openapi: 3.0.0 paths: /api/management/audit-logs: get: description: Fetches paginated audit log entries with optional filters. operationId: AuditLogController_list parameters: - name: order required: false in: query schema: default: DESC type: string enum: - ASC - DESC - name: order_by required: false in: query schema: default: modifiedDate type: string - name: page required: false in: query schema: minimum: 1 default: 1 type: number - name: per_page required: false in: query schema: minimum: 1 maximum: 100 default: 100 type: number - name: callerSub required: false in: query schema: type: string - name: callerType required: false in: query schema: type: string - name: resultAllowed required: false in: query schema: type: boolean - name: correlationId required: false in: query schema: type: string - name: ipAddress required: false in: query schema: type: string - name: requestPath required: false in: query schema: type: string - name: from required: false in: query schema: type: string - name: to required: false in: query schema: type: string - name: resourceType required: false in: query schema: type: array items: type: string - name: action required: false in: query schema: type: array items: type: string - name: severity required: false in: query schema: type: array items: type: string enum: - debug - info - warning - error - critical responses: "200": description: Successful response headers: x-page: description: Index of the current page (starting at 1) schema: type: integer x-prev-page: description: Index of the previous page schema: type: integer required: false x-next-page: description: Index of the next page schema: type: integer required: false x-per-page: description: Number of items per page schema: type: integer x-total-pages: description: Total number of pages schema: type: integer x-total: description: Total number of items schema: type: integer link: description: Web Linking to other pages of this resource schema: type: string security: - oauth2: - read:w.audit_log summary: List audit log entries tags: &a1 - Audit Logs /api/management/audit-logs/{id}: get: description: Fetches a single audit log entry by its ID. operationId: AuditLogController_getById parameters: - name: id required: true in: path schema: type: string responses: "200": description: "" security: - oauth2: - read:w.audit_log summary: Get audit log entry by ID tags: *a1 /health: get: description: Retrieves the current health of the app. If the app is running and it is connected to the database it always returns an empty 200 OK operationId: HealthController_getHealth parameters: [] responses: "200": description: "" "502": description: "" "503": description: The Health Check is not successful content: application/json: schema: type: object properties: status: type: string example: error info: type: object example: database: &a2 status: up additionalProperties: type: object required: - status properties: status: type: string additionalProperties: true nullable: true error: type: object example: redis: &a3 status: down message: Could not connect additionalProperties: type: object required: - status properties: status: type: string additionalProperties: true nullable: true details: type: object example: database: *a2 redis: *a3 additionalProperties: type: object required: - status properties: status: type: string additionalProperties: true summary: Health check tags: - Health /api/settings: get: description: Retrieve dynamic settings for this wallet operationId: ConfigController_getSettings parameters: [] responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/RuntimeConfigDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - &a4 oauth2: - read:w.config summary: Retrieve settings tags: &a5 - Settings /api/settings/update: post: description: Update the dynamic settings for this wallet operationId: ConfigController_updateSettings parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/RuntimeConfigDto" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/RuntimeConfigDto" "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a4 - oauth2: - update:w.config summary: Update settings tags: *a5 /api/settings/upload: post: description: Uploads logo for the control plane, receive a base64 encoded url. operationId: ConfigController_uploadFile parameters: [] responses: "200": description: "" security: - *a4 - oauth2: - update:w.config summary: Upload logo tags: *a5 /api/status: get: description: Retrieves the current health of the control plane. With additional status information operationId: StatusController_getStatus parameters: [] responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/StatusDto" "502": description: "" summary: Application status tags: - Status /api/management/presentation/status: post: description: Get the status of a credential operationId: PresentationManagementController_status parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/CredentialStatusRequest" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/VerifiedCredentialStatus" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: &a6 - oauth2: - read:w.presentation summary: Get the status of a credential tags: &a7 - Management Presentation /api/management/presentation/scopes: get: description: Get all defined scopes operationId: PresentationManagementController_getScopes parameters: - name: order required: false in: query schema: default: DESC type: string enum: - ASC - DESC - name: order_by required: false in: query schema: default: modifiedDate type: string - name: page required: false in: query schema: minimum: 1 default: 1 type: number - name: per_page required: false in: query schema: minimum: 1 maximum: 100 default: 100 type: number responses: "200": description: "" headers: x-page: description: Index of the current page (starting at 1) schema: type: integer x-prev-page: description: Index of the previous page schema: type: integer required: false x-next-page: description: Index of the next page schema: type: integer required: false x-per-page: description: Number of items per page schema: type: integer x-total-pages: description: Total number of pages schema: type: integer x-total: description: Total number of items schema: type: integer link: description: Web Linking to other pages of this resource schema: type: string content: application/json: schema: type: array items: $ref: "#/components/schemas/ScopeDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: *a6 summary: Get all defined scopes tags: *a7 post: description: Add a new scope definition to the wallet operationId: PresentationManagementController_addScope parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/AddScope" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/ScopeDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: *a6 summary: Add new scope tags: *a7 /api/management/presentation/scopes/{id}: put: description: Update an existing scope definition in the wallet operationId: PresentationManagementController_updateScope parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/AddScope" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/ScopeDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: *a6 summary: Update scope tags: *a7 delete: description: Delete an existing scope definition from the wallet operationId: PresentationManagementController_deleteScope parameters: [] responses: "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: *a6 summary: Delete scope tags: *a7 /api/dcp/presentations/query: post: description: Request a presentation with a SIOP-token and a PresentationQueryMessage operationId: DCPHolderController_presentationQuery parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/PresentationQueryMessage" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/PresentationResponseMessage" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" summary: Retrieve presentation tags: - Presentation DCP /api/management/dcp/holder/token: get: description: Generates a SIOP token for the provided audience to allow it to request presentations operationId: DCPHolderManagementController_createSIToken parameters: - name: audience required: true in: query schema: type: string - name: scope required: true in: query schema: type: string responses: "200": description: "" content: application/json: schema: type: object properties: id_token: type: string "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - oauth2: - read:w.presentation summary: Request a SIOP token tags: - Presentation DCP /api/management/dcp/verifier/verify: post: description: Request a new DCP presentation flow to start as verifier, based on a presentation defintion and a holder SIOP token operationId: DCPVerifierManagementController_verify parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/VerificationRequest" responses: "200": description: "" content: application/json: schema: type: array items: $ref: "#/components/schemas/VerifiablePresentation" security: - oauth2: - read:w.presentation summary: Start verification flow tags: - Presentation DCP /api/oid4vp/ar/{id}: get: description: Get the Authorization Request according to the OID4VP specification. operationId: OID4VPVerifierController_getAuthorizationRequest parameters: - name: id required: true in: path schema: type: string responses: "200": description: "" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" summary: Get the Authorization Request tags: &a8 - OID4VP /api/oid4vp/authorize: post: description: Submit an Authorization Response according to the OID4VP 1.0 specification using form-urlencoded format. operationId: OID4VPVerifierController_status parameters: [] requestBody: required: true description: Authorization response in form-urlencoded format as per OID4VP 1.0 specification. content: application/x-www-form-urlencoded: schema: $ref: "#/components/schemas/OID4VPAuthorizationResponse" responses: "200": description: "" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" summary: Submit Authorization Response tags: *a8 /api/management/oid4vp/verifier/create: post: description: Add an Authorization Request according to the OID4VP specification. operationId: OID4VPVerifierManagementController_create parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/DcqlQuery" responses: "200": description: "" content: application/json: schema: type: string "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: &a9 - oauth2: - read:w.presentation summary: Add an Authorization Request tags: &a10 - OID4VP /api/management/oid4vp/verifier/create/public: post: description: Add an Authorization Request according to the OID4VP specification, allowed for unauthenticated requests. operationId: OID4VPVerifierManagementController_createPublic parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/DcqlQuery" responses: "200": description: "" content: application/json: schema: type: string "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: *a9 summary: Add a public Authorization Request tags: *a10 /api/auth/user: get: description: Retrieves current user state, whether someone is logged in or not a 200 result is provided. This is used in the frontend to determine whether certain aspects should be shown. operationId: AuthController_getUser parameters: [] responses: "200": description: "" content: application/json: schema: oneOf: - $ref: "#/components/schemas/AuthenticatedUser" - $ref: "#/components/schemas/UnauthenticatedUser" summary: Retrieve current user status tags: &a11 - Authentication /api/auth/login: get: description: Redirects user to the correct authorization server operationId: AuthController_login parameters: [] responses: "302": description: "" summary: Login redirect tags: *a11 /api/auth/logout: get: description: Removes session information and redirects user the root of the frontend (`auth.redirectURL`) operationId: AuthController_logout parameters: [] responses: "302": description: "" summary: Logout redirect tags: *a11 /api/auth/callback: get: description: Users are redirected from the authorization server to this endpoint which will redirect them to the frontend (`auth.redirectURL`) operationId: AuthController_callback parameters: - name: state required: false in: query description: The state parameter schema: example: randomState type: string - name: code required: false in: query description: The authorization code schema: example: code type: string - name: access_token required: false in: query description: The access token schema: type: string - name: token_type required: false in: query description: The token type schema: example: Bearer type: string - name: expires_in required: false in: query description: The token expiration in seconds schema: example: 3600 type: string - name: id_token required: false in: query description: The ID token schema: type: string - name: code_verifier required: false in: query description: The code verifier schema: example: randomChallengeVerifier type: string responses: "302": description: "" summary: Login callback tags: *a11 /api/credentials: get: description: List all credentials in this dataspace. operationId: CredentialsController_getCredentials parameters: [] responses: "200": description: "" content: application/json: schema: type: array items: $ref: "#/components/schemas/CredentialsDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" summary: List dataspace credentials tags: &a12 - Credentials /api/credentials/{credentialId}: get: description: Retrieve a specific Verifiable Credential issued by this wallet operationId: CredentialsController_getCredential parameters: - name: credentialId required: true in: path schema: type: string responses: "200": description: "" content: application/json: schema: oneOf: - $ref: "#/components/schemas/VerifiableCredential" - type: string "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" summary: Retrieve credential tags: *a12 /api/management/credentials: get: description: List all credentials, that the current user is allowed to view, in this wallet operationId: CredentialsManagementController_getCredentials parameters: - name: order required: false in: query schema: default: DESC type: string enum: - ASC - DESC - name: order_by required: false in: query schema: default: modifiedDate type: string - name: page required: false in: query schema: minimum: 1 default: 1 type: number - name: per_page required: false in: query schema: minimum: 1 maximum: 100 default: 100 type: number responses: "200": description: "" headers: x-page: description: Index of the current page (starting at 1) schema: type: integer x-prev-page: description: Index of the previous page schema: type: integer required: false x-next-page: description: Index of the next page schema: type: integer required: false x-per-page: description: Number of items per page schema: type: integer x-total-pages: description: Total number of pages schema: type: integer x-total: description: Total number of items schema: type: integer link: description: Web Linking to other pages of this resource schema: type: string content: application/json: schema: type: array items: $ref: "#/components/schemas/CredentialsDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: &a15 - &a13 oauth2: - read:w.credential summary: List credentials tags: &a14 - Management Credentials post: description: Issue a new credential within this wallet operationId: CredentialsManagementController_addCredential parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/CredentialConfigDto" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialsDto" "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "409": description: Resource already exists content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a13 - oauth2: - create:w.credential summary: Add credential tags: *a14 /api/management/credentials/dataspace: get: description: List all credentials in this dataspace. operationId: CredentialsManagementController_getDataspaceCredentials parameters: - name: issuerIds required: false in: query description: Comma-separated list of issuer IDs to retrieve dataspace credentials from schema: type: string responses: "200": description: "" content: application/json: schema: type: array items: $ref: "#/components/schemas/CredentialsDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: *a15 summary: List dataspace credentials tags: *a14 /api/management/credentials/config: get: description: Retrieves credential configuration that can be used by this wallet. Contains both trust anchors and issue configurations. operationId: CredentialsManagementController_getConfig parameters: [] responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialConfigDto" security: *a15 summary: Retrieve credential configuration tags: *a14 /api/management/credentials/import: post: description: Import a credential issued by an external credential issuer operationId: CredentialsManagementController_importCredential parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/VerifiableCredential" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialsDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "409": description: Resource already exists content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a13 - oauth2: - create:w.credential summary: Import credential tags: *a14 /api/management/credentials/{credentialId}: get: description: Retrieve a specific credential within this wallet operationId: CredentialsManagementController_getCredential parameters: - name: credentialId required: true in: path schema: type: string responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialsDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a13 - oauth2: - read:w.credential summary: Retrieve credential tags: *a14 put: description: "Update a credential within this wallet. __*Note*__: this will either self-issue or import a credential." operationId: CredentialsManagementController_updateCredential parameters: - name: credentialId required: true in: path schema: type: string requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/CredentialConfigDto" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialsDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a13 - oauth2: - update:w.credential summary: Update credential tags: *a14 delete: description: Deletes an existing credential within this wallet operationId: CredentialsManagementController_deleteCredential parameters: - name: credentialId required: true in: path schema: type: string responses: "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a13 - oauth2: - delete:w.credential summary: Delete credential tags: *a14 /api/management/credentials/{credentialId}/revoke: post: description: Revoke credential via BitstringStatusList operationId: CredentialsManagementController_revokeCredential parameters: - name: credentialId required: true in: path schema: type: string responses: "200": description: "" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a13 - oauth2: - update:w.credential summary: Revoke credential tags: *a14 /api/management/credentials/gaiax/legalRegistrationNumber: post: description: Self-issue a Legal Registration Number credential following the Gaia-X Trust Framework operationId: GaiaXManagementController_requestLegalRegistrationNumberCredential parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/LegalRegistrationNumberRequest" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialsDto" "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: &a16 - oauth2: - create:w.credential summary: Issue legal registration number credential tags: &a17 - Management Gaia-X Credentials /api/management/credentials/gaiax/compliance: post: description: Request a compliance credential from a Gaia-X Digital Clearing House based on existing credentials within this wallet operationId: GaiaXManagementController_requestComplianceCredential parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/ComplianceRequest" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialsDto" "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: *a16 summary: Request compliance credential tags: *a17 /api/management/did: get: description: Retrieves the current DID document for this wallet operationId: DIDManagementController_getDidDocument parameters: [] responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/DIDDocumentDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: &a18 - &a20 oauth2: - read:w.did summary: Retrieve DID document tags: &a19 - Management DID /api/management/did/services: get: description: Retrieves the currently registered DID services for this wallet operationId: DIDManagementController_getServices parameters: - name: order required: false in: query schema: default: DESC type: string enum: - ASC - DESC - name: order_by required: false in: query schema: default: modifiedDate type: string - name: page required: false in: query schema: minimum: 1 default: 1 type: number - name: per_page required: false in: query schema: minimum: 1 maximum: 100 default: 100 type: number responses: "200": description: "" headers: x-page: description: Index of the current page (starting at 1) schema: type: integer x-prev-page: description: Index of the previous page schema: type: integer required: false x-next-page: description: Index of the next page schema: type: integer required: false x-per-page: description: Number of items per page schema: type: integer x-total-pages: description: Total number of pages schema: type: integer x-total: description: Total number of items schema: type: integer link: description: Web Linking to other pages of this resource schema: type: string content: application/json: schema: type: array items: $ref: "#/components/schemas/ServiceDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: *a18 summary: Retrieve DID services tags: *a19 post: description: Registers a new DID service for this wallet operationId: DIDManagementController_addService parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/DidServiceConfigDto" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/ServiceDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "409": description: Resource already exists content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a20 - oauth2: - create:w.did summary: Add DID service tags: *a19 /api/management/did/services/{id}: put: description: Updates an existing DID service for this wallet operationId: DIDManagementController_updateService parameters: - name: id required: true in: path schema: type: string requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/DidServiceConfigDto" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/ServiceDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a20 - oauth2: - update:w.did summary: Update DID service tags: *a19 delete: description: Deletes an existing DID service for this wallet operationId: DIDManagementController_deleteService parameters: - name: id required: true in: path schema: type: string responses: "200": description: "" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a20 - oauth2: - delete:w.did summary: Delete DID service tags: *a19 /.well-known/did.json: get: description: Retrieves the public DID document on the well-known address for this wallet operationId: DIDWebController_getDid parameters: [] responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/DIDDocumentDto" summary: Retrieve DID document tags: - DID Web /keys/{id}: get: description: Retrieves the CA chain for a given key. Only supported for keys with type `X509` operationId: KeysController_getCaChain parameters: - name: id required: true in: path schema: type: string responses: "200": description: "" content: application/json: schema: type: string "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" summary: Retrieve Key CA chain tags: - Keys /api/management/keys: get: description: Retrieves all keys registered for this wallet operationId: KeysManagementController_getKeys parameters: - name: order required: false in: query schema: default: DESC type: string enum: - ASC - DESC - name: order_by required: false in: query schema: default: modifiedDate type: string - name: page required: false in: query schema: minimum: 1 default: 1 type: number - name: per_page required: false in: query schema: minimum: 1 maximum: 100 default: 100 type: number responses: "200": description: "" headers: x-page: description: Index of the current page (starting at 1) schema: type: integer x-prev-page: description: Index of the previous page schema: type: integer required: false x-next-page: description: Index of the next page schema: type: integer required: false x-per-page: description: Number of items per page schema: type: integer x-total-pages: description: Total number of pages schema: type: integer x-total: description: Total number of items schema: type: integer link: description: Web Linking to other pages of this resource schema: type: string content: application/json: schema: type: array items: $ref: "#/components/schemas/KeyInfoDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - oauth2: - read:w.key summary: Retrieve keys tags: &a21 - Management Keys post: description: Generates a new key based on the provided configuration operationId: KeysManagementController_addKey parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/KeyConfigDto" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/KeyInfoDto" "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "409": description: Resource already exists content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - oauth2: - create:w.key summary: Add key tags: *a21 /api/management/keys/{keyId}: get: description: Retrieves key information of a specific key within this wallet operationId: KeysManagementController_getKey parameters: - name: keyId required: true in: path schema: type: string responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/KeyInfoDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - oauth2: - read:w.key summary: Retrieve key tags: *a21 delete: description: Deletes an existing key within this wallet operationId: KeysManagementController_deleteKey parameters: - name: keyId required: true in: path schema: type: string responses: "200": description: "" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - oauth2: - delete:w.key summary: Delete key tags: *a21 /api/management/keys/{keyId}/default: put: description: Sets the provided key as default key within this wallet, will remove the default key flag for other keys in this wallet operationId: KeysManagementController_setDefaultKey parameters: - name: keyId required: true in: path schema: type: string responses: "200": description: "" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - oauth2: - update:w.key summary: Set default key tags: *a21 /api/management/signature/sign: post: description: Sign a JSON document with default or defined key operationId: SignatureManagementController_sign parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/SignRequest" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/ProofDocument" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: &a22 - oauth2: - execute:w.key summary: Sign document tags: &a23 - Management Signatures /api/management/signature/sign/jwt: post: description: Sign a JSON document as JWT with default or defined key operationId: SignatureManagementController_signJwt parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/SignRequestJwt" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/SignedJwtResponse" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: *a22 summary: Sign document as JWT tags: *a23 /api/management/signature/validate: post: description: Validates a document that includes a `proof` property operationId: SignatureManagementController_validate parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/ValidateRequest" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/ProofDocument" "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: *a22 summary: Validate signed document tags: *a23 /api/management/signature/validate/jwt: post: description: Validates a signed JWT and returns the payload upon success operationId: SignatureManagementController_validateJwt parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/ValidateJWTRequest" responses: "200": description: "" content: application/json: schema: type: object "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: *a22 summary: Validate signed JWT tags: *a23 /issue-configuration/{id}: get: description: Retrieves JSON-LD context document for the given issue configuration operationId: IssueConfigurationController_getContext parameters: - name: id required: true in: path schema: type: string responses: "200": description: "" content: application/json: schema: type: object summary: Retrieve issue configuration document tags: &a24 - Issue Configurations /issue-configuration/{id}/background-image: get: description: Retrieves background image for the given issue configuration, if available operationId: IssueConfigurationController_getBackgroundImage parameters: - name: id required: true in: path schema: type: string responses: "200": description: "" content: application/json: schema: type: string format: binary "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" summary: Retrieve issue configuration background image tags: *a24 /api/management/issue-configurations: get: description: Retrieve all issue configurations registered in this wallet operationId: IssueConfigurationManagementController_getIssueConfigurations parameters: [] responses: "200": description: "" content: application/json: schema: type: array items: $ref: "#/components/schemas/IssueConfigurationDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - &a25 oauth2: - read:w.issue_config summary: Retrieve issue configurations tags: &a26 - Management Issue Configurations post: description: Register a new issue configuration in this wallet operationId: IssueConfigurationManagementController_addIssueConfiguration parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/IssueConfigurationConfigDto" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/IssueConfigurationDto" "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "409": description: Resource already exists content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a25 - oauth2: - create:w.issue_config summary: Add issue configuration tags: *a26 /api/management/issue-configurations/{id}: put: description: Update an existing issue configuration in this wallet operationId: IssueConfigurationManagementController_updateIssueConfiguration parameters: - name: id required: true in: path schema: type: string requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/IssueConfigurationConfigDto" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/IssueConfigurationDto" "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a25 - oauth2: - update:w.issue_config summary: Update issue configuration tags: *a26 delete: description: Delete an existing issue configuration in this wallet operationId: IssueConfigurationManagementController_deleteIssueConfiguration parameters: - name: id required: true in: path schema: type: string responses: "200": description: "" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - *a25 - oauth2: - delete:w.issue_config summary: Delete issue configuration tags: *a26 /api/management/issuance/request/dcp: post: description: Requests a new credential via the Decentralized Claims Protocol operationId: IssuanceManagementController_requestDCPCredential parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/DCPCredentialRequestInitiation" responses: "200": description: "" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - oauth2: - create:w.credential summary: Request credential via DCP tags: &a27 - Issuance Management /api/management/issuance/request/oid4vci: post: description: Requests a new credential via the OpenID 4 Verifiable Credential Issuance protocol. operationId: IssuanceManagementController_requestOID4VCICredential parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/OID4VCICredentialRequestInitiation" responses: "200": description: "" content: application/json: schema: type: array items: $ref: "#/components/schemas/CredentialsDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - oauth2: - create:w.credential summary: Request credential via OID4VCI tags: *a27 /api/management/issuance/offers: get: description: Retrieves all credentials offered this wallet has offered to holders operationId: IssuanceManagementController_listOffers parameters: - name: order required: false in: query schema: default: DESC type: string enum: - ASC - DESC - name: order_by required: false in: query schema: default: modifiedDate type: string - name: page required: false in: query schema: minimum: 1 default: 1 type: number - name: per_page required: false in: query schema: minimum: 1 maximum: 100 default: 100 type: number responses: "200": description: "" headers: x-page: description: Index of the current page (starting at 1) schema: type: integer x-prev-page: description: Index of the previous page schema: type: integer required: false x-next-page: description: Index of the next page schema: type: integer required: false x-per-page: description: Number of items per page schema: type: integer x-total-pages: description: Total number of pages schema: type: integer x-total: description: Total number of items schema: type: integer link: description: Web Linking to other pages of this resource schema: type: string content: application/json: schema: type: array items: $ref: "#/components/schemas/CredentialOfferStatus" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - oauth2: - read:w.credential summary: Retrieve offered credentials tags: *a27 post: description: Creates a new credential offer operationId: IssuanceManagementController_offerEndpoint parameters: - name: mobile required: false in: query description: Whether the offer is for mobile or server applications schema: default: true example: true type: boolean requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/CredentialOffer" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialOfferStatus" security: - oauth2: - create:w.credential summary: Add offer tags: *a27 /api/management/issuance/offers/{id}: get: description: Retrieves a specific credential offer operationId: IssuanceManagementController_listGeneralOffers parameters: - name: id required: true in: path schema: type: string responses: "200": description: "" content: application/json: schema: type: array items: $ref: "#/components/schemas/CredentialOfferStatus" summary: Retrieve offered credential tags: *a27 /api/management/issuance/offers/public: post: description: Creates a new credential offer, allowed for unauthenticated requests operationId: IssuanceManagementController_publicOfferEndpoint parameters: - name: mobile required: false in: query description: Whether the offer is for mobile or server applications schema: default: true example: true type: boolean requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/CredentialOffer" responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialOfferStatus" summary: Add public offer tags: *a27 /api/management/issuance/offers/{id}/revoke: put: description: Revokes an existing credential offer, so that it cannot be used anymore by the holder operationId: IssuanceManagementController_revokeOffer parameters: - name: id required: true in: path schema: type: string responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialOfferStatus" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" summary: Revoke offer tags: *a27 /api/dcp/credentials: post: description: Stores a new credential operationId: DCPHolderController_storeCredential parameters: - name: Authorization in: header description: Access Token from Self-Issued ID Token required: true schema: type: string example: Bearer requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/CredentialMessage" responses: "200": description: "" "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" summary: Store credential tags: &a28 - DCP Credential Issuance /api/dcp/offers: post: description: Offers a new or updated credential operationId: DCPHolderController_credentialOffer parameters: - name: Authorization in: header description: Self-Issued ID Token required: true schema: type: string example: Bearer requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/CredentialOfferMessage" responses: "200": description: "" "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" summary: Offer credential tags: *a28 /api/dcp/issuer/metadata: get: description: Returns the metadata of the issuer operationId: DCPIssuerController_metadata parameters: [] responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialIssuerMetadata" summary: Issuer Metadata tags: &a29 - DCP Credential Issuance /api/dcp/issuer/credentials: post: description: Requests a new credential operationId: DCPIssuerController_credentialRequest parameters: - name: Authorization in: header description: Self-Issued ID Token required: true schema: type: string example: Bearer requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/CredentialRequestMessage" responses: "200": description: "" "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" summary: Request credential tags: *a29 /api/dcp/issuer/requests/{requestId}: get: description: Returns the status of a credential request operationId: DCPIssuerController_credentialStatus parameters: - name: requestId required: true in: path schema: type: string - name: Authorization in: header description: Self-Issued ID Token required: true schema: type: string example: Bearer responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/DCPCredentialStatus" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" summary: Credential status tags: *a29 /api/oid4vci/holder/request: post: description: Requests a new credential via the OID4VCI Pre-authorized-code flow. operationId: OID4VCIHolderController_requestCredential parameters: [] requestBody: required: true content: application/json: schema: type: object properties: issuerUrl: type: string preAuthorizedCode: type: string authorized: type: object required: - accessToken - credentialIdentifier properties: accessToken: type: string credentialIdentifier: type: string additionalRequestParams: type: object responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialsDto" "400": description: Malformed request content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - oauth2: - create:w.credential summary: Request credential via OID4VCI tags: - OpenID 4 Verifiable Credential Issuance /.well-known/openid-credential-issuer: get: operationId: OID4VCIIssuerController_issuerMetadata parameters: [] responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/CredentialIssuerMetadata" tags: &a30 - OpenID 4 Verifiable Credential Issuance /oid4vci/token: post: description: Requests an access token based on a pre authorizated code the holder has received off-line operationId: OID4VCIIssuerController_tokenEndpoint parameters: [] requestBody: required: true content: application/json: schema: type: object properties: pre-authorized_code: type: string responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/AccessToken" "403": description: Forbidden content: application/json: schema: $ref: "#/components/schemas/ErrorDto" "404": description: Resource not found content: application/json: schema: $ref: "#/components/schemas/ErrorDto" security: - bearer: [] summary: Request OID4VCI access token tags: *a30 /api/oid4vci/nonce: post: description: Requests a nonce for the OID4VCI flow. This is used to prevent replay attacks. operationId: OID4VCIIssuerController_nonceEndpoint parameters: [] responses: "200": description: "" content: application/json: schema: $ref: "#/components/schemas/NonceResponse" summary: Request OID4VCI nonce tags: *a30 /oid4vci/credential: post: description: Requests a new credential based on a Credential Request via the OID4VCI flow operationId: OID4VCIIssuerController_credentialEndpoint parameters: [] requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/CredentialRequest" responses: "200": description: "" content: application/json: schema: oneOf: - $ref: "#/components/schemas/ImmediateCredentialResponse" - $ref: "#/components/schemas/DeferredCredentialResponse" security: - bearer: [] summary: Request OID4VCI credential tags: *a30 info: title: TSG Wallet description: >- The TSG Wallet is a SSI wallet that can issue and store verifiable credentials and create presentations to be used within data spaces.

The wallet is aimed at multi-tier deployments, with one (or more) wallet that acts as trust anchor for a data space and indivual wallets for each of the participants in the data space. On this page the central wallet that issues credentials will be called the Dataspace Wallet although it is not required that there always is exactly one issuer of credentials in a dataspace.

__*Note*__: This OpenAPI definition is not intended to be directly linked with a single Wallet instance. version: "" contact: {} license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html tags: - name: Health description: Health controller - name: Settings description: Settings controller - name: Authentication description: Authentication Controller - name: DID description: DID Controller - name: Contexts description: Contexts Controller - name: Keys description: Keys Controller - name: Credentials description: Credentials Controller - name: Management DID description: Management DID Controller - name: Management Contexts description: Management Contexts Controller - name: Management Keys description: Management Keys Controller - name: Management Credentials description: Management Credentials Controller - name: Management Gaia-X Credentials description: Management Gaia-X Credentials Controller - name: Management Presentation description: Management Presentation Controller - name: OpenID 4 Verifiable Credential Issuance description: OpenID 4 Verifiable Credential Issuance Controller - name: Presentation DCP description: Presentation DCP Controller servers: [] components: securitySchemes: oauth2: type: oauth2 flows: authorizationCode: scopes: &a31 create:w.config: create:w.config read:w.config: read:w.config update:w.config: update:w.config delete:w.config: delete:w.config execute:w.config: execute:w.config manage:w.config: manage:w.config create:w.credential: create:w.credential read:w.credential: read:w.credential update:w.credential: update:w.credential delete:w.credential: delete:w.credential execute:w.credential: execute:w.credential manage:w.credential: manage:w.credential create:w.did: create:w.did read:w.did: read:w.did update:w.did: update:w.did delete:w.did: delete:w.did execute:w.did: execute:w.did manage:w.did: manage:w.did create:w.issue_config: create:w.issue_config read:w.issue_config: read:w.issue_config update:w.issue_config: update:w.issue_config delete:w.issue_config: delete:w.issue_config execute:w.issue_config: execute:w.issue_config manage:w.issue_config: manage:w.issue_config create:w.key: create:w.key read:w.key: read:w.key update:w.key: update:w.key delete:w.key: delete:w.key execute:w.key: execute:w.key manage:w.key: manage:w.key create:w.presentation: create:w.presentation read:w.presentation: read:w.presentation update:w.presentation: update:w.presentation delete:w.presentation: delete:w.presentation execute:w.presentation: execute:w.presentation manage:w.presentation: manage:w.presentation clientCredentials: scopes: *a31 schemas: RuntimeConfigDto: type: object properties: gaiaXSupport: type: boolean example: false title: type: string example: My Company Wallet acceptUnauthenticatedCredentialRequests: type: boolean example: false issueMobileCredentials: type: boolean example: false issueDebugCredentials: type: boolean example: false color: type: string example: "#3B8BF6" darkThemeUrl: type: string example: https://example.com/darktheme.png lightThemeUrl: type: string example: https://example.com/lighttheme.png required: - gaiaXSupport - title - acceptUnauthenticatedCredentialRequests - issueMobileCredentials - issueDebugCredentials - color ErrorDto: type: object properties: name: type: string example: ResourceNotFound status: type: string example: 404 Not Found code: type: number example: 404 message: type: object example: The requested resource does not exist. error: type: string example: Not Found required: - name - status - code DatabaseStatusDto: type: object properties: status: type: string example: online required: - status MemoryUsageDto: type: object properties: does_zap_garbage: type: number example: 1024 external_memory: type: number example: 2048 heap_size_limit: type: number example: 4096 malloced_memory: type: number example: 512 number_of_detached_contexts: type: number example: 0 number_of_native_contexts: type: number example: 2 peak_malloced_memory: type: number example: 1024 total_available_size: type: number example: 8192 total_global_handles_size: type: number example: 256 total_heap_size: type: number example: 16384 total_heap_size_executable: type: number example: 4096 total_physical_size: type: number example: 32768 used_global_handles_size: type: number example: 128 used_heap_size: type: number example: 8192 required: - does_zap_garbage - external_memory - heap_size_limit - malloced_memory - number_of_detached_contexts - number_of_native_contexts - peak_malloced_memory - total_available_size - total_global_handles_size - total_heap_size - total_heap_size_executable - total_physical_size - used_global_handles_size - used_heap_size StatusIssuanceDto: type: object properties: issued: type: number example: 10 open: type: number example: 2 required: - issued - open StatusCredentialDto: type: object properties: selfSigned: type: number example: 5 thirdParty: type: number example: 1 required: - selfSigned - thirdParty StatusDto: type: object properties: database: example: status: online allOf: - $ref: "#/components/schemas/DatabaseStatusDto" uptime: type: number example: 3600 memoryUsage: example: does_zap_garbage: 1024 external_memory: 2048 heap_size_limit: 4096 malloced_memory: 512 number_of_detached_contexts: 0 number_of_native_contexts: 2 peak_malloced_memory: 1024 total_available_size: 8192 total_global_handles_size: 256 total_heap_size: 16384 total_heap_size_executable: 4096 total_physical_size: 32768 used_global_handles_size: 128 used_heap_size: 8192 allOf: - $ref: "#/components/schemas/MemoryUsageDto" issuance: example: issued: 10 open: 2 allOf: - $ref: "#/components/schemas/StatusIssuanceDto" credentials: example: selfSigned: 5 thirdParty: 1 allOf: - $ref: "#/components/schemas/StatusCredentialDto" keys: type: number example: 3 required: - database - uptime - memoryUsage - issuance - credentials - keys CredentialStatusRequest: type: object properties: statusListCredential: type: string example: credential-identifier-123 statusListIndex: type: string example: "1" optionalField: type: string example: Additional optional data required: - statusListCredential - statusListIndex VerifiedCredentialStatus: type: object properties: statusListCredential: type: string example: credential-identifier-123 statusListIndex: type: string example: "1" statusPurpose: type: string example: refresh enum: - refresh - revocation - suspension - message status: type: boolean example: true message: type: string example: Optional verification message required: - statusListCredential - statusListIndex - statusPurpose - status JwtVpClaimFormat: type: object properties: alg: example: - Ed25519 type: array items: type: string required: - alg Format: type: object properties: jwt_vp: example: alg: - ES256 allOf: - $ref: "#/components/schemas/JwtVpClaimFormat" FilterItems: type: object properties: const: type: object example: example-const enum: example: &a32 - 1 - two type: array items: type: number exclusiveMinimum: type: object example: 0 exclusiveMaximum: type: object example: 100 format: type: string example: date-time minLength: type: number example: 1 maxLength: type: number example: 255 minimum: type: object example: 0 maximum: type: object example: 100 not: example: null allOf: - $ref: "#/components/schemas/FilterItems" pattern: type: string example: ^[A-Za-z]+$ contains: example: null allOf: - $ref: "#/components/schemas/FilterItems" items: type: object example: &a33 property: type: string format: default Filter: type: object properties: const: type: object example: example-const enum: example: *a32 type: array items: type: number exclusiveMinimum: type: object example: 0 exclusiveMaximum: type: object example: 100 format: type: string example: date-time minLength: type: number example: 1 maxLength: type: number example: 255 minimum: type: object example: 0 maximum: type: object example: 100 not: example: null allOf: - $ref: "#/components/schemas/FilterItems" pattern: type: string example: ^[A-Za-z]+$ contains: example: null allOf: - $ref: "#/components/schemas/FilterItems" items: type: object example: *a33 type: type: string example: string required: - type Field: type: object properties: path: example: - $.example type: array items: type: string id: type: string example: field-id purpose: type: string example: Field purpose name: type: string example: Field name filter: example: type: string pattern: ^[A-Za-z]+$ allOf: - $ref: "#/components/schemas/Filter" optional: type: boolean example: true required: - path Constraint: type: object properties: fields: example: - path: - $.example id: example-field purpose: Example purpose name: Example Name filter: type: string pattern: ^[A-Za-z]+$ optional: false type: array items: $ref: "#/components/schemas/Field" limit_disclosure: type: string enum: - required - preferred example: preferred InputDescriptor: type: object properties: id: type: string example: 44d1f3d6-f65d-4a7c-84db-f92ba826305e name: type: string example: Example Input Descriptor purpose: type: string example: Example Purpose format: example: jwt_vp: alg: - ES256 allOf: - $ref: "#/components/schemas/Format" constraints: example: fields: [] limit_disclosure: preferred allOf: - $ref: "#/components/schemas/Constraint" required: - id - constraints PresentationDefinition: type: object properties: id: type: string example: 44d1f3d6-f65d-4a7c-84db-f92ba826305e input_descriptors: type: array items: $ref: "#/components/schemas/InputDescriptor" name: type: string example: Example Presentation Definition purpose: type: string example: Example Purpose format: example: jwt_vp: alg: - ES256 allOf: - $ref: "#/components/schemas/Format" required: - id - input_descriptors ScopeDto: type: object properties: id: type: string example: 00000000-0000-0000-0000-000000000000 alias: type: string example: nl.tsg.example-scope discriminator: type: string example: "{scopeVar}" description: type: string example: An example scope presentationDefinition: $ref: "#/components/schemas/PresentationDefinition" required: - id - alias - discriminator - description - presentationDefinition AddScope: type: object properties: alias: type: string example: nl.tsg.example-scope discriminator: type: string example: "{scopeVar}" description: type: string example: An example scope presentationDefinition: $ref: "#/components/schemas/PresentationDefinition" required: - alias - discriminator - description - presentationDefinition PresentationQueryMessage: type: object properties: "@context": type: array items: type: string type: type: string example: PresentationQueryMessage presentationDefinition: $ref: "#/components/schemas/PresentationDefinition" scope: example: - https://example.com/credential-1 type: array items: type: string required: - "@context" - type StatusMessage: type: object properties: status: type: string example: deadbeef message: type: string example: Status message detail required: - status - message CredentialStatus: type: object properties: id: type: string example: did:example:credential-status type: type: string enum: - BitstringStatusListEntry example: BitstringStatusListEntry statusPurpose: type: string enum: - refresh - revocation - suspension - message example: suspension statusListIndex: type: string example: "0" statusListCredential: type: string example: did:example:status-credential statusSize: type: string example: "10" statusMessage: example: - status: deadbeef message: Status message detail type: array items: $ref: "#/components/schemas/StatusMessage" statusReference: type: string example: https://example.com/status required: - id - type - statusPurpose - statusListIndex - statusListCredential CredentialSubject: type: object properties: id: type: string example: did:example:subject-1 required: - id DataIntegrityProof: type: object properties: id: type: string example: did:example:xyz#proof-1 type: type: string enum: &a45 - DataIntegrityProof example: DataIntegrityProof proofPurpose: type: string example: assertionMethod verificationMethod: type: string example: did:example:author#verificationKey cryptosuite: type: string example: ecdsa-2019 created: type: string example: 2021-01-01T00:00:00Z expires: type: string example: 2022-01-01T00:00:00Z domain: example: &a46 - example.com type: array items: type: string challenge: type: string example: "1234567890" proofValue: type: string example: ProofValueString previousProof: example: &a47 - PreviousProof1 - PreviousProof2 type: array items: type: string nonce: type: string example: nonce-string required: - type - proofPurpose - cryptosuite - proofValue VerifiableCredential: type: object properties: "@context": type: array example: &a36 - https://www.w3.org/ns/credentials/v2 items: &a37 type: string enum: - https://www.w3.org/ns/credentials/v2 - string type: example: &a38 - VerifiableCredential - TestCredential type: array items: type: string id: type: string example: http://example.edu/credentials/1872 credentialSubject: additionalProperties: true example: &a39 id: did:example:subject-1 customProp: value allOf: - $ref: "#/components/schemas/CredentialSubject" issuer: type: string example: did:example:issuer issuanceDate: type: string example: 2020-01-01T00:00:00Z expirationDate: type: string example: 2030-01-01T00:00:00Z validFrom: type: string example: 2020-01-01T00:00:00Z validUntil: type: string example: 2030-01-01T00:00:00Z evidence: type: object additionalProperties: true example: &a40 type: DocumentVerification verifier: did:example:verifier credentialStatus: oneOf: &a41 - &a34 $ref: "#/components/schemas/CredentialStatus" - type: array items: *a34 proof: example: - type: DataIntegrityProof created: 2020-01-01T00:00:00Z proofPurpose: assertionMethod cryptosuite: eddsa-jcs-2022 proofValue: "" verificationMethod: did:example:123456#key-1 type: array items: $ref: "#/components/schemas/DataIntegrityProof" required: - "@context" - type - credentialSubject - issuer - proof VerifiablePresentation: type: object properties: "@context": example: "@context": https://www.w3.org/ns/credentials/v2 type: array items: type: string type: example: - VerifiablePresentation type: array items: type: string id: type: string example: 3f2592da-ffc9-40cb-a336-a9daa9343ce8 verifiableCredential: oneOf: - &a35 $ref: "#/components/schemas/VerifiableCredential" - type: array items: *a35 proof: type: array items: $ref: "#/components/schemas/DataIntegrityProof" required: - "@context" - type - verifiableCredential - proof DescriptorMap: type: object properties: id: type: string example: desc1 format: type: string example: jwt path: type: string example: $.credential path_nested: example: id: desc-nested format: jwt path: $.nested allOf: - $ref: "#/components/schemas/DescriptorMap" required: - id - format - path PresentationSubmission: type: object properties: id: type: string example: submission-id definition_id: type: string example: definition-id descriptor_map: example: - id: desc1 format: jwt path: $.credential type: array items: $ref: "#/components/schemas/DescriptorMap" required: - id - definition_id - descriptor_map PresentationResponseMessage: type: object properties: "@context": example: - https://w3id.org/dspace-dcp/v1.0/dcp.jsonld type: array items: type: string type: type: string example: PresentationResponseMessage presentation: type: array items: oneOf: - type: string - $ref: "#/components/schemas/VerifiablePresentation" presentationSubmission: example: id: submission-id definition_id: definition-id descriptor_map: [] allOf: - $ref: "#/components/schemas/PresentationSubmission" required: - "@context" - type - presentation VerificationRequest: type: object properties: presentationDefinition: $ref: "#/components/schemas/PresentationDefinition" scope: type: string holderIdToken: type: string required: - presentationDefinition - scope - holderIdToken VpToken: type: object properties: {} OID4VPAuthorizationResponse: type: object properties: vp_token: example: identity_credential: - eyJhbGciOiJFUzI1NiJ9... description: VP Token with credential ID to presentations mapping allOf: - $ref: "#/components/schemas/VpToken" state: type: string example: state123 description: State parameter from the authorization request required: - vp_token - state CredentialMeta: type: object properties: vct_values: example: - https://credentials.example.com/identity_credential description: "For SD-JWT VC: allowed vct values" type: array items: type: string type_values: type: array items: type: array items: type: string example: - - VerifiableCredential - IDCredential description: "For W3C VC: allowed type values" doctype_value: type: string example: org.iso.18013.5.1.mDL description: "For mdoc: document type value" TrustedAuthoritiesQuery: type: object properties: type: type: string enum: - aki - etsi_tl - openid_federation example: openid_federation description: Type of trusted authority mechanism values: example: - https://trustanchor.example.com description: Array of trusted authority identifiers type: array items: type: string required: - type - values ClaimsQuery: type: object properties: id: type: string example: family_name_claim description: Unique identifier for this claim query path: example: - credentialSubject - familyName description: Array representing path to claim in credential type: array items: type: string values: example: - Doe - Smith description: Expected values for value matching type: array items: type: string required: - path CredentialQuery: type: object properties: id: type: string example: identity_credential description: Unique identifier for this credential query format: type: string example: jwt_vc_json description: Credential format identifier enum: - jwt_vc_json - ldp_vc - dc+sd-jwt - mso_mdoc multiple: type: boolean example: false description: Whether multiple credentials can be returned for this query meta: description: Format-specific metadata and constraints allOf: - $ref: "#/components/schemas/CredentialMeta" trusted_authorities: description: Trusted authorities or trust frameworks type: array items: $ref: "#/components/schemas/TrustedAuthoritiesQuery" require_cryptographic_holder_binding: type: boolean example: true description: Whether cryptographic holder binding is required claims: description: Specific claims to request from the credential type: array items: $ref: "#/components/schemas/ClaimsQuery" claim_sets: type: array items: type: array items: type: string example: - - claim1 - claim2 - - claim3 description: Alternative combinations of claims required: - id - format - meta CredentialSetQuery: type: object properties: options: type: array items: type: array items: type: string example: - - identity_cred - - passport_cred - visa_cred description: Array of credential ID combinations that satisfy the requirement required: type: boolean example: true description: Whether this credential set is required required: - options DcqlQuery: type: object properties: credentials: description: Array of credential queries type: array items: $ref: "#/components/schemas/CredentialQuery" credential_sets: description: Optional credential set constraints type: array items: $ref: "#/components/schemas/CredentialSetQuery" required: - credentials ClientInfo: type: object properties: sub: type: string example: user-id-123 name: type: string example: John Doe email: type: string example: john.doe@example.com didId: type: string example: did:example:123456789 permissions: example: - read:credential:own - manage:key description: ABAC permissions type: array items: type: string refreshToken: type: string example: refresh-token-abc123 required: - sub - name - email - permissions AuthenticatedUser: type: object properties: state: type: object example: authenticated user: example: sub: user-id-123 name: John Doe email: john.doe@example.com permissions: - read:credential:own - manage:key didId: did:example:123456789 refreshToken: refresh-token-abc123 allOf: - $ref: "#/components/schemas/ClientInfo" required: - state - user UnauthenticatedUser: type: object properties: state: type: object example: unauthenticated required: - state Credential: type: object properties: "@context": type: array example: *a36 items: *a37 type: example: *a38 type: array items: type: string id: type: string example: http://example.edu/credentials/1872 credentialSubject: additionalProperties: true example: *a39 allOf: - $ref: "#/components/schemas/CredentialSubject" issuer: type: string example: did:example:issuer issuanceDate: type: string example: 2020-01-01T00:00:00Z expirationDate: type: string example: 2030-01-01T00:00:00Z validFrom: type: string example: 2020-01-01T00:00:00Z validUntil: type: string example: 2030-01-01T00:00:00Z evidence: type: object additionalProperties: true example: *a40 credentialStatus: oneOf: *a41 required: - "@context" - type - credentialSubject - issuer CredentialsDto: type: object properties: id: type: string example: b86483f3-3792-4a54-b11e-f1c6face9935 description: Unique identifier of the credential record targetDid: type: string example: did:example:456 description: Target decentralized identifier credential: example: "@context": - https://www.w3.org/ns/credentials/v2 type: - VerifiableCredential - DataSpaceCredential issuer: did:example:issuer validFrom: 2023-10-01T00:00:00Z credentialSubject: id: did:example:subject description: The verifiable credential object allOf: - $ref: "#/components/schemas/Credential" proof: example: - type: DataIntegrityProof created: 2020-01-01T00:00:00Z proofPurpose: assertionMethod cryptosuite: eddsa-rdfc-2022 proofValue: ... verificationMethod: did:example:123456#key-1 type: array items: $ref: "#/components/schemas/DataIntegrityProof" jwt: type: string example: jwt-token-123 description: JWT representation of the credential selfIssued: type: boolean example: true description: If the credential is self issued revoked: type: boolean example: false description: Indicates if the credential has been revoked statusListIndex: type: number example: 0 description: Optional status list index createdDate: format: date-time type: string example: 2023-10-01T00:00:00Z description: Creation timestamp modifiedDate: format: date-time type: string example: 2023-10-02T00:00:00Z description: Modification timestamp deletedDate: format: date-time type: string example: 2023-10-03T00:00:00Z description: Optional deletion timestamp required: - id - targetDid - credential - proof - selfIssued - revoked - createdDate - modifiedDate CredentialConfigDto: type: object properties: context: title: JSON-LD Contexts for the credential example: - https://dataspace.example/context description: A list of JSON-LD contexts applied to the credential type: array items: type: string type: title: Credential Type example: - DataSpaceMembershipCredential description: Types that classify the credential type: array items: type: string id: type: string title: Credential ID example: credential-id-789 description: Unique identifier for the credential configuration proofType: type: string title: Type of proof used for the credential enum: - ldp - jwt description: Type of proof used for the credential example: ldp keyId: type: string example: key-identifier-001 description: Optional key identifier associated with the credential credentialSubject: example: id: did:example:subject name: Subject Name description: The credential subject details allOf: - $ref: "#/components/schemas/CredentialSubject" revocable: type: boolean example: true description: Indicates whether the credential is revocable required: - id - proofType - credentialSubject - revocable LegalRegistrationNumberRequest: type: object properties: vcId: type: string example: vc-123 description: Unique identifier for the VC clearingHouse: type: string example: clearing-house-01 description: Clearing house identifier credentialSubject: example: name: John Doe id: subject-1 description: The credential subject details allOf: - $ref: "#/components/schemas/CredentialSubject" additionalInfo: type: string example: Optional additional info description: Additional optional information required: - vcId - clearingHouse - credentialSubject ComplianceRequest: type: object properties: vcId: type: string example: vc-456 description: Unique identifier for the VC clearingHouse: type: string example: clearing-house-02 description: Clearing house identifier credentials: example: - credential: example-credential-1 issuer: issuer-1 - credential: example-credential-2 issuer: issuer-2 description: An array of verifiable credentials type: array items: $ref: "#/components/schemas/VerifiableCredential" note: type: string example: Optional compliance note description: Additional optional note required: - vcId - clearingHouse - credentials JsonWebKeyDto: type: object properties: alg: type: string example: RS256 crv: type: string example: P-256 e: type: string example: AQAB ext: type: boolean example: false key_ops: example: - sign - verify type: array items: type: string kid: type: string example: bdfd4c8e-3a44-4b9f-bc3e-1a8e26e3e99d kty: type: string example: RSA n: type: string example: sample_modulus use: type: string example: sig x: type: string example: sample_x_coordinate y: type: string example: sample_y_coordinate required: - kty VerificationMethodDto: type: object properties: id: type: string example: bdfd4c8e-3a44-4b9f-bc3e-1a8e26e3e99d type: type: string example: Ed25519VerificationKey2020 controller: type: string example: bdfd4c8e-3a44-4b9f-bc3e-1a8e26e3e99d publicKeyJwk: $ref: "#/components/schemas/JsonWebKeyDto" required: - id - type - controller ServiceDto: type: object properties: id: type: string example: bdfd4c8e-3a44-4b9f-bc3e-1a8e26e3e99d type: type: string example: LinkedDomains serviceEndpoint: example: https://example.com oneOf: - &a42 type: string - type: array items: *a42 required: - id - type - serviceEndpoint DIDDocumentDto: type: object properties: "@context": example: https://www.w3.org/ns/did/v1 oneOf: - &a43 type: string - type: array items: *a43 id: type: string example: bdfd4c8e-3a44-4b9f-bc3e-1a8e26e3e99d alsoKnownAs: example: - https://example.com/profile type: array items: type: string controller: example: bdfd4c8e-3a44-4b9f-bc3e-1a8e26e3e99d oneOf: - &a44 type: string - type: array items: *a44 verificationMethod: example: - id: bdfd4c8e-3a44-4b9f-bc3e-1a8e26e3e99d type: Ed25519VerificationKey2020 controller: bdfd4c8e-3a44-4b9f-bc3e-1a8e26e3e99d publicKeyJwk: kty: RSA type: array items: $ref: "#/components/schemas/VerificationMethodDto" service: example: - id: bdfd4c8e-3a44-4b9f-bc3e-1a8e26e3e99d type: LinkedDomains serviceEndpoint: https://example.com type: array items: $ref: "#/components/schemas/ServiceDto" publicKey: example: - id: bdfd4c8e-3a44-4b9f-bc3e-1a8e26e3e99d type: Ed25519VerificationKey2020 controller: bdfd4c8e-3a44-4b9f-bc3e-1a8e26e3e99d publicKeyJwk: kty: RSA type: array items: $ref: "#/components/schemas/VerificationMethodDto" authentication: type: array items: oneOf: - type: string - $ref: "#/components/schemas/VerificationMethodDto" assertionMethod: type: array items: oneOf: - type: string - $ref: "#/components/schemas/VerificationMethodDto" keyAgreement: type: array items: oneOf: - type: string - $ref: "#/components/schemas/VerificationMethodDto" capabilityInvocation: type: array items: oneOf: - type: string - $ref: "#/components/schemas/VerificationMethodDto" capabilityDelegation: type: array items: oneOf: - type: string - $ref: "#/components/schemas/VerificationMethodDto" required: - id DidServiceConfigDto: type: object properties: id: type: string example: b86483f3-3792-4a54-b11e-f1c6face9935 type: type: string example: connector serviceEndpoint: type: string example: https://dataspace.example/connector required: - id - type - serviceEndpoint KeyType: type: string enum: - EdDSA - ES384 - X509 KeyInfoDto: type: object properties: id: type: string example: b86483f3-3792-4a54-b11e-f1c6face9935 type: example: EdDSA allOf: - $ref: "#/components/schemas/KeyType" default: type: boolean example: true publicKey: example: kty: RSA e: AQAB n: 0vx7agoebGcQSuuPiLJXZptN9nndrmyq0ctuV5m allOf: - $ref: "#/components/schemas/JsonWebKeyDto" createdDate: format: date-time type: string example: 2025-02-21T10:26:42.206Z modifiedDate: format: date-time type: string example: 2025-02-21T10:26:42.206Z required: - id - type - default - publicKey - createdDate - modifiedDate KeyConfigDto: type: object properties: type: example: ES384 allOf: - $ref: "#/components/schemas/KeyType" id: type: string example: b86483f3-3792-4a54-b11e-f1c6face9935 default: type: boolean example: false existingKey: type: string example: existingKey789 existingCertificate: type: string example: existingCert101112 required: - type - id - default PartialTypeClass: type: object properties: id: type: string example: did:example:xyz#proof-1 type: type: string enum: *a45 example: DataIntegrityProof proofPurpose: type: string example: assertionMethod verificationMethod: type: string example: did:example:author#verificationKey cryptosuite: type: string example: ecdsa-2019 created: type: string example: 2021-01-01T00:00:00Z expires: type: string example: 2022-01-01T00:00:00Z domain: example: *a46 type: array items: type: string challenge: type: string example: "1234567890" proofValue: type: string example: ProofValueString previousProof: example: *a47 type: array items: type: string nonce: type: string example: nonce-string SignRequest: type: object properties: plainDocument: type: object example: id: document1 content: This is a sample document keyId: type: string example: did:example:12345 normalization: type: string enum: - RDFC - JCS default: RDFC example: RDFC proofPurpose: type: string default: assertionMethod example: assertionMethod options: example: created: 2023-10-12T18:25:43.511Z proofPurpose: assertionMethod allOf: - $ref: "#/components/schemas/PartialTypeClass" embeddedVerificationMethod: type: boolean default: false example: false required: - plainDocument ProofDocument: type: object properties: proof: example: - type: DataIntegrityProof created: 2023-10-12T18:25:43.511Z proofPurpose: assertionMethod verificationMethod: did:example:12345#key-1 cryptosuite: ecdsa-2019 proofValue: zQm... type: array items: $ref: "#/components/schemas/DataIntegrityProof" required: - proof SignRequestJwt: type: object properties: body: type: object example: id: document1 content: This is a sample document audience: type: string example: did:example:audience-12345 keyId: type: string example: did:example:12345 expirationTime: type: string example: 2025-12-31T23:59:59Z subject: type: string example: subject-12345 typ: type: string example: JWT required: - body SignedJwtResponse: type: object properties: jwt: type: string description: The signed JWT example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... required: - jwt ValidateRequest: type: object properties: proofDocument: example: proof: type: DataIntegrityProof created: 2023-10-12T18:25:43.511Z proofPurpose: assertionMethod verificationMethod: did:example:12345#key-1 cryptosuite: ecdsa-jcs-2019 proofValue: zQm... allOf: - $ref: "#/components/schemas/ProofDocument" ValidateJWTRequest: type: object properties: jwt: type: string description: The JWT to be validated example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... jti: type: boolean description: Whether to check the 'jti' claim in the JWT example: true required: - jwt IssueConfigurationDto: type: object properties: id: type: string example: http://example.com/context credentialType: type: string example: VerifiableCredential documentUrl: type: string example: http://example.com/document document: type: object example: "@context": http://schema.org schema: type: object example: type: object properties: name: type: string name: type: string example: Professional Certificate description: type: string example: A professional certification credential backgroundColor: type: string example: "#3B82F6" backgroundImage: type: string example: https://example.com/background.jpg textColor: type: string example: "#FFFFFF" createdDate: format: date-time type: string example: 2023-10-01T12:00:00Z modifiedDate: format: date-time type: string example: 2023-10-05T15:30:00Z deletedDate: format: date-time type: string example: 2023-10-10T08:45:00Z required: - id - credentialType - createdDate - modifiedDate IssueConfigurationConfigDto: type: object properties: id: type: string example: http://example.com/context credentialType: type: string example: VerifiableCredential proofType: type: string example: jwt documentUrl: type: string example: http://example.com/document document: type: object example: "@context": http://schema.org schema: type: object example: type: object properties: name: type: string name: type: string example: Professional Certificate description: type: string example: A professional certification credential backgroundColor: type: string example: "#3B82F6" backgroundImage: type: string example: https://example.com/background.jpg textColor: type: string example: "#FFFFFF" required: - id - credentialType DCPCredentialRequestInitiation: type: object properties: issuerId: type: string example: did:web:issuer.example pattern: ^did:[a-z0-9]+:.* preAuthorizedCode: type: string example: pre-auth-code-xyz credentialType: example: - ExampleCredential type: array items: type: string required: - issuerId - preAuthorizedCode - credentialType AuthorizedRequestParams: type: object properties: accessToken: type: string example: access-token credentialIdentifier: type: string example: credential-type additionalRequestParams: type: object required: - accessToken - credentialIdentifier OID4VCICredentialRequestInitiation: type: object properties: issuerUrl: type: string example: https://issuer.example.com preAuthorizedCode: type: string example: pre-auth-code-xyz authorized: $ref: "#/components/schemas/AuthorizedRequestParams" required: - issuerUrl CredentialOfferStatus: type: object properties: id: type: string example: 1f05bade-80ff-4637-9743-5a5e9b1cc162 createdDate: format: date-time type: string example: 2023-10-01T00:00:00Z preAuthorizedCode: type: string example: preauth-code-abc holderId: type: string example: holder-123 credentialType: type: string example: sample-credential-type credentialId: type: string example: credential-id-xyz revoked: type: boolean example: false credentialSubject: example: id: subject-id name: Sample Subject allOf: - $ref: "#/components/schemas/CredentialSubject" remoteId: type: string example: remote-id-123 required: - id - createdDate - preAuthorizedCode - credentialType - revoked - credentialSubject TransactionCode: type: object properties: input_mode: type: string example: text length: type: number example: 6 description: type: string example: Enter transaction code PreAuthorizedCodeGrant: type: object properties: pre-authorized_code: type: string example: pre-auth-code-xyz tx_code: example: input_mode: numeric length: 4 description: Sample transaction code allOf: - $ref: "#/components/schemas/TransactionCode" interval: type: number example: 30 authorization_server: type: string example: authorization-server-sample required: - pre-authorized_code AuthorizationCode: type: object properties: issuer_state: type: string example: issuer-state-example authorization_server: type: string example: authorization-server-example CredentialOfferGrants: type: object properties: urn:ietf:params:oauth:grant-type:pre-authorized_code: example: pre-authorized_code: pre-auth-code-xyz tx_code: input_mode: numeric length: 4 description: Sample transaction code interval: 30 authorization_server: authorization-server-sample allOf: - $ref: "#/components/schemas/PreAuthorizedCodeGrant" authorization_code: example: issuer_state: issuer-state-example authorization_server: authorization-server-example allOf: - $ref: "#/components/schemas/AuthorizationCode" CredentialOffer: type: object properties: credential_issuer: type: string example: credential-issuer-sample credential_configuration_ids: example: - config-id-1 - config-id-2 type: array items: type: string grants: example: urn:ietf:params:oauth:grant-type:pre-authorized_code: pre-authorized_code: pre-auth-code-xyz tx_code: input_mode: numeric length: 4 description: Sample transaction code interval: 30 authorization_server: authorization-server-sample allOf: - $ref: "#/components/schemas/CredentialOfferGrants" required: - credential_issuer - credential_configuration_ids CredentialContainer: type: object properties: payload: type: string credentialType: type: string format: type: string required: - payload - credentialType - format CredentialMessage: type: object properties: "@context": example: - https://w3id.org/dspace-dcp/v1.0/dcp.jsonld type: array items: type: string type: type: string example: CredentialMessage issuerPid: type: string holderPid: type: string status: type: string enum: - ISSUED - REJECTED rejectionReason: type: string credentials: type: array items: $ref: "#/components/schemas/CredentialContainer" required: - "@context" - type - issuerPid - holderPid - status CredentialObject: type: object properties: id: type: string example: db8a34c7-aa42-4aae-bb57-69cd805ef01a description: Unique identifier for the credential object type: type: string example: CredentialObject description: Type identifier credentialType: description: Types of credential being offered type: array items: type: string offerReason: type: string description: Reason for offering this credential bindingMethods: description: Supported binding methods type: array items: type: string profile: type: string description: Supported cryptographic methods issuancePolicy: description: Issuance policy definition allOf: - $ref: "#/components/schemas/PresentationDefinition" required: - id - type - credentialType - offerReason - bindingMethods - profile CredentialOfferMessage: type: object properties: "@context": example: - https://w3id.org/dspace-dcp/v1.0/dcp.jsonld type: array items: type: string type: type: string example: CredentialOfferMessage issuer: type: string credentials: type: array items: $ref: "#/components/schemas/CredentialObject" required: - "@context" - type - issuer - credentials CredentialDefinition: type: object properties: "@context": example: - https://www.w3.org/ns/credentials/v2 type: array items: type: string type: example: - VerifiableCredential - UniversityDegree type: array items: type: string required: - type Logo: type: object properties: uri: type: string example: https://example.com/image.png alt_text: type: string example: Logo alt text required: - uri Image: type: object properties: uri: type: string example: https://example.com/image.png required: - uri ExtendedDisplay: type: object properties: name: type: string example: Extended Display Name locale: type: string example: en-US logo: example: &a48 uri: https://example.com/logo.png alt_text: Logo alt text allOf: - $ref: "#/components/schemas/Logo" description: type: string example: Extended display description background_color: type: string example: "#ffffff" background_image: example: uri: https://example.com/background.png allOf: - $ref: "#/components/schemas/Image" text_color: type: string example: "#000000" BaseDisplay: type: object properties: name: type: string example: Display Name locale: type: string example: en-US ClaimDescription: type: object properties: path: type: array items: oneOf: - type: string - type: "null" example: - name - null mandatory: type: boolean example: true display: example: - name: Full Name locale: en-US type: array items: $ref: "#/components/schemas/BaseDisplay" required: - path CredentialMetadata: type: object properties: display: example: - name: University Degree locale: en-US description: A verified university degree credential background_color: "#ffffff" text_color: "#000000" logo: uri: https://example.com/logo.png alt_text: Logo alt text type: array items: $ref: "#/components/schemas/ExtendedDisplay" claims: example: - path: - name mandatory: true display: - name: Full Name locale: en-US - path: - degree mandatory: true display: - name: Degree locale: en-US - path: - id mandatory: false display: - name: Student ID locale: en-US type: array items: $ref: "#/components/schemas/ClaimDescription" CredentialConfiguration: type: object properties: format: type: string enum: - jwt_vc_json - jwt_vc_json-ld - ldp_vc - iso_mso_mdoc example: jwt_vc_json "@context": example: - https://www.w3.org/ns/credentials/v2 type: array items: type: string scope: type: string example: openid cryptographic_binding_methods_supported: example: - method1 - method2 type: array items: type: string credential_signing_alg_values_supported: example: - RS256 - ES256 type: array items: type: string proof_types_supported: type: object additionalProperties: type: object properties: proof_signing_alg_values_supported: type: array items: type: string example: jwt: proof_signing_alg_values_supported: - RS256 - ES256 di_vp: proof_signing_alg_values_supported: - EdDSA attestation: proof_signing_alg_values_supported: - ES256 credential_definition: example: "@context": - https://www.w3.org/ns/credentials/v2 type: - VerifiableCredential - UniversityDegree allOf: - $ref: "#/components/schemas/CredentialDefinition" credential_metadata: example: display: - name: University Degree locale: en-US description: A verified university degree credential background_color: "#ffffff" text_color: "#000000" logo: uri: https://example.com/logo.png alt_text: Logo alt text claims: - path: - name mandatory: true display: - name: Full Name locale: en-US allOf: - $ref: "#/components/schemas/CredentialMetadata" required: - format - "@context" - credential_definition CredentialRequestEncryption: type: object properties: jwks: type: object additionalProperties: true example: kty: EC crv: P-256 enc_values_supported: example: - A256GCM type: array items: type: string zip_values_supported: example: - gzip type: array items: type: string encryption_required: type: boolean example: false required: - jwks - enc_values_supported - encryption_required CredentialResponseEncryption: type: object properties: alg_values_supported: example: - RSA-OAEP type: array items: type: string enc_values_supported: example: - A256GCM type: array items: type: string encryption_required: type: boolean example: true required: - alg_values_supported - enc_values_supported - encryption_required BatchCredentialIssuance: type: object properties: batch_size: type: number example: 10 required: - batch_size LogoDisplay: type: object properties: name: type: string example: Display Name locale: type: string example: en-US logo: example: *a48 allOf: - $ref: "#/components/schemas/Logo" CredentialIssuerMetadata: type: object properties: credential_issuer: type: string example: https://issuer.example.com authorization_servers: example: - https://auth.example.com type: array items: type: string token_endpoint: type: string example: https://issuer.example.com/token credential_endpoint: type: string example: https://issuer.example.com/credential nonce_endpoint: type: string example: https://issuer.example.com/nonce deferred_credential_endpoint: type: string example: https://issuer.example.com/deferred notification_endpoint: type: string example: https://issuer.example.com/notify credential_request_encryption: example: jwks: kty: EC crv: P-256 enc_values_supported: - A256GCM encryption_required: false allOf: - $ref: "#/components/schemas/CredentialRequestEncryption" credential_response_encryption: example: alg_values_supported: - RSA-OAEP enc_values_supported: - A256GCM encryption_required: true allOf: - $ref: "#/components/schemas/CredentialResponseEncryption" batch_credential_issuance: example: batch_size: 10 allOf: - $ref: "#/components/schemas/BatchCredentialIssuance" display: example: - name: Logo Display locale: en-US logo: uri: https://example.com/logo.png alt_text: Logo alt text type: array items: $ref: "#/components/schemas/LogoDisplay" credential_configurations_supported: type: object additionalProperties: $ref: "#/components/schemas/CredentialConfiguration" example: config-id: format: jwt_vc_json "@context": - https://www.w3.org/ns/credentials/v2 scope: openid cryptographic_binding_methods_supported: - method1 - method2 credential_signing_alg_values_supported: - RS256 - ES256 proof_types_supported: example: proof_signing_alg_values_supported: - RS256 credential_definition: "@context": - https://www.w3.org/ns/credentials/v2 type: - VerifiableCredential - UniversityDegree credential_metadata: display: - name: Extended Display Name locale: en-US description: Extended display description background_color: "#ffffff" background_image: uri: https://example.com/background.png text_color: "#000000" logo: uri: https://example.com/logo.png alt_text: Logo alt text required: - credential_issuer - credential_endpoint - credential_configurations_supported CredentialRequestCredential: type: object properties: id: type: string required: - id CredentialRequestMessage: type: object properties: "@context": example: - https://w3id.org/dspace-dcp/v1.0/dcp.jsonld type: array items: type: string type: type: string example: CredentialRequestMessage holderPid: type: string credentials: type: array items: $ref: "#/components/schemas/CredentialRequestCredential" required: - "@context" - type - holderPid - credentials DCPCredentialStatus: type: object properties: "@context": example: - https://w3id.org/dspace-dcp/v1.0/dcp.jsonld type: array items: type: string type: type: string example: CredentialStatus issuerPid: type: string holderPid: type: string status: type: string enum: - RECEIVED - REJECTED - ISSUED required: - "@context" - type - issuerPid - holderPid - status AuthorizationDetail: type: object properties: type: type: string example: openid_credential credential_configuration_id: type: string example: cred-config-123 credential_identifiers: example: - id1 - id2 type: array items: type: string required: - type - credential_configuration_id - credential_identifiers AccessToken: type: object properties: access_token: type: string example: access-token-sample token_type: type: string example: Bearer expires_in: type: number example: 3600 refresh_token: type: string example: refresh-token-sample authorization_details: example: - type: openid_credential credential_configuration_id: cred-config-123 credential_identifiers: - id1 - id2 type: array items: $ref: "#/components/schemas/AuthorizationDetail" required: - access_token - authorization_details NonceResponse: type: object properties: c_nonce: type: string example: wKI4LT17ac15ES9bw8ac4 required: - c_nonce CredentialItem: type: object properties: credential: example: credential-token-sample oneOf: - type: string - $ref: "#/components/schemas/VerifiableCredential" required: - credential ImmediateCredentialResponse: type: object properties: credentials: example: - credential: credential-token-sample type: array items: $ref: "#/components/schemas/CredentialItem" notification_id: type: string example: notification-id-123 required: - credentials DeferredCredentialResponse: type: object properties: transaction_id: type: string example: tx-id-sample interval: type: number example: 3600 required: - transaction_id - interval JwtProof: type: object properties: proof_type: type: string enum: - jwt - di_vp - attestation example: jwt jwt: type: string example: jwt-token-sample required: - proof_type - jwt VpProof: type: object properties: "@context": example: - https://www.w3.org/ns/credentials/v2 type: array items: type: string type: example: - VerifiablePresentation type: array items: type: string holder: type: string example: holder-sample proof: example: id: proof-id-sample type: DataIntegrityProof cryptosuite: eddsa proofPurpose: authentication verificationMethod: verification-method-sample created: 2023-10-10T00:00:00Z expires: 2023-10-20T00:00:00Z domain: example.com challenge: challenge-sample proofValue: proof-value-sample allOf: - $ref: "#/components/schemas/DataIntegrityProof" required: - "@context" - type - holder - proof DiVpProof: type: object properties: proof_type: type: string enum: - jwt - di_vp - attestation example: di_vp di_vp: example: "@context": - https://www.w3.org/ns/credentials/v2 type: - VerifiablePresentation holder: holder-sample proof: id: proof-id-sample type: DataIntegrityProof cryptosuite: eddsa proofPurpose: authentication verificationMethod: verification-method-sample created: 2023-10-10T00:00:00Z expires: 2023-10-20T00:00:00Z domain: example.com challenge: challenge-sample proofValue: proof-value-sample allOf: - $ref: "#/components/schemas/VpProof" required: - proof_type - di_vp AttestationProof: type: object properties: proof_type: type: string enum: - jwt - di_vp - attestation example: attestation attestation: type: string example: eyJ0eXAiOiJrZXktYXR0ZXN0YXRpb24rand0IiwiYWxnIjoiRVMyNTYifQ... required: - proof_type - attestation CredentialRequest: type: object properties: credential_identifier: type: string example: credential-identifier-123 credential_configuration_id: type: string example: credential-config-id-123 proofs: type: array items: oneOf: - $ref: "#/components/schemas/JwtProof" - $ref: "#/components/schemas/DiVpProof" - $ref: "#/components/schemas/AttestationProof" example: - proof_type: jwt jwt: jwt-token-sample credential_response_encryption: type: object properties: jwk: type: object additionalProperties: true enc: type: string zip: type: string example: jwk: kty: EC crv: P-256 enc: A256GCM externalDocs: description: Git Repository url: https://gitlab.com/tno-tsg/dataspace-protocol/wallet