Retrieves information about the features available to the requesting party. In the DSGO, a data service can be considered as a specific feature.
| Excerpt |
|---|
|
| Panel |
|---|
| panelIconId | 2705 |
|---|
| panelIcon | :white_check_mark: |
|---|
| panelIconText | ✅ |
|---|
| bgColor | #FFF0B3 |
|---|
| DSGO.Basis: Parties MUST support a GET call to a /capabilities endpoint to retrieve a list of their features (in acapabilities_info object).
|
|
Request
Authorization
An access token may be used in GET calls to the /capabilities endpoint. For more information, see Access Token. The /capabilities endpoint should only return the public endpoints if no access token is provided. If an access token is provided, the /capabilities endpoint will also provide the restricted endpoints.
| Excerpt |
|---|
|
| Panel |
|---|
| panelIconId | 2705 |
|---|
| panelIcon | :white_check_mark: |
|---|
| panelIconText | ✅ |
|---|
| bgColor | #FFF0B3 |
|---|
| DSGO.Basis: Parties MUST provide only public features to a successful GET request to the /capabilities endpoint, which does not include an access token
|
| Panel |
|---|
| panelIconId | 2705 |
|---|
| panelIcon | :white_check_mark: |
|---|
| panelIconText | ✅ |
|---|
| bgColor | #FFF0B3 |
|---|
| DSGO.Basis: Parties MUST validate that a GET request to the /capabilities endpoint includes the Authorization header according to RFC 6750 and contains a valid access token, when returning restricted features
|
|
A party may also have private endpoints, which are endpoints for their own internal organization, also known as endpoints that are implemented, but not to share with the others. These endpoints are not within the scope of the DSGO and should not be returned to other parties.
...
For information about the parameters that are common to the trust framework’s API’s see Generic API Requirements.
| Expand |
|---|
| title | Example request for a succesful GET /capabilities call |
|---|
|
| Code Block |
|---|
| > Authorization: Bearer IIeDIrdnYo2ngwDQYJKoZIhvcNAQELBQAwSDEZMBcGA1UEAwwQaVNIQ
GET /capabilities |
|
...
Successful, the response contains data providing the requested features of the party in a capabilities_token. The capabilities_token is a signed JWT, which contains the claims as defined in the Authentication JWT, and additionally contains a capabilities_info object.
| Excerpt |
|---|
|
| Panel |
|---|
| panelIconId | 2705 |
|---|
| panelIcon | :white_check_mark: |
|---|
| panelIconText | ✅ |
|---|
| bgColor | #FFF0B3 |
|---|
| DSGO.Basis: The trust framework catalogue MUST include a capabilities_token including a capabilities_info object in a response to a successful GET call to the /capabilities endpoint
|
|
...