Versions Compared

Old Version 1

changes.mady.by.user Bauke Rietveld

Saved on

compared with

New Version Current

changes.mady.by.user Bauke Rietveld

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Kleine wijzigingen: Aanpassingen t.b.v. leesbaarheid

Used to obtain broker evidence from the trust framework catalogue. Broker evidence can be used by a data service broker in future data service requests to data service providers

Excerpt
namepost brokers
Panel
panelIconId2705
panelIcon:white_check_mark:
panelIconText
bgColor#FFF0B3

The trust framework catalogue MUST support a POST call to a /brokers endpoint to retrieve broker evidence (in a brokerEvidence object).

Request

Authorization

An access token must be is used in POST calls to the /brokers endpoint. For more information, see Access Token.

Excerpt
namepost brokers 2
Panel
panelIconId2705
panelIcon:white_check_mark:
panelIconText
bgColor#FFF0B3

The trust framework catalogue MUST validate that a POST call to a /brokers endpoint includes the Authorization header according to RFC 6750 and contains a valid access token

...

For information about the parameters that are common to the trust framework’s API’s see Generic API Requirements.

Excerpt
namepost brokers 3
Panel
panelIconId2705
panelIcon:white_check_mark:
panelIconText
bgColor#FFF0B3

The trust framework catalogue MUST validate that the HTTP body of a POST request to the /brokers endpoint contains the parameters as defined in the table below

Parameter

Type

Description

brokerRequest

Required

Object

Object MUST contain policyIssuer, target and policySets objects, and may contain the delegation_path and previous_steps arrays as described below

policyIssuer

Required

String in delegationRequest

MUST contain a valid Organisation ID (an EORI or KvK number) of the data service consumer making use of a data service broker.

target

Required

Object in delegationRequest

Object MUST contain an accessSubject. No other elements are allowed. It makes the entire broker evidence applicable only to this accessSubject.

accessSubject

Required

String in target

MUST contain a valid Organisation ID (an EORI or KvK number) of the data service broker which receives the rights to act for a data service consumer).

...

Successful, the response contains data providing the requested parties information in a broker_token. The broker_token is a signed JWT, which contains the claims as defined in the Authentication JWT, and additionally contains a brokerEvidence object as defined here.

Excerpt
namepost brokers 4
Panel
panelIconId2705
panelIcon:white_check_mark:
panelIconText
bgColor#FFF0B3

The trust framework catalogue MUST include a broker_token including of a brokerEvidence object in a response to a successful GET calls to the /brokers endpoint

...