Download OpenAPI specification:Download
Create application agent
Meeco-Organisation-Id required | string <uuid> |
object |
{- "application": {
- "description": "string",
- "name": "string",
- "security_rights": [
- "vk:org:delegation"
]
}
}
{- "application": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "description": "string",
- "name": "string",
- "security_rights": [
- "vk:org:delegation"
]
}
}
Load all application agents
Meeco-Organisation-Id required | string <uuid> |
{- "applications": [
- {
- "id": null,
- "name": null,
- "description": null,
- "type": null,
- "secret": null,
- "scopes": null,
- "redirects": [ ],
- "logout_redirects": [ ],
- "is_active": null,
- "created_at": null,
- "updated_at": null
}
]
}
Get application agent information
id required | string |
Meeco-Organisation-Id required | string <uuid> |
{- "application": {
- "id": null,
- "name": null,
- "description": null,
- "type": null,
- "secret": null,
- "scopes": null,
- "redirects": [ ],
- "logout_redirects": [ ],
- "is_active": null,
- "created_at": null,
- "updated_at": null
}
}
Update application agent
id required | string |
Meeco-Organisation-Id required | string <uuid> |
required | object |
{- "application": {
- "description": "string",
- "name": "string"
}
}
{- "application": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "description": "string",
- "name": "string",
- "security_rights": [
- "vk:org:delegation"
]
}
}
Delete an organisation.
In order to execute this action the current user must have security right atom:tenant:create_org
for the tenant of the organisation.
org_id required | string <uuid> ID of the organisation |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Show an organisation.
In order to execute this action the current user must have
atom:global:view_all_orgs
oratom:tenant:view_tenant_orgs
for the tenantatom:org:view_org
for the org with the ID in parameter org_id
org_id required | string <uuid> ID of the organisation |
{- "org": {
- "archived": false,
- "color": "#C0C0C0",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2",
- "name": "vela",
- "security_rights": [
- "atom:org:assign_org_sr_to_user",
- "atom:org:view_org",
- "atom:org:list_org_admins"
], - "tenant_id": "be2070e5-0510-45a4-8d5b-5817442cdc98",
- "tenant_name": "bhp"
}
}
Update an organisation.
In order to execute this action the current user must have security right atom:tenant:create_org
for the tenant with the ID in parameter tenant_id
.
org_id required | string <uuid> ID of the organisation |
Organisation attributes
authorised_officer_email | string Authorised officer email |
authorised_officer_first_name | string Authorised officer first name |
authorised_officer_last_name | string Authorised officer last name |
business_address | string Business address |
color | string The color associated with the organisation in the hex format. Used for the UI. |
company_number | string Company number |
company_url | string or null <uri> URL of the company |
legal_name | string Legal number |
lei_number | string Legal entity identification number |
logo_url | string <uri> URL to a logo image |
name required | string Name of the organisation to create |
status_in_tenant | string Status: signed legal agreement received or proof of concept |
trading_name | string Trading number |
{- "authorised_officer_email": "string",
- "authorised_officer_first_name": "string",
- "authorised_officer_last_name": "string",
- "business_address": "string",
- "color": "string",
- "company_number": "string",
- "legal_name": "string",
- "lei_number": "string",
- "name": "string",
- "status_in_tenant": "string",
- "trading_name": "string"
}
{- "org": {
- "archived": false,
- "color": "#C0C0C0",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2",
- "name": "vela",
- "security_rights": [
- "atom:org:assign_org_sr_to_user",
- "atom:org:view_org",
- "atom:org:list_org_admins"
], - "tenant_id": "be2070e5-0510-45a4-8d5b-5817442cdc98",
- "tenant_name": "bhp"
}
}
List admins of an organisation.
It is also possible to request a list of archived admins of the organisation, that is, users who used to have organisation security rights for the given organisation, but do not have them now.
In order to execute this action the current user must have
atom:org:list_org_admins
for the organisation with the ID in parameter org_id
oratom:tenant:list_admins_of_all_orgs_of_tenant
for the parent tenant of the organisation org_id
ororg_id required | string <uuid> ID of the organisation |
status | string Enum: "active" "archived" admin status: |
string search admins by their email address. Currenty works only with status=archived | |
per_page | integer number of admins per page |
page | integer Number of the page to serve. This parameter activates classic page-based pagination
and cannot be used with parameter |
order | string Enum: "asc" "desc" order admins by given name in ascending or descending order |
next_page_after | string When cursor based pagination is used, each paginated response has value |
{- "admins": [
- {
- "archived": false,
- "email": "peter@peterson.com",
- "family_name": "Peterson",
- "given_name": "Peter",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2"
}
], - "meta": { },
- "next_page_after": "string"
}
Remove all organisation security rights from user.
In order to execute this action the current user must one of the following security rights:
atom:global:assign_org_sr_to_user
atom:tenant:assign_org_sr_to_user
atom:org:assign_org_sr_to_user
org_id required | string <uuid> ID of the organisation |
org_admin_id required | string <uuid> ID of the admin |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Show an admin of a given organisation.
In order to execute this action the current user must have
atom:org:list_org_admins
for the organisation with the ID in parameter org_id
oratom:tenant:list_admins_of_all_orgs_of_tenant
for the parent tenant of the organisation org_id
ororg_id required | string <uuid> ID of the organisation |
org_admin_id required | string <uuid> ID of the admin |
{- "admin": {
- "archived": false,
- "email": "peter@peterson.com",
- "family_name": "Peterson",
- "given_name": "Peter",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2"
}
}
Remove a user from admins of the given organisation, and put the admin into the registry of former admins of that organisation.
In order to execute this action the current user must one of the following security rights:
atom:global:assign_org_sr_to_user
atom:tenant:assign_org_sr_to_user
atom:org:assign_org_sr_to_user
org_id required | string <uuid> ID of the organisation |
org_admin_id required | string <uuid> ID of the admin |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Reinstate an archived user and make him/her a org admin again.
In order to execute this action the current user must one of the following security rights:
atom:org:assign_org_sr_to_user
atom:tenant:assign_org_sr_to_user
atom:global:assign_org_sr_to_user
org_id required | string <uuid> ID of the organisation |
org_admin_id required | string <uuid> ID of the admin |
{- "admin": {
- "archived": false,
- "email": "peter@peterson.com",
- "family_name": "Peterson",
- "given_name": "Peter",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2"
}
}
List organisation security rights of a organisation admin.
In order to execute this action the current user must have security right atom:org:list_org_admin_sr
for the organisation with the ID in parameter org_id
or atom:tenant:list_org_admin_sr
for the tenant that the organisation belongs to, or global security right atom:global:list_admin_sr_of_any_admin
"
org_id required | string <uuid> ID of the organisation |
org_admin_id required | string <uuid> ID of an organisation admin |
{- "security_rights": [
- "atom:org:assign_org_sr_to_user",
- "atom:org:view_org",
- "atom:org:list_org_admins"
]
}
Assign organisation security rights to a user.
The endpoint can process security rights of 2 categories:
for_org = true
and for_tenant = false
for_org = true
and for_tenant = true
, in this case the security right will be assigned to the tenant which organisation belongs toIn order to execute this action the current user must have one of the following security rights:
atom:org:assign_org_sr_to_user
for the organisation with the ID in parameter org_id
atom:tenant:assign_org_sr_to_user
for the tenant that the organisation belongs toatom:global:assign_org_sr_to_user
"org_id required | string <uuid> ID of the organisation |
org_admin_id required | string <uuid> ID of an organisation admin |
list of security rights
security_rights required | Array of strings list of security rights |
{- "security_rights": [
- "atom:org:assign_org_sr_to_user"
]
}
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Archive an organisation.
In order to execute this action the current user must have security right atom:tenant:create_org
for the tenant of the organisation.
org_id required | string <uuid> ID of the organisation |
{- "org": {
- "archived": false,
- "color": "#C0C0C0",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2",
- "name": "vela",
- "security_rights": [
- "atom:org:assign_org_sr_to_user",
- "atom:org:view_org",
- "atom:org:list_org_admins"
], - "tenant_id": "be2070e5-0510-45a4-8d5b-5817442cdc98",
- "tenant_name": "bhp"
}
}
Restore an organisation.
In order to execute this action the current user must have security right atom:tenant:create_org
for the tenant of the organisation.
org_id required | string <uuid> ID of the organisation |
{- "org": {
- "archived": false,
- "color": "#C0C0C0",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2",
- "name": "vela",
- "security_rights": [
- "atom:org:assign_org_sr_to_user",
- "atom:org:view_org",
- "atom:org:list_org_admins"
], - "tenant_id": "be2070e5-0510-45a4-8d5b-5817442cdc98",
- "tenant_name": "bhp"
}
}
Add security rights to an organisation.
In order to execute this action the current user must have security right atom:tenant:assign_sr_to_org
for the tenant which the organisation belongs to.
org_id required | string <uuid> ID of the organisation |
list of security rights
security_rights required | Array of strings list of security rights |
{- "security_rights": [
- "atom:org:assign_org_sr_to_user"
]
}
{- "org": {
- "archived": false,
- "color": "#C0C0C0",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2",
- "name": "vela",
- "security_rights": [
- "atom:org:assign_org_sr_to_user",
- "atom:org:view_org",
- "atom:org:list_org_admins"
], - "tenant_id": "be2070e5-0510-45a4-8d5b-5817442cdc98",
- "tenant_name": "bhp"
}
}
Remove security rights from an organisation.
In order to execute this action the current user must have security right atom:tenant:assign_sr_to_org
for the tenant which the organisation belongs to.
org_id required | string <uuid> ID of the organisation |
security_rights required | string Comma-separated security rights to remove |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
List organisations in a tenant.
In order to execute this action the current user must have global security atom:global:view_all_orgs
or security right atom:tenant:view_tenant_orgs
for the tenant with the ID in parameter tenant_id
.
tenant_id required | string <uuid> ID of the tenant |
status | string Enum: "active" "archived" "all" org status: |
per_page | integer number of organisations per page |
order | string Enum: "asc" "desc" order organisations by name in ascending or descending order |
page | integer Number of the page to serve. This parameter activates classic page-based pagination
and cannot be used with parameter |
next_page_after | string When cursor based pagination is used, each paginated response has value |
filter_by | string Search organisations whose names contains the given string. |
{- "meta": { },
- "next_page_after": "string",
- "orgs": [
- {
- "archived": false,
- "color": "#C0C0C0",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2",
- "name": "vela",
- "security_rights": [
- "atom:org:assign_org_sr_to_user",
- "atom:org:view_org",
- "atom:org:list_org_admins"
], - "tenant_id": "be2070e5-0510-45a4-8d5b-5817442cdc98",
- "tenant_name": "bhp"
}
]
}
Create an organisation.
In order to execute this action the current user must have security right atom:tenant:create_org
for the tenant with the ID in parameter tenant_id
.
tenant_id required | string <uuid> ID of the tenant |
no_first_user | boolean If true, the current user will not become the first admin of the organisation, and the organisation will have not admins. By default the current user becomes the first admin of the organisation |
add_all_external_security_rights | boolean By default only all internal org-level security rights of the parent tenant are added to a new organisation If this parameter is true, also all external org-level security rights of the parent tenant are added to a new organisation. |
Organisation attributes
authorised_officer_email | string Authorised officer email |
authorised_officer_first_name | string Authorised officer first name |
authorised_officer_last_name | string Authorised officer last name |
business_address | string Business address |
color | string The color associated with the organisation in the hex format. Used for the UI. |
company_number | string Company number |
company_url | string or null <uri> URL of the company |
legal_name | string Legal number |
lei_number | string Legal entity identification number |
logo_url | string <uri> URL to a logo image |
name required | string Name of the organisation to create |
status_in_tenant | string Status: signed legal agreement received or proof of concept |
trading_name | string Trading number |
{- "authorised_officer_email": "string",
- "authorised_officer_first_name": "string",
- "authorised_officer_last_name": "string",
- "business_address": "string",
- "color": "string",
- "company_number": "string",
- "legal_name": "string",
- "lei_number": "string",
- "name": "string",
- "status_in_tenant": "string",
- "trading_name": "string"
}
{- "org": {
- "archived": false,
- "color": "#C0C0C0",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2",
- "name": "vela",
- "security_rights": [
- "atom:org:assign_org_sr_to_user",
- "atom:org:view_org",
- "atom:org:list_org_admins"
], - "tenant_id": "be2070e5-0510-45a4-8d5b-5817442cdc98",
- "tenant_name": "bhp"
}
}
Show a list of organisations which the current user can see. These are the following organisations:
atom:global:view_all_tenants
, all organisations are shownatom:tenant:view_tenant_orgs
atom:org:view_org
Can take optional parameter tenant_id
which will restrict the list of organisations to one tenant only.
tenant_id | string <uuid> This parameter is the ID of a tenant and if present it restricts the list of organisations to one tenant only. |
{- "orgs": [
- {
- "archived": false,
- "color": "#C0C0C0",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2",
- "name": "vela",
- "security_rights": [
- "atom:org:assign_org_sr_to_user",
- "atom:org:view_org",
- "atom:org:list_org_admins"
], - "tenant_id": "be2070e5-0510-45a4-8d5b-5817442cdc98",
- "tenant_name": "bhp"
}
]
}
Fetches classification nodes.
There are 2 types of classification nodes:
This endpoint serves both global and your own classication nodes. Field own
specifies which kind of classigication node this is
You can fetch classification nodes belonging to a certain classification scheme. You can also filter classification nodes by a LIKE expression on the name.
Parameter own
allows you to request only global or only user-defined classification nodes.
next_page_after | string cursor to get the next page |
per_page | integer override the number of records per page - default 200 |
scheme_name | string Filter classification nodes by the name of the classification scheme |
name | string this is a 'LIKE' search intended for use in searching for classification nodes, mostly tags. For example adding 'trav' might return a classification node with the name 'travel' |
own | string If the value is 'true', only user-defined classification nodes are returned, if the value is 'false', only global classification nodes are returned. |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "next_page_after": "string",
- "classification_nodes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "ordinal": 0,
- "background_color": "string",
- "scheme": "string",
- "classifications_count": 0
}
], - "meta": {
- "order_by": "string",
- "order": "string",
- "order_from_params": true,
- "per_page": 0,
- "per_page_from_params": true,
- "current_cursor": "string",
- "records_count": 0,
- "page": 0,
- "page_count": 0
}
}
There are 2 types of classification schemes:
This endpoint allows a user to create a new classification node in a user-owned classification scheme.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
object |
{- "classification_node": {
- "classification_scheme_name": "string",
- "name": "string",
- "label": "string",
- "user_id": "string",
- "description": "string",
- "image": "string"
}
}
{- "classification_node": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "ordinal": 0,
- "background_color": "string",
- "scheme": "string",
- "classifications_count": 0
}
}
Retrieve a classification node
id required | string Classification Node id |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "classification_node": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "ordinal": 0,
- "background_color": "string",
- "scheme": "string",
- "classifications_count": 0
}
}
next_page_after | string cursor to get the next page |
per_page | integer override the number of records per page - default 200 |
page | integer specify page number in page-based pagination. The default pagination mode is cursor-based pagination, in order to swtich to page-based pagination this parameter must ne used, even for the first page |
delegation | string Request connection where the current user has granted delegation to other users ( |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "connections": [
- {
- "own": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "encrypted_recipient_name": "string",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string",
- "created_at": "2019-08-24T14:15:22Z"
}, - "the_other_user": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string"
}
}
], - "meta": {
- "order_by": "string",
- "order": "string",
- "order_from_params": true,
- "per_page": 0,
- "per_page_from_params": true,
- "current_cursor": "string",
- "records_count": 0,
- "page": 0,
- "page_count": 0
}, - "next_page_after": "string"
}
Accepts an invitation and creates 2 connection records: a connection from the current user to the user who invited the current user, and a connection from the user who invited the current user to the current user.
If there were share intents linked to this invitation, shares are created. The response contains a report on the created shares.
This endpoint is only available when global configuration variable multistep_invitation_workflow
is false
If there is already a connection between these two users, then
invitation
will be set to NULL
connection_existed_already
will be set to true
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
object (PostConnectionPublicKey) | |
object (PostConnection) |
{- "public_key": {
- "keypair_external_id": "string",
- "public_key": "string"
}, - "connection": {
- "encrypted_recipient_name": "string",
- "invitation_token": "string",
- "recipient_did": "string"
}
}
{- "connection_existed_already": true,
- "connection": {
- "own": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "encrypted_recipient_name": "string",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string",
- "created_at": "2019-08-24T14:15:22Z"
}, - "the_other_user": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string"
}
}, - "created_shares_report": [
- {
- "item_to_be_shared": "5cb7e8f7-00d4-4409-9766-ffd287737635",
- "success": true,
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e",
- "reason": "string"
}
]
}
Deletes a connection.
A backend to backend call to the keystore will automatically delete the corresponding keystore delegation if applicable.
id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "errors": [
- {
- "error": "string",
- "http_code": 0,
- "message": "string",
- "requested_language": "string",
- "message_in_requested_language": true,
- "extra_info": { }
}
]
}
id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "connection": {
- "own": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "encrypted_recipient_name": "string",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string",
- "created_at": "2019-08-24T14:15:22Z"
}, - "the_other_user": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string"
}
}
}
Retrieves invitations that the current user has created. Parameter state
fetches invitations with a certain state. Currenty there are 6 states:
new
connected
rejected
accepted
cancelled
expired
If parameter state
is not submitted, only invitations with states new
, accepted
and rejected
are fetched.
state | string only fetch invitations with a certain state. Currenty there are 5 states: |
next_page_after | string cursor to get the next page |
per_page | integer override the number of records per page - default 200 |
page | integer specify page number in page-based pagination. The default pagination mode is cursor-based pagination, in order to swtich to page-based pagination this parameter must ne used, even for the first page |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "next_page_after": "string",
- "invitations": [
- {
- "connection_type": "member",
- "message": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "token": "string",
- "delegation_role": "admin",
- "delegation_token": "string",
- "organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
- "organization_member_role": "de424139-9d14-4753-9abe-7c04cad23892",
- "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
- "sender_did": "string",
- "recipient_did": "string",
- "expire_at": "2019-08-24T14:15:22Z",
- "shares_to_be_created": 0,
- "outgoing": true,
- "invited_user_id": "6e09f47e-7bbe-4452-8a43-86146fc6331b",
- "state": "string",
- "encrypted_recipient_name": "string",
- "encrypted_sender_name": "string",
- "recipient_to_sender_data": { },
- "sender_to_recipient_data": { },
- "sender_public_key": "string",
- "multistep_workflow": true,
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "keypair_external_id": "string",
- "user_public_key": "string",
- "integration_data": { },
- "user_name": "string"
}
], - "meta": {
- "order_by": "string",
- "order": "string",
- "order_from_params": true,
- "per_page": 0,
- "per_page_from_params": true,
- "current_cursor": "string",
- "records_count": 0,
- "page": 0,
- "page_count": 0
}
}
Invite another user to connect.
An invitation does not specify a recipient directly, instead the result of this operation is
an invitation token which can then be sent to a recipient by a client application or some other means, mand the recipient can create a connection using this token and endpoint POST /connections
Invitations and connections have 3 special use-cases:
Blindly accepting an invitation by submitting an invitation token to POST /connections
might have serious consequences, so client applications are advised to first read the invitation with GET /invitations/{token}
before creating a connection. The intent of an invitation is in JSON field integration_data
.
For the membership invitation parameter organization_member_role
is used to specify the role we are inviting the user with. There are currently 2 organization member roles:
owner
- can do everythingadmin
(default) - can only manage organization services
If param organization_member_role
is not provided then role admin
will be assigned to the invited member.For the delegation connection parameters delegate_role
and delegation_token
are mandatory. delegation_token
should be obtained by running POST /delegations
in the keystore.
If delegate_role
and delegation_token
are present, a recipient is invited to become a delegate user who has rights to perform actions on behalf of the user who has created the invitation.
Currently there are three delegate roles:
owner
admin
reader
The vault supports two invitations workflows:
Simple - a sender creates an invitation. A recipient then accepts the invitation, and a connection is created.
Multistep - a sender creates an invitation. A recipient then accepts the invitation, no connection is created yet. The recipient then confirms the invitation, and a connection is created.
An invitation is marked as belonging to one of these two workflows when created, boolean parameter multistep_workflow
can be used for this. Values '1' and 'true' are interpreted as true, as multistep invitation workflow.
Each vault instance is configured to have a default invitation workflow. In case multistep_workflow
is not submitted or is null
, the default workflow is used.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
expires_in | integer or null number of days the invitation is valid. Cannot exceed the default value |
object (PostInvitationPublicKey) | |
object (PostInvitation) |
{- "expires_in": 0,
- "public_key": {
- "keypair_external_id": "string",
- "public_key": "string"
}, - "invitation": {
- "encrypted_recipient_name": "string",
- "encrypted_sender_name": "string",
- "organization_member_role": "string",
- "delegate_role": "string",
- "sender_did": "string",
- "delegation_token": "string",
- "multistep_workflow": "string",
- "sender_to_recipient_data": { }
}
}
{- "invitation": {
- "connection_type": "member",
- "message": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "token": "string",
- "delegation_role": "admin",
- "delegation_token": "string",
- "organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
- "organization_member_role": "de424139-9d14-4753-9abe-7c04cad23892",
- "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
- "sender_did": "string",
- "recipient_did": "string",
- "expire_at": "2019-08-24T14:15:22Z",
- "shares_to_be_created": 0,
- "outgoing": true,
- "invited_user_id": "6e09f47e-7bbe-4452-8a43-86146fc6331b",
- "state": "string",
- "encrypted_recipient_name": "string",
- "encrypted_sender_name": "string",
- "recipient_to_sender_data": { },
- "sender_to_recipient_data": { },
- "sender_public_key": "string",
- "multistep_workflow": true,
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "keypair_external_id": "string",
- "user_public_key": "string",
- "integration_data": { },
- "user_name": "string"
}
}
Delete an invitation by its token or ID. Only the user who created the invitation may delete it.
invitation_id required | string invitation ID or token |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "errors": [
- {
- "error": "string",
- "http_code": 0,
- "message": "string",
- "requested_language": "string",
- "message_in_requested_language": true,
- "extra_info": { }
}
]
}
Read an invitation by its token or ID.
Can be used by both the invitation sender, and someone with an invitation token.Fields id
and keypair_external_id
are NULL if the current user is not the sender of the invitation
invitation_id required | string invitation ID or token |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "invitation": {
- "connection_type": "member",
- "message": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "token": "string",
- "delegation_role": "admin",
- "delegation_token": "string",
- "organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
- "organization_member_role": "de424139-9d14-4753-9abe-7c04cad23892",
- "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
- "sender_did": "string",
- "recipient_did": "string",
- "expire_at": "2019-08-24T14:15:22Z",
- "shares_to_be_created": 0,
- "outgoing": true,
- "invited_user_id": "6e09f47e-7bbe-4452-8a43-86146fc6331b",
- "state": "string",
- "encrypted_recipient_name": "string",
- "encrypted_sender_name": "string",
- "recipient_to_sender_data": { },
- "sender_to_recipient_data": { },
- "sender_public_key": "string",
- "multistep_workflow": true,
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "keypair_external_id": "string",
- "user_public_key": "string",
- "integration_data": { },
- "user_name": "string"
}, - "share_intents": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "item_id": "4d8cd62e-a579-4dae-af8c-3172f96f8f7c",
- "item_label": "string",
- "encrypted_dek": "string",
- "expires_at": "2019-08-24T14:15:22Z",
- "terms": "string",
- "acceptance_required": "acceptance_not_required"
}
], - "recipient_public_key": "string"
}
Accept an invitation.
This endpoint is only available if the multistep invitation flow is enabled. Accepting an endpoint does not create a connection. After an invitation is accepted, the sender of the invitation needs to confirm it.
If there is already a connection between these two users, then
invitation
will be set to NULL
connection_existed_already
will be set to true
invitation_id required | string invitation token |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
object (AcceptInvitationPublicKey) | |
object (AcceptInvitationParams) |
{- "public_key": {
- "keypair_external_id": "string",
- "public_key": "string"
}, - "invitation": {
- "accept_shares": true,
- "encrypted_recipient_name": "string",
- "encrypted_sender_name": "string",
- "recipient_to_sender_data": { }
}
}
{- "connection_existed_already": true,
- "invitation": {
- "connection_type": "member",
- "message": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "token": "string",
- "delegation_role": "admin",
- "delegation_token": "string",
- "organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
- "organization_member_role": "de424139-9d14-4753-9abe-7c04cad23892",
- "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
- "sender_did": "string",
- "recipient_did": "string",
- "expire_at": "2019-08-24T14:15:22Z",
- "shares_to_be_created": 0,
- "outgoing": true,
- "invited_user_id": "6e09f47e-7bbe-4452-8a43-86146fc6331b",
- "state": "string",
- "encrypted_recipient_name": "string",
- "encrypted_sender_name": "string",
- "recipient_to_sender_data": { },
- "sender_to_recipient_data": { },
- "sender_public_key": "string",
- "multistep_workflow": true,
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "keypair_external_id": "string",
- "user_public_key": "string",
- "integration_data": { },
- "user_name": "string"
}, - "connection": {
- "own": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "encrypted_recipient_name": "string",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string",
- "created_at": "2019-08-24T14:15:22Z"
}, - "the_other_user": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string"
}
}
}
Reject an accepted invitation.
This endpoint is only available if the multistep invitation flow is enabled. First an invitation recipient accepts an an invitation is accepted, and then the sender of the invitation can reject it using this endpoint. Only the sender of the invitation can call this endpoint.
invitation_id required | string invitation ID |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "invitation": {
- "connection_type": "member",
- "message": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "token": "string",
- "delegation_role": "admin",
- "delegation_token": "string",
- "organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
- "organization_member_role": "de424139-9d14-4753-9abe-7c04cad23892",
- "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
- "sender_did": "string",
- "recipient_did": "string",
- "expire_at": "2019-08-24T14:15:22Z",
- "shares_to_be_created": 0,
- "outgoing": true,
- "invited_user_id": "6e09f47e-7bbe-4452-8a43-86146fc6331b",
- "state": "string",
- "encrypted_recipient_name": "string",
- "encrypted_sender_name": "string",
- "recipient_to_sender_data": { },
- "sender_to_recipient_data": { },
- "sender_public_key": "string",
- "multistep_workflow": true,
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "keypair_external_id": "string",
- "user_public_key": "string",
- "integration_data": { },
- "user_name": "string"
}
}
Confirm an accepted invitation.
This endpoint is only available if the multistep invitation flow is enabled. First an invitation recipient accepts an an invitation is accepted, and then the sender of the invitation can confirm it using this endpoint. Only the sender of the invitation can call this endpoint.Parameter encrypted_dek
is used for share intents in the multistep invitation workflow. In the multistep invitation workflow when share intents are created, they are first encrypted with the private DEK on the invitation sender. At this confirmation step the sender of the invitation already has access to the public key of the recipient in the invitation, field recipient_public_key
, and the sender of the invitation is expected to re-encrypt the DEK in the share intents with the public key of the recipient. encrypted_dek
is mandatory if there are share intents.
If there is already a connection between these two users, then
invitation
will be set to NULL
connection_existed_already
will be set to true
invitation_id required | string invitation ID |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
encrypted_recipient_name | string Name of the recipient of the invitation re-encrypted with the private DEK of the sender of the invitation |
encrypted_dek | string This parameter is used for share intents in the multistep invitation workflow. In the multistep invitation workflow when share intents are created, they are first encrypted with the private DEK on the invitation sender. At this confirmation step the sender of the invitation already has access to the public key of the recipient in the invitation, field |
{- "encrypted_recipient_name": "string",
- "encrypted_dek": "string"
}
{- "connection_existed_already": true,
- "invitation": {
- "connection_type": "member",
- "message": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "token": "string",
- "delegation_role": "admin",
- "delegation_token": "string",
- "organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
- "organization_member_role": "de424139-9d14-4753-9abe-7c04cad23892",
- "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
- "sender_did": "string",
- "recipient_did": "string",
- "expire_at": "2019-08-24T14:15:22Z",
- "shares_to_be_created": 0,
- "outgoing": true,
- "invited_user_id": "6e09f47e-7bbe-4452-8a43-86146fc6331b",
- "state": "string",
- "encrypted_recipient_name": "string",
- "encrypted_sender_name": "string",
- "recipient_to_sender_data": { },
- "sender_to_recipient_data": { },
- "sender_public_key": "string",
- "multistep_workflow": true,
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "keypair_external_id": "string",
- "user_public_key": "string",
- "integration_data": { },
- "user_name": "string"
}, - "connection": {
- "own": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "encrypted_recipient_name": "string",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string",
- "created_at": "2019-08-24T14:15:22Z"
}, - "the_other_user": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string"
}
}
}
Reject an invitation. This endpoint is only available if the multistep invitation flow is enabled.
invitation_id required | string invitation token |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "invitation": {
- "connection_type": "member",
- "message": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "token": "string",
- "delegation_role": "admin",
- "delegation_token": "string",
- "organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
- "organization_member_role": "de424139-9d14-4753-9abe-7c04cad23892",
- "service_id": "641e839f-864e-4cce-98f9-40f6cbb3e9e0",
- "sender_did": "string",
- "recipient_did": "string",
- "expire_at": "2019-08-24T14:15:22Z",
- "shares_to_be_created": 0,
- "outgoing": true,
- "invited_user_id": "6e09f47e-7bbe-4452-8a43-86146fc6331b",
- "state": "string",
- "encrypted_recipient_name": "string",
- "encrypted_sender_name": "string",
- "recipient_to_sender_data": { },
- "sender_to_recipient_data": { },
- "sender_public_key": "string",
- "multistep_workflow": true,
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "keypair_external_id": "string",
- "user_public_key": "string",
- "integration_data": { },
- "user_name": "string"
}
}
In delegation we differentiate between a delegate user and an owner user:
owner
- a user who grants delegation permissions, the real owner of the accountdelegate
- a user who has been granted permission to perform actions on the behalf of the ownerOne way to set up a delegation relation is via invitations. Any user can invite another user to become a delegate. See POST /invitations
for details.
Another way is creating a child user. A child account is a new empty account over which the user who has created it has full control via a delegation connection with role owner
.
The user who has created a child account is considered a parent account. Managing keys of the child account the responsibility of the parent user.
The result of this call is a child account without a private DEK but with a login public key.
In order to create a child account the following data must be submitted:
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
Parameters to create a child account and a connection between the parent user and the child user
object (ParentPublicKeyForConnection) | |
object (ChildPublicKeyForConnection) |
{- "parent_public_key_for_connection": {
- "pem": "string",
- "external_id": "string"
}, - "child_public_key_for_connection": {
- "pem": "string",
- "external_id": "string"
}
}
{- "user": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "full_name": "string",
- "email": "string",
- "country": "string",
- "joined_at": "2019-08-24T14:15:22Z",
- "onboarded_at": "2019-08-24T14:15:22Z",
- "timezone": "string",
- "private_dek_external_id": "string",
- "did": "string",
- "queued_for_deletion_after": "2019-08-24T14:15:22Z",
- "accepted_terms": true,
- "broken_attachments_present": true,
- "user_type": "human"
}, - "connection_from_parent_to_child": {
- "own": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "encrypted_recipient_name": "string",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string",
- "created_at": "2019-08-24T14:15:22Z"
}, - "the_other_user": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string"
}
}
}
Invite an existing connection to become a delegate of your account. They will have rights to perform actions on behalf of the user who has created the invitation.
There are three delegation roles:
owner
admin
reader
delegation_token
should be obtained by running POST /delegations
in the keystore.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
connection_id | string <uuid> |
delegation_token | string |
delegation_role | string |
{- "connection_id": "d3547de1-d1f2-4344-b4c2-17169b7526f9",
- "delegation_token": "string",
- "delegation_role": "string"
}
{- "delegation_invitation": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "inviting_user_id": "8e4fe6ee-f24e-41a6-91ba-ced00d04afe7",
- "inviting_user_connection_id": "10bc5d68-754f-45ea-a08f-59738e87c742",
- "invited_user_id": "6e09f47e-7bbe-4452-8a43-86146fc6331b",
- "invited_user_connection_id": "04f2eda0-4a12-4bb3-85c7-2b77f3f8710f",
- "delegation_token": "string",
- "delegation_role": "string",
- "state": "new"
}
}
Retrieves invitations that the current user has created.
next_page_after | string cursor to get the next page |
per_page | integer override the number of records per page - default 200 |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "next_page_after": "string",
- "delegation_invitations": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "inviting_user_id": "8e4fe6ee-f24e-41a6-91ba-ced00d04afe7",
- "inviting_user_connection_id": "10bc5d68-754f-45ea-a08f-59738e87c742",
- "invited_user_id": "6e09f47e-7bbe-4452-8a43-86146fc6331b",
- "invited_user_connection_id": "04f2eda0-4a12-4bb3-85c7-2b77f3f8710f",
- "delegation_token": "string",
- "delegation_role": "string",
- "state": "new"
}
], - "meta": {
- "order_by": "string",
- "order": "string",
- "order_from_params": true,
- "per_page": 0,
- "per_page_from_params": true,
- "current_cursor": "string",
- "records_count": 0,
- "page": 0,
- "page_count": 0
}
}
Retrieves invitations that have been sent to the current user.
next_page_after | string cursor to get the next page |
per_page | integer override the number of records per page - default 200 |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "next_page_after": "string",
- "delegation_invitations": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "inviting_user_id": "8e4fe6ee-f24e-41a6-91ba-ced00d04afe7",
- "inviting_user_connection_id": "10bc5d68-754f-45ea-a08f-59738e87c742",
- "invited_user_id": "6e09f47e-7bbe-4452-8a43-86146fc6331b",
- "invited_user_connection_id": "04f2eda0-4a12-4bb3-85c7-2b77f3f8710f",
- "delegation_token": "string",
- "delegation_role": "string",
- "state": "new"
}
], - "meta": {
- "order_by": "string",
- "order": "string",
- "order_from_params": true,
- "per_page": 0,
- "per_page_from_params": true,
- "current_cursor": "string",
- "records_count": 0,
- "page": 0,
- "page_count": 0
}
}
Delete a delegation invitation by its ID. Users may only delete delegation invitations in the new state that they have created.
id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "errors": [
- {
- "error": "string",
- "http_code": 0,
- "message": "string",
- "requested_language": "string",
- "message_in_requested_language": true,
- "extra_info": { }
}
]
}
Read a delegation invitation by its ID. Both creator and recipient can read the invitation
id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "delegation_invitation": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "inviting_user_id": "8e4fe6ee-f24e-41a6-91ba-ced00d04afe7",
- "inviting_user_connection_id": "10bc5d68-754f-45ea-a08f-59738e87c742",
- "invited_user_id": "6e09f47e-7bbe-4452-8a43-86146fc6331b",
- "invited_user_connection_id": "04f2eda0-4a12-4bb3-85c7-2b77f3f8710f",
- "delegation_token": "string",
- "delegation_role": "string",
- "state": "new"
}
}
Accept a delegation invitation by its ID and update the connection between the two users. Users may only accept delegation invitations in the new state that have been sent to them.
id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "connection": {
- "own": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "encrypted_recipient_name": "string",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string",
- "created_at": "2019-08-24T14:15:22Z"
}, - "the_other_user": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string"
}
}
}
Reject a delegation invitation by its ID. Users may only reject delegation invitations in the new state that have been sent to them.
id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "errors": [
- {
- "error": "string",
- "http_code": 0,
- "message": "string",
- "requested_language": "string",
- "message_in_requested_language": true,
- "extra_info": { }
}
]
}
Remove delegation from a connection
A backend to backend call to the keystore will automatically delete the corresponding keystore delegation.
connection_id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "errors": [
- {
- "error": "string",
- "http_code": 0,
- "message": "string",
- "requested_language": "string",
- "message_in_requested_language": true,
- "extra_info": { }
}
]
}
Update a delegation by its connection ID
connection_id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
delegation_role | string |
{- "delegation_role": "string"
}
{- "connection": {
- "own": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "encrypted_recipient_name": "string",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string",
- "created_at": "2019-08-24T14:15:22Z"
}, - "the_other_user": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "integration_data": { },
- "delegation_token": "string",
- "delegation_role": "admin",
- "organization_member_id": "3a8f5387-fc8c-4f9b-b780-ac9fb20be29e",
- "connection_type": "member",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "user_type": "human",
- "user_public_key": "string",
- "user_keypair_external_id": "string",
- "did": "string"
}
}
}
This endpoint gets registered DID's own by organisation/user.
limit | any Example: limit=10 Number of records per page |
page | any Example: page=1 Page number (starting from 1) |
Meeco-Organisation-ID | string Get list of organisation own DIDs by providing Organisation Id |
{- "data": [
- {
- "id": "string",
- "ownerId": "string",
- "did": "string",
- "lastOperation": "create",
- "createdById": "string",
- "lastUpdatedById": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "lastUpdatedAt": "2019-08-24T14:15:22Z"
}
], - "meta": {
- "itemsPerPage": 0,
- "totalItems": 0,
- "currentPage": 0,
- "totalPages": 0,
- "sortBy": [
- { }
], - "searchBy": [
- { }
], - "search": "string",
- "filter": { }
}, - "links": {
- "first": "string",
- "previous": "string",
- "current": "string",
- "next": "string",
- "last": "string"
}
}
This endpoint creates a DID. As input it takes the DID, a DID document, plus optional DID registration options and secrets needed to create a DID. The output is a state object that represents the current state of the DID creation process.
See the DID Create Guide for detail usage of this endpoint.
method required | string Examples:
The DID Method to create. |
Meeco-Organisation-ID | string Create DID for organisation by providing Organisation Id |
jobId | string Default: null |
object This input field contains an object with various options for the DID create operation, such as the network where the DID should be created. See https://identity.foundation/did-registration/#options | |
secret | object This input field contains an object with DID controller keys and other secrets needed for performing the DID create operation. See https://identity.foundation/did-registration/#secret |
object This input field contains either a complete DID document, or an incremental change (diff) to a DID document. See https://identity.foundation/did-registration/#diddocument |
{- "jobId": null,
- "options": {
- "clientSecretMode": true,
- "network": "danube",
- "keyType": "ed25519"
}, - "secret": { },
- "didDocument": {
- "id": "string",
- "@context": { },
- "alsoKnownAs": [
- "string"
], - "controller": { },
- "verificationMethod": [
- { }
], - "service": [
- { }
], - "publicKey": [
- { }
], - "authentication": [
- { }
], - "assertionMethod": [
- { }
], - "keyAgreement": [
- { }
], - "capabilityInvocation": [
- { }
], - "capabilityDelegation": [
- { }
]
}
}
{- "jobId": "string",
- "didState": {
- "action": "string",
- "state": "string",
- "did": "string",
- "signingRequest": {
- "signingRequestAttrib": {
- "kid": "string",
- "alg": "string",
- "purpose": "string",
- "payload": {
- "identifier": "string",
- "operation": {
- "dest": "string",
- "raw": "string",
- "type": "string"
}, - "protocolVersion": 0,
- "reqId": 0
}, - "serializedPayload": "string"
}, - "signingRequestNym": {
- "kid": "string",
- "alg": "string",
- "purpose": "string",
- "payload": {
- "identifier": "string",
- "operation": {
- "dest": "string",
- "raw": "string",
- "type": "string"
}, - "protocolVersion": 0,
- "reqId": 0
}, - "serializedPayload": "string"
}
}, - "verificationMethodTemplate": [
- {
- "id": "string",
- "type": "string",
- "publicKeyJwk": {
- "kty": "string",
- "crv": "string"
}, - "purpose": [
- "string"
]
}
], - "secret": {
- "verificationMethod": [
- { }
]
}, - "didDocument": {
- "id": "string",
- "@context": { },
- "alsoKnownAs": [
- "string"
], - "controller": { },
- "verificationMethod": [
- { }
], - "service": [
- { }
], - "publicKey": [
- { }
], - "authentication": [
- { }
], - "assertionMethod": [
- { }
], - "keyAgreement": [
- { }
], - "capabilityInvocation": [
- { }
], - "capabilityDelegation": [
- { }
]
}
}, - "didRegistrationMetadata": {
- "duration": 0,
- "method": "string"
}, - "didDocumentMetadata": {
- "network": "string",
- "poolVersion": 0,
- "submitterDid": "string",
- "ledgerResult": {
- "op": "string",
- "result": {
- "txnMetadata": {
- "seqNo": 0,
- "txnTime": 0,
- "txnId": "string"
}, - "ver": "string",
- "auditPath": [
- "string"
], - "txn": {
- "metadata": {
- "from": "string",
- "payloadDigest": "string",
- "digest": "string",
- "reqId": 0
}, - "type": "string",
- "protocolVersion": 0,
- "data": {
- "dest": "string",
- "verkey": "string",
- "raw": "string"
}
}, - "rootHash": "string",
- "reqSignature": {
- "values": [
- {
- "from": "string",
- "value": "string"
}
], - "type": "string"
}
}
}
}
}
This endpoint deactivates a DID. As input it takes the existing DID, plus optional DID registration options and secrets needed to deactivate a DID. The output is a state object that represents the current state of the DID deactivation process.
See the DID Deactivate Guide for detail usage of this endpoint.
method required | string Examples:
The DID Method to create. |
Meeco-Organisation-ID | string Deactivate organisation DID by providing Organisation Id |
jobId | string Default: null |
did required | string |
object This input field contains an object with various options for the DID create operation, such as the network where the DID should be created. See https://identity.foundation/did-registration/#options | |
secret | object This input field contains an object with DID controller keys and other secrets needed for performing the DID create operation. See https://identity.foundation/did-registration/#secret |
object This input field contains either a complete DID document, or an incremental change (diff) to a DID document. See https://identity.foundation/did-registration/#diddocument |
{- "jobId": null,
- "did": "string",
- "options": {
- "clientSecretMode": true,
- "network": "danube",
- "keyType": "ed25519"
}, - "secret": { },
- "didDocument": {
- "id": "string",
- "@context": { },
- "alsoKnownAs": [
- "string"
], - "controller": { },
- "verificationMethod": [
- { }
], - "service": [
- { }
], - "publicKey": [
- { }
], - "authentication": [
- { }
], - "assertionMethod": [
- { }
], - "keyAgreement": [
- { }
], - "capabilityInvocation": [
- { }
], - "capabilityDelegation": [
- { }
]
}
}
{- "jobId": "string",
- "didState": {
- "action": "string",
- "state": "string",
- "did": "string",
- "signingRequest": {
- "signingRequestAttrib": {
- "kid": "string",
- "alg": "string",
- "purpose": "string",
- "payload": {
- "identifier": "string",
- "operation": {
- "dest": "string",
- "raw": "string",
- "type": "string"
}, - "protocolVersion": 0,
- "reqId": 0
}, - "serializedPayload": "string"
}, - "signingRequestNym": {
- "kid": "string",
- "alg": "string",
- "purpose": "string",
- "payload": {
- "identifier": "string",
- "operation": {
- "dest": "string",
- "raw": "string",
- "type": "string"
}, - "protocolVersion": 0,
- "reqId": 0
}, - "serializedPayload": "string"
}
}, - "verificationMethodTemplate": [
- {
- "id": "string",
- "type": "string",
- "publicKeyJwk": {
- "kty": "string",
- "crv": "string"
}, - "purpose": [
- "string"
]
}
], - "secret": {
- "verificationMethod": [
- { }
]
}, - "didDocument": {
- "id": "string",
- "@context": { },
- "alsoKnownAs": [
- "string"
], - "controller": { },
- "verificationMethod": [
- { }
], - "service": [
- { }
], - "publicKey": [
- { }
], - "authentication": [
- { }
], - "assertionMethod": [
- { }
], - "keyAgreement": [
- { }
], - "capabilityInvocation": [
- { }
], - "capabilityDelegation": [
- { }
]
}
}, - "didRegistrationMetadata": {
- "duration": 0,
- "method": "string"
}, - "didDocumentMetadata": {
- "network": "string",
- "poolVersion": 0,
- "submitterDid": "string",
- "ledgerResult": {
- "op": "string",
- "result": {
- "txnMetadata": {
- "seqNo": 0,
- "txnTime": 0,
- "txnId": "string"
}, - "ver": "string",
- "auditPath": [
- "string"
], - "txn": {
- "metadata": {
- "from": "string",
- "payloadDigest": "string",
- "digest": "string",
- "reqId": 0
}, - "type": "string",
- "protocolVersion": 0,
- "data": {
- "dest": "string",
- "verkey": "string",
- "raw": "string"
}
}, - "rootHash": "string",
- "reqSignature": {
- "values": [
- {
- "from": "string",
- "value": "string"
}
], - "type": "string"
}
}
}
}
}
This endpoint updates a DID. As input it takes the existing DID, a DID document, plus optional DID registration options and secrets needed to update a DID. The output is a state object that represents the current state of the DID update process.
See the DID Update Guide for detail usage of this endpoint.
method required | string Examples:
The DID Method to create. |
Meeco-Organisation-ID | string Update organisation DID by providing Organisation Id |
jobId | string Default: null |
did required | string |
didDocumentOperation required | Array of strings |
object This input field contains an object with various options for the DID create operation, such as the network where the DID should be created. See https://identity.foundation/did-registration/#options | |
secret | object This input field contains an object with DID controller keys and other secrets needed for performing the DID create operation. See https://identity.foundation/did-registration/#secret |
object This input field contains either a complete DID document, or an incremental change (diff) to a DID document. See https://identity.foundation/did-registration/#diddocument |
{- "jobId": null,
- "did": "string",
- "didDocumentOperation": [
- "string"
], - "options": {
- "clientSecretMode": true,
- "network": "danube",
- "keyType": "ed25519"
}, - "secret": { },
- "didDocument": {
- "id": "string",
- "@context": { },
- "alsoKnownAs": [
- "string"
], - "controller": { },
- "verificationMethod": [
- { }
], - "service": [
- { }
], - "publicKey": [
- { }
], - "authentication": [
- { }
], - "assertionMethod": [
- { }
], - "keyAgreement": [
- { }
], - "capabilityInvocation": [
- { }
], - "capabilityDelegation": [
- { }
]
}
}
{- "jobId": "string",
- "didState": {
- "action": "string",
- "state": "string",
- "did": "string",
- "signingRequest": {
- "signingRequestAttrib": {
- "kid": "string",
- "alg": "string",
- "purpose": "string",
- "payload": {
- "identifier": "string",
- "operation": {
- "dest": "string",
- "raw": "string",
- "type": "string"
}, - "protocolVersion": 0,
- "reqId": 0
}, - "serializedPayload": "string"
}, - "signingRequestNym": {
- "kid": "string",
- "alg": "string",
- "purpose": "string",
- "payload": {
- "identifier": "string",
- "operation": {
- "dest": "string",
- "raw": "string",
- "type": "string"
}, - "protocolVersion": 0,
- "reqId": 0
}, - "serializedPayload": "string"
}
}, - "verificationMethodTemplate": [
- {
- "id": "string",
- "type": "string",
- "publicKeyJwk": {
- "kty": "string",
- "crv": "string"
}, - "purpose": [
- "string"
]
}
], - "secret": {
- "verificationMethod": [
- { }
]
}, - "didDocument": {
- "id": "string",
- "@context": { },
- "alsoKnownAs": [
- "string"
], - "controller": { },
- "verificationMethod": [
- { }
], - "service": [
- { }
], - "publicKey": [
- { }
], - "authentication": [
- { }
], - "assertionMethod": [
- { }
], - "keyAgreement": [
- { }
], - "capabilityInvocation": [
- { }
], - "capabilityDelegation": [
- { }
]
}
}, - "didRegistrationMetadata": {
- "duration": 0,
- "method": "string"
}, - "didDocumentMetadata": {
- "network": "string",
- "poolVersion": 0,
- "submitterDid": "string",
- "ledgerResult": {
- "op": "string",
- "result": {
- "txnMetadata": {
- "seqNo": 0,
- "txnTime": 0,
- "txnId": "string"
}, - "ver": "string",
- "auditPath": [
- "string"
], - "txn": {
- "metadata": {
- "from": "string",
- "payloadDigest": "string",
- "digest": "string",
- "reqId": 0
}, - "type": "string",
- "protocolVersion": 0,
- "data": {
- "dest": "string",
- "verkey": "string",
- "raw": "string"
}
}, - "rootHash": "string",
- "reqSignature": {
- "values": [
- {
- "from": "string",
- "value": "string"
}
], - "type": "string"
}
}
}
}
}
This endpoint resolves a DID. As input it takes the DID, plus DID resolution options. The output is a DID document in one of the supported representations, plus metadata. The same endpoint can also be used to dereference a DID URL. In this case, the output is a DID document, or part of a DID document, or some other resource identified by the DID URL.
See the DID Resolution specification for additional details.
identifier required | string Examples:
The DID to be resolved, or the DID URL to be dereferenced. |
accept | string The requested media type of the DID document representation or DID resolution result. See https://www.w3.org/TR/did-core/#representations and https://w3c-ccg.github.io/did-resolution/#did-resolution-result.
|
{- "@context": { },
- "didResolutionMetadata": {
- "pattern": "string",
- "driverUrl": "string",
- "duration": 0,
- "did": {
- "didString": "string",
- "methodSpecificId": "string",
- "method": "string"
}, - "contentType": "string",
- "error": "string",
- "didUrl": {
- "path": "string",
- "fragment": "string",
- "query": "string",
- "didUrlString": "string",
- "parameters": "string",
- "did": {
- "didString": "string",
- "methodSpecificId": "string",
- "method": "string"
}
}
}, - "didDocument": {
- "id": "string",
- "@context": { },
- "alsoKnownAs": [
- "string"
], - "controller": { },
- "verificationMethod": [
- { }
], - "service": [
- { }
], - "publicKey": [
- { }
], - "authentication": [
- { }
], - "assertionMethod": [
- { }
], - "keyAgreement": [
- { }
], - "capabilityInvocation": [
- { }
], - "capabilityDelegation": [
- { }
]
}, - "didDocumentMetadata": {
- "created": "string",
- "updated": "string",
- "deactivated": true,
- "versionId": "string",
- "nextUpdate": "string",
- "nextVersionId": "string",
- "equivalentId": "string",
- "canonicalId": "string"
}
}
Retrieves activities for the current user. The results are sorted in reverse chronological order (ie most recent first) and paginated, with both items per page and the page to display being parameterized (passed in query string).
next_page_after | string cursor to get the next page |
per_page | integer override the number of records per page - default 200 |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "next_page_after": "string",
- "activities": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "timestamp": "2019-08-24T14:15:22Z",
- "event_type": "string",
- "item_id": "4d8cd62e-a579-4dae-af8c-3172f96f8f7c",
- "item_label": "string",
- "slot_id": "d523579d-6c79-4c6c-b245-75caa273f86e",
- "slot_label": "bb26a346-ccda-4273-99b3-0f076c379d64",
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e",
- "connection_id": "d3547de1-d1f2-4344-b4c2-17169b7526f9",
- "invitation_id": "a6e6785a-3ea9-406c-b873-17eaf2ed5fc9",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "encrypted_user_name": "string",
- "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "attachment_label": "string"
}
], - "meta": {
- "order_by": "string",
- "order": "string",
- "order_from_params": true,
- "per_page": 0,
- "per_page_from_params": true,
- "current_cursor": "string",
- "records_count": 0,
- "page": 0,
- "page_count": 0
}
}
Retrieves events for the current user. The results are sorted in reverse chronological order (ie most recent first) and paginated, with both items per page and the page to display being parameterized (passed in query string).
next_page_after | string cursor to get the next page |
per_page | integer override the number of records per page - default 200 |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "next_page_after": "string",
- "events": [
- { }
], - "meta": {
- "order_by": "string",
- "order": "string",
- "order_from_params": true,
- "per_page": 0,
- "per_page_from_params": true,
- "current_cursor": "string",
- "records_count": 0,
- "page": 0,
- "page_count": 0
}
}
Create a signed upload URL for one of the supported file storages. This endpoint is the first step in creating a file.
Just like most ATOM endpoints, this endpoint requires a valid user (that is, an IDP JWT) and some security rights. The security rights are those which might require to attach files to entities like organisations, tenants, and so on. Any of the following security rights grants a permission to create an upload URL
atom:global:create_tenant
atom:global:create_org
atom:global:create_tenant_agent
atom:tenant:create_org
atom:tenant:create_agent
atom:org:create_agent
atom:tenant:create_tenant_agent
vc:tenant:manage
vc:org:manage
ATOM generates a random key under which a file will be registered, and creates a record in the database where the key is stored along with the filename and the content type. A client is then expected to use a signed URL present in response field upload_url
to upload a file to a cloud file storage. This URL is only valid for a short period of time specified in response field upload_url_expires_in_seconds
.
Uploading is done via HTTP method PUT
. The response of this endpoint contains a list of headers which much be included in
the PUT
request.
The following is an example curl command to upload a file:
curl --location --request PUT \
'https://meecodevstorage0.blob.core.windows.net/dev/66c35456-eb64-42fb-a31a-806530786fe2?se=2023-01-23T08%3A49%3A29Z&sig=mzuonk01F8L%2F0q7avsMvvenk2NwLFVXYsyWJeu5Jdgc%3D&sp=rw&sr=b&sv=2018-11-09' \
--header 'x-ms-blob-type: BlockBlob' \
--data-binary '@/home/john/file.jpg'
After the file is uploaded to Azure Blob Storage, the client is supposed to confirm this upload calling PUT /blobs/{key}
.
The response to POST /blobs
also contains a URL to retrieve the file, but that functionality is only available after the upload has been confirmed, otherwise it will result in 404 NotFound
.
All expired and not confirmed records created with this endpoint will be removed after a while.
storage_name required | string Name of the file storage. This parameter so optional, if no name is specified, the default file storage is used |
File name and content type
content_type | string content type of the file to be uploaded |
filename required | string name of the file to be uploaded |
{- "content_type": "image/jpeg",
- "filename": "logo.jpg"
}
{- "blob": {
- "content_type": "string",
- "filename": "string",
- "key": "string",
- "storage_backend_name": "string",
- "storage_backend_type": "string",
- "upload_headers": { },
- "upload_url_expires_in_seconds": 0,
- "uploaded": true
}
}
Redirect to a file in a cloud file storage.
This endpoint is public and it only requires the file key in the URL.
The Content Disposition
header in the response is hardcoded to be inline
for now, but it can be made a parameter to this endpoint in future if needed. The filename and the content type included in Content Disposition
are taken from the database record created in POST /blobs
."
id required | string Blob key |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Confirm a blob upload.
After a client retrieves an uploads URL via POST /blobs
and uploads a file to that URL, a client is expected to inform ATOM that the upload is successful. The file is not accessible unless the upload is confirmed.
This call may only be performed by the same user who retrieved the upload URL.
The response to the endpoint contains one more upload URL. A client can use it to upload a newer version of the file under the same key. No confirmation is required in this case.
See documentation for POST /blobs
for more information.
id required | string Blob key |
{- "blob": {
- "content_type": "string",
- "filename": "string",
- "key": "string",
- "storage_backend_name": "string",
- "storage_backend_type": "string",
- "upload_headers": { },
- "upload_url_expires_in_seconds": 0,
- "uploaded": true
}
}
View information about the file.
This call may only be performed by the same user who retrieved the upload URL and uploaded the file.
Along with a URL to read the file the response to the endpoint contains one more upload URL. A client can use it to upload a newer version of the file under the same key. No confirmation is required in this case.
See documentation for POST /blobs
for more information.
id required | string Blob key |
{- "blob": {
- "content_type": "string",
- "filename": "string",
- "key": "string",
- "storage_backend_name": "string",
- "storage_backend_type": "string",
- "upload_headers": { },
- "upload_url_expires_in_seconds": 0,
- "uploaded": true
}
}
View public information about the file.
See documentation for POST /blobs
for more information.
id required | string Blob key |
{- "blob": {
- "content_type": "string",
- "filename": "string",
- "key": "string",
- "storage_backend_name": "string",
- "storage_backend_type": "string",
- "uploaded": true
}
}
Redirect to the logo of a tenant.
This endpoint is public and it only requires the tenant ID in the URL.
tenant_id required | string <uuid> Tenant ID |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Read attachment folders of the user
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "next_page_after": "string",
- "attachments_folders": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "name": "9ffa9185-7453-4fb2-aa6a-3105a6ae83a8",
- "slots_count": 0,
- "token": "string",
- "storage": "string",
- "resource_name": "string",
- "resource_type": "string",
- "resource_urls": [
- "string"
]
}
], - "meta": {
- "order_by": "string",
- "order": "string",
- "order_from_params": true,
- "per_page": 0,
- "per_page_from_params": true,
- "current_cursor": "string",
- "records_count": 0,
- "page": 0,
- "page_count": 0
}
}
Creates an attachment folder, which represents a folder in a remote cloud file storage. An attachments folder can then be attached to a slot with type attachments_folder
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "attachments_folder": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "name": "9ffa9185-7453-4fb2-aa6a-3105a6ae83a8",
- "slots_count": 0,
- "token": "string",
- "storage": "string",
- "resource_name": "string",
- "resource_type": "string",
- "resource_urls": [
- "string"
]
}
}
Delete an attachment folder if it is not attached to any slot
id required | string Attachments Folder ID |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
Read an attachment folder
id required | string Attachments Folder ID |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "attachments_folder": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "name": "9ffa9185-7453-4fb2-aa6a-3105a6ae83a8",
- "slots_count": 0,
- "token": "string",
- "storage": "string",
- "resource_name": "string",
- "resource_type": "string",
- "resource_urls": [
- "string"
]
}
}
Generates a signed URL for an attachment on an external blob storage and redirects to it.
This endpoint is a single place for redirecting to external files of the following entities:
This endpoint is requires a session and verifies if the current user may access the attachment.
The URL in the redirect header is a signed URL valid for 5 minutes.
id required | string Blob ID |
d required | string A digest for the blob identified by the ID |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
Generates a signed URL for a image or a thumbnail on an external blob storage and redirects to it.
This endpoint is not secured with a session token.
This endpoint is a single place for redirecting to external files of the following entities:
A client application cannot programmatically build this HTTP request, because the logic of calculating the digest parameter is internal to the vault. Instead the vault generates URLs targeting this endpoint and adds them to JSON responses of the above objects.
The URL in the redirect header is a signed URL valid for 5 minutes.
id required | string Blob ID |
d required | string A digest for the blob identified by the ID |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
A ClientTask represents a task the client is supposed to perform.
Field work_type
represents a type of work, target_id
points to the input argument of the task and its semantics depends on work_type
.
Available work types are:
update_item_shares
- In an update_item_shares
task target_id
points to an item. update_item_shares
task is created when the item is updated. Clients are expected to re-encrypt encrypted values of the the shared items for all existing shares and update them.setup_key_delegation
- In an setup_key_delegation
task target_id
points to a delegation connection. setup_key_delegation
task is created when a delegation connection is created. Clients are expected to share the users key encryption key with the delegate user. This task must be manually marked as done
either via API or using convenience methods in the SDKreencrypt_account_owner_kek
- In an reencrypt_account_owner_kek
task target_id
points to a delegation connection. reencrypt_account_owner_kek
task is created when a setup_key_delegation
task is marked as complete after a key encryption key is sharedincoming_delegation_invitation
- In an incoming_delegation_invitation
task target_id
points to a delegation invitation. incoming_delegation_invitation
task is created when a new delegation invitation is createdEach ClientTask may have the following states:
todo
in_progress
done
failed
This endpoint serves client tasks ordered by created_at
in descending order. It is possible to request tasks with a different state by providing an array of states to the parameter state
.
All returned tasks with state todo
may optionally be transitioned to state in_progress
through by setting change_state=true
.
All tasks with state in_progress
are transitioned back to todo
after a timeout of 10 minutes unless the state is changed to done
or failed
.
next_page_after | string cursor to get the next page |
per_page | integer Default: 200 override the number of records per page - default 200 |
change_state | boolean transition tasks in the response to |
target_id | string search client tasks by |
state | Array of strings Items Enum: "todo" "in_progress" "done" "failed" States of tasks to return, provided as a comma separated list |
work_type | string Enum: "update_item_shares" "setup_key_delegation" Return only client tasks of a certain type. |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "next_page_after": "string",
- "client_tasks": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "state": "todo",
- "work_type": "update_item_shares",
- "target_id": "string",
- "additional_options": { },
- "last_state_transition_at": "2019-08-24T14:15:22Z",
- "report": { },
- "created_at": "2019-08-24T14:15:22Z"
}
], - "meta": {
- "order_by": "string",
- "order": "string",
- "order_from_params": true,
- "per_page": 0,
- "per_page_from_params": true,
- "current_cursor": "string",
- "records_count": 0,
- "page": 0,
- "page_count": 0
}
}
Change the state of client tasks. Normally used to set tasks to done
or failed
.
Along with the states the client can pass task execution reports. A report is a JSON object. A report can be useful for failed tasks.Responds with a non-paginated list of with the same tasks.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
required | Array of objects (PutSharesRequestShare) |
{- "client_tasks": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "state": "string",
- "report": { }
}
]
}
{- "client_tasks": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "state": "todo",
- "work_type": "update_item_shares",
- "target_id": "string",
- "additional_options": { },
- "last_state_transition_at": "2019-08-24T14:15:22Z",
- "report": { },
- "created_at": "2019-08-24T14:15:22Z"
}
]
}
Create attachment record after uploading file the and its encrypted artifacts
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
object (PostCreateAttachmentBlobRequest) |
{- "blob": {
- "blob_id": 0,
- "blob_key": "string",
- "encrypted_artifact_blob_id": 0,
- "encrypted_artifact_blob_key": "string"
}
}
{- "attachment": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "bytesize": "string",
- "bytesize_checked_at": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "main": {
- "filename": "string",
- "content_type": "string",
- "bytesize": 0,
- "url": "string"
}, - "encryption_artifact": {
- "filename": "string",
- "content_type": "string",
- "bytesize": 0,
- "url": "string"
}
}
}
Retrieve a signed URL which allows a file upload from a client directly to the cloud storage
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
object (PostAttachmentDirectUploadUrlBlobRequest) |
{- "blob": {
- "filename": "string",
- "content_type": "string",
- "byte_size": 0
}
}
{- "attachment_direct_upload_url": {
- "blob_id": 0,
- "blob_key": "string",
- "url": "string"
}
}
Delete attachment record by id
id required | string Attachment ID |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "errors": [
- {
- "error": "string",
- "http_code": 0,
- "message": "string",
- "requested_language": "string",
- "message_in_requested_language": true,
- "extra_info": { }
}
]
}
Retrieve a file attachment information and the two download URLs. One file attachment record contains 2 files:
The response contain 2 URLs to download these 2 files.
This endpoint may be used by
id required | string Attachment ID |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "attachment": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "bytesize": "string",
- "bytesize_checked_at": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "main": {
- "filename": "string",
- "content_type": "string",
- "bytesize": 0,
- "url": "string"
}, - "encryption_artifact": {
- "filename": "string",
- "content_type": "string",
- "bytesize": 0,
- "url": "string"
}
}
}
id required | string Image ID |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
Fetch public and current_user item templates
by_classification[scheme] | string |
by_classification[name] | string |
like | string search by item_template label term |
next_page_after | string cursor to get the next page |
per_page | integer override the number of records per page - default 200 |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "next_page_after": "string",
- "attachments": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "content_type": "string",
- "filename": "string",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "created_at": "2019-08-24T14:15:22Z",
- "has_error": true,
- "file_digest": "string",
- "is_direct_upload": true
}
], - "thumbnails": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "binary_id": "6c9bd5e9-dbd3-4b3b-a5d0-469b2f5404b8",
- "size_type": "string",
- "created_at": "2019-08-24T14:15:22Z",
}
], - "classification_nodes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "ordinal": 0,
- "background_color": "string",
- "scheme": "string",
- "classifications_count": 0
}
], - "slots": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e",
- "name": "string",
- "description": "string",
- "ordinal": 0,
- "visible": true,
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "attachments_folder_id": "15079412-d3ca-4b00-9221-77d7e2f014db",
- "item_id": "4d8cd62e-a579-4dae-af8c-3172f96f8f7c",
- "required": true,
- "updated_at": "2019-08-24T14:15:22Z",
- "created_at": "2019-08-24T14:15:22Z",
- "slot_type_name": "key_value",
- "creator": "string",
- "encrypted_value": "string",
- "encrypted_value_verification_key": "string",
- "value_verification_hash": "string",
- "label": "string",
- "original_id": "07763432-970b-469a-8331-502f7974f8e9",
- "owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05"
}
], - "item_templates": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "name": "string",
- "description": "string",
- "ordinal": 0,
- "visible": true,
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "updated_at": "2019-08-24T14:15:22Z",
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "slot_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "label": "string",
- "background_color": "string",
- "items_count": 0
}
], - "meta": {
- "order_by": "string",
- "order": "string",
- "order_from_params": true,
- "per_page": 0,
- "per_page_from_params": true,
- "current_cursor": "string",
- "records_count": 0,
- "page": 0,
- "page_count": 0
}
}
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
name | string |
label | string |
description | string |
image_id | string |
classification_scheme_name | string |
classification_node_name | string |
Array of objects (PostItemTemplateRequestSlotAttributes) |
{- "name": "string",
- "label": "string",
- "description": "string",
- "image_id": "string",
- "classification_scheme_name": "string",
- "classification_node_name": "string",
- "slots_attributes": [
- {
- "name": "string",
- "label": "string",
- "description": "string",
- "slot_type_name": "string"
}
]
}
{- "classification_nodes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "ordinal": 0,
- "background_color": "string",
- "scheme": "string",
- "classifications_count": 0
}
], - "slots": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e",
- "name": "string",
- "description": "string",
- "ordinal": 0,
- "visible": true,
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "attachments_folder_id": "15079412-d3ca-4b00-9221-77d7e2f014db",
- "item_id": "4d8cd62e-a579-4dae-af8c-3172f96f8f7c",
- "required": true,
- "updated_at": "2019-08-24T14:15:22Z",
- "created_at": "2019-08-24T14:15:22Z",
- "slot_type_name": "key_value",
- "creator": "string",
- "encrypted_value": "string",
- "encrypted_value_verification_key": "string",
- "value_verification_hash": "string",
- "label": "string",
- "original_id": "07763432-970b-469a-8331-502f7974f8e9",
- "owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05"
}
], - "item_template": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "name": "string",
- "description": "string",
- "ordinal": 0,
- "visible": true,
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "updated_at": "2019-08-24T14:15:22Z",
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "slot_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "label": "string",
- "background_color": "string",
- "items_count": 0
}, - "attachments": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "content_type": "string",
- "filename": "string",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "created_at": "2019-08-24T14:15:22Z",
- "has_error": true,
- "file_digest": "string",
- "is_direct_upload": true
}
], - "thumbnails": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "binary_id": "6c9bd5e9-dbd3-4b3b-a5d0-469b2f5404b8",
- "size_type": "string",
- "created_at": "2019-08-24T14:15:22Z",
}
]
}
Get an item template specified by id
.
id required | string ItemTemplate ID |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "classification_nodes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "ordinal": 0,
- "background_color": "string",
- "scheme": "string",
- "classifications_count": 0
}
], - "slots": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e",
- "name": "string",
- "description": "string",
- "ordinal": 0,
- "visible": true,
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "attachments_folder_id": "15079412-d3ca-4b00-9221-77d7e2f014db",
- "item_id": "4d8cd62e-a579-4dae-af8c-3172f96f8f7c",
- "required": true,
- "updated_at": "2019-08-24T14:15:22Z",
- "created_at": "2019-08-24T14:15:22Z",
- "slot_type_name": "key_value",
- "creator": "string",
- "encrypted_value": "string",
- "encrypted_value_verification_key": "string",
- "value_verification_hash": "string",
- "label": "string",
- "original_id": "07763432-970b-469a-8331-502f7974f8e9",
- "owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05"
}
], - "item_template": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "name": "string",
- "description": "string",
- "ordinal": 0,
- "visible": true,
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "updated_at": "2019-08-24T14:15:22Z",
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "slot_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "label": "string",
- "background_color": "string",
- "items_count": 0
}, - "attachments": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "content_type": "string",
- "filename": "string",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "created_at": "2019-08-24T14:15:22Z",
- "has_error": true,
- "file_digest": "string",
- "is_direct_upload": true
}
], - "thumbnails": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "binary_id": "6c9bd5e9-dbd3-4b3b-a5d0-469b2f5404b8",
- "size_type": "string",
- "created_at": "2019-08-24T14:15:22Z",
}
]
}
Fetch items that the current user has access to
template_ids | string a list of template IDs separated by commas |
name | string if present, only items with this name are fetched |
classification_scheme_name | string if present, only items classified according to the given classification scheme are fetched |
classification_node_name | string if present, only items classified with a classification node with the given name are fetched. Cannot be used together with classification_node_names filter. |
classification_node_names | string if present, only items classified with classification node with the given names are fetched.Supports a list of string values separated by commas. Cannot be used together with classification_node_name filter. |
shared_with | string The ID of a user. If present, only items will be fetched which have been shared with the given user. Works for items owned by the current user as well as for items owned by someone else and on-shared by the current user. |
owner_id | string The ID of a user. If present, only items will be fetched which belong to the given user. This parameters makes it possible see a subset of items shared with the current user which belong to a specific user. |
own | string Can be |
item_ids | string A list of comma separated item IDs to filter by. |
next_page_after | string cursor to get the next page |
per_page | integer override the number of records per page - default 200 |
order | string sort order, can be |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "next_page_after": "string",
- "attachments": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "content_type": "string",
- "filename": "string",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "created_at": "2019-08-24T14:15:22Z",
- "has_error": true,
- "file_digest": "string",
- "is_direct_upload": true
}
], - "thumbnails": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "binary_id": "6c9bd5e9-dbd3-4b3b-a5d0-469b2f5404b8",
- "size_type": "string",
- "created_at": "2019-08-24T14:15:22Z",
}
], - "classification_nodes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "ordinal": 0,
- "background_color": "string",
- "scheme": "string",
- "classifications_count": 0
}
], - "slots": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e",
- "name": "string",
- "description": "string",
- "ordinal": 0,
- "visible": true,
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "attachments_folder_id": "15079412-d3ca-4b00-9221-77d7e2f014db",
- "item_id": "4d8cd62e-a579-4dae-af8c-3172f96f8f7c",
- "required": true,
- "updated_at": "2019-08-24T14:15:22Z",
- "created_at": "2019-08-24T14:15:22Z",
- "slot_type_name": "key_value",
- "creator": "string",
- "encrypted_value": "string",
- "encrypted_value_verification_key": "string",
- "value_verification_hash": "string",
- "label": "string",
- "original_id": "07763432-970b-469a-8331-502f7974f8e9",
- "owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05"
}
], - "items": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "item_template_id": "7bfa4d09-a7f3-408b-9e00-8ab23f31e465",
- "ordinal": 0,
- "visible": true,
- "updated_at": "2019-08-24T14:15:22Z",
- "item_template_label": "string",
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "slot_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "original_id": "07763432-970b-469a-8331-502f7974f8e9",
- "owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e"
}
], - "meta": {
- "order_by": "string",
- "order": "string",
- "order_from_params": true,
- "per_page": 0,
- "per_page_from_params": true,
- "current_cursor": "string",
- "records_count": 0,
- "page": 0,
- "page_count": 0
}
}
Create an item populated with slots. There are 3 top-level parameters:
item
- input data to create an item and its slots.
template_name
. Each item is cloned from an item template. The name of the item template must be present in this field. In addition to data copied from the item template, template slots become item slots.
skip_empty_template_slots
. If true, then only those template slots will be created for which incoming parameters are present. Otherwise all template slots become item slots.
The parameters in item
are as follows:
label
is a human-readable name. label
is mandatoryname
is a machine reference. It can be skipped, in that case name
from the template will be useddescription
can be skipped, in that case description
from the template will be usedslots_attributes
. Parameters in slots_attributes
can be used either to create new slots or update slots cloned from the template slots. slots_attributes
can be empty, in this case the newly created item will only contain slots cloned from the templateclassification_nodes_attributes
There are 2 cases when slot parameters are used to update an already existing slot cloned from the template:
slot_type_id
inside parameters for a slot matches slot_type_id
of a cloned slot, the parameters will be used to update the matched slot.name
inside parameters for a slot matches name
of a cloned slot, the parameters will be used to update the matched slot.In all other cases slot parameters will be used to create a new slot.
In this endpoint it is possible to link the item and its slots to classification nodes, and to create classification nodes in user-owned classification schemes if they do not exist yet.
There are 2 types of classification schemes:
There are 5 parameters for classification of slots and items in POST /items
:
id
name
scheme
scheme_name
label
Both a classification scheme and a classification node can be referred to by their name or their ID. If id
is used, scheme_id
and scheme
may be omitted.
Example payload classifications:
classification_nodes_attributes: [
{id: "c1b1d2b3-a887-4cc2-86e8-285268df598a"},
{scheme: "region", id: "315e4e30-93f0-4232-b977-b51f90b18288"},
{scheme: "region", name: "france"},
{scheme: "tag", name: "Holiday Locations"},
{scheme_id: "34c8c951-aa25-4d9a-9a9a-dbb5f43b821b", name: "netherlands"},
{scheme_id: "34c8c951-aa25-4d9a-9a9a-dbb5f43b821b", id: "16557bff-21fe-4bb1-8b0a-0a7847dfc7d6"},
{scheme: "tag", name: "my-own-cool-tag"}
]
If node france
is missing in scheme region, the service will return an error, because scheme region
is a global scheme. (owned_by_user=false)
. If node my-own-cool-tag
is missing in scheme tag
, it will be created, because scheme tag
is a user owned scheme.
Here is an example of a minimalistic POST request to this endpoint:
{
"template_name": "template-name",
"item": {
"label": "new-item-label"
}
}
With one slot:
{
"template_name": "template-name",
"item": {
"label": "new-item-label",
"slots_attributes": [
"label": "a label",
"encrypted_value": "user-encrypted-value"
]
}
}
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
required | object (PostItemsRequestItem) |
skip_empty_template_slots | boolean by default all template slots are copied to the item. If |
template_name required | string |
{- "item": {
- "label": "string",
- "name": "string",
- "description": "string",
- "classification_nodes_attributes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "node_id": "6e0bdcac-9717-4a6f-972e-97489dffeb0c",
- "name": "string",
- "label": "string",
- "node_name": "string",
- "scheme_id": "1138cdd3-9f6d-45a5-ae92-04d708b61778",
- "scheme": "string",
- "scheme_name": "string"
}
], - "slots_attributes": [
- {
- "name": "string",
- "description": "string",
- "ordinal": 0,
- "visible": true,
- "template_slot_id": "c93de19a-1981-4e85-9b60-b4926d6afcab",
- "attachments_folder_id": "15079412-d3ca-4b00-9221-77d7e2f014db",
- "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "slot_type_name": "string",
- "encrypted_value": "string",
- "label": "string",
- "classification_nodes_attributes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "node_id": "6e0bdcac-9717-4a6f-972e-97489dffeb0c",
- "name": "string",
- "label": "string",
- "node_name": "string",
- "scheme_id": "1138cdd3-9f6d-45a5-ae92-04d708b61778",
- "scheme": "string",
- "scheme_name": "string"
}
]
}
]
}, - "skip_empty_template_slots": true,
- "template_name": "string"
}
{- "attachments": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "content_type": "string",
- "filename": "string",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "created_at": "2019-08-24T14:15:22Z",
- "has_error": true,
- "file_digest": "string",
- "is_direct_upload": true
}
], - "classification_nodes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "ordinal": 0,
- "background_color": "string",
- "scheme": "string",
- "classifications_count": 0
}
], - "item": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "item_template_id": "7bfa4d09-a7f3-408b-9e00-8ab23f31e465",
- "ordinal": 0,
- "visible": true,
- "updated_at": "2019-08-24T14:15:22Z",
- "item_template_label": "string",
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "slot_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "original_id": "07763432-970b-469a-8331-502f7974f8e9",
- "owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e"
}, - "slots": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e",
- "name": "string",
- "description": "string",
- "ordinal": 0,
- "visible": true,
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "attachments_folder_id": "15079412-d3ca-4b00-9221-77d7e2f014db",
- "item_id": "4d8cd62e-a579-4dae-af8c-3172f96f8f7c",
- "required": true,
- "updated_at": "2019-08-24T14:15:22Z",
- "created_at": "2019-08-24T14:15:22Z",
- "slot_type_name": "key_value",
- "creator": "string",
- "encrypted_value": "string",
- "encrypted_value_verification_key": "string",
- "value_verification_hash": "string",
- "label": "string",
- "original_id": "07763432-970b-469a-8331-502f7974f8e9",
- "owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05"
}
], - "thumbnails": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "binary_id": "6c9bd5e9-dbd3-4b3b-a5d0-469b2f5404b8",
- "size_type": "string",
- "created_at": "2019-08-24T14:15:22Z",
}
]
}
Delete an item.
If the item is an item shared with the current user, the corresponding share is deleted together with the item.
item_id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "errors": [
- {
- "error": "string",
- "http_code": 0,
- "message": "string",
- "requested_language": "string",
- "message_in_requested_language": true,
- "extra_info": { }
}
]
}
Retrieve a specific Item by item_id
.
item_id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "attachments": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "content_type": "string",
- "filename": "string",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "created_at": "2019-08-24T14:15:22Z",
- "has_error": true,
- "file_digest": "string",
- "is_direct_upload": true
}
], - "classification_nodes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "ordinal": 0,
- "background_color": "string",
- "scheme": "string",
- "classifications_count": 0
}
], - "item": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "item_template_id": "7bfa4d09-a7f3-408b-9e00-8ab23f31e465",
- "ordinal": 0,
- "visible": true,
- "updated_at": "2019-08-24T14:15:22Z",
- "item_template_label": "string",
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "slot_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "original_id": "07763432-970b-469a-8331-502f7974f8e9",
- "owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e"
}, - "slots": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e",
- "name": "string",
- "description": "string",
- "ordinal": 0,
- "visible": true,
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "attachments_folder_id": "15079412-d3ca-4b00-9221-77d7e2f014db",
- "item_id": "4d8cd62e-a579-4dae-af8c-3172f96f8f7c",
- "required": true,
- "updated_at": "2019-08-24T14:15:22Z",
- "created_at": "2019-08-24T14:15:22Z",
- "slot_type_name": "key_value",
- "creator": "string",
- "encrypted_value": "string",
- "encrypted_value_verification_key": "string",
- "value_verification_hash": "string",
- "label": "string",
- "original_id": "07763432-970b-469a-8331-502f7974f8e9",
- "owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05"
}
], - "thumbnails": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "binary_id": "6c9bd5e9-dbd3-4b3b-a5d0-469b2f5404b8",
- "size_type": "string",
- "created_at": "2019-08-24T14:15:22Z",
}
]
}
Update an item specified by item_id
with fields provided in the JSON body.
In this endpoint it is possible to link the item and its slots to classification nodes, unlink the item and its slots from classification nodes, and to create classification nodes in user-owned classification schemes if they do not exist yet.
There are 2 types of classification schemes:
There are 5 parameters for classification of slots and items in POST /items
:
node_id
node_name
scheme_id
scheme_name
_destroy
Both a classification scheme and a classification node can be referred to by their name or their ID. If id
is used, scheme_id
and scheme
may be omitted.
Flag _destroy
is used to unlink a classification node from a slot or the item.
Example payload classifications:
classification_nodes_attributes: [
{id: "c1b1d2b3-a887-4cc2-86e8-285268df598a"},
{scheme: "region", id: "315e4e30-93f0-4232-b977-b51f90b18288"},
{scheme: "region", name: "france", "_destroy": true},
{scheme_id: "34c8c951-aa25-4d9a-9a9a-dbb5f43b821b", name: "netherlands"},
{scheme_id: "34c8c951-aa25-4d9a-9a9a-dbb5f43b821b", id: "16557bff-21fe-4bb1-8b0a-0a7847dfc7d6"},
{scheme: "tag", name: "my-own-cool-tag"}
]
If node france
is missing in scheme region, the service will return an error, because scheme region
is a global scheme. (owned_by_user=false)
. If node my-own-cool-tag
is missing in scheme tag
, it will be created, because scheme tag
is a user owned scheme.
item_id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
object (PutItemsRequestItem) |
{- "item": {
- "classification_nodes_attributes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "node_id": "6e0bdcac-9717-4a6f-972e-97489dffeb0c",
- "label": "string",
- "name": "string",
- "node_name": "string",
- "scheme_id": "1138cdd3-9f6d-45a5-ae92-04d708b61778",
- "scheme": "string",
- "scheme_name": "string",
- "_destroy": true
}
], - "label": "string",
- "slots_attributes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "name": "string",
- "description": "string",
- "ordinal": 0,
- "visible": true,
- "image_id": "84c230fd-5520-4984-8119-37365b66fd80",
- "template_slot_id": "c93de19a-1981-4e85-9b60-b4926d6afcab",
- "attachments_folder_id": "15079412-d3ca-4b00-9221-77d7e2f014db",
- "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "slot_type_id": "56ff7765-3fb3-41db-9e3c-65998560bb92",
- "slot_type_name": "string",
- "value": "string",
- "encrypted_value": "string",
- "label": "string",
- "_destroy": true,
- "classification_nodes_attributes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "node_id": "6e0bdcac-9717-4a6f-972e-97489dffeb0c",
- "label": "string",
- "name": "string",
- "node_name": "string",
- "scheme_id": "1138cdd3-9f6d-45a5-ae92-04d708b61778",
- "scheme": "string",
- "scheme_name": "string",
- "_destroy": true
}
]
}
]
}
}
{- "attachments": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "content_type": "string",
- "filename": "string",
- "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
- "created_at": "2019-08-24T14:15:22Z",
- "has_error": true,
- "file_digest": "string",
- "is_direct_upload": true
}
], - "classification_nodes": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "ordinal": 0,
- "background_color": "string",
- "scheme": "string",
- "classifications_count": 0
}
], - "item": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "name": "string",
- "label": "string",
- "description": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "item_template_id": "7bfa4d09-a7f3-408b-9e00-8ab23f31e465",
- "ordinal": 0,
- "visible": true,
- "updated_at": "2019-08-24T14:15:22Z",
- "item_template_label": "string",
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "slot_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "original_id": "07763432-970b-469a-8331-502f7974f8e9",
- "owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e"
}, - "slots": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "own": true,
- "share_id": "853fa54b-9753-4ffb-b7d0-6739f9ae0f8e",
- "name": "string",
- "description": "string",
- "ordinal": 0,
- "visible": true,
- "classification_node_ids": [
- "497f6eca-6276-4993-bfeb-53cbbbba6f08"
], - "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "attachments_folder_id": "15079412-d3ca-4b00-9221-77d7e2f014db",
- "item_id": "4d8cd62e-a579-4dae-af8c-3172f96f8f7c",
- "required": true,
- "updated_at": "2019-08-24T14:15:22Z",
- "created_at": "2019-08-24T14:15:22Z",
- "slot_type_name": "key_value",
- "creator": "string",
- "encrypted_value": "string",
- "encrypted_value_verification_key": "string",
- "value_verification_hash": "string",
- "label": "string",
- "original_id": "07763432-970b-469a-8331-502f7974f8e9",
- "owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05"
}
], - "thumbnails": [
- {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "attachment_id": "4c76e620-6daa-46e6-9da1-9ac96abab601",
- "binary_id": "6c9bd5e9-dbd3-4b3b-a5d0-469b2f5404b8",
- "size_type": "string",
- "created_at": "2019-08-24T14:15:22Z",
}
]
}
Read an attachment folder linked to a slot
id required | string Slot ID |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "attachments_folder": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "name": "9ffa9185-7453-4fb2-aa6a-3105a6ae83a8",
- "slots_count": 0,
- "token": "string",
- "storage": "string",
- "resource_name": "string",
- "resource_type": "string",
- "resource_urls": [
- "string"
]
}
}
Stores a data encryption key encrypted with the key encryption key (KEK) of the user. The expected format is the serialization format of the Cryppo library.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
serialized_data_encryption_key required | string |
{- "serialized_data_encryption_key": "string"
}
{- "data_encryption_key": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "serialized_data_encryption_key": "string"
}
}
Deletes a data encryption key identified by its ID.
id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "errors": [
- {
- "error": "string",
- "http_code": 0,
- "message": "string",
- "requested_language": "string",
- "message_in_requested_language": true,
- "extra_info": { }
}
]
}
Retrieves a data encryption key by its ID.The data encryption key is encrypted with the key encryption key (KEK) of the user. The format is the serialization format of the Cryppo library.
id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "data_encryption_key": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "serialized_data_encryption_key": "string"
}
}
Returns a key encryption key (KEK) encrypted with the passphrase derived key of the user. The format is the serialization format of the Cryppo library.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "key_encryption_key": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "serialized_key_encryption_key": "string"
}
}
Stores a key encryption key (KEK) encrypted with the passphrase derived key of the user. The expected format is the serialization format of the Cryppo library.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
serialized_key_encryption_key required | string |
{- "serialized_key_encryption_key": "string"
}
{- "key_encryption_key": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "serialized_key_encryption_key": "string"
}
}
Stores a keypair. The keypair encrypted with the key encryption key (KEK) of the user (field encrypted_serialized_key
). The format is the serialization format of the Cryppo library. Also stores the public key unencrypted as a PEM or any other format. Each keypair can be tagged by a list of tags which make is possible for the client to differentiate between various keypairs.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
encrypted_serialized_key | string Serialized encrypted key |
public_key | string |
metadata | object |
external_identifiers | Array of strings |
{- "encrypted_serialized_key": "string",
- "public_key": "string",
- "metadata": { },
- "external_identifiers": [
- "string"
]
}
{- "keypair": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "public_key": "string",
- "encrypted_serialized_key": "string",
- "metadata": { },
- "external_identifiers": [
- "string"
]
}
}
Retrieves a KeyPair specified by external_id
(eg the id
for a Connection, if the KeyPair was created for that purpose).
external_id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "keypair": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "public_key": "string",
- "encrypted_serialized_key": "string",
- "metadata": { },
- "external_identifiers": [
- "string"
]
}
}
Deletes a keypair identified by its ID.
id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "errors": [
- {
- "error": "string",
- "http_code": 0,
- "message": "string",
- "requested_language": "string",
- "message_in_requested_language": true,
- "extra_info": { }
}
]
}
Retrieves a keypair identified by its ID. The keypair encrypted with the key encryption key (KEK) of the user (field encrypted_serialized_key
). The format is the serialization format of the Cryppo library. The public key is also served unencrypted as a PEM or any other serialization format
id required | string |
external_id | string if a keypair is not found by ID and this optional parameter is present, the keystore will attempt to find a keystore by |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "keypair": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "public_key": "string",
- "encrypted_serialized_key": "string",
- "metadata": { },
- "external_identifiers": [
- "string"
]
}
}
Updates fields for KeyPair specified by id with new values if provided in params.
id required | string |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
external_identifiers | Array of strings |
metadata | object |
{- "external_identifiers": [
- "string"
], - "metadata": { }
}
{- "keypair": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "public_key": "string",
- "encrypted_serialized_key": "string",
- "metadata": { },
- "external_identifiers": [
- "string"
]
}
}
Returnes passphrase derivation artefacts which were used for generation of the passphrase derived key.The format is as a JSON string encoded as Base64 (urlsafe).
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "passphrase_derivation_artefact": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "derivation_artefacts": "string",
- "verification_artefacts": "string"
}
}
Passphrase derivation artefacts used for generation of the passphrase derived key are expected to be sent as a JSON string encoded as Base64 (urlsafe) a field of the payload to this endpoint.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
derivation_artefacts required | string |
verification_artefacts required | string |
{- "derivation_artefacts": "string",
- "verification_artefacts": "string"
}
{- "passphrase_derivation_artefact": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "derivation_artefacts": "string",
- "verification_artefacts": "string"
}
}
Obtain the report on the size of attachments created by the current user, and the size of attachments linked to slots owned by the user as well as slots shared with the user.
The unit is bytes.
One and the same attachment or a folder can be linked to multiple slots. One such case is share duplicate slots. With this report it is possible to count only unique attachments and folders, as well as count references to the same attachment/folder as if they were separate files. See model UserAttachmentsReport
for details.
The report takes into account the following:
The report currently does not take into account the following:
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "attachment_metrics": {
- "data_size_of_uploaded_attachments_and_folders": 0,
- "data_size_of_own_slots": 0,
- "data_size_of_duplicate_slots": 0,
- "data_size_of_own_and_duplicate_slots": 0
}
}
Obtain connection report for the currently authenticated user.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "connection_metrics": {
- "all_connections": 0,
- "member_connections": 0,
- "service_connections": 0,
- "connections_granting_delegation_access_to_your_account": {
- "count": 0,
- "by_roles": {
- "admin": 0,
- "owner": 0,
- "reader": 0
}
}, - "connections_with_delegation_access_to_other_users": {
- "count": 0,
- "by_roles": {
- "admin": 0,
- "owner": 0,
- "reader": 0
}
}
}
}
Obtain a report on currently authenticated user's items and slots
template_ids | string a list of template IDs separated by commas |
classification_scheme_name | string if present, only items classified according to the given classification scheme are counted |
classification_node_name | string if present, only items classified with a classification node with the given name are counted. Cannot be used together with classification_node_names filter. |
classification_node_names | string if present, only items classified with classification node with the given names are counted.Supports a list of string values separated by commas. Cannot be used together with classification_node_name filter. |
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "item_metrics": {
- "items": {
- "all": 0,
- "own": 0,
- "duplicate": 0
}, - "slots": {
- "all": 0,
- "own": 0,
- "duplicate": 0
}
}
}
List all users with global security rights.
It is also possible to request a list of archived global admins, that is, users who used to have global security rights, but do not have them now.
In order to execute this action the current user must have "security right atom:global:assign_global_sr_to_user
.
string search admins by their email address | |
status | string Enum: "active" "archived" admin status: |
per_page | integer number of admins per page |
order | string Enum: "asc" "desc" order admins by name in ascending or descending order |
page | integer Number of the page to serve. This parameter activates classic page-based pagination
and cannot be used with parameter |
next_page_after | string When cursor based pagination is used, each paginated response has value |
{- "admins": [
- {
- "archived": false,
- "email": "peter@peterson.com",
- "family_name": "Peterson",
- "given_name": "Peter",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2"
}
], - "meta": { },
- "next_page_after": "string"
}
Remove a user from global admins, that is, remove all global security rights from a user.
In order to execute this action the current user must have security right atom:global:assign_global_sr_to_user
.
id required | string <uuid> ID of the admin |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Show a user with global security rights
In order to execute this action the current user must have "security right atom:global:assign_global_sr_to_user
.
id required | string <uuid> ID of the admin |
{- "admin": {
- "archived": false,
- "email": "peter@peterson.com",
- "family_name": "Peterson",
- "given_name": "Peter",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2"
}
}
Remove a user from global admins, and put the admin into the registry of former global admins.
In order to execute this action the current user must have security right atom:global:assign_global_sr_to_user
.
id required | string <uuid> ID of the admin |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Reinstate an archived user and make him/her a global admin again.
In order to execute this action the current user must have security right atom:global:assign_global_sr_to_user
.
id required | string <uuid> ID of the admin |
{- "admin": {
- "archived": false,
- "email": "peter@peterson.com",
- "family_name": "Peterson",
- "given_name": "Peter",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2"
}
}
Assign global security rights to a user.
The user we are assigning security rights to does not need to be known by ATOM.
In order to execute this action the current user must have security right atom:global:assign_global_sr_to_user
.
id required | string <uuid> ID of a user to whom security rights are assigned |
list of security rights
security_rights required | Array of strings list of security rights |
{- "security_rights": [
- "atom:org:assign_org_sr_to_user"
]
}
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Remove global security rights from a user.
In order to execute this action the current user must have security right atom:global:assign_global_sr_to_user
.
id required | string <uuid> ID of a user from whom security rights are removed |
security_rights required | string List of comma-separated security rights to remove |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Show all security rights of the current user for all active tenants and organizations
{- "orgs": [
- {
- "id": "3bd00941-6e5b-4852-aefd-3c55f5660592",
- "name": "organisation name"
}
], - "security_rights": [
- {
- "scope": {
- "org_id": "a483a0f8-144d-4657-8d08-071653d25b7f",
- "tenant_id": "0361dd6e-db21-4cb2-910a-5cf4d30d0dd2"
}, - "security_rights": [
- "atom:org:assign_org_sr_to_user"
]
}
], - "tenants": [
- {
- "id": "bf15d4be-8e8d-48a8-af49-df615844fa4d",
- "name": "a tenant name"
}
]
}
Show all security rights known to ATOM
with_inactive | boolean By default only active security rights are fetched.
|
{- "security_rights": [
- {
- "security_right": "atom:global:assign_sr_to_tenant",
- "spec": {
- "active": true,
- "description": "Assign a security right to a tenant",
- "for_org": false,
- "for_tenant": false,
- "internal_atom_security_right": true
}
}
]
}
List all tenants.
In order to execute this action the current user must have security right atom:global:view_all_tenants
.
status | string Enum: "active" "archived" "all" tenant status: |
per_page | integer number of tenants per page |
order | string Enum: "asc" "desc" order tenants by name in ascending or descending order |
page | integer Number of the page to serve. This parameter activates classic page-based pagination
and cannot be used with parameter |
next_page_after | string When cursor based pagination is used, each paginated response has value |
filter_by | string Search tenants whose names contains the given string. |
{- "meta": { },
- "next_page_after": "string",
- "tenants": [
- {
- "archived": true,
- "authorised_officer_email": "string",
- "authorised_officer_first_name": "string",
- "authorised_officer_last_name": "string",
- "business_address": "string",
- "color": "string",
- "company_number": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "legal_name": "string",
- "lei_number": "string",
- "name": "string",
- "security_rights": [
- "atom:org:assign_org_sr_to_user"
], - "status_in_tenant": "string",
- "trading_name": "string"
}
]
}
Create a tenant.
In order to execute this action the current user must have security right atom:global:create_tenant
.
Tenant attributes
authorised_officer_email | string or null [ 0 .. 72 ] characters Authorised officer email |
authorised_officer_first_name | string or null [ 0 .. 72 ] characters Authorised officer first name |
authorised_officer_last_name | string or null [ 0 .. 72 ] characters Authorised officer last name |
business_address | string or null [ 0 .. 72 ] characters Business address |
color | string or null [ 0 .. 20 ] characters The color associated with the tenant. Used for the UI. |
company_number | string or null [ 0 .. 72 ] characters Company number |
id | string <uuid> ID of the tenant. This parameter is optional. If missing, ATOM will choose a random UUID |
legal_name | string or null [ 0 .. 72 ] characters Legal number |
lei_number | string or null [ 0 .. 72 ] characters Legal entity identification number |
logo_url | string or null <uri> URL to a logo image |
name required | string Name of the tenant |
status_in_tenant | string or null [ 0 .. 72 ] characters Status: signed legal agreement received or proof of concept |
trading_name | string or null [ 0 .. 72 ] characters Trading number |
{- "authorised_officer_email": "string",
- "authorised_officer_first_name": "string",
- "authorised_officer_last_name": "string",
- "business_address": "string",
- "color": "string",
- "company_number": "string",
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "legal_name": "string",
- "lei_number": "string",
- "name": "string",
- "status_in_tenant": "string",
- "trading_name": "string"
}
{- "tenant": {
- "archived": true,
- "authorised_officer_email": "string",
- "authorised_officer_first_name": "string",
- "authorised_officer_last_name": "string",
- "business_address": "string",
- "color": "string",
- "company_number": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "legal_name": "string",
- "lei_number": "string",
- "name": "string",
- "security_rights": [
- "atom:org:assign_org_sr_to_user"
], - "status_in_tenant": "string",
- "trading_name": "string"
}
}
Delete a tenant.
In order to execute this action the current user must have security right atom:global:create_tenant
.
tenant_id required | string <uuid> ID of the tenant |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Show a tenant.
In order to execute this action the current user must have either global security right atom:global:view_all_tenants
or tenant security right atom:tenant:view_tenant
.
tenant_id required | string <uuid> ID of the tenant |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Update a tenant.
In order to execute this action the current user must have security right atom:global:create_tenant
.
It is possible to modify 3 fields:
name
logo_url
color
tenant_id required | string <uuid> ID of the tenant |
Tenant attributes
authorised_officer_email | string or null [ 0 .. 72 ] characters Authorised officer email |
authorised_officer_first_name | string or null [ 0 .. 72 ] characters Authorised officer first name |
authorised_officer_last_name | string or null [ 0 .. 72 ] characters Authorised officer last name |
business_address | string or null [ 0 .. 72 ] characters Business address |
color | string or null [ 0 .. 20 ] characters The color associated with the tenant. Used for the UI. |
company_number | string or null [ 0 .. 72 ] characters Company number |
id | string <uuid> ID of the tenant. This parameter is optional. If missing, ATOM will choose a random UUID |
legal_name | string or null [ 0 .. 72 ] characters Legal number |
lei_number | string or null [ 0 .. 72 ] characters Legal entity identification number |
logo_url | string or null <uri> URL to a logo image |
name required | string Name of the tenant |
status_in_tenant | string or null [ 0 .. 72 ] characters Status: signed legal agreement received or proof of concept |
trading_name | string or null [ 0 .. 72 ] characters Trading number |
{- "authorised_officer_email": "string",
- "authorised_officer_first_name": "string",
- "authorised_officer_last_name": "string",
- "business_address": "string",
- "color": "string",
- "company_number": "string",
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "legal_name": "string",
- "lei_number": "string",
- "name": "string",
- "status_in_tenant": "string",
- "trading_name": "string"
}
{- "tenant": {
- "archived": true,
- "authorised_officer_email": "string",
- "authorised_officer_first_name": "string",
- "authorised_officer_last_name": "string",
- "business_address": "string",
- "color": "string",
- "company_number": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "legal_name": "string",
- "lei_number": "string",
- "name": "string",
- "security_rights": [
- "atom:org:assign_org_sr_to_user"
], - "status_in_tenant": "string",
- "trading_name": "string"
}
}
List admins of a tenant.
In order to execute this action the current user must have
In order to execute this action the current user must have security right atom:tenant:list_tenant_admins
for the tenant with the ID in parameter tenant_id
tenant_id required | string <uuid> ID of the tenant |
status | string Enum: "active" "archived" admin status: |
string search admins by their email address. Currenty works only with status=archived | |
per_page | integer number of admins per page |
order | string Enum: "asc" "desc" order admins by given name in ascending or descending order |
page | integer Number of the page to serve. This parameter activates classic page-based pagination
and cannot be used with parameter |
next_page_after | string When cursor based pagination is used, each paginated response has value |
{- "admins": [
- {
- "archived": false,
- "email": "peter@peterson.com",
- "family_name": "Peterson",
- "given_name": "Peter",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2"
}
], - "meta": { },
- "next_page_after": "string"
}
Remove tenant admin privileges from a tenant admin.
In order to execute this action the current user must have one of the following security rights:
atom:global:assign_tenant_sr_to_tenant_admin
atom:tenant:assign_tenant_sr_to_tenant_admin
tenant_id required | string <uuid> ID of the tenant |
tenant_admin_id required | string <uuid> ID of the admin |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Show an admin of a given tenant
In order to execute this action the current user must have security right atom:tenant:list_tenant_admins
for the tenant with the ID in parameter tenant_id
tenant_id required | string <uuid> ID of the tenant |
tenant_admin_id required | string <uuid> ID of the admin |
{- "admin": {
- "archived": false,
- "email": "peter@peterson.com",
- "family_name": "Peterson",
- "given_name": "Peter",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2"
}
}
Remove a user from admins of the given tenant, and put the admin into the registry of former admins of that tenant.
In order to execute this action the current user must have one of the following security rights:
atom:global:assign_tenant_sr_to_tenant_admin
atom:tenant:assign_tenant_sr_to_tenant_admin
tenant_id required | string <uuid> ID of the tenant |
tenant_admin_id required | string <uuid> ID of the admin |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Reinstate an archived user and make him/her a tenant admin again.
In order to execute this action the current user must have one of the following security rights:
atom:tenant:assign_tenant_sr_to_tenant_admin
atom:global:assign_tenant_sr_to_tenant_admin
tenant_id required | string <uuid> ID of the tenant |
tenant_admin_id required | string <uuid> ID of the admin |
{- "admin": {
- "archived": false,
- "email": "peter@peterson.com",
- "family_name": "Peterson",
- "given_name": "Peter",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2"
}
}
Assign tenant security rights to a user.
The user we are assigning security rights to does not need to be known by ATOM.
In order to execute this action the current user must have security right atom:tenant:assign_tenant_sr_to_tenant_admin
for the tenant with the ID in parameter tenant_id
.
tenant_id required | string <uuid> ID of the tenant |
tenant_admin_id required | string <uuid> ID of a tenant admin |
list of security rights
security_rights required | Array of strings list of security rights |
{- "security_rights": [
- "atom:org:assign_org_sr_to_user"
]
}
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Archive a tenant.
In order to execute this action the current user must have security right atom:global:create_tenant
.
tenant_id required | string <uuid> ID of the tenant |
{- "tenant": {
- "archived": true,
- "authorised_officer_email": "string",
- "authorised_officer_first_name": "string",
- "authorised_officer_last_name": "string",
- "business_address": "string",
- "color": "string",
- "company_number": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "legal_name": "string",
- "lei_number": "string",
- "name": "string",
- "security_rights": [
- "atom:org:assign_org_sr_to_user"
], - "status_in_tenant": "string",
- "trading_name": "string"
}
}
Restore a tenant.
In order to execute this action the current user must have security right atom:global:create_tenant
.
tenant_id required | string <uuid> ID of the tenant |
{- "tenant": {
- "archived": true,
- "authorised_officer_email": "string",
- "authorised_officer_first_name": "string",
- "authorised_officer_last_name": "string",
- "business_address": "string",
- "color": "string",
- "company_number": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "legal_name": "string",
- "lei_number": "string",
- "name": "string",
- "security_rights": [
- "atom:org:assign_org_sr_to_user"
], - "status_in_tenant": "string",
- "trading_name": "string"
}
}
Add security rights to a tenant.
In order to execute this action the current user must have security right atom:global:assign_sr_to_tenant
.
tenant_id required | string <uuid> ID of the tenant |
list of security rights
security_rights required | Array of strings list of security rights |
{- "security_rights": [
- "atom:org:assign_org_sr_to_user"
]
}
{- "tenant": {
- "archived": true,
- "authorised_officer_email": "string",
- "authorised_officer_first_name": "string",
- "authorised_officer_last_name": "string",
- "business_address": "string",
- "color": "string",
- "company_number": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "legal_name": "string",
- "lei_number": "string",
- "name": "string",
- "security_rights": [
- "atom:org:assign_org_sr_to_user"
], - "status_in_tenant": "string",
- "trading_name": "string"
}
}
Remove security rights from a tenant.
In order to execute this action the current user must have security right atom:global:assign_sr_to_tenant
.
tenant_id required | string <uuid> ID of the tenant |
security_rights required | string Comma-separated security rights to remove |
{- "error": "unauthorized",
- "extra_info": {
- "reason": "invalid_jwt"
}, - "http_code": 401,
- "message": null
}
Deletes currently logged in from the tenancy. After running this action end user will not be able to authenticate against the tenancy anymore.
Admin can send a new invitation to the user and data will be restored.
{- "errors": [
- {
- "error": "error_type",
- "message": "Error message",
- "http_code": 500,
- "extra_info": { },
- "requested_language": "en",
- "message_in_requested_language": true
}
]
}
Fetch information about currently logged in end user. Response includes information about all the tenants end user is a member of.
{- "id": "16611f81-5e93-4156-a913-43c45192da27",
- "did": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
- "created_at": "2019-08-24T14:15:22Z",
- "tenant_in_jwt": {
- "end_user_id": "29a68285-26bf-4329-ad51-4071888725fa",
- "tenant_id": "9726f422-1ac3-45b4-8b7d-bd26bee87805",
- "joined_at": "2019-08-24T14:15:22Z",
- "tenant_name": "string",
- "logo_url": "string",
- "color": "string",
- "archived": true
}, - "joined_tenants": [
- {
- "end_user_id": "29a68285-26bf-4329-ad51-4071888725fa",
- "tenant_id": "9726f422-1ac3-45b4-8b7d-bd26bee87805",
- "joined_at": "2019-08-24T14:15:22Z",
- "tenant_name": "string",
- "logo_url": "string",
- "color": "string",
- "archived": true
}
]
}
List all end users that belong to a selected tenant.
status | string Enum: "active" "deleted" "all" Example: status=active End user status filter |
search | string Example: search=did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK End user search by DID filter |
per_page | any Example: per_page=10 Number of records per page |
page | any Example: page=1 Page number (starting from 1) |
{- "end_users": [
- {
- "id": "9726f422-1ac3-45b4-8b7d-bd26bee87805",
- "did": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
- "tenant_id": "fe349378-e69f-444e-930b-d9a0627e355f",
- "created_at": "2024-08-16T07:45:07.049Z",
- "will_be_deleted_at": null
}
], - "meta": {
- "order_by": "name",
- "order": "ASC",
- "order_from_params": true,
- "per_page": 10,
- "per_page_from_params": true,
- "records_count": 100,
- "page": 1,
- "page_count": 10
}
}
List end user invitations for the current tenant.
status | string Example: status=pending Filter invitation by |
per_page | any Example: per_page=10 Number of records per page |
page | any Example: page=1 Page number (starting from 1) |
{- "invitations": [
- {
- "id": "string",
- "status": "pending",
- "token": "string",
- "user_id": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "accepted_at": "2019-08-24T14:15:22Z",
- "expires_at": "2019-08-24T14:15:22Z",
- "tenant_id": "string",
- "presentation_request_url": "string",
- "open_id_presentation_request_url": "string"
}
], - "meta": {
- "order_by": "name",
- "order": "ASC",
- "order_from_params": true,
- "per_page": 10,
- "per_page_from_params": true,
- "records_count": 100,
- "page": 1,
- "page_count": 10
}
}
Creates an invitation for an end user to join the tenancy.
{- "invitation": {
- "id": "string",
- "status": "pending",
- "token": "string",
- "user_id": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "accepted_at": "2019-08-24T14:15:22Z",
- "expires_at": "2019-08-24T14:15:22Z",
- "tenant_id": "string",
- "presentation_request_url": "string",
- "open_id_presentation_request_url": "string"
}
}
Exchange invitation token for a short lived access token that allows Wallet to complete registration flow.
Short lived access token is valid for a minute and can be used to:
POST /oidc/presentations/requests/verify
POST /presentations/generate
POST /oidc/presentations/token
POST /invitations/{token}/accept
required | object (IDPGenerateShortLivedAccessTokenDto) |
{- "invitation": {
- "token": "44705ffc-a87f-4e3f-9189-4898c04171ba"
}
}
{- "errors": [
- {
- "error": "error_type",
- "message": "Error message",
- "http_code": 500,
- "extra_info": { },
- "requested_language": "en",
- "message_in_requested_language": true
}
]
}
Deletes a pending or expired end user invitation.
id required | string |
{- "errors": [
- {
- "error": "error_type",
- "message": "Error message",
- "http_code": 500,
- "extra_info": { },
- "requested_language": "en",
- "message_in_requested_language": true
}
]
}
Fetch information about the end user invitation.
id required | string |
{- "invitation": {
- "id": "string",
- "status": "pending",
- "token": "string",
- "user_id": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "accepted_at": "2019-08-24T14:15:22Z",
- "expires_at": "2019-08-24T14:15:22Z",
- "tenant_id": "string",
- "presentation_request_url": "string",
- "open_id_presentation_request_url": "string"
}
}
Accept invitation by submitting presentation request response.
If user is already a member of a tenant, invitation status will not change and only access token will returned.
token required | string |
id_token required | string |
vp_token | string |
state | string |
{- "id_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "vp_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "state": "state-value"
}
{- "errors": [
- {
- "error": "error_type",
- "message": "Error message",
- "http_code": 500,
- "extra_info": { },
- "requested_language": "en",
- "message_in_requested_language": true
}
]
}
Fetch end user information by id.
id required | string |
{- "end_user": {
- "id": "9726f422-1ac3-45b4-8b7d-bd26bee87805",
- "did": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
- "tenant_id": "fe349378-e69f-444e-930b-d9a0627e355f",
- "created_at": "2024-08-16T07:45:07.049Z",
- "will_be_deleted_at": null
}
}
Deletes from the tenancy by id. After running this action end user will not be able to authenticate against the tenancy anymore.
Admin can send a new invitation to the user and data will be restored.
id required | string |
{- "errors": [
- {
- "error": "error_type",
- "message": "Error message",
- "http_code": 500,
- "extra_info": { },
- "requested_language": "en",
- "message_in_requested_language": true
}
]
}
Delete the account associated with the currently authenticated user.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "errors": [
- {
- "error": "string",
- "http_code": 0,
- "message": "string",
- "requested_language": "string",
- "message_in_requested_language": true,
- "extra_info": { }
}
]
}
Returns account details for the currently authenticated user.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
{- "user": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "full_name": "string",
- "email": "string",
- "country": "string",
- "joined_at": "2019-08-24T14:15:22Z",
- "onboarded_at": "2019-08-24T14:15:22Z",
- "timezone": "string",
- "private_dek_external_id": "string",
- "did": "string",
- "queued_for_deletion_after": "2019-08-24T14:15:22Z",
- "accepted_terms": true,
- "broken_attachments_present": true,
- "user_type": "human"
}, - "data_size_of_uploaded_attachments_and_folders": 0,
- "data_size_limit": 0,
- "data_size_limit_exceeded": true
}
Updates details for the currently authenticated user.
Meeco-Delegation-Id | string
|
Meeco-Organisation-Id | string This header is required for ATOM-based delegation.
ATOM-based delegation enables administrators of an organisation to perform actions
on behalf of an organisation.
If this header is present, header |
Provided fields overwrite existing values on record associated with current user.
object (PutMeRequestUser) |
{- "user": {
- "country": "string",
- "email": "string",
- "full_name": "string",
- "image": "string",
- "private_dek_external_id": "string",
- "did": "string"
}
}
{- "user": {
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "full_name": "string",
- "email": "string",
- "country": "string",
- "joined_at": "2019-08-24T14:15:22Z",
- "onboarded_at": "2019-08-24T14:15:22Z",
- "timezone": "string",
- "private_dek_external_id": "string",
- "did": "string",
- "queued_for_deletion_after": "2019-08-24T14:15:22Z",
- "accepted_terms": true,
- "broken_attachments_present": true,
- "user_type": "human"
}, - "data_size_of_uploaded_attachments_and_folders": 0,
- "data_size_limit": 0,
- "data_size_limit_exceeded": true
}
Show a list of organisations the current user is an admin of.
Can take optional parameter tenant_id
which restricts the list of organisations to one tenant only.
tenant_id | string <uuid> This parameter is the ID of a tenant and if present it restricts the list of organisations to one tenant only. |
{- "archived_orgs": [
- {
- "archived": false,
- "color": "#C0C0C0",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2",
- "name": "vela",
- "security_rights": [
- "atom:org:assign_org_sr_to_user",
- "atom:org:view_org",
- "atom:org:list_org_admins"
], - "tenant_id": "be2070e5-0510-45a4-8d5b-5817442cdc98",
- "tenant_name": "bhp"
}
], - "orgs": [
- {
- "archived": false,
- "color": "#C0C0C0",
- "id": "9de00c4f-e1d9-4a7e-8b9e-38b3f5648ee2",
- "name": "vela",
- "security_rights": [
- "atom:org:assign_org_sr_to_user",
- "atom:org:view_org",
- "atom:org:list_org_admins"
], - "tenant_id": "be2070e5-0510-45a4-8d5b-5817442cdc98",
- "tenant_name": "bhp"
}
]
}
Endpoint works for a tenant and organisation user based on the Meeco-Organisation-ID header.
Returns a list of invitations available to the caller.
In case of tenant context, endpoint returns all invitations available in the tenancy.
In case of organization context, endpoint returns all invitations available in the organisations.
status | string Example: status=pending Filter invitation by |
invited_via | string Enum: "email" "did" Example: invited_via=email Filter invitation by |
order | string Enum: "ASC" "DESC" Example: order=DESC order invitation, Default ordering: |
order_by | string Value: "given_name" Example: order_by=given_name order invitation for |
per_page | any Example: per_page=10 Number of records per page |
page | any Example: page=1 Page number (starting from 1) |
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
{- "invitations": [
- {
- "id": "string",
- "to": "string",
- "status": "pending",
- "token": "string",
- "invited_via": "did",
- "user_id": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "accepted_at": "2019-08-24T14:15:22Z",
- "expires_at": "2019-08-24T14:15:22Z",
- "message": "string",
- "tenant_id": "string",
- "org_id": "string",
- "presentation_request_url": "string",
- "open_id_presentation_request_url": "string",
- "given_name": "string",
- "family_name": "string",
- "email": "string"
}
], - "meta": {
- "order_by": "name",
- "order": "ASC",
- "order_from_params": true,
- "per_page": 10,
- "per_page_from_params": true,
- "records_count": 100,
- "page": 1,
- "page_count": 10
}
}
Creates an invitation for user to join the platform. If user already exists, he/she will be added to the target organisation or tenant.
Payload example to invite an end user: (DEPRECATED: use /end_users/invitations
API instead)
{
"invitation": {
"via": "did"
}
}
Tenant end user will be invited to is determined by the tid
attribute value inside the JWT token.
Payload example to invite an admin:
{
"invitation": {
"via": "email",
"email": "email@meeco.me",
"given_name": "Peter",
"family_name": "Peterson",
}
}
Tenant admin will be invited to is determined by the tid
attribute value inside the JWT token & empty the Meeco-Organisation-ID
query param value in request.
Org admin will be invited to is determined by the tid
attribute value inside the JWT token & Meeco-Organisation-ID
query param value in request.
Global admin will be invited to is determined by the empty value in tid
attribute value inside the JWT token & Meeco-Organisation-ID
query param value in request.
The user who is sending the invitations can only invite other users within the tenant or organization they have selected.
For example, if the user is in the tenant context, they can only manage tenant users and invitations. Similarly, in the org context, they can only manage org users and invitations, and in the global context, they can only manage global users and invitations.
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
required | object (IDPCreateInvitationDto) |
{- "invitation": {
- "via": "email",
- "email": "user@meeco.me",
- "given_name": "Peter",
- "family_name": "Peterson",
- "message": "Welcome message"
}
}
{- "invitation": {
- "id": "string",
- "to": "string",
- "status": "pending",
- "token": "string",
- "invited_via": "did",
- "user_id": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "accepted_at": "2019-08-24T14:15:22Z",
- "expires_at": "2019-08-24T14:15:22Z",
- "message": "string",
- "tenant_id": "string",
- "org_id": "string",
- "presentation_request_url": "string",
- "open_id_presentation_request_url": "string",
- "given_name": "string",
- "family_name": "string",
- "email": "string"
}
}
Exchange invitation token for a short lived access token that allows Wallet to complete registration flow.
Short lived access token is valid for a minute and can be used to:
POST /oidc/presentations/requests/verify
POST /presentations/generate
POST /oidc/presentations/token
POST /invitations/{token}/accept
required | object (IDPGenerateShortLivedAccessTokenDto) |
{- "invitation": {
- "token": "44705ffc-a87f-4e3f-9189-4898c04171ba"
}
}
{- "errors": [
- {
- "error": "error_type",
- "message": "Error message",
- "http_code": 500,
- "extra_info": { },
- "requested_language": "en",
- "message_in_requested_language": true
}
]
}
Deletes a pending or expired invitation.
id required | string |
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
{- "errors": [
- {
- "error": "error_type",
- "message": "Error message",
- "http_code": 500,
- "extra_info": { },
- "requested_language": "en",
- "message_in_requested_language": true
}
]
}
Fetch information about the invitation.
id required | string |
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
{- "invitation": {
- "id": "string",
- "to": "string",
- "status": "pending",
- "token": "string",
- "invited_via": "did",
- "user_id": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "accepted_at": "2019-08-24T14:15:22Z",
- "expires_at": "2019-08-24T14:15:22Z",
- "message": "string",
- "tenant_id": "string",
- "org_id": "string",
- "presentation_request_url": "string",
- "open_id_presentation_request_url": "string",
- "given_name": "string",
- "family_name": "string",
- "email": "string"
}
}
Accept invitation by submitting presentation request response. Works for invitation with invited_via
attribute set to did
.
If user is already a member of a tenant, invitation status will not change and only access token will returned.
token required | string |
id_token required | string |
vp_token | string |
state | string |
{- "id_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "vp_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "state": "state-value"
}
{- "errors": [
- {
- "error": "error_type",
- "message": "Error message",
- "http_code": 500,
- "extra_info": { },
- "requested_language": "en",
- "message_in_requested_language": true
}
]
}
Resend invitation email to the user.
id required | string |
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
{- "invitation": {
- "id": "string",
- "to": "string",
- "status": "pending",
- "token": "string",
- "invited_via": "did",
- "user_id": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "accepted_at": "2019-08-24T14:15:22Z",
- "expires_at": "2019-08-24T14:15:22Z",
- "message": "string",
- "tenant_id": "string",
- "org_id": "string",
- "presentation_request_url": "string",
- "open_id_presentation_request_url": "string",
- "given_name": "string",
- "family_name": "string",
- "email": "string"
}
}
This endpoint updates a user detail
{ }
{- "user": {
- "id": "string",
- "email": "string",
- "email_verified": true,
- "did": "string",
- "name": "string",
- "given_name": "string",
- "family_name": "string",
- "is_active": true,
- "created_at": "2019-08-24T14:15:22Z",
- "updated_at": "2019-08-24T14:15:22Z"
}
}
Show information about the user with a valid JWT:
sub
){- "administered_archived_orgs": [
- {
- "color": "string",
- "id": "3bd00941-6e5b-4852-aefd-3c55f5660592",
- "name": "organisation name",
- "tenant_active": true,
- "tenant_id": "3bd00941-6e5b-4852-aefd-3c55f5660592"
}
], - "administered_archived_tenants": [
- {
- "color": "string",
- "id": "3bd00941-6e5b-4852-aefd-3c55f5660592",
- "name": "tenant name"
}
], - "administered_orgs": [
- {
- "color": "string",
- "id": "3bd00941-6e5b-4852-aefd-3c55f5660592",
- "name": "organisation name",
- "tenant_active": true,
- "tenant_id": "3bd00941-6e5b-4852-aefd-3c55f5660592",
- "user_became_org_admin_at": "2019-08-24T14:15:22Z"
}
], - "administered_tenants": [
- {
- "color": "string",
- "id": "3bd00941-6e5b-4852-aefd-3c55f5660592",
- "name": "tenant name"
}
], - "family_name": "string",
- "given_name": "string",
- "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
- "tenant_in_jwt": {
- "tenant_id": "34f5c98e-f430-457b-a812-92637d0c6fd0",
- "tenant_known_to_atom": true,
- "tenant_name": "string",
- "user_became_tenant_admin_at": "2019-08-24T14:15:22Z"
}, - "user_known_to_atom": true,
- "user_type": "string"
}
Endpoint works for a tenant and organisation user based on the Meeco-Organisation-ID header.
Returns a list of credential types available to the caller.
In case of tenant context, endpoint returns all credential types available in the tenancy.
In case of organization context, organizations list always contains only one item - caller organization ID.
external_issuer_enabled | string Example: external_issuer_enabled=false To filter credential type by external_issuer.enabled flag |
status | string Enum: "all" "active" "archived" Example: status=active To filter archived credential types |
search | string Search by name |
order | string Enum: "ASC" "DESC" Example: order=DESC Credential types response order. Default ordering: |
order_by | string Enum: "created_at" "name" Example: order_by=created_at Order credential types by an attribute, defaults to: |
per_page | any Example: per_page=10 Number of records per page |
page | any Example: page=1 Page number (starting from 1) |
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
{- "credential_types": [
- {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "name": "Credential Type name",
- "type": [
- "UniversityDegreeCredential"
], - "organization_id": "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "schema": null,
- "style": null,
- "external_issuer": null,
- "created_at": null,
- "archived": true,
- "archived_at": null
}
], - "organizations": [
- {
- "id": "45f26c98-a2a0-4c6a-a017-ed0170954c9d",
- "name": "Meeco",
- "tenant_id": "ee78556e-b9a3-4a8d-afa8-018f3dd13b98"
}
], - "meta": {
- "order_by": "name",
- "order": "ASC",
- "order_from_params": true,
- "per_page": 10,
- "per_page_from_params": true,
- "records_count": 100,
- "page": 1,
- "page_count": 10
}
}
vc:org:manage
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
required | object (VCCreateCredentialTypeDto) |
{- "credential_type": {
- "name": "Credential Type name",
- "type": [
- "UniversityDegreeCredential"
], - "schema_id": "986dcaf4-c1ea-4218-b6b4-e4fd95a3c28e",
- "style": {
- "text-color": "#FFF",
- "background": "linear-gradient(135deg, #9900EF, #ffffff 200%)",
}, - "external_issuer": {
- "enabled": true,
- "meeco_connections_supported": true
}
}
}
{- "credential_type": {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "name": "Credential Type name",
- "type": [
- "UniversityDegreeCredential"
], - "organization_id": "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "schema": null,
- "style": null,
- "external_issuer": null,
- "created_at": null,
- "archived": true,
- "archived_at": null
}
}
vc:org:manage
id required | string |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
{- "credential_type": {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "name": "Credential Type name",
- "type": [
- "UniversityDegreeCredential"
], - "organization_id": "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "schema": null,
- "style": null,
- "external_issuer": null,
- "created_at": null,
- "archived": true,
- "archived_at": null
}
}
vc:org:manage
id required | string |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
required | object (VCUpdateCredentialTypeDto) |
{- "credential_type": {
- "name": "Credential Type name",
- "type": [
- "UniversityDegreeCredential"
], - "style": {
- "text-color": "#FFF",
- "background": "linear-gradient(135deg, #9900EF, #ffffff 200%)",
}, - "external_issuer": {
- "enabled": true,
- "meeco_connections_supported": true
}
}
}
{- "credential_type": {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "name": "Credential Type name",
- "type": [
- "UniversityDegreeCredential"
], - "organization_id": "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "schema": null,
- "style": null,
- "external_issuer": null,
- "created_at": null,
- "archived": true,
- "archived_at": null
}
}
vc:org:manage
id required | string |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
{- "credential_type": {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "name": "Credential Type name",
- "type": [
- "UniversityDegreeCredential"
], - "organization_id": "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "schema": null,
- "style": null,
- "external_issuer": null,
- "created_at": null,
- "archived": true,
- "archived_at": null
}
}
vc:org:manage
id required | string |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
{- "credential_type": {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "name": "Credential Type name",
- "type": [
- "UniversityDegreeCredential"
], - "organization_id": "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "schema": null,
- "style": null,
- "external_issuer": null,
- "created_at": null,
- "archived": true,
- "archived_at": null
}
}
vc:org:manage
order | string Enum: "ASC" "DESC" Example: order=DESC Credentials response order. Default ordering: |
order_by | string Value: "created_at" Example: order_by=created_at Order credentials by an attribute, defaults to: |
per_page | any Example: per_page=10 Number of records per page |
page | any Example: page=1 Page number (starting from 1) |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
{- "credentials": [
- {
- "id": "bbcb29a4-b3dd-4466-a84d-376d29686afa",
- "credential_id": "urn:uuid:b306614c-73c7-11e8-b596-47e8c5ce9144",
- "organization_id": "106867bc-a9a4-4c14-922e-375d9db69db0",
- "subject": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
- "issuer": "did:key:z6MkgCvGiSfJj6hfpRVHW6FqfmWUyz7vxu8guzq7fcECC9DE",
- "credential_type_name": "Credential type name",
- "credential_type_id": "75cca377-107d-4b74-a69a-2a28cdc08f75",
- "revocable": null,
- "status": "active",
- "format": "sd-jwt-vc",
- "issued_at": null,
- "expires_at": null,
- "created_at": null,
- "updated_at": null
}
], - "meta": {
- "order_by": "name",
- "order": "ASC",
- "order_from_params": true,
- "per_page": 10,
- "per_page_from_params": true,
- "records_count": 100,
- "page": 1,
- "page_count": 10
}
}
vc:org:manage
Generates unsigned verifiable credential token in JWT format. Client is expected to sign it with a private key.
An example of how credential signing in Javascript:
import { Ed25519 } from '@meeco/sdk';
import { EdDSASigner, hexToBytes } from 'did-jwt';
const key = new Ed25519(hexToBytes(SEED_HEX));
const signerFn = EdDSASigner(key.getSecretKey());
const signature = await signerFn(unsignedJwt);
const vcJwt = [unsignedJwt, signature].join('.');
We use openapi-generator to generate Typescript SDK for the given API swagger definition. However, openapi-generator does not support oneOf configuration properly and generates an invalid Typescript SDK. To avoid the problem, swagger defines issuer property only as string for the moment. While in fact, endpoint accepts issuer as an object in format of {id: string; name: string;}
as well.
Type
is required for vc+sd-jwt
format and must be a string
however, endpoint accepts Type
as an Array of string for JWT VC
in format of ["VerifiableCredential", "AlumniCredential"]
as well.
accept | string Enum: "application/vc+sd-jwt" "application/jwt" "application/json" When the "Accept" header is unspecified, the default format assumed for verifiable credentials is JWT. |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
required | object (VCGenerateCredentialDto) |
{- "credential": {
- "credential_type_id": "986dcaf4-c1ea-4218-b6b4-e4fd95a3c28e",
- "issuer": {
- "id": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK or https://example.edu/issuers/14",
- "name": "Entity Name"
}, - "claims": {
- "id": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
- "cnf": {
- "jwk": {
- "kty": "OKP",
- "crv": "Ed25519",
- "x": "H3nf7Rm2DafvuAK6Gnf9QytOYn4QoTrWwGGiUJssxks"
}
}
}, - "revocable": false,
- "expires_at": "2022-10-22T21:32:03.442Z",
}
}
{- "credential": {
- "unsigned_vc_jwt": "yJhbGciOiJSUzI1NiIsImI2NCI6Zm...",
- "metadata": {
- "style": {
- "text-color": "#FFF",
- "background": "linear-gradient(135deg, #9900EF, #ffffff 200%)",
}
}
}
}
vc:org:manage
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
credential_id required | string |
required | object (VCUpdateCredentialStatusRequestStatusDto) |
{- "credential_id": "urn:uuid:23b841f2-a3dc-477f-a9e1-5024d1dcc02b",
- "credential_status": {
- "type": "revocation",
- "status": "0"
}
}
{- "errors": [
- {
- "error": "error_type",
- "message": "Error message",
- "http_code": 500,
- "extra_info": { },
- "requested_language": "en",
- "message_in_requested_language": true
}
]
}
Verify a VC/SDVC JWT
Checks performed:
format
signature
. expiration
date is validated when the expirationDate
attribute is present. issued at
date is validated when the iat
attribute is present. keyBindingJWT
check is optional and is only performed if it is included in the SDJWT along with disclosures.keyBindingJWT
is included in the SDJWT, the kb_audience
and kb_nonce
must be included in the verification options.schema
revocation
list status and its validityCredential expiration, schema and revocation status related checks are not considered critical and will be returned under warnings
attribute. It is up for the client application to decide how these should be handled. All other failed checks will be served under errors
attribute.
Verification options
You can optionally specify checks for the provided VC/SDVC JWT
. If specified, only these checks will run.
By default, format
, signature
, expiration
checks are mandatory and can not be taken out from checks list.
No further checks will be performed if JWT Token Format
is invalid.
{
"credential": { ... },
"options": {
"checks": ["format", "signature", "expiration", "schema", "revocation_status"],
"kb_audience": "verifier DID or URL",
"kb_nonce": "nonce",
},
}
failed_to_verify_jwt
error might appear in both: errors and warnings list.
In case of SD JWT VC it wraps any error that @meeco/sd-jwt-vc
might throw.
In case of JWT VC it wraps any error that did-jwt-vc
might throw.
So far, the only case when failed_to_verify_jwt
appears in the warnings list is when credential is expired.
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
required | object (VCVerifySignedCredentialRequestDto) |
object (VCCredentialVerificationOptionsRequestPayloadDto) |
{- "credential": {
- "signed_credential_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV..."
}, - "options": {
- "checks": [
- "format",
- "signature",
- "expiration",
- "schema",
- "revocation_status"
], - "kb_audience": "did:key:z6MkgCvGiSfJj6hfpRVHW6FqfmWUyz7vxu8guzq7fcECC9DE or https://example.com/verifier",
- "kb_nonce": "8IBTHwOdqNKAWeKl7"
}
}
{- "id": "urn:uuid:23b841f2-a3dc-477f-a9e1-5024d1dcc02b",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}
vc:org:manage
id required | string |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
{- "credential": {
- "id": "bbcb29a4-b3dd-4466-a84d-376d29686afa",
- "credential_id": "urn:uuid:b306614c-73c7-11e8-b596-47e8c5ce9144",
- "organization_id": "106867bc-a9a4-4c14-922e-375d9db69db0",
- "subject": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
- "issuer": "did:key:z6MkgCvGiSfJj6hfpRVHW6FqfmWUyz7vxu8guzq7fcECC9DE",
- "credential_type_name": "Credential type name",
- "credential_type_id": "75cca377-107d-4b74-a69a-2a28cdc08f75",
- "revocable": null,
- "status": "active",
- "format": "sd-jwt-vc",
- "issued_at": null,
- "expires_at": null,
- "created_at": null,
- "updated_at": null
}
}
Endpoint works for a tenant and organisation user based on the Meeco-Organisation-ID header.
Returns a list of schemas available to the caller.
In case of organization context, organization_ids list always contains only one item - caller organization ID.
status | string Enum: "all" "active" "archived" Example: status=active To filter archived schemas |
search | string Search by name |
order | string Enum: "ASC" "DESC" Example: order=DESC Schemas response order. Default ordering: |
order_by | string Enum: "created_at" "name" Example: order_by=created_at Order schemas by an attribute, defaults to: |
per_page | any Example: per_page=10 Number of records per page |
page | any Example: page=1 Page number (starting from 1) |
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
{- "schemas": [
- {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "name": "Schema name",
- "version": "1.0.0",
- "schema_json": { },
- "organization_ids": [
- "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "986dcaf4-c1ea-4218-b6b4-e4fd95a3c28e"
], - "created_at": null,
- "archived": true,
- "archived_at": null
}
], - "meta": {
- "order_by": "name",
- "order": "ASC",
- "order_from_params": true,
- "per_page": 10,
- "per_page_from_params": true,
- "records_count": 100,
- "page": 1,
- "page_count": 10
}
}
vc:tenant:manage
schema_json property must comply with specification.
Schema validity can be checked by using one of the Web (Online) validators listed at JSON schema specification site.
schema_json.$id attribute is not expected in the payload. API is going to assign its own internal version of it even if one is being passed.
Example (the most minimal set of attributes schema should contain):
{
"$schema": "https://json-schema.org/draft/2019-09/schema",
"name": "Example name",
"description": "Example description",
"type": "object",
"properties": {
"id": {
"type": "string",
}
},
"required": ["id"],
"additionalProperties": false,
}
required | object (VCCreateSchemaDto) |
{- "schema": {
- "name": "Schema name",
- "schema_json": {
- "description": "Basic schema description",
- "name": "Basic schema name",
- "type": "object",
- "properties": {
- "id": {
- "type": "string"
}, - "name": {
- "type": "string"
}
}, - "required": [
- "id",
- "name"
], - "additionalProperties": false
}, - "organization_ids": [
- "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "986dcaf4-c1ea-4218-b6b4-e4fd95a3c28e"
]
}
}
{- "schema": {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "name": "Schema name",
- "version": "1.0.0",
- "schema_json": { },
- "organization_ids": [
- "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "986dcaf4-c1ea-4218-b6b4-e4fd95a3c28e"
], - "created_at": null,
- "archived": true,
- "archived_at": null
}
}
Endpoint works for a tenant and organisation user based on the Meeco-Organisation-ID header.
Returns schema information if caller has access to it.
In case of organization context, organization_ids list always contains only one item - caller organization ID.
id required | string |
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
{- "schema": {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "name": "Schema name",
- "version": "1.0.0",
- "schema_json": { },
- "organization_ids": [
- "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "986dcaf4-c1ea-4218-b6b4-e4fd95a3c28e"
], - "created_at": null,
- "archived": true,
- "archived_at": null
}
}
vc:tenant:manage
id required | string |
required | object (VCUpdateSchemaDto) |
{- "schema": {
- "name": "Schema name",
- "organization_ids": [
- "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "986dcaf4-c1ea-4218-b6b4-e4fd95a3c28e"
]
}
}
{- "schema": {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "name": "Schema name",
- "version": "1.0.0",
- "schema_json": { },
- "organization_ids": [
- "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "986dcaf4-c1ea-4218-b6b4-e4fd95a3c28e"
], - "created_at": null,
- "archived": true,
- "archived_at": null
}
}
vc:tenant:manage
id required | string |
{- "schema": {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "name": "Schema name",
- "version": "1.0.0",
- "schema_json": { },
- "organization_ids": [
- "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "986dcaf4-c1ea-4218-b6b4-e4fd95a3c28e"
], - "created_at": null,
- "archived": true,
- "archived_at": null
}
}
vc:tenant:manage
id required | string |
{- "schema": {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "name": "Schema name",
- "version": "1.0.0",
- "schema_json": { },
- "organization_ids": [
- "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "986dcaf4-c1ea-4218-b6b4-e4fd95a3c28e"
], - "created_at": null,
- "archived": true,
- "archived_at": null
}
}
Returns credential schema in a format described by specification.
id required | string |
version required | string |
{- "id": "981943a9-ed16-45fa-9138-31e6a75b4aee;version=1.0.0",
- "version": "1.0.0",
- "name": "aa4db41b-ddc7-4f58-b471-5acd36f363b6",
- "author": "7262689e-1128-4f62-b491-e29673cc7be4",
- "authored": null,
- "schema": {
- "$id": "981943a9-ed16-45fa-9138-31e6a75b4aee;version=1.0.0",
- "description": "Basic schema description",
- "name": "Basic schema name",
- "type": "object",
- "properties": {
- "name": {
- "type": "string"
}
}, - "required": [
- "name"
], - "additionalProperties": false
}
}
Returns status list credential in a format described by specification.
id required | number |
{- "errors": [
- {
- "error": "error_type",
- "message": "Error message",
- "http_code": 500,
- "extra_info": { },
- "requested_language": "en",
- "message_in_requested_language": true
}
]
}
Returns JWT Issuer discovery information.
Response includes public keys in JWK format for token verification.
{- "jwks": {
- "keys": [
- {
- "kid": "t5st0g5Uksc_GgWYfubABUr1-hE7g06rlNAoMqN26BY",
- "kty": "EC",
- "crv": "P-256",
- "x": "t3SfhE_yhGeDA0N_whDl7b6NDnMzX5j598AuzvnibgQ",
- "y": "aQLf4Ku2ar6ueXHcfwg9a2N41GR8Hb7c2brch81i9v0"
}
]
}
}
Meeco-Organisation-ID
header, endpoint requires one of the following security rights:vc:tenant:manage
if Meeco-Organisation-ID
is not specifiedvc:org:manage
if Meeco-Organisation-ID
is specifiedstatus | string Enum: "all" "active" "archived" Example: status=active To filter archived presentation requests |
search | string Search by name |
order | string Enum: "ASC" "DESC" Example: order=DESC Presentation requests response order. Default ordering: |
order_by | string Enum: "created_at" "updated_at" "name" Example: order_by=created_at Order presentation requests by an attribute, defaults to: |
per_page | any Example: per_page=10 Number of records per page |
page | any Example: page=1 Page number (starting from 1) |
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
{- "presentation_requests": [
- {
- "id": "bbcb29a4-b3dd-4466-a84d-376d29686afa",
- "organization_id": "106867bc-a9a4-4c14-922e-375d9db69db0",
- "created_at": null,
- "updated_at": null,
- "name": "Request name",
- "description": "Request description...",
- "method": "qrcode",
- "status": "pending",
- "token_properties": {
- "client_id": "did:web:...",
- "client_name": "Verifier platform",
- "client_purpose": "To verify the user",
- "state": "state-value",
- "expires_at": null,
- "presentation_definition_id": "e16fa786-1ee2-4298-a2e8-37f925abf340",
- "nonce": "dwxq20lina",
- "scope": "openid",
- "response_mode": "post",
- "response_type": "id_token"
}, - "tokens": {
- "unsigned_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "signed_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV..."
}, - "archived": true,
- "archived_at": null
}
], - "meta": {
- "order_by": "name",
- "order": "ASC",
- "order_from_params": true,
- "per_page": 10,
- "per_page_from_params": true,
- "records_count": 100,
- "page": 1,
- "page_count": 10
}
}
Meeco-Organisation-ID
header, endpoint requires one of the following security rights:vc:tenant:manage
if Meeco-Organisation-ID
is not specifiedvc:org:manage
if Meeco-Organisation-ID
is specifiedWhen using a Presentation Definition with a format
of vc+sd-jwt
,the vp_formats
of the Generated Presentation Request registration
will be set to
"vc+sd-jwt": {
"sd-jwt_alg_values": [
"ES256", "EdDSA"
],
"sd-jwt_alg_values": [
"ES256", "EdDSA"
]
}
,
and subject_syntax_types_supported
will be set to urn:ietf:params:oauth:jwk-thumbprint
."registration": {
...
"subject_syntax_types_supported": [
"urn:ietf:params:oauth:jwk-thumbprint"
],
"vp_formats": {
"vc+sd-jwt": {
"sd-jwt_alg_values": [
"ES256", "EdDSA"
],
"sd-jwt_alg_values": [
"ES256", "EdDSA"
]
},
...
}
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
required | object (VCCreatePresentationRequestDto) |
{- "presentation_request": {
- "name": "Request name",
- "description": "Request description...",
- "client_id": "did:web:...",
- "client_name": "Verifier platform",
- "client_purpose": "To authenticate user to Verifier platform",
- "state": "request-state",
- "expires_at": "2019-08-24T14:15:22Z",
- "method": "qrcode",
- "presentation_definition_id": "986dcaf4-c1ea-4218-b6b4-e4fd95a3c28e"
}
}
{- "presentation_request": {
- "id": "bbcb29a4-b3dd-4466-a84d-376d29686afa",
- "organization_id": "106867bc-a9a4-4c14-922e-375d9db69db0",
- "created_at": null,
- "updated_at": null,
- "name": "Request name",
- "description": "Request description...",
- "method": "qrcode",
- "status": "pending",
- "token_properties": {
- "client_id": "did:web:...",
- "client_name": "Verifier platform",
- "client_purpose": "To verify the user",
- "state": "state-value",
- "expires_at": null,
- "presentation_definition_id": "e16fa786-1ee2-4298-a2e8-37f925abf340",
- "nonce": "dwxq20lina",
- "scope": "openid",
- "response_mode": "post",
- "response_type": "id_token"
}, - "tokens": {
- "unsigned_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "signed_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV..."
}, - "archived": true,
- "archived_at": null
}
}
Verify a Presentation Request
Checks performed:
failed_to_verify_jwt
error might appear in both: errors and warnings list.
So far, the only case when failed_to_verify_jwt
appears in the warnings list is when request is expired.
required | object (VCVerifyPresentationRequestDto) |
{- "presentation_request": {
- "signed_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV..."
}
}
{- "id": "038102ed-d224-4656-ae8d-10aeab5686aa",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}
Meeco-Organisation-ID
header, endpoint requires one of the following security rights:vc:tenant:manage
if Meeco-Organisation-ID
is not specifiedvc:org:manage
if Meeco-Organisation-ID
is specifiedid required | string |
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
{- "presentation_request": {
- "id": "bbcb29a4-b3dd-4466-a84d-376d29686afa",
- "organization_id": "106867bc-a9a4-4c14-922e-375d9db69db0",
- "created_at": null,
- "updated_at": null,
- "name": "Request name",
- "description": "Request description...",
- "method": "qrcode",
- "status": "pending",
- "token_properties": {
- "client_id": "did:web:...",
- "client_name": "Verifier platform",
- "client_purpose": "To verify the user",
- "state": "state-value",
- "expires_at": null,
- "presentation_definition_id": "e16fa786-1ee2-4298-a2e8-37f925abf340",
- "nonce": "dwxq20lina",
- "scope": "openid",
- "response_mode": "post",
- "response_type": "id_token"
}, - "tokens": {
- "unsigned_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "signed_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV..."
}, - "archived": true,
- "archived_at": null
}
}
Meeco-Organisation-ID
header, endpoint requires one of the following security rights:vc:tenant:manage
if Meeco-Organisation-ID
is not specifiedvc:org:manage
if Meeco-Organisation-ID
is specifiedid required | string |
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
required | object (VCUpdatePresentationRequestDto) |
{- "presentation_request": {
- "signed_request_jwt": "string",
- "status": "pending"
}
}
{- "presentation_request": {
- "id": "bbcb29a4-b3dd-4466-a84d-376d29686afa",
- "organization_id": "106867bc-a9a4-4c14-922e-375d9db69db0",
- "created_at": null,
- "updated_at": null,
- "name": "Request name",
- "description": "Request description...",
- "method": "qrcode",
- "status": "pending",
- "token_properties": {
- "client_id": "did:web:...",
- "client_name": "Verifier platform",
- "client_purpose": "To verify the user",
- "state": "state-value",
- "expires_at": null,
- "presentation_definition_id": "e16fa786-1ee2-4298-a2e8-37f925abf340",
- "nonce": "dwxq20lina",
- "scope": "openid",
- "response_mode": "post",
- "response_type": "id_token"
}, - "tokens": {
- "unsigned_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "signed_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV..."
}, - "archived": true,
- "archived_at": null
}
}
Meeco-Organisation-ID
header, endpoint requires one of the following security rights:vc:tenant:manage
if Meeco-Organisation-ID
is not specifiedvc:org:manage
if Meeco-Organisation-ID
is specifiedid required | string |
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
{- "presentation_request": {
- "id": "bbcb29a4-b3dd-4466-a84d-376d29686afa",
- "organization_id": "106867bc-a9a4-4c14-922e-375d9db69db0",
- "created_at": null,
- "updated_at": null,
- "name": "Request name",
- "description": "Request description...",
- "method": "qrcode",
- "status": "pending",
- "token_properties": {
- "client_id": "did:web:...",
- "client_name": "Verifier platform",
- "client_purpose": "To verify the user",
- "state": "state-value",
- "expires_at": null,
- "presentation_definition_id": "e16fa786-1ee2-4298-a2e8-37f925abf340",
- "nonce": "dwxq20lina",
- "scope": "openid",
- "response_mode": "post",
- "response_type": "id_token"
}, - "tokens": {
- "unsigned_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "signed_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV..."
}, - "archived": true,
- "archived_at": null
}
}
Get JWT represntation of Presentation Definition
id required | string |
{- "errors": [
- {
- "error": "error_type",
- "message": "Error message",
- "http_code": 500,
- "extra_info": { },
- "requested_language": "en",
- "message_in_requested_language": true
}
]
}
Meeco-Organisation-ID
header, endpoint requires one of the following security rights:vc:tenant:manage
if Meeco-Organisation-ID
is not specifiedvc:org:manage
if Meeco-Organisation-ID
is specifiedid required | string |
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
{- "presentation_request": {
- "id": "bbcb29a4-b3dd-4466-a84d-376d29686afa",
- "organization_id": "106867bc-a9a4-4c14-922e-375d9db69db0",
- "created_at": null,
- "updated_at": null,
- "name": "Request name",
- "description": "Request description...",
- "method": "qrcode",
- "status": "pending",
- "token_properties": {
- "client_id": "did:web:...",
- "client_name": "Verifier platform",
- "client_purpose": "To verify the user",
- "state": "state-value",
- "expires_at": null,
- "presentation_definition_id": "e16fa786-1ee2-4298-a2e8-37f925abf340",
- "nonce": "dwxq20lina",
- "scope": "openid",
- "response_mode": "post",
- "response_type": "id_token"
}, - "tokens": {
- "unsigned_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "signed_request_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV..."
}, - "archived": true,
- "archived_at": null
}
}
List presentation request submissions
id required | string |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
{- "submissions": [
- {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "presentation_request_id": "5035180b-1528-4ddf-95f2-f01b4d04cd22",
- "vp_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "id_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "state": "state-value",
- "status": "pending",
- "updated_at": "2019-08-24T14:15:22Z",
- "created_at": "2019-08-24T14:15:22Z",
- "verification_result": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "error_or_warning_type",
- "message": "Error or warning message",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
], - "errors": [
- {
- "error": "failed_to_validate_presentation_response",
- "message": "Failed to validate presentation response",
- "extra_info": {
- "reason": "ID token is missing _vp_token.presentation submission key"
}
}
], - "request": {
- "id": "038102ed-d224-4656-ae8d-10aeab5686aa",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}, - "id_token": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}, - "vp_token": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
], - "credentials": [
- {
- "id": "urn:uuid:23b841f2-a3dc-477f-a9e1-5024d1dcc02b",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}
]
}
}, - "last_verified_at": "2019-08-24T14:15:22Z"
}
]
}
Present presentation request response
id required | string |
id_token required | string |
vp_token | string |
state | string |
{- "id_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "vp_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "state": "state-value"
}
{- "submission": {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "presentation_request_id": "5035180b-1528-4ddf-95f2-f01b4d04cd22",
- "vp_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "id_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "state": "state-value",
- "status": "pending",
- "updated_at": "2019-08-24T14:15:22Z",
- "created_at": "2019-08-24T14:15:22Z",
- "verification_result": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "error_or_warning_type",
- "message": "Error or warning message",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
], - "errors": [
- {
- "error": "failed_to_validate_presentation_response",
- "message": "Failed to validate presentation response",
- "extra_info": {
- "reason": "ID token is missing _vp_token.presentation submission key"
}
}
], - "request": {
- "id": "038102ed-d224-4656-ae8d-10aeab5686aa",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}, - "id_token": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}, - "vp_token": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
], - "credentials": [
- {
- "id": "urn:uuid:23b841f2-a3dc-477f-a9e1-5024d1dcc02b",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}
]
}
}, - "last_verified_at": "2019-08-24T14:15:22Z"
}
}
Update presentation request submission
id required | string |
submission_id required | string |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
required | object (VCPresentationRequestUpdateSubmissionDto) |
{- "submission": {
- "status": "pending",
- "verification_result": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "error_or_warning_type",
- "message": "Error or warning message",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
], - "errors": [
- {
- "error": "error_or_warning_type",
- "message": "Error or warning message",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
], - "request": {
- "id": "038102ed-d224-4656-ae8d-10aeab5686aa",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}, - "id_token": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}, - "vp_token": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
], - "credentials": [
- {
- "id": "urn:uuid:23b841f2-a3dc-477f-a9e1-5024d1dcc02b",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}
]
}
}
}
}
{- "submission": {
- "id": "7dcfa413-bff0-4f62-a51a-ab9959623332",
- "presentation_request_id": "5035180b-1528-4ddf-95f2-f01b4d04cd22",
- "vp_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "id_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "state": "state-value",
- "status": "pending",
- "updated_at": "2019-08-24T14:15:22Z",
- "created_at": "2019-08-24T14:15:22Z",
- "verification_result": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "error_or_warning_type",
- "message": "Error or warning message",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
], - "errors": [
- {
- "error": "failed_to_validate_presentation_response",
- "message": "Failed to validate presentation response",
- "extra_info": {
- "reason": "ID token is missing _vp_token.presentation submission key"
}
}
], - "request": {
- "id": "038102ed-d224-4656-ae8d-10aeab5686aa",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}, - "id_token": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}, - "vp_token": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
], - "credentials": [
- {
- "id": "urn:uuid:23b841f2-a3dc-477f-a9e1-5024d1dcc02b",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}
]
}
}, - "last_verified_at": "2019-08-24T14:15:22Z"
}
}
vc:org:manage
Verify a Presentation Request Submission
Checks performed:
Verification options
Certain set of checks is executed against each presentation request response attribute separately. Depending on the use-case some of those checks might not be necessary and could be disabled. To see the list of available check options - look at the schema of the verification options. If verification options were not provided all available checks will be executed.
Imagine expiration of the verifiable presentation is not relevant to our use-case. We can skip that check so no errors or wranings related to it would appear. Here is verification options payload example:
{
"presentation_request_response": { ... },
"options": {
"vp_token": {
"checks": ["format", "signature", "nonce"],
}
},
}
However, some of the checks are mandatory. If checks list includes format or signature option - it cannnot be taken out. Every other check is optional.
In case of id_token
, failed_to_verify_jwt
error might appear in both: errors and warnings list.
So far, the only case when failed_to_verify_jwt
appears in the warnings list is when id_token
is expired.
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
required | object (VCVerifyPresentationRequestResponseDto) |
object (VCPresentationRequestResponseVerificationOptionsDto) |
{- "presentation_request_response": {
- "id_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "vp_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "presentation_submission": { },
- "state": "state-value"
}, - "options": {
- "checks": [
- "format",
- "constraints"
], - "request": {
- "checks": [
- "format",
- "signature",
- "expiration"
]
}, - "id_token": {
- "checks": [
- "format",
- "signature",
- "expiration",
- "nonce"
]
}, - "vp_token": {
- "checks": [
- "format",
- "signature",
- "expiration",
- "nonce",
- "constraints"
]
}
}
}
{- "checks": [
- "format"
], - "warnings": [
- {
- "error": "error_or_warning_type",
- "message": "Error or warning message",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
], - "errors": [
- {
- "error": "failed_to_validate_presentation_response",
- "message": "Failed to validate presentation response",
- "extra_info": {
- "reason": "ID token is missing _vp_token.presentation submission key"
}
}
], - "request": {
- "id": "038102ed-d224-4656-ae8d-10aeab5686aa",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}, - "id_token": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}, - "vp_token": {
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
], - "credentials": [
- {
- "id": "urn:uuid:23b841f2-a3dc-477f-a9e1-5024d1dcc02b",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}
]
}
}
request_uri required | string |
vp_token | string |
issuer | string |
{- "vp_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "issuer": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
}
{- "state": "request-state",
- "unsigned_id_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV...",
- "vp_token": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV..."
}
vc:org:manage
status | string Enum: "all" "active" "archived" Example: status=active To filter archived presentation definitions |
search | string Search by name |
order | string Enum: "ASC" "DESC" Example: order=DESC Presentation templates response order. Default ordering: |
order_by | string Enum: "created_at" "name" Example: order_by=created_at Order presentation templates by an attribute, defaults to: |
per_page | any Example: per_page=10 Number of records per page |
page | any Example: page=1 Page number (starting from 1) |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
{- "presentation_definitions": [
- {
- "id": "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "name": "Presentation definition name",
- "purpose": "Presentation definition purpose",
- "organization_id": "9a1c543d-6cbb-48a9-99df-ebbbc94747a4",
- "is_archived": false,
- "created_at": null,
- "updated_at": null,
- "presentation_definition_to_schema": [
- {
- "id": "9e04d653-0a12-4799-8223-974e415c1992",
- "schema_id": "e506295f-3723-441f-8079-802c3b135ede",
- "schema_name": "Schema name",
- "schema_version": "Schema version",
- "archived": false,
- "constraints": null
}
], - "archived": true,
- "archived_at": null,
- "format": null
}
], - "meta": {
- "order_by": "name",
- "order": "ASC",
- "order_from_params": true,
- "per_page": 10,
- "per_page_from_params": true,
- "records_count": 100,
- "page": 1,
- "page_count": 10
}
}
vc:org:manage
When format
of the Presentation Definition is set to vc+sd-jwt
, then vp_formats
of the Generated Presentation Request registration
will be set to
{
"vc+sd-jwt": {
"sd-jwt_alg_values": [
"ES256", "EdDSA"
],
"kb-jwt_alg_values": [
"ES256", "EdDSA"
]
}
}
and subject_syntax_types_supported
will be set to urn:ietf:params:oauth:jwk-thumbprint
.
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
required | object (VCCreatePresentationDefinitionDto) |
{- "presentation_definition": {
- "name": "Presentation definition name",
- "purpose": "Presentation definition purpose",
- "format": {
- "vc+sd-jwt": {
- "alg": [
- "ES256"
]
}
}, - "required_credentials": [
- {
- "name": "Required credential name",
- "purpose": "Required credential purpose",
- "schema_id": "986dcaf4-c1ea-4218-b6b4-e4fd95a3c28e",
- "constraints": {
- "limit_disclosure": "required",
- "fields": [
- {
- "path": [
- "$.issuer",
- "$.vc.issuer",
- "$.iss"
], - "purpose": "We can only verify bank accounts if they are attested by a trusted bank, auditor, or regulatory authority.",
- "filter": {
- "type": "string",
- "pattern": "did:example:123|did:example:456"
}
}
]
}
}
]
}
}
{- "presentation_definition": {
- "id": "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "name": "Presentation definition name",
- "purpose": "Presentation definition purpose",
- "organization_id": "9a1c543d-6cbb-48a9-99df-ebbbc94747a4",
- "is_archived": false,
- "created_at": null,
- "updated_at": null,
- "presentation_definition_to_schema": [
- {
- "id": "9e04d653-0a12-4799-8223-974e415c1992",
- "schema_id": "e506295f-3723-441f-8079-802c3b135ede",
- "schema_name": "Schema name",
- "schema_version": "Schema version",
- "archived": false,
- "constraints": null
}
], - "archived": true,
- "archived_at": null,
- "format": null
}
}
vc:org:manage
id required | string |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
{- "presentation_definition": {
- "id": "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "name": "Presentation definition name",
- "purpose": "Presentation definition purpose",
- "organization_id": "9a1c543d-6cbb-48a9-99df-ebbbc94747a4",
- "is_archived": false,
- "created_at": null,
- "updated_at": null,
- "presentation_definition_to_schema": [
- {
- "id": "9e04d653-0a12-4799-8223-974e415c1992",
- "schema_id": "e506295f-3723-441f-8079-802c3b135ede",
- "schema_name": "Schema name",
- "schema_version": "Schema version",
- "archived": false,
- "constraints": null
}
], - "archived": true,
- "archived_at": null,
- "format": null
}
}
vc:org:manage
id required | string |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
{- "presentation_definition": {
- "id": "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "name": "Presentation definition name",
- "purpose": "Presentation definition purpose",
- "organization_id": "9a1c543d-6cbb-48a9-99df-ebbbc94747a4",
- "is_archived": false,
- "created_at": null,
- "updated_at": null,
- "presentation_definition_to_schema": [
- {
- "id": "9e04d653-0a12-4799-8223-974e415c1992",
- "schema_id": "e506295f-3723-441f-8079-802c3b135ede",
- "schema_name": "Schema name",
- "schema_version": "Schema version",
- "archived": false,
- "constraints": null
}
], - "archived": true,
- "archived_at": null,
- "format": null
}
}
Get JSON represntation of Presentation Definition
id required | string |
{- "presentation_definition": {
- "id": "string",
- "input_descriptors": [
- {
- "id": "string",
- "schema": [
- {
- "uri": "string"
}
], - "name": "string",
- "purpose": "string",
- "constraints": {
- "limit_disclosure": "required",
- "fields": [
- {
- "path": [
- "$.issuer",
- "$.vc.issuer",
- "$.iss"
], - "purpose": "We can only verify bank accounts if they are attested by a trusted bank, auditor, or regulatory authority.",
- "filter": {
- "type": "string",
- "pattern": "did:example:123|did:example:456"
}
}
]
}, - "format": {
- "vc+sd-jwt": {
- "alg": [
- "ES256"
]
}
}
}
], - "name": "string",
- "purpose": "string"
}
}
vc:org:manage
id required | string |
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
{- "presentation_definition": {
- "id": "9322c384-fd8e-4a13-80cd-1cbd1ef95ba8",
- "name": "Presentation definition name",
- "purpose": "Presentation definition purpose",
- "organization_id": "9a1c543d-6cbb-48a9-99df-ebbbc94747a4",
- "is_archived": false,
- "created_at": null,
- "updated_at": null,
- "presentation_definition_to_schema": [
- {
- "id": "9e04d653-0a12-4799-8223-974e415c1992",
- "schema_id": "e506295f-3723-441f-8079-802c3b135ede",
- "schema_name": "Schema name",
- "schema_version": "Schema version",
- "archived": false,
- "constraints": null
}
], - "archived": true,
- "archived_at": null,
- "format": null
}
}
Generate verifiable presentation based on credentials provided
Meeco-Organisation-ID | string Specify Organisation ID to set request context to organisation |
required | object (VCGeneratePresentationDto) |
{- "presentation": {
- "issuer": "did:key:z6MkgCvGiSfJj6hfpRVHW6FqfmWUyz7vxu8guzq7fcECC9DE",
- "audience": "did:key:z6MkgCvGiSfJj6hfpRVHW6FqfmWUyz7vxu8guzq7fcECC9DE",
- "nonce": "8IBTHwOdqNKAWeKl7",
- "credentials": [
- "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NkstUiJ9.eyJpYXQi...",
- "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NkstUiJ9.eyJpYXQi..."
], - "expires_at": "2022-10-22T21:32:03.442Z"
}
}
{- "presentation": {
- "unsigned_vp_jwt": "yJhbGciOiJSUzI1NiIsImI2NCI6Zm..."
}
}
vc:org:manage
Verify a verifiable presentation
Checks performed:
POST /credentials/verify
for more information)Presentation expiration check is not considered critical and will be returned under warnings
attribute. It is up for the client application to decide how it should be handled. All other failed checks will be served under errors
attribute.
failed_to_verify_jwt
error might appear in both: errors and warnings list.
So far, the only case when failed_to_verify_jwt
appears in the warnings list is when presentation is expired.
Meeco-Organisation-ID required | string Specify Organisation ID to set request context to organisation |
required | object (VCVerifySignedPresentationRequestDto) |
{- "presentation": {
- "signed_presentation_jwt": "eyJraWQiOiJkaWQ6aW9uOkVpQTZkWlV..."
}
}
{- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
], - "credentials": [
- {
- "id": "urn:uuid:23b841f2-a3dc-477f-a9e1-5024d1dcc02b",
- "checks": [
- "format"
], - "warnings": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_jwt: JWT has expired: exp: 1609459200 < now: 1640995200"
}
}
], - "errors": [
- {
- "error": "failed_to_verify_jwt",
- "message": "Failed to verify JWT token",
- "extra_info": {
- "reason": "invalid_signature: Signature invalid for JWT"
}
}
]
}
]
}