjZhTVV6d25tV3F1bEVrTHBnN2VabjFiOU4yWUtuL2hSRWU4SCtnaWcxWk05NE5UaHJ0OFJqWEl6bElwYzdUVzNsaHJ2VTlha2ZwTDNINXlpbElnRUNvbzQxK1RYbnN6d3A4NWs4VGdVT0tmaktVL0xMYm1CRWdTRlp5R0VKaDI5NFZpVksxVGtQdWhKUTJ0WUJsZ0JBRXUzVFZVbUNJSytKRmhSSkRmVjhpSVNqM2RROHZFRHpHemErWGFBY05KaGVSNVJrakN4TVVyVGtYQSt6VzF2OFV6NEZoYmVVM1NBZ1hmZXRkTTFkZmcvaDZjWmFoWVQreU93aXJGV2VnOEdsNXFCQmR5S0d5UCtHRWVQZVpjdVlCY2RTejd1REpCbVhyL3JYelJJdklOaHBTalRHVTViMG1lbTJCZGxlWTJad3k5VEpoYWFuUWExMlhSeFNLSW1PdGduQT09Il0sImFsZyI6IlJTMjU2IiwidHlwIjoiSldUIn0.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDA1Iiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwNSIsImp0aSI6IjdhM2U4YzhjZTIxOTQ1ZTRhZmY1NjhjZmEyY2MxM2VkIiwiaWF0IjoxNTU2MDk2OTcyLCJleHAiOjE1NTYwOTcwMDIsImF1ZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEiLCJjYXBhYmlsaXRpZXNfaW5mbyI6eyJwYXJ0eV9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDUiLCJpc2hhcmVfcm9sZXMiOltdLCJzdXBwb3J0ZWRfdmVyc2lvbnMiOlt7InZlcnNpb24iOiIxLjciLCJzdXBwb3J0ZWRfZmVhdHVyZXMiOlt7InB1YmxpYyI6W3siaWQiOiIzQ0FDNjQ4NC0wOEM1LTQ3RTgtQjE3OS1DRjFGMjI3NTZFMEUiLCJmZWF0dXJlIjoiY2FwYWJpbGl0aWVzIiwiZGVzY3JpcHRpb24iOiJSZXRyaWV2ZXMgaVNIQVJFIGNhcGFiaWxpdGllcyIsInVybCI6Imh0dHBzOi8vYmFuYW5hLmlzaGFyZXRlc3QubmV0L2NhcGFiaWxpdGllcyIsInRva2VuX2VuZHBvaW50IjoiaHR0cHM6Ly9iYW5hbmEuaXNoYXJldGVzdC5uZXQvY29ubmVjdC90b2tlbiJ9LHsiaWQiOiI4MTZFN0Y3MS00REJCLTQyNjEtQjJFQS1CM0UzMjg1NzlGNzkiLCJmZWF0dXJlIjoiYWNjZXNzIHRva2VuIiwiZGVzY3JpcHRpb24iOiJPYnRhaW5zIGFjY2VzcyB0b2tlbiIsInVybCI6Imh0dHBzOi8vYmFuYW5hLmlzaGFyZXRlc3QubmV0L2Nvbm5lY3QvdG9rZW4ifSx7ImlkIjoiQ0JCRkE0M0ItNDIyOS00MDIyLUIzNzItQ0RFNTI2QzRCMDMyIiwiZmVhdHVyZSI6ImRlbGVnYXRpb24iLCJkZXNjcmlwdGlvbiI6Ik9idGFpbnMgZGVsZWdhdGlvbiBldmlkZW5jZSIsInVybCI6Imh0dHBzOi8vYmFuYW5hLmlzaGFyZXRlc3QubmV0L2RlbGVnYXRpb24iLCJ0b2tlbl9lbmRwb2ludCI6Imh0dHBzOi8vYmFuYW5hLmlzaGFyZXRlc3QubmV0L2Nvbm5lY3QvdG9rZW4ifV0sInJlc3RyaWN0ZWQiOltdfV19XX19.Ra6mbURcSi12IpCWeHI17ga-2-X0jlj3YqF15ZkSVzyMROz19hvjCXEKBFEibgEaaLUE1YkjsvahYUClVpoxIilZl3kJFeyXOIb-rQDFPVECK7gcG5tGQhYefPqHTczcv8PwgrmXfbcIT4FjN1MylZRMdRBmFPhJ4o5nUZ4DzFfd92TticPF82x2NhHIF92vGGt0-pc5TOLLJSAxv0Ne3KP3m_exq-llpb9ZRstlLm9UyXrY5zZiCK-Fay-_tVGtygxDkT1H8Pj1pnk-n-5Xq-5UvASmPd0uj3LQQNGoNc8KKKjcC76U12mKu33HSxB5pBDhUSIA0yqQlpYVHSqV9A"
}
Decoded Response Example (JWT Payload, from Scheme Owner)
{
  "party_id": "EU.EORI.NL000000005",
  "ishare_roles": [],
  "supported_versions": [
    {
      "version": "1.7",
      "supported_features": [
        {
          "public": [
            {          
              "id": "3CAC6484-08C5-47E8-B179-CF1F22756E0E",
              "feature": "capabilities",
              "description": "Retrieves iSHARE capabilities",
              "url": "https://banana.isharetest.net/capabilities",
              "token_endpoint": "https://banana.isharetest.net/connect/token"
           },
           {          
              "id": "816E7F71-4DBB-4261-B2EA-B3E328579F79",
              "feature": "access token",
              "description": "Obtains access token",
              "url": "https://banana.isharetest.net/connect/token"
           },
           {          
              "id": "CBBFA43B-4229-4022-B372-CDE526C4B032",
              "feature": "delegation",
              "description": "Obtains delegation evidence",
              "url": "https://banana.isharetest.net/delegation",
              "token_endpoint": "https://banana.isharetest.net/connect/token"
           }
          ],
          "restricted": []
        }
      ]
    }
  ]
}

Obtains delegation evidence

POST /delegation

Used to obtain delegation evidence from Banana & Co. Note a Service Provider MUST validate the Entitled Party only provides information about his own delegations. Please refer to the models ‘jwt_header’ and ‘jwt_payload_delegationevidence’ which indicate what the decoded response will look like.

Request body contains object with the required delegationRequest, optional delegation_chain and the required client_assertion in the previous_steps field. DelegationRequest contains a required JSON object that describes the evidence that is requested from the /delegation endpoint. Previous_steps contains a required array of evidence that the client has legitimate reason to request delegation evidence. A single step contains either a previous delegationEvidence statement or a client_assertion. The minimum is a client_assertion of one of the parties mentioned in the delegationRequest, and additional client_assertions/delegationEvidence when multiple delegation policies need to be linked together.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Do-Not-Sign
in header
boolean

Optional iSHARE specific boolean indicating the response SHALL not be signed. For testing purposes only, certified party response in production environment MUST always be signed.

Request Example
{
    "delegationRequest": {
      "policyIssuer": "string",
      "target": {
        "accessSubject": "string"
      },
      "policySets": [
      {
        "policies": [
        {
          "target": {
            "resource": {
              "type": "string",
              "identifiers": [
                "string"
              ],
              "attributes": [
                "string"
              ]
            },
            "actions": [
              "string"
            ]
          },
          "rules": [
            {
              "effect": "string"
            }
          ]
        }
      ]
    }
    ]
  },
  "previous_steps": [
    "string"
  ]
}
delegation_token

string

Response Example (200 OK)
{
  "delegation_token":"eyJ4NWMiOlsiTUlJRWd6Q0NBbXVnQXdJQkFnSUlFelUrUjFtbGpPQXdEUVlKS29aSWh2Y05BUUVMQlFBd1NERVpNQmNHQTFVRUF3d1FhVk5JUVZKRlZHVnpkRU5CWDFSTVV6RU5NQXNHQTFVRUN3d0VWR1Z6ZERFUE1BMEdBMVVFQ2d3R2FWTklRVkpGTVFzd0NRWURWUVFHRXdKT1REQWVGdzB4T0RFd01UZ3hORFU0TlRWYUZ3MHlNREV3TVRjeE5EVTROVFZhTUVReEZ6QVZCZ05WQkFNTURrSmhibUZ1WVNBbUlFTnZJRUpXTVJ3d0dnWURWUVFGRXhORlZTNUZUMUpKTGs1TU1EQXdNREF3TURBMU1Rc3dDUVlEVlFRR0V3Sk9URENDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFMYTl6c29ZdUtNdFhkbnFldm1yaE0xY0Y2VW8rR2twRXBxTXNuUFhwT21zQzIyUWVTcFhvYkJ4Y3FIUG9yMVFPdXZQcEZscGszeTF5K0g1ZVJSdUxNeW0xaW95bjBjdUVaODNXRUJJdEduQjVtQUI5bHNnNXE5MEZpMG9UKzBvRXlYV1V2dWF3dWllNWQ4T25Ga1JlTlhrQVFDVTF3R2ZTMkNYb0s1YzFHNisrWUlkeXlwbWZqMkRpcUNwck94NXZxemd2U09wL2hTVG1GcTZ3TTJRZTNBR3E4MjIvekgzMS9zS3VEMDlFWXUvZUUzV3BJNFJodUlZUUpzR3RKYnkvc0lpSTF3TzdsMFZad1p3T3RLdENvQlN5WEI3L09oRmNha29jUFBtNDNrQTBJS3R2aVZQbHRuSWtKRE85Ylp6YWxwTzVnYmhFSVB6d3k5V2RPZFhMT1VDQXdFQUFhTjFNSE13REFZRFZSMFRBUUgvQkFJd0FEQWZCZ05WSFNNRUdEQVdnQlFXUE9jZzZkYVU3eC9sb3ZHNC9MN3EzeXczZ1RBVEJnTlZIU1VFRERBS0JnZ3JCZ0VGQlFjREFUQWRCZ05WSFE0RUZnUVVJTzlNN25raVNXNzMzdGhTalBKeDY5cFlGVmN3RGdZRFZSMFBBUUgvQkFRREFnV2dNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUNBUUJTalRkRkFqOHN1MmR6Y1ZzTXNkdVV3dGNPM3pTUnNNWngrZHlUbGdpb05qVHdETC9GaU13UXo0RGduTE9ieWxoYjBpQUxnODZBbTkwRmN2aFRlZWJiL0crRnNRUzJzUVFMRTFhcng4clNqbzlPZ2diTFFRekNFOUJ1eU5pK0Zoc1JpWXh6ckhkSkZ4aHRuWlorS0VsbUJ2QkRDTVJaQ0F0a3RidjM4ZWhEOHRJR3dqSkxDQTF0RWtaM0ZsbUdYT0RiMnZhWGJIelV4SWo4TndINTdlSGo0MXZjc2dzK2ZrZ2YxeHRyRTZacDVVVGRGdk5xV3hnZHUwdXg0U0JGL2VQYXBxalJ5TUhad3dwUGtzWU5FUDBSZTV0WVJiQUY3MWpKRnJpVklqVVhUeGxBM1N5ZmxNZEVyQkVYNXhEamIyb20yMzlaZnlFME1Wc1dCYU5xMjZhTVV6d25tV3F1bEVrTHBnN2VabjFiOU4yWUtuL2hSRWU4SCtnaWcxWk05NE5UaHJ0OFJqWEl6bElwYzdUVzNsaHJ2VTlha2ZwTDNINXlpbElnRUNvbzQxK1RYbnN6d3A4NWs4VGdVT0tmaktVL0xMYm1CRWdTRlp5R0VKaDI5NFZpVksxVGtQdWhKUTJ0WUJsZ0JBRXUzVFZVbUNJSytKRmhSSkRmVjhpSVNqM2RROHZFRHpHemErWGFBY05KaGVSNVJrakN4TVVyVGtYQSt6VzF2OFV6NEZoYmVVM1NBZ1hmZXRkTTFkZmcvaDZjWmFoWVQreU93aXJGV2VnOEdsNXFCQmR5S0d5UCtHRWVQZVpjdVlCY2RTejd1REpCbVhyL3JYelJJdklOaHBTalRHVTViMG1lbTJCZGxlWTJad3k5VEpoYWFuUWExMlhSeFNLSW1PdGduQT09Il0sImFsZyI6IlJTMjU2IiwidHlwIjoiSldUIn0.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDA1Iiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMSIsImp0aSI6IjBmYmM0YWE0YzFkZDQyNWU5NmNmNWI4OGI4NzgwNDRiIiwiaWF0IjoxNTU2MDk3NzM0LCJleHAiOjE1NTYwOTc3NjQsImF1ZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDMiLCJkZWxlZ2F0aW9uRXZpZGVuY2UiOnsibm90QmVmb3JlIjoxNTA5NjMzNjgxLCJub3RPbk9yQWZ0ZXIiOjE1MDk2MzM3NDEsInBvbGljeUlzc3VlciI6IkVVLkVPUkkuTkwwMDAwMDAwMDUiLCJ0YXJnZXQiOnsiYWNjZXNzU3ViamVjdCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEifSwicG9saWN5U2V0cyI6W3sibWF4RGVsZWdhdGlvbkRlcHRoIjoyLCJ0YXJnZXQiOnsiZW52aXJvbm1lbnQiOnsibGljZW5zZXMiOlsiSVNIQVJFLjAwMDEiLCJJU0hBUkUuMDAwMyJdfX0sInBvbGljaWVzIjpbeyJ0YXJnZXQiOnsicmVzb3VyY2UiOnsidHlwZSI6IkdTMS5DT05UQUlORVIiLCJpZGVudGlmaWVycyI6WyIxODA2MjEuQ09OVEFJTkVSLVoiXSwiYXR0cmlidXRlcyI6WyJHUzEuQ09OVEFJTkVSLkFUVFJJQlVURS5FVEEiLCJHUzEuQ09OVEFJTkVSLkFUVFJJQlVURS5XRUlHSFQiXX0sImVudmlyb25tZW50Ijp7InNlcnZpY2VQcm92aWRlcnMiOlsiRVUuRU9SSS5OTDAwMDAwMDAwMyJdfSwiYWN0aW9ucyI6WyJJU0hBUkUuUkVBRCIsIklTSEFSRS5DUkVBVEUiLCJJU0hBUkUuVVBEQVRFIiwiSVNIQVJFLkRFTEVURSJdfSwicnVsZXMiOlt7ImVmZmVjdCI6IkRlbnkifV19XX1dfX0.ADQWKLwd94EV0qR0bZqGYElKt0cGoCoUF8D5MmqX-8KohzKtTh7vqtGzqDMprdSWLAcIqU8eL__Bh7-s5PCmimW9D7-_ixC1PDL7tDJh6yPLAGDXtiQUkSVrPefmRZT72OCNb2K3DWN8iTht2DnR8sLDcrIU-zbV-qkcW_AJsRH7AT8pAMbsy2DYckwYE8K3RQM00ur1fxjYmAameVGgnGvunQjIAikmFuzTfPVxwN16LE7YEPYERj-z4sYgR2gj11_xlgkku_Z9QH0XNhfGLy9c4SGTa_LI7UAdCIKtQerWb9Q-jva-ABA_FesCkgvCrJOZRufY5fsTNZJpqgBPng"
}
Decoded Response Example (JWT Payload)
{
  "delegationEvidence": {
    "notBefore": 1509633681,
    "notOnOrAfter": 1509633741,
    "policyIssuer": "EU.EORI.NL000000005",
    "target": {
      "accessSubject": "EU.EORI.NL000000001"
    },
    "policySets": [
      {
        "maxDelegationDepth": 2,
        "target": {
          "environment": {
            "licenses": [
              "ISHARE.0001",
              "ISHARE.0003"
            ]
          }
        },
        "policies": [
          {
            "target": {
              "resource": {
                "type": "GS1.CONTAINER",
                "identifiers": [
                  "180621.CONTAINER-Z"
                ],
                "attributes": [
                  "GS1.CONTAINER.ATTRIBUTE.ETA",
                  "GS1.CONTAINER.ATTRIBUTE.WEIGHT"
                ]
              },
              "actions": [
                "ISHARE.READ",
                "ISHARE.CREATE",
                "ISHARE.UPDATE",
                "ISHARE.DELETE"
                ],
              "environment": {
                "serviceProviders": [
                  "EU.EORI.NL000000003"
                ]
              }
            },
            "rules": [
              {
                "effect": "Permit"
              }
            ]
          }
        ]
      }
    ]
  }
}

Mock service - Displays client info

GET /me

Displays information off the client to which the access token was issued

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

200 OK

client_details

client_details

string

Response Example (200 OK)
{
  "client_details": "string"
}

AskMeAnything Authorization Registry

Base URL https://ar.isharetest.net - EORI=EU.EORI.NL000000004

Postman Collection: AskMeAnything Authorization Registry

Obtains access token

POST /connect/token

Used to obtain an OAuth access token from the Authorization Registry. The format of access_token is not defined by this specification. They are left to the Authorization Registry and should be opaque to the Service Consumer. Refer to the iSHARE JWT and iSHARE OAuth sections on the Technical Agreements page for detailed explanation on how to create this request body

grant_type
in formData
string

OAuth 2.0 grant type. MUST contain "client_credentials"

scope
in formData
string

OAuth 2.0 scope. Defaults to "iSHARE", indicating all rights of the Service Consumer are requested. Other values allow the Service Consumer to get tokens that do not include all rights the Service Consumer has.

client_id
in formData
string

OpenID Connect 1.0 client ID. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain a valid iSHARE identifier of the Service Consumer

client_assertion_type
in formData
string

OpenID Connect 1.0 client assertion type. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"

client_assertion
in formData
string

OpenID Connect 1.0 client assertion. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain JWT token conform iSHARE specifications, signed by the client.

Request body Example application/x-www-form-urlencoded
grant_type=client_credentials&scope=iSHARE&client_id=EU.EORI.NL000000003&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFZ1RDQ0FtbWdBd0lCQWdJSVM5MEsrMVE5SE9rd0RRWUpLb1pJaHZjTkFRRUxCUUF3U0RFWk1CY0dBMVVFQXd3UWFWTklRVkpGVkdWemRFTkJYMVJNVXpFTk1Bc0dBMVVFQ3d3RVZHVnpkREVQTUEwR0ExVUVDZ3dHYVZOSVFWSkZNUXN3Q1FZRFZRUUdFd0pPVERBZUZ3MHhPVEF5TVRVeE1UUTNNVFZhRncweU1UQXlNVFF4TVRRM01UVmFNRUl4RlRBVEJnTlZCQU1NREZkaGNtVm9iM1Z6WlNBeE16RWNNQm9HQTFVRUJSTVRSVlV1UlU5U1NTNU9UREF3TURBd01EQXdNekVMTUFrR0ExVUVCaE1DVGt3d2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUN3YURBekVKMjhES1RGZFBQdTlvSjRKdDY0cEt4QUhzUDNGSEx5WTU3VWlwZEI5bW8xNTd4ZjkxejV2Wk1jTk11cVV1YXU4T0hUemx5a1BBOXRDRU9vY0UwRFl3UjdHMEUzUXpucTlWOFVHL2hjbjZ4ZXFjUnY1NXdFL2xkN0VRVXVKeFlocnVVVXA2dzhLeVhCdlZ0dGRXOEUyeXFreUNWYUJFNTBEc3NoWXFrN2dpUUNITG1WWFJKbjh0NkN1bnZ0aUh0dW5PMFozWGUzRTVNUmZrQ2pObmNqN09NVE1DWHY4dUNOU2Q4TjJ0ZXViaFQzZ0FCelcyUGp1MkV5TnhKZXp5ZFNJdTl5M1hrdWdlQ0pJR0hGWThMS1JldTlhRXp0OGFML015N1o4Q0pqSVZHMWNEMGZERnQ0Slp4dVl3VzhEL25qbDRDbU9MRGFHZXBnR0d3ZkFnTUJBQUdqZFRCek1Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVUZqem5JT25XbE84ZjVhTHh1UHkrNnQ4c040RXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUhBd0V3SFFZRFZSME9CQllFRkdib3ZWN0ZMTTUyRmNhK1lFMmRFcW8rS294cU1BNEdBMVVkRHdFQi93UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUp0dkUyaUFhcHVHOHlyb1Z5ZWk0R3Z0amZNK0lPdGhzMVZ3ajNaNHROdFdqVzhVMVlxcWd3ZkFJOGdQdUN6STZIR01EMHJydnpJUzZ0ZzRwZVR6REVkWTZWZkM0bHRtY1M1Y3BoWVlxczZYMHdpZlRwNFZWYlB0KzZHeHBNZTlvTUJUY0FHUkhUYXhXMmZhUHNyUW1mRG5oY2hIRmxTYWpocXhENWdSL0ZZdlhlQUdzb1AwQkJxbVJSRGJSdHlkUHhCd3VZUXJVN1RKZCtpclB2aENWb0EwQ09DQVkzaWhTc3lQcG4rTENicmxDYmQ1U0ZEcEg5YVd0dDYyaWpDczhNZEROTVAybDVsYndyUUI3djFic0Z6WTFTeFNDRDFFOHltWGtCUVJoQ0JjZzBtazNFc1NWamQvR0JYbnZDdEI3N2VVRjgwZ0wxRHhXMnBPaG5NTkN0MzBxMWd6ZC9qMnRtY0tvS29Hem5QUUMvc2Q1azRzb20vK0h0T1lRYlNtWWJBbktyYUlVZ2pSZDNhM3VTMVhCRkdaMy96b0lNc24xcU52cjVwQ09GQlZxeUtUSnRLVmNHNy9mL2dxeDF0amU4ZXNXRzhuNlF5SU9aMFdtYTNWcFpWcURkYVhEcitKL2tDYVlwL0htRnZGOENWQ0NCUlJXTzZqNHpReHR1cnEvVmFlTEw4K0liOVNvUW9GV3lScExuRml5dTd6bzVxTEE2WDVROFNjejAvSk40SU5xbkRoUExhZGsvSndkQXRELzR4UFlWVlRhQVhzaGVCa2UrLzlBL2dnS0lqSmhrOWFQRXY4TUpyeENrQXVmbWJVL2lUVVhhdWlQaGNoYzhGYTBnTkhXRGs5bWcwNzJ6TkdFbWFSU1BKMlBmbnZ3M25NeENqemV4NU53MHQ0PSJdfQ.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAzIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMyIsImp0aSI6ImM2YjYyNGVhNjRiNjRkZDg4MzhhOThhMjY5YmNlNzM5IiwiaWF0IjoxNTU2MDk4MDc4LCJuYmYiOjE1NTYwOTgwNzgsImV4cCI6MTU1NjA5ODEwOCwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwNCJ9.apKkl76sEgWPBcWzh4J-TDp147vj3klXbdgobIKgocPqCtlkmp1pbnMafPclxjvj51TxOVCPdhgNm7WaAHacyaX-_mlNOPgmdP7w1YiIlXSVKvpHtyjZGOvCypn0AJUmGBiXDZCMdNmA-_rbj-AdU6Kpk4oyZXpNz-JgVqLgJBKLNvstToT7OnYNGe8MaMWFxiOtBW2bIcEjO7FvHkhBMuSOvQiibcLdHR1v2oUtmvhI6GT6vUXnoYXDCFWp-yCU61nRf4k_KBnfyVWVMXE4_FxLsCtKDtjBF1BuiZRxaj135aBQxWllk8rYQ5iyk0Uj_IJKgm6Sp_mLAeAcH-mNgA
Request body Example formatted for visibility

  {
  "grant_type": "client_credentials",
  "scope": "iSHARE",
  "client_id": "EU.EORI.NL000000001",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
  "client_assertion": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFZ1RDQ0FtbWdBd0lCQWdJSVM5MEsrMVE5SE9rd0RRWUpLb1pJaHZjTkFRRUxCUUF3U0RFWk1CY0dBMVVFQXd3UWFWTklRVkpGVkdWemRFTkJYMVJNVXpFTk1Bc0dBMVVFQ3d3RVZHVnpkREVQTUEwR0ExVUVDZ3dHYVZOSVFWSkZNUXN3Q1FZRFZRUUdFd0pPVERBZUZ3MHhPVEF5TVRVeE1UUTNNVFZhRncweU1UQXlNVFF4TVRRM01UVmFNRUl4RlRBVEJnTlZCQU1NREZkaGNtVm9iM1Z6WlNBeE16RWNNQm9HQTFVRUJSTVRSVlV1UlU5U1NTNU9UREF3TURBd01EQXdNekVMTUFrR0ExVUVCaE1DVGt3d2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUN3YURBekVKMjhES1RGZFBQdTlvSjRKdDY0cEt4QUhzUDNGSEx5WTU3VWlwZEI5bW8xNTd4ZjkxejV2Wk1jTk11cVV1YXU4T0hUemx5a1BBOXRDRU9vY0UwRFl3UjdHMEUzUXpucTlWOFVHL2hjbjZ4ZXFjUnY1NXdFL2xkN0VRVXVKeFlocnVVVXA2dzhLeVhCdlZ0dGRXOEUyeXFreUNWYUJFNTBEc3NoWXFrN2dpUUNITG1WWFJKbjh0NkN1bnZ0aUh0dW5PMFozWGUzRTVNUmZrQ2pObmNqN09NVE1DWHY4dUNOU2Q4TjJ0ZXViaFQzZ0FCelcyUGp1MkV5TnhKZXp5ZFNJdTl5M1hrdWdlQ0pJR0hGWThMS1JldTlhRXp0OGFML015N1o4Q0pqSVZHMWNEMGZERnQ0Slp4dVl3VzhEL25qbDRDbU9MRGFHZXBnR0d3ZkFnTUJBQUdqZFRCek1Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVUZqem5JT25XbE84ZjVhTHh1UHkrNnQ4c040RXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUhBd0V3SFFZRFZSME9CQllFRkdib3ZWN0ZMTTUyRmNhK1lFMmRFcW8rS294cU1BNEdBMVVkRHdFQi93UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUp0dkUyaUFhcHVHOHlyb1Z5ZWk0R3Z0amZNK0lPdGhzMVZ3ajNaNHROdFdqVzhVMVlxcWd3ZkFJOGdQdUN6STZIR01EMHJydnpJUzZ0ZzRwZVR6REVkWTZWZkM0bHRtY1M1Y3BoWVlxczZYMHdpZlRwNFZWYlB0KzZHeHBNZTlvTUJUY0FHUkhUYXhXMmZhUHNyUW1mRG5oY2hIRmxTYWpocXhENWdSL0ZZdlhlQUdzb1AwQkJxbVJSRGJSdHlkUHhCd3VZUXJVN1RKZCtpclB2aENWb0EwQ09DQVkzaWhTc3lQcG4rTENicmxDYmQ1U0ZEcEg5YVd0dDYyaWpDczhNZEROTVAybDVsYndyUUI3djFic0Z6WTFTeFNDRDFFOHltWGtCUVJoQ0JjZzBtazNFc1NWamQvR0JYbnZDdEI3N2VVRjgwZ0wxRHhXMnBPaG5NTkN0MzBxMWd6ZC9qMnRtY0tvS29Hem5QUUMvc2Q1azRzb20vK0h0T1lRYlNtWWJBbktyYUlVZ2pSZDNhM3VTMVhCRkdaMy96b0lNc24xcU52cjVwQ09GQlZxeUtUSnRLVmNHNy9mL2dxeDF0amU4ZXNXRzhuNlF5SU9aMFdtYTNWcFpWcURkYVhEcitKL2tDYVlwL0htRnZGOENWQ0NCUlJXTzZqNHpReHR1cnEvVmFlTEw4K0liOVNvUW9GV3lScExuRml5dTd6bzVxTEE2WDVROFNjejAvSk40SU5xbkRoUExhZGsvSndkQXRELzR4UFlWVlRhQVhzaGVCa2UrLzlBL2dnS0lqSmhrOWFQRXY4TUpyeENrQXVmbWJVL2lUVVhhdWlQaGNoYzhGYTBnTkhXRGs5bWcwNzJ6TkdFbWFSU1BKMlBmbnZ3M25NeENqemV4NU53MHQ0PSJdfQ.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDAzIiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMyIsImp0aSI6ImM2YjYyNGVhNjRiNjRkZDg4MzhhOThhMjY5YmNlNzM5IiwiaWF0IjoxNTU2MDk4MDc4LCJuYmYiOjE1NTYwOTgwNzgsImV4cCI6MTU1NjA5ODEwOCwiYXVkIjoiRVUuRU9SSS5OTDAwMDAwMDAwNCJ9.apKkl76sEgWPBcWzh4J-TDp147vj3klXbdgobIKgocPqCtlkmp1pbnMafPclxjvj51TxOVCPdhgNm7WaAHacyaX-_mlNOPgmdP7w1YiIlXSVKvpHtyjZGOvCypn0AJUmGBiXDZCMdNmA-_rbj-AdU6Kpk4oyZXpNz-JgVqLgJBKLNvstToT7OnYNGe8MaMWFxiOtBW2bIcEjO7FvHkhBMuSOvQiibcLdHR1v2oUtmvhI6GT6vUXnoYXDCFWp-yCU61nRf4k_KBnfyVWVMXE4_FxLsCtKDtjBF1BuiZRxaj135aBQxWllk8rYQ5iyk0Uj_IJKgm6Sp_mLAeAcH-mNgA",
  }
200 OK
access_token

string

token_type

string

expires_in

integer

Response Example (200 OK)
{
  "access_token""eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwOTgwOTksImV4cCI6MTU1NjEwMTY5OSwiaXNzIjoiaHR0cHM6Ly9hci5pc2hhcmV0ZXN0Lm5ldC8iLCJhdWQiOiJFVS5FT1JJLk5MMDAwMDAwMDA0IiwiY2xpZW50X2lkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMyIsInNjb3BlIjpbImlTSEFSRSJdfQ.hCEyGFljs7fVysBNofsdsr0bPuHTVteAR1UNFMryCPmGk0US0uiH0AmWN5Gs7YAYP2w6eIFHWd1trI6Ei_dstVAVhgDq5OGA3oi2zXhzBuaAXQ-fAsPW9N1xoVujjCu1UIStyuEZMGPeZuEyyvOHh9-2XvC-_h7v28n-8THj-qeo9e0cw_KtU09C7CKp165xVGD_j_iQl5zLaVFxXgDmRXYwpMoXcOyia2N-emcqSnF1a8uz-jQtrlsWzGNybqzsFntyi-2rL3Gb1KABkMFucpvsIfOX4iJ-4w2cW5Qe_4U9rXt6IzfAQPLgCd1PWZpoFGIcyQKCYs9coxNvR8wazA",
  "token_type": "Bearer",
  "expires_in": 3600
}

Retrieves iSHARE capabilities

GET /capabilities

Retrieves the iSHARE capabilities (supported versions & optional features) of AskMeAnything Authorization Registry. Server response is an iSHARE signed JSON Web Token. Please refer to the models ‘jwt_header’ and ‘jwt_payload_capabilities’ which indicate what the decoded response will look like.

Will only return the public endpoints if no access token is provided. For more information see the Technical Agreements page.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Do-Not-Sign
in header
boolean

Optional iSHARE specific boolean indicating the response SHALL not be signed. For testing purposes only, certified party response in production environment MUST always be signed.

Request Example (In Header, use of Access Token is optional)
{
  "Authorization":"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1NTYwOTgwOTksImV4cCI6MTU1NjEwMTY5OSwiaXNzIjoiaHR0cHM6Ly9hci5pc2hhcmV0ZXN0Lm5ldC8iLCJhdWQiOiJFVS5FT1JJLk5MMDAwMDAwMDA0IiwiY2xpZW50X2lkIjoiRVUuRU9SSS5OTDAwMDAwMDAwMyIsInNjb3BlIjpbImlTSEFSRSJdfQ.hCEyGFljs7fVysBNofsdsr0bPuHTVteAR1UNFMryCPmGk0US0uiH0AmWN5Gs7YAYP2w6eIFHWd1trI6Ei_dstVAVhgDq5OGA3oi2zXhzBuaAXQ-fAsPW9N1xoVujjCu1UIStyuEZMGPeZuEyyvOHh9-2XvC-_h7v28n-8THj-qeo9e0cw_KtU09C7CKp165xVGD_j_iQl5zLaVFxXgDmRXYwpMoXcOyia2N-emcqSnF1a8uz-jQtrlsWzGNybqzsFntyi-2rL3Gb1KABkMFucpvsIfOX4iJ-4w2cW5Qe_4U9rXt6IzfAQPLgCd1PWZpoFGIcyQKCYs9coxNvR8wazA"
}
capabilities_token

string

Response Example (200 OK, from Scheme Owner)
{
  "capabilities_token":"eyJ4NWMiOlsiTUlJRWx6Q0NBbitnQXdJQkFnSUlKWGdMMHBKK0lvQXdEUVlKS29aSWh2Y05BUUVMQlFBd1NERVpNQmNHQTFVRUF3d1FhVk5JUVZKRlZHVnpkRU5CWDFSTVV6RU5NQXNHQTFVRUN3d0VWR1Z6ZERFUE1BMEdBMVVFQ2d3R2FWTklRVkpGTVFzd0NRWURWUVFHRXdKT1REQWVGdzB4T1RBeU1UVXhNVFEyTWpaYUZ3MHlNVEF5TVRReE1UUTJNalphTUZneEt6QXBCZ05WQkFNTUltbFRTRUZTUlNCVVpYTjBJRUYxZEdodmNtbDZZWFJwYjI0Z1VtVm5hWE4wY25reEhEQWFCZ05WQkFVVEUwVlZMa1ZQVWtrdVRrd3dNREF3TURBd01EUXhDekFKQmdOVkJBWVRBazVNTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF4KzlvQUxqam9sMitMeVl3TnlSekpqZ0IyWlIxaUtQVzRiMHRmL041ZnkyZUFPS3dFTElOTkRxNlU5M00vdlVxWXBkVlVqV1VVZjQrZ3ZxTW00UGUwdUZhWDlXTEJ6WWQvMGNQcUlmd3l5ZDgzeGhlMk1MeEExSHpPUjJOQUQ1b0oxR1RoRXpWRzQybVlGc0hyVEJRaXcrUHNrNXBWM1B1QlNXc0Q2SUxNOUlBU3BpZlcwSmR0dDdDQU5VeVkvc3l2dmx2ejlKdXhQbjNsc01pT25tLys1ZnpRMFZTS1ZtTEVjUWgyeTBmd0FySWtiQkYxQTNaeG5LWHJLUUVZTllIZmlqVk11VkZVOVQ3QjVTVmFsUVJDUjY0ZUdNeTA5Rm53ZGJWOEVUZTMwYnhsamx6QjAzeWhNbFllS3BnY3ZkRlBHN1BkNzZIKyszS3JDdnJxS0FuZFFJREFRQUJvM1V3Y3pBTUJnTlZIUk1CQWY4RUFqQUFNQjhHQTFVZEl3UVlNQmFBRkJZODV5RHAxcFR2SCtXaThiajh2dXJmTERlQk1CTUdBMVVkSlFRTU1Bb0dDQ3NHQVFVRkJ3TUJNQjBHQTFVZERnUVdCQlNwcmZuMnVvWUNTRC9rMUhURit6YnpPdU9UN3pBT0JnTlZIUThCQWY4RUJBTUNCYUF3RFFZSktvWklodmNOQVFFTEJRQURnZ0lCQUxxaURza0c3RXczelloVTJSUXBOUU50MEtocy9tZDFmUDVMYzFxTUQvVlhVSWFpaC9DM3daRVF2UjhoaFFYTGVNNzlxSDNIeDhUSjJ0eDBubUU1N1FnV3pVdjBINEMrbGYyak93eExyZytwVksyVzRxUmEzNmZiSkdMd2FONW9CVnJEejhuT0F2RXFZUVZ0ckdsVlVNbGFYNkF6dVpJT2J1cW9RNHdQNTdrV1ZHdTdaUitYdzlxYk5qK2RNNjEzOUxGSGV4MHlDeXg5NHF1Q2ZaM254eEVnN3ZjaTUvS3ErMEFSZjJxbG1RdlozSm14dXdEMEZTQS9TVi9QWkhLcFk1NVl4M0hFR01oeVVyT0Z3OVY2d015TllUTWIyUmVRUzJyQ0h1UXhTcGg0eVErZTNEc0dkcWxTM01JYS9hYzN6SXRCR2RDVXZGQ092cHdBOUpxNHJNV3Q4Ulh2ZUNQYkNuM0ZteUsrSFpTV001M0VCM1pFUk9lK0FJMWN5NnhhbGxac21iRUY1MHFXeVh3UEJ6WExpNU1ZcmNXUmZYOFI0RUxWYnRxTWR2YWIyN2JtR0Z4UVBuTmIxOElSd05BNjVrMkFrbVc1Tjd0dXFoZGNaSnl4Uk84MDJUTDJ0V3dxRStzQjdIQS9ReXRZb0wxOUticnUvbHg2a2FwVEdrWldzSHhERVBMOUNIaDZNS3VUY3dFMWcwbkJ2OUwwbGhGQWFkWmU2QlpEbWdJak1tbW54aGszc1lLTW5Lc2Yrc083WlUrOSt3dER6U3E0UTNMUlJmNUpJQWdRZU9rMjBjejRjdkVKbEgyMHUrL3hEeGpoL1BWVW4vS1h0UVJRY2ZMNk1OV2JoSExUTmpPenBLZGw2OGJCMXVseDF3MHJMUStLRTRWR1pYMFB1MTM2Il0sImFsZyI6IlJTMjU2IiwidHlwIjoiSldUIn0.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDA0Iiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwNCIsImp0aSI6IjA3ZDM0ZjNkYjJlZDQ3YzViZmRiYzQ3ZjY2YzVjYzRhIiwiaWF0IjoxNTU2MDk4MzA2LCJleHAiOjE1NTYwOTgzMzYsImF1ZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDMiLCJjYXBhYmlsaXRpZXNfaW5mbyI6eyJwYXJ0eV9pZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDQiLCJpc2hhcmVfcm9sZXMiOlt7InJvbGUiOiJBdXRob3JpemF0aW9uIFJlZ2lzdHJ5In1dLCJzdXBwb3J0ZWRfdmVyc2lvbnMiOlt7InZlcnNpb24iOiIxLjciLCJzdXBwb3J0ZWRfZmVhdHVyZXMiOlt7InB1YmxpYyI6W3siaWQiOiI5Q0I1MDM2RC0yRDNFLTQxMzgtQThGRS05QzQ2NDVDQzk1RkMiLCJmZWF0dXJlIjoiY2FwYWJpbGl0aWVzIiwiZGVzY3JpcHRpb24iOiJSZXRyaWV2ZXMgaVNIQVJFIGNhcGFiaWxpdGllcyIsInVybCI6Imh0dHBzOi8vYXIuaXNoYXJldGVzdC5uZXQvY2FwYWJpbGl0aWVzIiwidG9rZW5fZW5kcG9pbnQiOiJodHRwczovL2FyLmlzaGFyZXRlc3QubmV0L2Nvbm5lY3QvdG9rZW4ifSx7ImlkIjoiRUM4RkUxNzMtMjk4NC00RDBBLTk0RjUtQTg0MTUxRDc3QTAzIiwiZmVhdHVyZSI6ImFjY2VzcyB0b2tlbiIsImRlc2NyaXB0aW9uIjoiT2J0YWlucyBhY2Nlc3MgdG9rZW4iLCJ1cmwiOiJodHRwczovL2FyLmlzaGFyZXRlc3QubmV0L2Nvbm5lY3QvdG9rZW4ifSx7ImlkIjoiOUREOEMxOEMtMjEwOS00ODgzLTkwNzItNjcxMTI3OENBNTc4IiwiZmVhdHVyZSI6ImRlbGVnYXRpb24iLCJkZXNjcmlwdGlvbiI6Ik9idGFpbnMgZGVsZWdhdGlvbiBldmlkZW5jZSIsInVybCI6Imh0dHBzOi8vYXIuaXNoYXJldGVzdC5uZXQvZGVsZWdhdGlvbiIsInRva2VuX2VuZHBvaW50IjoiaHR0cHM6Ly9hci5pc2hhcmV0ZXN0Lm5ldC9jb25uZWN0L3Rva2VuIn1dLCJyZXN0cmljdGVkIjpbXX1dfV19fQ.cyRgYtx2UC7tFTJ6tzZtqqlyY54uGUnhYLpRtCgIlNqLPzcyIby_I2-hFpabxi2avmI69hQ11H8oHggs8QcfFJ2sFBWyBybojvw17KOvK7DX27cq3I5z2U4yWfe_wJWQQOMvqetg9CHv54ifa54adnXHkwe6_gon9AP6Iy7dh4KmiHOdIg-d3AidKH9k1_zaax_rUQ2hCgoe_WLv71RqEVBXbujT2AsQfWD98EcE1j1BZl3vI_CHkvBiMMe5pzs9K9Kzc1L85FECPqG1WomE9NDxE6RgEOSHPOJkOmHrxr4bs-rKUlN_gdH3FvLfsvLZ4dizORbquZEfFsTBX94W1A"
}
Decoded Response Example (JWT Payload, from Scheme Owner)
{
  "party_id": "EU.EORI.NL000000004",
  "ishare_roles": [
    {
        "role": "Authorization Registry"
    }
  ],
  "supported_versions": [
    {
      "version": "1.7",
      "supported_features": [
        {
          "public": [
            {          
              "id": "9CB5036D-2D3E-4138-A8FE-9C4645CC95FC",
              "feature": "capabilities",
              "description": "Retrieves iSHARE capabilities",
              "url": "https://ar.isharetest.net/capabilities",
              "token_endpoint": "https://ar.isharetest.net/connect/token"
           },
           {          
              "id": "EC8FE173-2984-4D0A-94F5-A84151D77A03",
              "feature": "access token",
              "description": "Obtains access token",
              "url": "https://ar.isharetest.net/connect/token"
           },
           {          
              "id": "9DD8C18C-2109-4883-9072-6711278CA578",
              "feature": "delegation",
              "description": "Obtains delegation evidence",
              "url": "https://ar.isharetest.net/delegation",
              "token_endpoint": "https://ar.isharetest.net/connect/token"
           }
          ],
          "restricted": []
        }
      ]
    }
  ]
}

Obtains delegation evidence

POST /delegation

Used to obtain delegation evidence from the AskMeAnything Authorisation Registry. For more explanation on the body, please refer to the iSHARE language of delegation. Please refer to the models ‘jwt_header’ and ‘jwt_payload_delegationevidence’ which indicate what the decoded response will look like.

Request body contains object with the required delegationRequest, optional delegation_chain and the required client_assertion in the previous_steps field. DelegationRequest contains a required JSON object that describes the evidence that is requested from the /delegation endpoint. Delegation_path contains an optional array of iSHARE identifiers for a situation where multiple delegation policies need to be linked together. Previous_steps contains a required array of evidence that the client has legitimate reason to request delegation evidence. A single step contains either a previous delegationEvidence statement or a client_assertion. The minimum is a client_assertion of one of the parties mentioned in the delegationRequest, and additional client_assertions/delegationEvidence when multiple delegation policies need to be linked together.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Do-Not-Sign
in header
boolean

Optional iSHARE specific boolean indicating the response SHALL not be signed. For testing purposes only, certified party response in production environment MUST always be signed.

Request Example
{
    "delegationRequest": {
      "policyIssuer": "string",
      "target": {
        "accessSubject": "string"
      },
      "policySets": [
      {
        "policies": [
        {
          "target": {
            "resource": {
              "type": "string",
              "identifiers": [
                "string"
              ],
              "attributes": [
                "string"
              ]
            },
            "actions": [
              "string"
            ]
          },
          "rules": [
            {
              "effect": "string"
            }
          ]
        }
      ]
    }
   ]
  },
  "delegation_path": [
    "string"
  ],
  "previous_steps": [
    "string"
  ]
}
delegation_token

string

Response Example (200 OK)
{
  "delegation_token":"eyJ4NWMiOlsiTUlJRWx6Q0NBbitnQXdJQkFnSUlKWGdMMHBKK0lvQXdEUVlKS29aSWh2Y05BUUVMQlFBd1NERVpNQmNHQTFVRUF3d1FhVk5JUVZKRlZHVnpkRU5CWDFSTVV6RU5NQXNHQTFVRUN3d0VWR1Z6ZERFUE1BMEdBMVVFQ2d3R2FWTklRVkpGTVFzd0NRWURWUVFHRXdKT1REQWVGdzB4T1RBeU1UVXhNVFEyTWpaYUZ3MHlNVEF5TVRReE1UUTJNalphTUZneEt6QXBCZ05WQkFNTUltbFRTRUZTUlNCVVpYTjBJRUYxZEdodmNtbDZZWFJwYjI0Z1VtVm5hWE4wY25reEhEQWFCZ05WQkFVVEUwVlZMa1ZQVWtrdVRrd3dNREF3TURBd01EUXhDekFKQmdOVkJBWVRBazVNTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF4KzlvQUxqam9sMitMeVl3TnlSekpqZ0IyWlIxaUtQVzRiMHRmL041ZnkyZUFPS3dFTElOTkRxNlU5M00vdlVxWXBkVlVqV1VVZjQrZ3ZxTW00UGUwdUZhWDlXTEJ6WWQvMGNQcUlmd3l5ZDgzeGhlMk1MeEExSHpPUjJOQUQ1b0oxR1RoRXpWRzQybVlGc0hyVEJRaXcrUHNrNXBWM1B1QlNXc0Q2SUxNOUlBU3BpZlcwSmR0dDdDQU5VeVkvc3l2dmx2ejlKdXhQbjNsc01pT25tLys1ZnpRMFZTS1ZtTEVjUWgyeTBmd0FySWtiQkYxQTNaeG5LWHJLUUVZTllIZmlqVk11VkZVOVQ3QjVTVmFsUVJDUjY0ZUdNeTA5Rm53ZGJWOEVUZTMwYnhsamx6QjAzeWhNbFllS3BnY3ZkRlBHN1BkNzZIKyszS3JDdnJxS0FuZFFJREFRQUJvM1V3Y3pBTUJnTlZIUk1CQWY4RUFqQUFNQjhHQTFVZEl3UVlNQmFBRkJZODV5RHAxcFR2SCtXaThiajh2dXJmTERlQk1CTUdBMVVkSlFRTU1Bb0dDQ3NHQVFVRkJ3TUJNQjBHQTFVZERnUVdCQlNwcmZuMnVvWUNTRC9rMUhURit6YnpPdU9UN3pBT0JnTlZIUThCQWY4RUJBTUNCYUF3RFFZSktvWklodmNOQVFFTEJRQURnZ0lCQUxxaURza0c3RXczelloVTJSUXBOUU50MEtocy9tZDFmUDVMYzFxTUQvVlhVSWFpaC9DM3daRVF2UjhoaFFYTGVNNzlxSDNIeDhUSjJ0eDBubUU1N1FnV3pVdjBINEMrbGYyak93eExyZytwVksyVzRxUmEzNmZiSkdMd2FONW9CVnJEejhuT0F2RXFZUVZ0ckdsVlVNbGFYNkF6dVpJT2J1cW9RNHdQNTdrV1ZHdTdaUitYdzlxYk5qK2RNNjEzOUxGSGV4MHlDeXg5NHF1Q2ZaM254eEVnN3ZjaTUvS3ErMEFSZjJxbG1RdlozSm14dXdEMEZTQS9TVi9QWkhLcFk1NVl4M0hFR01oeVVyT0Z3OVY2d015TllUTWIyUmVRUzJyQ0h1UXhTcGg0eVErZTNEc0dkcWxTM01JYS9hYzN6SXRCR2RDVXZGQ092cHdBOUpxNHJNV3Q4Ulh2ZUNQYkNuM0ZteUsrSFpTV001M0VCM1pFUk9lK0FJMWN5NnhhbGxac21iRUY1MHFXeVh3UEJ6WExpNU1ZcmNXUmZYOFI0RUxWYnRxTWR2YWIyN2JtR0Z4UVBuTmIxOElSd05BNjVrMkFrbVc1Tjd0dXFoZGNaSnl4Uk84MDJUTDJ0V3dxRStzQjdIQS9ReXRZb0wxOUticnUvbHg2a2FwVEdrWldzSHhERVBMOUNIaDZNS3VUY3dFMWcwbkJ2OUwwbGhGQWFkWmU2QlpEbWdJak1tbW54aGszc1lLTW5Lc2Yrc083WlUrOSt3dER6U3E0UTNMUlJmNUpJQWdRZU9rMjBjejRjdkVKbEgyMHUrL3hEeGpoL1BWVW4vS1h0UVJRY2ZMNk1OV2JoSExUTmpPenBLZGw2OGJCMXVseDF3MHJMUStLRTRWR1pYMFB1MTM2Il0sImFsZyI6IlJTMjU2IiwidHlwIjoiSldUIn0.eyJpc3MiOiJFVS5FT1JJLk5MMDAwMDAwMDA0Iiwic3ViIjoiRVUuRU9SSS5OTDAwMDAwMDAwMSIsImp0aSI6IjBmMTViOWFjNmVkNTQyOGM5ZWViNTM2ZDk5M2JhNWJiIiwiaWF0IjoxNTU2MDk4NTY5LCJleHAiOjE1NTYwOTg1OTksImF1ZCI6IkVVLkVPUkkuTkwwMDAwMDAwMDMiLCJkZWxlZ2F0aW9uRXZpZGVuY2UiOnsibm90QmVmb3JlIjoxNTQxMDU4OTM5LCJub3RPbk9yQWZ0ZXIiOjE1NjEwNTg5MzksInBvbGljeUlzc3VlciI6IkVVLkVPUkkuTkwwMDAwMDAwMDUiLCJ0YXJnZXQiOnsiYWNjZXNzU3ViamVjdCI6IkVVLkVPUkkuTkwwMDAwMDAwMDEifSwicG9saWN5U2V0cyI6W3sibWF4RGVsZWdhdGlvbkRlcHRoIjowLCJ0YXJnZXQiOnsiZW52aXJvbm1lbnQiOnsibGljZW5zZXMiOlsiSVNIQVJFLjAwMDEiXX19LCJwb2xpY2llcyI6W3sidGFyZ2V0Ijp7InJlc291cmNlIjp7InR5cGUiOiJHUzEuQ09OVEFJTkVSIiwiaWRlbnRpZmllcnMiOlsiMTgwNjIxLkNPTlRBSU5FUi1aIl0sImF0dHJpYnV0ZXMiOlsiR1MxLkNPTlRBSU5FUi5BVFRSSUJVVEUuRVRBIiwiR1MxLkNPTlRBSU5FUi5BVFRSSUJVVEUuV0VJR0hUIl19LCJlbnZpcm9ubWVudCI6eyJzZXJ2aWNlUHJvdmlkZXJzIjpbIkVVLkVPUkkuTkwwMDAwMDAwMDMiXX0sImFjdGlvbnMiOlsiSVNIQVJFLlJFQUQiLCJJU0hBUkUuQ1JFQVRFIiwiSVNIQVJFLlVQREFURSIsIklTSEFSRS5ERUxFVEUiXX0sInJ1bGVzIjpbeyJlZmZlY3QiOiJQZXJtaXQifV19XX1dfX0.IUZlQDCgSXpyPhCXoYSPqnz67144_0TKbj4nKzDS0UfnVHuof-oaW26zD_KLqyDjigyx9FCpIgJ1Nk5ANQYwahhDHHBNMsSUpwZ_5s1wFdI3qNwvPzkXC7Y7cyXTIFas9b279MvAjahfIfI2O_9kwqbWB78D1TB4vEsgk-6R2K8NY83xyO669p3bMQ47Z6kR94Ehq8Kj3opG-OXOXIekFwo_VteZPdAxJ5OkhgPmcKmTfnP-ratxMFZpRvKKjfGgfTFk1j9A60zuLN68SAEAo2huwY0g2LgZvPTXAMcreayHm_iugcvfedHM--iEsdhKdTFzdaIGBsAc0LLNSua1zQ"
}
Decoded Response Example (JWT Payload)
{
  "delegationEvidence": {
    "notBefore": 1541058939,
    "notOnOrAfter": 1561058939,
    "policyIssuer": "EU.EORI.NL000000005",
    "target": {
      "accessSubject": "EU.EORI.NL000000001"
    },
    "policySets": [
      {
        "maxDelegationDepth": 0,
        "target": {
          "environment": {
            "licenses": [
              "ISHARE.0001"
            ]
          }
        },
        "policies": [
          {
            "target": {
              "resource": {
                "type": "GS1.CONTAINER",
                "identifiers": [
                  "180621.CONTAINER-Z"
                ],
                "attributes": [
                  "GS1.CONTAINER.ATTRIBUTE.ETA",
                  "GS1.CONTAINER.ATTRIBUTE.WEIGHT"
                ]
              },
              "actions": [
                "ISHARE.READ",
                "ISHARE.CREATE",
                "ISHARE.UPDATE",
                "ISHARE.DELETE"
                ],
              "environment": {
                "serviceProviders": [
                  "EU.EORI.NL000000003"
                ]
              }
            },
            "rules": [
              {
                "effect": "Permit"
              }
            ]
          }
        ]
      }
    ]
  }
}

Input new policy

POST /policy

Used to store a new policy with the Authorisation Registry. Note that this is only an example on how to store a policy at an AR. How an authorisation is stored at an AR is not specified within the iSHARE agreements.

Request body contains object with the new delegation policy. The existing policy in the AR for the combination of policyIssuer and accessSubject will be replaced with the new policy. Please refer to the iSHARE language of delegation for additional information on the json data model for delegation policies.

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

Request Example
{
  "delegationEvidence": {
    "notBefore": integer,
    "notOnOrAfter": integer,
    "policyIssuer": "string",
    "target": {
      "accessSubject": "string"
    },
    "policySets": [
      {
        "maxDelegationDepth": integer,
        "target": {
          "environment": {
            "licenses": [
              "string"
            ]
          }
        },
        "policies": [
          {
            "target": {
              "resource": {
                "type": "string",
                "identifiers": [
                  "string"
                ],
                "attributes": [
                  "string"
                ]
              },
              "actions": [
                "string"
              ],
              "environment": {
                "serviceProviders": [
                  "string"
                ]
              }
            },
            "rules": [
              {
                "effect": "string"
              }
            ]
          }
        ]
      }
    ]
  }
}
201 Created

Created

Mock service - Displays client info

GET /me

Displays information off the client to which the access token was issued

Authorization
in header
string

Oauth 2.0 authorisation based on bearer token. MUST contain "Bearer " + access token value

200 OK

client_details

client_details

string

Response Example (200 OK)
{
  "client_details": "string"
}

Schema Definitions

jwt_header:

alg: string
typ: string
x5c: string[]
string
Example
{
  "alg": "RS256",
  "typ": "JWT",
  "x5c": [
    "string"
  ]
}

jwt_payload_party: object

iss: string
sub: string
aud: string
jti: string
exp: integer
iat: integer
party_info: party_info
Example
{
  "iss": "EU.EORI.NL123456789",
  "sub": "EU.EORI.NL123456789",
  "aud": "EU.EORI.NL987654321",
  "jti": "378a47c4-2822-4ca5-a49a-7e5a1cc7ea59",
  "exp": 1504683475,
  "iat": 1504683445,
  "party_info": {
    "party_id": "string",
    "party_name": "string",
    "adherence": {
      "status": "string",
      "start_date": "string",
      "end_date": "string"
    },
    "certifications": [
      {
        "role": "string",
        "start_date": "string",
        "end_date": "string"
      }
    ],
    "capability_url": "string"
    }
  }
}

jwt_payload_parties: object

iss: string
sub: string
aud: string
jti: string
exp: integer
iat: integer
parties_info: parties_info
Example
{
  "iss": "EU.EORI.NL123456789",
  "sub": "EU.EORI.NL123456789",
  "aud": "EU.EORI.NL987654321",
  "jti": "378a47c4-2822-4ca5-a49a-7e5a1cc7ea59",
  "exp": 1504683475,
  "iat": 1504683445,
  "parties_info": [
    {
      "party_id": "string",
      "party_name": "string",
      "adherence": {
        "status": "string",
        "start_date": "string",
        "end_date": "string"
      },
      "certifications": [
        {
          "role": "string",
          "start_date": "string",
          "end_date": "string"
        }
      ]
    }
  ]
}

jwt_payload_trusted_list_token: object

iss: string
sub: string
aud: string
jti: string
exp: integer
iat: integer
trusted_list: object[]
object
subject: string
certificate_fingerprint: string
validity: string
status: string
Example
{
  "iss": "EU.EORI.NL123456789",
  "sub": "EU.EORI.NL123456789",
  "aud": "EU.EORI.NL123456789",
  "jti": "378a47c4-2822-4ca5-a49a-7e5a1cc7ea59",
  "exp": 1504683475,
  "iat": 1504683445,
  "trusted_list": [
    {
      "subject": "string",
      "certificate_fingerprint": "string",
      "validity": "string",
      "status": "string"
    }
  ]
}

jwt_payload_capabilities:

party_id: string
ishare_roles: role
role
supported_versions: version
version
Example
{
  "party_id": "string",
  "ishare_roles": [
    {
      "role": "string"
    }
  ],
  "supported_versions": [
    {
      "version": "string",
      "supported_features": [
        {
          "feature": "string",
          "description": "string",
          "url": "string"
        }
      ]
    }
  ]
}

jwt_payload_delegationevidence: object

delegationEvidence: object
notBefore: integer
notOnOrAfter: integer
policyIssuer: string
target: object
accessSubject: string
policySets: object[]
object
maxDelegationDepth: integer
target: object
environment: object
licenses: string[]
string
policies: object[]
object
target: object
resource: object
type: string
identifiers: string[]
string
attributes: string[]
string
actions: string[]
string
environment: object
serviceProviders: string[]
string
rules: object[]
object
effect: string
Example
{
  "delegationEvidence": {
    "notBefore": "integer",
    "notOnOrAfter": "integer",
    "policyIssuer": "string",
    "target": {
      "accessSubject": "string"
    },
    "policySets": [
      {
        "maxDelegationDepth": "integer",
        "target": {
          "environment": {
            "licenses": [
              "string"
            ]
          }
        },
        "policies": [
          {
            "target": {
              "resource": {
                "type": "string",
                "identifiers": [
                  "string"
                ],
                "attributes": [
                  "string"
                ]
              },
              "actions": [
                "string"
              ],
              "environment": {
                "serviceProviders": [
                  "string"
                ]
              }
            },
            "rules": [
              {
                "effect": "string"
              }
            ]
          }
        ]
      }
    ]
  }
}

parties_token: object

parties_token: string
Example
{
  "parties_token": "string"
}

party_token: object

party_token: string
Example
{
  "party_token": "string"
}

capabilities_token: object

capabilities_token: string
Example
{
  "capabilities_token": "string"
}

delegation_token: object

delegation_token: string
Example
{
  "delegation_token": "string"
}

role:

role: string
Example
{
  "role": "string"
}

version:

version: string
supported_features: feature
feature
Example
{
  "version": "string",
  "supported_features": [
    {
      "feature": "string",
      "description": "string",
      "url": "string"
    }
  ]
}

feature:

feature: string
description: string
url: string
Example
{
  "feature": "string",
  "description": "string",
  "url": "string"
}

adherence: object

status: string
start_date: string
end_date: string
Example
{
  "status": "string",
  "start_date": "string",
  "end_date": "string"
}

certification: object

role: string
start_date: string
end_date: string
Example
{
  "role": "string",
  "start_date": "string",
  "end_date": "string"
}

certifications: array

Example
[
  {
    "role": "string",
    "start_date": "string",
    "end_date": "string"
  }
]

party_info: object

party_id: string
party_name: string
adherence: adherence
certifications: certifications
Example
{
  "party_id": "string",
  "party_name": "string",
  "adherence": {
    "status": "string",
    "start_date": "string",
    "end_date": "string"
  },
  "certifications": [
    {
      "role": "string",
      "start_date": "string",
      "end_date": "string"
    }
  ]
}

parties_info: array

Example
[
  {
    "party_id": "string",
    "party_name": "string",
    "adherence": {
      "status": "string",
      "start_date": "string",
      "end_date": "string"
    },
    "certifications": [
      {
        "role": "string",
        "start_date": "string",
        "end_date": "string"
      }
    ],
    "capability_url": "string"
    }
  }
]

boom-access:

validity: boolean
Example
{
  "validity": "boolean"
}

delegation-jwt:

delegation_token: string
Example
{
  "delegation_token": "string"
}

userinfo-jwt:

userinfo_token: string
Example
{
  "userinfo_token": "string"
}

trusted_list-jwt:

trusted_list_token: string
Example
{
  "trusted_list_token": "string"
}

certificate_response:

date_time: string
validity: boolean
certificate_fingerprint: string
Example
{
  "date_time": "string",
  "validity": "boolean",
  "certificate_fingerprint": "string"
}

openid-connect:

access_token: string
token_type: string bearer
expires_in: integer
id_token: string
Example
{
  "access_token": "string",
  "token_type": "string",
  "expires_in": "integer",
  "id_token": "string"
}

openid-authorize:

authorization_code: string
Example
{
  "authorization_code": "string"
}

delegation_body_ar: object

delegation_mask: object
delegationRequest: object
policyIssuer: string
target: object
accessSubject: string
policySets: object
policies: object
target: object
resource: object
type: string
identifiers: string[]
string
attributes: string[]
string
actions: string[]
string
rules: object[]
object
effect: string
delegation_path: string[]
string
previous_steps: string[]
string
Example
{
    "delegationRequest": {
      "policyIssuer": "string",
      "target": {
        "accessSubject": "string"
      },
      "policySets": [
      {
        "policies": [
        {
          "target": {
            "resource": {
              "type": "string",
              "identifiers": [
                "string"
              ],
              "attributes": [
                "string"
              ]
            },
            "actions": [
              "string"
            ]
          },
          "rules": [
            {
              "effect": "string"
            }
          ]
        }
      ]
    }
   ]
  },
  "delegation_path": [
    "string"
  ],
  "previous_steps": [
    "string"
  ]
}

delegation_body_ep: object

delegation_mask: object
delegationRequest: object
policyIssuer: string
target: object
accessSubject: string
policySets: object
policies: object
target: object
resource: object
type: string
identifiers: string[]
string
attributes: string[]
string
actions: string[]
string
rules: object[]
object
effect: string
previous_steps: string[]
string
Example
{
    "delegationRequest": {
      "policyIssuer": "string",
      "target": {
        "accessSubject": "string"
      },
      "policySets": [
      {
        "policies": [
        {
          "target": {
            "resource": {
              "type": "string",
              "identifiers": [
                "string"
              ],
              "attributes": [
                "string"
              ]
            },
            "actions": [
              "string"
            ]
          },
          "rules": [
            {
              "effect": "string"
            }
          ]
        }
      ]
    }
   ]
  },
  "previous_steps": [
    "string"
  ]
}

policies_body_ar: object

delegationEvidence: object
notBefore: integer
notOnOrAfter: integer
policyIssuer: string
target: object
accessSubject: string
policySets: object[]
object
maxDelegationDepth: integer
target: object
environment: object
licenses: string[]
string
policies: object[]
object
target: object
resource: object
type: string
identifiers: string[]
string
attributes: string[]
string
actions: string[]
string
environment: object
serviceProviders: string[]
string
rules: object[]
object
effect: string
Example
{
  "delegationEvidence": {
    "notBefore": "integer",
    "notOnOrAfter": "integer",
    "policyIssuer": "string",
    "target": {
      "accessSubject": "string"
    },
    "policySets": [
      {
        "maxDelegationDepth": "integer",
        "target": {
          "environment": {
            "licenses": [
              "string"
            ]
          }
        },
        "policies": [
          {
            "target": {
              "resource": {
                "type": "string",
                "identifiers": [
                  "string"
                ],
                "attributes": [
                  "string"
                ]
              },
              "actions": [
                "string"
              ],
              "environment": {
                "serviceProviders": [
                  "string"
                ]
              }
            },
            "rules": [
              {
                "effect": "string"
              }
            ]
          }
        ]
      }
    ]
  }
}

oauth:

access_token: string
token_type: string
expires_in: integer
Example
{
  "access_token": "string",
  "token_type": "string",
  "expires_in": "integer"
}

client_details:

client_details: string
Example
{
  "client_details": "string"
}

Questions?

Visit the iSHARE Community Forum