Versions Compared

Old Version 2

changes.mady.by.user Merel Noort

Saved on

compared with

New Version Current

changes.mady.by.user Bauke Rietveld

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Deze pagina’s zijn in het engels ten behoeve van mogelijk internationale ontwikkelaars

...

This endpoint must MUST be implemented by the following roles:

Status
colourPurple
titleData SERVICE PROVIDER

...

Data service providers are free to implement a data service within the DSGO to provide a service to achieve business value according their own design. Data services provided within the DSGO must conform to all the DSGO specifications. This page gives an abstract overview of elements which may be used in data services.

Excerpt
nameData service
Panel
panelIconId2705
panelIcon:white_check_mark:
panelIconText
bgColor#FFF0B3

DSGO.Basis: Data service providers MUST expose their resources in conformance with the trust framework

...

For information about the parameters that are common to the trust framework’s API’s see Generic API Requirements.

Excerpt
nameData service 2
Panel
panelIconId2705
panelIcon:white_check_mark:
panelIconText
bgColor#FFF0B3

DSGO.Basis: Data service providers MUST require the HTTP headers as defined in the table below in a data service request if using the described mechanisms as defined in the DSGO

Parameter

Type

Description

Authorization

Optional

String

MUST contain an OAuth 2.0 authorization based on bearer token. MUST contain “Bearer " + access token value. This parameter is optional and may be used by data service providers who wish to use an access token as authorization information for their data service.

Data service consumers can request access tokens via the /token endpoint. See Access Token for more information.

broker_evidence

Optional

ObjectString

MUST contain a broker_token object containing DSGO broker evidence regarding the data service broker. This parameter is optional and may be used by data service brokers who request a data service on behalf of data service consumers they service.

Data service brokers can obtain broker evidence via the /brokers endpoint. See Datadienstbrokers for more information.

Note, broker_evidence MUST be used in combination with the client_assertion parameter. If broker_evidence is used, the accessSubject in the brokerEvidence object MUST be validated to match the client_id in the client_assertion. If this matches, the policyIssuer in the brokerEvidence MUST be considered the data service consumer.

Note, broker_evidence MAY NOT be used in combination with delegation_evidence.

client_assertion

Optional

ObjectString

MUST contain a signed DSGO JSON Web Token. This parameter may contain a DSGO Authenticatie JWT used for of the data service consumer. Alternatively this parameter may contain a DSGO Onweerlegbaarheid JWT used by data service consumers or required by data service providers who wish to ensure for non-repudiation of the data service request. If this parameter contains a Onweerlegbaarheid JWT, the Digest header must also be included.

See Authenticatie and Onweerlegbaarheid for more information.

delegation_evidence

Optional

ObjectString

MUST contain a delegation_token object containing delegation evidence regarding the requested service. This parameter is optional and may be used by data service providers who wish to enable data entitled parties to delegate their rights in regard to the data service to (potential) data service consumers.

Data service consumers can obtain delegation evidence via the /delegation endpoint. See Delegation for more information.

Note, delegation_evidence MUST be used in combination with the client_assertion parameter. If delegation_evidence is used, the accessSubject in the delegationEvidence object MUST be validated to match the client_id in the client_assertion. If this matches, the policyIssuer in the delegationEvidence MUST be considered the data service consumer.

Note, delegation_evidence MAY NOT be used in combination with broker_evidence.

Digest

Optional

String

MUST contain a SHA256 hash (according to RFC 32309530) of the HTTP body with the matching algorithm identifier S256 SHA-256as defined in ETSI TS 119 182-1. This parameter is optional and may be used by data service consumers or required by data service providers who wish to ensure for non-repudiation of the data service request.

See Onweerlegbaarheid for more information.

LicensePurpose

Optional

String

MUST contain a reference to the legal document under which the data service is made available. MUST be equal to one or more of the licence codes, prepended with a “DSGO." prefix. This parameter describes the purpose of the licence the data service consumer request for the data in the data service response.

See Licenties for more information.

Request body

Given the scope of the DSGO, the trust framework is data agnostic, and any type of content could be offered in data services. See /wiki/spaces/AD/pages/114065468 Wat is een datadienst? for more information. It is the responsibility of the data service provider to determine the data resource offered in a data service in the data service specification. Depending on the data service this service content could be included in the HTTP body of the request or response. Although the data service provider is free to choose whatever data standard they see fit for their service, the DSGO presents the following agreement as a best practice.

Excerpt
nameData service 3
Panel
panelIconId2705
panelIcon:white_check_mark:
panelIconText
bgColor#FFF0B3

DSGO.Basis: Data service providers SHOULD make use of relevant open standards in the definition of the service content of a data service

...

Excerpt
nameData service 4
Panel
panelIconId2705
panelIcon:white_check_mark:
panelIconText
bgColor#FFF0B3

DSGO.Basis: Data service providers MUST use the HTTP headers as defined in the table below in a data service response if using the described mechanisms as defined in the DSGO

Parameter

Type

Description

broker_evidence

Optional

ObjectString

Note, broker_evidence MUST be used in combination with the client_assertion parameter. If broker_evidence is used, the accessSubject in the brokerEvidence object MUST be validated to match the client_id in the client_assertion. If this matches, the policyIssuer in the brokerEvidence MUST be considered the data service provider.

client_assertion

Optional

ObjectString

MUST contain a signed DSGO Onweerlegbaarheid JWT. This parameter is optional and may be used by data service providers or required by data service consumers who wish to ensure for non-repudiation of the data service response. If this parameter is used, the Digest header must also be included.

See Onweerlegbaarheid for more information.

Digest

Optional

String

MUST contain a SHA256 hash (according to RFC 32309530) of the HTTP body with the matching algorithm identifier S256 SHA-256as defined in ETSI TS 119 182-1. This parameter is optional and may be used by data service providers or required by data service consumers who wish to ensure for non-repudiation of the data service response.

See Onweerlegbaarheid for more information.

LicensePurpose

Optional

String

MUST contain a reference to the legal document under which the data service is made available. MUST be equal to one or more of the licence codes, prepended with a “DSGO." prefix. This parameter describes the purpose of the licence the data service consumer receives in the data service response.

See Licenties for more information.

LicenseSubLicense

Optional

String

Optional DSGO specific value describing the amount of sub license(s) the Data Service Provider is allowed to issue for the data in the data service response.

LicenseEndDate

Optional

String

MUST contain the date and time which describes the duration of the license for the data in the data service response. MUST be according to ISO 8601a UNIX timestamp, following the timestamp conventions.

Response body

See Request body.