Versions Compared

Old Version 12

changes.mady.by.user Jürgen Niinre

Saved on

compared with

New Version Current

changes.mady.by.user Jürgen Niinre

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Onboarding API

...

Yaml

View file
name1606_3.yaml
View file
name1905.yaml
View file
name1505.yaml
View file
nameopenapi_2804.yaml
View file
nameopenapi_2104.yaml
View file
nameopenapi3_0.yaml

Sign with pseudonym

Mermaid cloud
filenamesign with pseudonym
revision1

Prerequisite

  • install Remote SCD client (App), create keys

  • Identification at ID BB

  • Payment at payment BB

After that the first Create SCD and Certificate API is available and after Certificate is created, then Usage API is available

Create SCD and Certificate

...

Create SCD and Certificate response

Item

Type

Description

SCD IDCertificateID

String

SCD ID CertificateID identifies the SCD and binds it with the Certificate to be used. Mandatory

Unique pseudonym

String

Unique pseudonym generated by system based on Authentication Token and made unique to identify a particular SCD to be used. Bound together with SCD ID. This is used in case passing SCD ID is not possible (e.g external website)for CertificateID

Certificate

PEM

Certificate that was issued. Mandatory

Status & description

  • OK

  • ERROR - in case of error also error description

Mandatory

...

Item

Type

Descripiton

Authentication token

or

Unique pseudonym

String

Authentication token can be used to query all user's certificates. In case unique pseudonym is used only a particular Certificate and SCD ID CertificateID is returned.

Mandatory

Filter

String

filter to filter certificates by “All”|”OK”|”ACTIVE”, ”Expired”|”Suspended”|”Revoked”

...

Item

Type

Descripiton

Certificate

X.509

User’s certificate

Mandatory when Status is OK

SCD IDCertificateID

String

ID that binds Certificate and SCD and is used to send the request to users SCDuser.

Mandatory when status is OK

Status & description

  • OKACTIVE

  • ERROR - in case of error also error description should be added

  • EXPIRED

  • SUSPENDED - suspend cause should be added

  • REVOKED - also REOVOKE cause should be added

Mandatory

...

Caller: User via SCD, Authority

Item

Type

Descripiton

SCD IDCertificateID

String

Mandatory

Authentication Token

JWT

Authentication token is necessary and should belong to a user or an authority

Mandatory

Status & reason

  • SUSPENDED - add reason text

  • REVOKED - add reason text

  • ACTIVE - activate

Mandatory

Allowed transitions

ACTIVE->SUSPENDED

ACTIVE->REVOKED

SUSPENDED->ACTIVE

SUSPENDED->REVOKED

Update certificate response

...

Caller: Any BB, External service

Item

Type

Descripiton

SCD ID

CertificateID or

uniquePseudonym or

Authentication Token && Payment Token

String

Mandatory

In case CertificateId or uniquePseodonym is presented SCD Signature is created,

If Authentication Token and Payment Token are presented then One time signature is created

format

  • XAdES

  • CAdES

  • ASIC

  • JWS

Pre format the signature in a given format so that it can be more easily inserted by the formatting library. Mandatory

hash

byte array in base64

Has to be signed. Hashing of document is responsibility of Signer Application and is done by formatting library. Mandatory

hash type

  • SHA2/3-256

  • SHA2/3-384

  • SHA2/3-512

  • BLAKE2B

Mandatory

data to be displayed

String

Information to be displayed on users device, can involve free text like “Accept childcare request”, transactionId, etc. Mandatory

Sign Response

Item

Type

Mandatory

signature

byte array in base64

signature that is preformatted according to format

certificate

X.509

certificate with public key

timestamp

rfc3161 asn.1 in base64

timestamp of the signature

status

  • ERROR - in case of error also error description should be added

  • OK

Mandatory