OTTO API's 1.0

This specification defines standard application interfaces that enable the creation and management of multi-party federations.

1. Introduction

The Open Trust Taxonomy for Federation Operators (OTTO) defines standards to enable the interoperable management of multi-party federations--where a central authority creates the rules for membership, enabling the participants to more efficiently collaborate. The goal of OTTO is to support a range of trust models from very low to very high. By providing a common set of API's and a data model, the OTTO standard provides a scalable technical infrastructure to solve organizational challenges in a number of different ecosystems.

1.1 Notational Conventions

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].

Unless otherwise noted, all protocol properties and values are case sensitive.

1.2 Terminology

This specification introduces the following terms

Federation: A group of autonomous organizations that agree to abide the authority of a central organization to reduce the cost of collaboration.
Registration Authority: An organization that hosts the hardware and software used by Federation operators.
Participant: An organization that registers with a Registration Authority for the purpose of joining a Federation.
Entity: A techincal service operated by a Particpant, such as an identity provider, website or mobile application.
Issuer: Location of the Registration Authority, which MUST be a URI [RFC3986] with a scheme component that MUST be https, a host component, and optionally, port and path components and no query or fragment components.

1.3 Security Considerations

This specification defines several APIs. The Registration Authority MUST use TLS protection over these endpoints, governed by [BCP195], which discusses deployment and adoption characteristics of different TLS versions. All endpoints other then the .well-known configuration endpoint SHOULD require some form of authentication and access control, such as Client Authentication as described in [RFC6749] or a separate OAuth access token. The methods of managing and validating these authentication credentials are out of scope of this specification.

1.4 Search Syntax

OTTO API supports the depth and the filter searching feature. Those are the query parameter to passed in HTTP GET Request. which provide facility to search, navigate and filter the record.

1.4.1 Depth Parameter

The depth parameter provides the facility to deeply populate records with the full response. The depth parameter also supports to passed the multiple commas separated values. If depth parameter is possible to populated then it returns full response otherwise return an error with "Invalid depth parameter". You can only have depth parameter for the IRI scheme which returns JSON as response.

The below example is without depth parameter. which only shows the IRI value of the field. Non-normative examples of a without depth request.

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c HTTP/1.1

Non-normative response of without depth parameter. Some text was removed for readability (indicated by "..."). The detail description of federation refer Section 3.1:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation",
  "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
  "name": "fed1",
  ...
  "sponsor": [
    "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5"
  ],
  "federates": [
    "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6"
  ],
  "member": [
    "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4"
  ],
  ...
}

The below example with depth parameter which deeply populates the federates and return the full response of federates of the Federation. Non-normative examples of a depth request.

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=federates HTTP/1.1

Non-normative response of depth parameter. Some text was removed for readability (indicated by "..."). The detail description of federation refer Section 3.1 and federates refer Section 5.1:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation",
  "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
  "name": "fed1",
  ...
  "federates": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity",
      "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
      "name": "entity 1",
      "url": "http://otto-test.gluu.org/otto/entity",
      "registeredBy": {
        "@id": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df"
      },
      "description": "entity entity",
      "metadata": {
        "@id": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0"
      },
      "federatedBy": [
        {
          "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
        }
      ],
      "supports": [
        {
          "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
        }
      ]
    }
  ],
  ...
}

The below depth parameter deeply populate the federates and sponsor and return the full response of federates and sponsor of the Federation. Non-normative examples of a multiple depth request.

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=federates,sponsor HTTP/1.1

Non-normative response of multiple depth parameter. The detail description of federation refer Section 3.1, for federates refer Section 5.1 and for member refer Section 4.1 :

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation",
  "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
  "name": "fed1",
 ...
  "sponsor": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant",
      "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5",
      "name": "participant 1",
      "url": "http://otto-test.gluu.org/otto/participant",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "participant participant",
      "securityContact": [
        {
          "contactNo": "+485647556566",
          "name": "Security Person1"
        }
      ],
      "executiveContact": [
        {
          "contactNo": "+485647556566",
          "name": "Executive Person1"
        }
      ],
      "technicalContact": [
        {
          "contactNo": "+485647556566",
          "name": "Technical Person1"
        }
      ],
      "memberOf": [
        "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
      ],
      "operates": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
      "badgeSupported": [
        "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
      ],
      "trustMarkAsserted": "http://pa.org"
    }
  ],
  "federates": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity",
      "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
      "name": "entity 1",
      "url": "http://otto-test.gluu.org/otto/entity",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "entity entity",
      "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0",
      "federatedBy": [
        "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
      ],
      "supports": [
        "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
      ]
    }
  ],
  ...
}

1.4.2 Filter Parameter

OTTO API supports the depth and the filter feature to navigate, search and filter the record. Those are the request query parameter to passed in HTTP GET Request. The depth parameter allows to deeply populated the record and return full response. The filter parameter enables to navigate and find data within your JSON documents. To select items in JSPath, you use a location path which consists of one or more location steps. Every location step starts with one period (.) or two periods (..), depending on the item you're trying to select. It returns the result with the same key which you are passed in filter request. for detail description refer JSPath Filter.

The below parameter filter find the name property and return filtered output with name key. Non-normative examples of a filter request:

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?filter=.name HTTP/1.1

Non-normative response of filter parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "name": [
    "fed1"
  ]
}

Filter parameter allows passing multiple parameters by the separating comma(,). Non-normative examples of a multiple filter request:

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?filter=.name,.securityContact HTTP/1.1

Non-normative response of multiple filter parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "name": [
    "fed1"
  ],
  "securityContact": [
    {
      "contactNo": "+485647556566",
      "name": "Security Person1"
    }
  ]
}

Filter parameter allows filtering using nested property. Non-normative examples of a filter using nested property and depth request:

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=federates&filter=.federates.name HTTP/1.1

Non-normative examples of a filter using nested property and depth response:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "federates": {
    "name": [
      "entity 1"
    ]
  }
}

Filter parameter allows Object predicates can be used in a path expression to filter a subset of items according to boolean expressions working on the properties of each item. All object predicates are parenthesized by curly brackets ({ and }). Non-normative examples of a filter using boolean expressions and depth request:

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=federates&filter=.federates{.name==="entity 1"} HTTP/1.1

Non-normative examples of a filter using boolean expressions and depth request:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "federates": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity",
      "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
      "name": "entity 1",
      "url": "http://otto-test.gluu.org/otto/entity",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "entity entity",
      "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0",
      "federatedBy": [
        "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
      ],
      "supports": []
    }
  ]
}

3. Federation Endpoint

This endpoint, hosted by the Registration Authority, enables the creation and management of Federations.

3.1 Create Federation

This is POST API endpoint to create the federation. It needs to pass the required parameter to add the new federation. If you try to add federation with the same name which already exists then it returns response with error key with the message is "Federation already exist with the same name".

There are several properties which used for federation.

Table 1: Federation
Property	Value	Description
name	REQUIRED	A human friendly name for the Federation
description	OPTIONAL	It is Optional information about the RA
url	OPTIONAL	The public, human readable website for the Federation
operates	OPTIONAL	It is the Entity or array of Entity. A service operated by the Federation
metadata	OPTIONAL	It is the Metadata or array of Metadata. The metadata (including public signing key) for this Federation
supports	OPTIONAL	It is the Schema or array of Schema. It describes what schema is supported by this Federation.
registeredBy	REQUIRED	The Registration Authority where the federation is hosted
member	OPTIONAL	It is the array of Participants. List of organizational members of the Federation
federates	OPTIONAL	It is the array of Entity. List of services registered to the federation by Participants
sponsor	REQUIRED	It is an Organization or array of Organization. The organization legally responsible for management of the Federation
technicalContact	OPTIONAL	It is the Person or array of Person. Person(s) responsible for registering and maintaining the policies and technical data related to the organization's participation in the Federation
executiveContact	OPTIONAL	It is the Person or array of Person. Person(s) responsible for all decisions and delegations of authority for the Federation
securityContact	OPTIONAL	Person(s) to contact in the event of an urgent security issue
dataProtectionCodeOfConduct	OPTIONAL	It is the URL. The provisions regarding handling of personal information by the Federation Participants
federationAgreement	OPTIONAL	It is the URL. The rights and responsibilities of the Participant
federationPolicy	OPTIONAL	It is the URL. Operational practices and technical details for participation in the Federation.
trustMarkDefinitionSupported	OPTIONAL	It is the instance or array of TrustMarkDefinition or URL. What kinds of Trustmarks are supported by the federation
badgeSupported	OPTIONAL	It is the instance or array of BadgeClass or IRI. What kinds of Badges are supported by the federation

Non-normative example of add a federation request

POST /otto/federations HTTP/1.1
{
	"name": "fed1",
	"url": "http://otto-test.gluu.org/otto/federation",
	"registeredBy": "58f5da4957d53d2ffbbb31df",
	"sponsor": "58f720c7a10d8e1012e76ed4",
	"description": "fedearation fedearation",
	"securityContact": [{"name":"Security Person1", "contactNo":"+485647556566"}],
	"executiveContact": [{"name":"Executive Person1", "contactNo":"+485647556566"}],
	"technicalContact": [{"name":"Technical Person1", "contactNo":"+485647556566"}],
	"dataProtectionCodeOfConduct": "https://fd.org",
	"federationAgreement": "https://fd.org",
	"federationPolicy": "https://fd.org"
}

Non-normative example of add a federation response:

In response it return with "@id" key, This is Unique IRI for the newly added Federation:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@id": "http://otto-test.gluu.org/otto/federations/5909b4218489131c19abfa29"
}

3.2 Search Federation

This is GET API endpoint to fetch federation information. There are several ways to fetch federation information. you can fetch all the records, fetch all records with depth, fetch specific federation and also filtered using JSPath filter parameter.

Non-normative example of a federation request to fetch all federation list:

GET /otto/federations HTTP/1.1

Non-normative example of a federation response with json array:

federations: List of federation
itemsPerPage: Non-negative integer. Specifies the number of query results returned in a query response page, e.g., 10.
totalResults: Non-negative integer. Specifies the total number of results matching the client query, e.g., 1000.
startIndex: The 1-based index of the first result in the current set of query results, e.g., 1.

HTTP/1.1 200 OK
Content-Type: application/json

{
  "federations": [
    "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
    "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3d"
  ],
  "totalResults": 2,
  "itemsPerPage": 0,
  "startIndex": 1
}

Non-normative example of a federation request to fetch deep information of each federation:

GET /otto/federations?depth=federations HTTP/1.1

Non-normative example of a federation response with fetch deep information, for federation response description see the Section 3.1

HTTP/1.1 200 OK
Content-Type: application/json

{
  "federations": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation",
      "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
      "name": "fed1",
      "url": "http://otto-test.gluu.org/otto/federation",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "fedearation first",
      "dataProtectionCodeOfConduct": "https://fd.org",
      "federationAgreement": "https://fd.org",
      "federationPolicy": "https://fd.org",
      "securityContact": [
        {
          "contactNo": "+485647556566",
          "name": "Security Person1"
        }
      ],
      "executiveContact": [
        {
          "contactNo": "+485647556566",
          "name": "Executive Person1"
        }
      ],
      "technicalContact": [
        {
          "contactNo": "+485647556566",
          "name": "Technical Person1"
        }
      ],
      "sponsor": [
        "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5"
      ],
      "federates": [
        "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6"
      ],
      "member": [
        "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4"
      ],
      "trustMarkDefinitionSupported": [
        "https://fd.org"
      ],
      "badgeSupported": [
        "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
      ],
      "supports": [
        "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
      ],
      "metadata": [
        "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0"
      ]
    },
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation",
      "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
      "name": "fed2",
      "url": "http://otto-test.gluu.org/otto/federation",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "fedearation Second",
      "dataProtectionCodeOfConduct": "https://fd.org",
      "federationAgreement": "https://fd.org",
      "federationPolicy": "https://fd.org",
      "securityContact": [
        {
          "contactNo": "+485647556566",
          "name": "Security Person1"
        }
      ],
      "executiveContact": [
        {
          "contactNo": "+485647556566",
          "name": "Executive Person1"
        }
      ],
      "technicalContact": [
        {
          "contactNo": "+485647556566",
          "name": "Technical Person1"
        }
      ],
      "sponsor": [
        "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5"
      ],
      "federates": [
        "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6"
      ],
      "member": [
        "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4"
      ],
      "trustMarkDefinitionSupported": [
        "https://fd.org"
      ],
      "badgeSupported": [
        "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
      ],
      "supports": [
        "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
      ],
      "metadata": [
        "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0"
      ]
    }
  ],
  "totalResults": 2,
  "itemsPerPage": 0,
  "startIndex": 1
}

Non-normative example of a federation request by passing the unique id to fetch specific full response of specific federation. When federation not exists, it returns response "Federation doesn't exist":

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c HTTP/1.1

Non-normative example of a federation response of specific federation, for response description see the Section 3.1.

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation",
  "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
  "name": "fed1",
  "url": "http://otto-test.gluu.org/otto/federation",
  "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
  "description": "fedearation fedearation",
  "dataProtectionCodeOfConduct": "https://fd.org",
  "federationAgreement": "https://fd.org",
  "federationPolicy": "https://fd.org",
  "securityContact": [
    {
      "contactNo": "+485647556566",
      "name": "Security Person1"
    }
  ],
  "executiveContact": [
    {
      "contactNo": "+485647556566",
      "name": "Executive Person1"
    }
  ],
  "technicalContact": [
    {
      "contactNo": "+485647556566",
      "name": "Technical Person1"
    }
  ],
  "sponsor": [
    "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5"
  ],
  "federates": [
    "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6"
  ],
  "member": [
    "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4"
  ],
  "trustMarkDefinitionSupported": [
    "https://fd.org"
  ],
  "badgeSupported": [
    "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
  ],
  "supports": [
    "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
  ],
  "metadata": [
    "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0"
  ]
}

Non-normative example of a federation request ot fetch depth of specific federation. for depth parameter description refer Section 1.4:

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=federates HTTP/1.1

Non-normative example of a federation response with deep populate of specific federation, for response description see the Section 3.1:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation",
  "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
  "name": "fed1",
  "url": "http://otto-test.gluu.org/otto/federation",
  "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
  "description": "fedearation fedearation",
  "dataProtectionCodeOfConduct": "https://fd.org",
  "federationAgreement": "https://fd.org",
  "federationPolicy": "https://fd.org",
  "securityContact": [
    {
      "contactNo": "+485647556566",
      "name": "Security Person1"
    }
  ],
  "executiveContact": [
    {
      "contactNo": "+485647556566",
      "name": "Executive Person1"
    }
  ],
  "technicalContact": [
    {
      "contactNo": "+485647556566",
      "name": "Technical Person1"
    }
  ],
  "sponsor": [
    "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5"
  ],
  "federates": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity",
      "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
      "name": "entity 1",
      "url": "http://otto-test.gluu.org/otto/entity",
      "registeredBy": {
        "@id": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df"
      },
      "description": "entity entity",
      "metadata": {
        "@id": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0"
      },
      "federatedBy": [
        {
          "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
        }
      ],
      "supports": [
        {
          "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
        }
      ]
    }
  ],
  "member": [
    "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4"
  ],
  "trustMarkDefinitionSupported": [
    "https://fd.org"
  ],
  "badgeSupported": [
    "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
  ],
  "supports": [
    "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
  ],
  "metadata": [
    "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0"
  ]
}

Non-normative example of a federation request with multiple depth parameter:

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=sponsor,federates HTTP/1.1

Non-normative example of a federation response of multiple depth parameter, for response description of federation see the Section 3.1. It populate the sponsor and federates of this federation.

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation",
  "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
  "name": "fed1",
  "url": "http://otto-test.gluu.org/otto/federation",
  "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
  "description": "fedearation fedearation",
  "dataProtectionCodeOfConduct": "https://fd.org",
  "federationAgreement": "https://fd.org",
  "federationPolicy": "https://fd.org",
  "securityContact": [
    {
      "contactNo": "+485647556566",
      "name": "Security Person1"
    }
  ],
  "executiveContact": [
    {
      "contactNo": "+485647556566",
      "name": "Executive Person1"
    }
  ],
  "technicalContact": [
    {
      "contactNo": "+485647556566",
      "name": "Technical Person1"
    }
  ],
  "sponsor": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant",
      "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5",
      "name": "participant 1",
      "url": "http://otto-test.gluu.org/otto/participant",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "participant participant",
      "securityContact": [
        {
          "contactNo": "+485647556566",
          "name": "Security Person1"
        }
      ],
      "executiveContact": [
        {
          "contactNo": "+485647556566",
          "name": "Executive Person1"
        }
      ],
      "technicalContact": [
        {
          "contactNo": "+485647556566",
          "name": "Technical Person1"
        }
      ],
      "memberOf": [
        "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
      ],
      "operates": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
      "badgeSupported": [
        "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
      ],
      "trustMarkAsserted": "http://pa.org"
    }
  ],
  "federates": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity",
      "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
      "name": "entity 1",
      "url": "http://otto-test.gluu.org/otto/entity",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "entity entity",
      "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0",
      "federatedBy": [
        "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
      ],
      "supports": [
        "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
      ]
    }
  ],
  "member": [
    "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4"
  ],
  "trustMarkDefinitionSupported": [
    "https://fd.org"
  ],
  "badgeSupported": [
    "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
  ],
  "supports": [
    "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
  ],
  "metadata": [
    "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0"
  ]
}

Non-normative example of a federation request when invalid depth parameter is passed, It response with "Invalid depth parameter"

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=description HTTP/1.1

Non-normative example of a federation response

HTTP/1.1 200 OK
Content-Type: application/json
{
  "error": [
    "Invalid depth parameter"
  ]
}

Non-normative example of a federation request using filter parameter

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?filter=.securityContact HTTP/1.1

Non-normative example of a federation response with filter parameter. It will filter json object as per given JSPath. JSPath is always start from dot(.)

HTTP/1.1 200 OK
Content-Type: application/json
{
  "securityContact": [
    {
      "contactNo": "+485647556566",
      "name": "Security Person1"
    }
  ]
}

Non-normative example of a federation request using multiple filter parameter:

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?filter=.securityContact,.name HTTP/1.1

Non-normative example of a federation response with multiple depth parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "securityContact": [
    {
      "contactNo": "+485647556566",
      "name": "Security Person1"
    }
  ],
  "name": [
    "fed1"
  ]
}

Non-normative example of a federation request using filter condition parameter:

GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?filter=.member{.name==="participant 2"} HTTP/1.1

Non-normative example of a federation response with filter condition parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "member": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant",
      "@id": "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4",
      "name": "participant 2",
      "url": "http://otto-test.gluu.org/otto/participant",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "participant participant",
      "securityContact": [
        {
          "contactNo": "+485647556566",
          "name": "Security Person1"
        }
      ],
      "executiveContact": [
        {
          "contactNo": "+485647556566",
          "name": "Executive Person1"
        }
      ],
      "technicalContact": [
        {
          "contactNo": "+485647556566",
          "name": "Technical Person1"
        }
      ],
      "memberOf": [],
      "badgeSupported": [
        "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
      ],
      "operates": ""
    }
  ]
}

Non-normative example of a federation request using page no and page length parameter:

pageno: The 1-based index of the first query result. A value less than 1 SHALL be interpreted as 1.
pagelength: Non-negative integer. Specifies the desired maximum number of query results per page, e.g., 10.

GET /otto/federations?pageno=1&pagelength=5 HTTP/1.1

Non-normative example of a federation response of page no and page length parameter:

federations: Contain list of federation array
itemsPerPage: Non-negative integer. Specifies the number of query results returned in a query response page, e.g., 10.
totalResults: Non-negative integer. Specifies the total number of results matching the client query, e.g., 1000.
startIndex: The 1-based index of the first result in the current set of query results, e.g., 1.

HTTP/1.1 200 OK
Content-Type: application/json
{
  "federations": [
    "http://otto-test.gluu.org/otto/federations/59157847d1285b2273ef83d2",
    "http://otto-test.gluu.org/otto/federations/5915784bd1285b2273ef83d3",
    "http://otto-test.gluu.org/otto/federations/59157850d1285b2273ef83d4",
    "http://otto-test.gluu.org/otto/federations/59157854d1285b2273ef83d5",
    "http://otto-test.gluu.org/otto/federations/59157857d1285b2273ef83d6"
  ],
  "totalResults": 2,
  "itemsPerPage": 0,
  "startIndex": 1
}

3.3 Update Federation

This is PUT API endpoint to update federation. you need to pass the value of the field which you want to update. It will update only those field which you passed into parameter. The possible parameter you can passed for update, refer Section 3.1:

Non-normative example of update a federation request:

PUT /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
	"name": "fed1",
	"url": "http://otto-test.gluu.org/otto/federation",
	"description": "fedearation fedearation",
	"securityContact": [{"name":"Security Person1", "contactNo":"+485647556566"}],
	"executiveContact": [{"name":"Executive Person1", "contactNo":"+485647556566"}],
	"technicalContact": [{"name":"Technical Person1", "contactNo":"+485647556566"}],
	"dataProtectionCodeOfConduct": "https://fd.org",
	"federationAgreement": "https://fd.org",
	"federationPolicy": "https://fd.org"
}

Non-normative example of update a Federation response. It returns response with status 200 when successfully updated the federation.

HTTP/1.1 200 OK

3.4 Patch Federation

HTTP PATCH is an OPTIONAL server function that enables clients to update one or more attributes of a federation resource using a sequence of operations to "add", "remove", or "replace" values.

The body of an HTTP PATCH request MUST contain the attribute "op", whose value is an array of one or more PATCH operations. Each PATCH operation object MUST have exactly one "op" member, whose value indicates the operation to perform and MAY be one of "add", "remove", or "replace".

The following non-normative example show how to add a executive contact in federation request:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
"op": "add",
"path": "executiveContact",
"value": {
      "contactNo": "+485647556566",
      "name": "Executive Person2"
  }
}

Non-normative example of add patch operation Federation response. On successful completion, the server either MUST return a 200 OK response code.

HTTP/1.1 200 OK

The "path" attribute value is a String containing an attribute path describing the target of the operation. The "path" attribute is OPTIONAL for "add" and "replace" and is REQUIRED for "remove" operations.

Valid examples of "path" are as follows:

"path": "federates"
"path":"securityContact.name"
"path": "securityContact[name eq \"Person1\"]"
"path": "securityContact[name eq \"Person1\"].name"
"path":"/federates/59414908e7748f4d19541f46" -> Allow only for remove patch operation

3.4.1 Add Operation

The "add" operation is used to add a new attribute value to an existing resource.

The operation MUST contain a "value" member whose content specifies the value to be added. The value MAY be a quoted value, or it may be a JSON object containing the sub-attributes of the complex attribute specified in the operation's "path".

The result of the add operation depends upon what the target location indicated by "path" references:

If omitted, the target location is assumed to be the resource itself. The "value" parameter contains a set of attributes to be added to the resource.
If the target location specifies a multi-valued attribute, a new value is added to the attribute.
If the target location specifies a single-valued attribute, the existing value is replaced.
If the target location specifies a complex attribute, a set of sub-attributes SHALL be specified in the "value" parameter.

Below is the non-normative example of possible patch request.

The following non-normative example shows how to add entity as a federates in federation:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"add",
"path":"federates",
"value":["593e389eef45281765f96128"]
}

Non-normative example of add patch operation without path property to federation request:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"add",
"value":{
 "federates": ["593e389eef45281765f96128"]
 }
}

Non-normative example of patch operation to passed single value in multivalued attribute:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"add",
"value":{
 "federates": "593e389eef45281765f96128"
 }
}

Non-normative example of patch to single valued attribute:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
 "op": "add",
 "path": "name",
 "value": "fed-test"
}

Non-normative example of patch with path parameter condition. Currently It only allow equels(eq) operation:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
 "op": "add",
 "path": "securityContact[name eq \"sec12\"]",
 "value": {
      "contactNo": "+485647556566",
      "name": "sec1"
    }
}

Non-normative example of patch to sub attribute:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
 "op": "add",
 "path": "securityContact[name eq \"Person1\"].name",
 "value":"Person One"
}

Non-normative example of patch to multiple attribute:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
 "op": "add",
 "value": {
  "name":"fed-name",
  "description": "fed-desc"
 }
}

3.4.2 Replace Operation

The "replace" operation replaces the value at the target location specified by the "path". The operation performs the following functions, depending on the target location specified by "path":

If the "path" parameter is omitted, the target is assumed to be the resource itself. In this case, the "value" attribute SHALL contain a list of one or more attributes that are to be replaced.
If the target location is a multi-valued attribute, the attribute and all values are replaced.
If the target location is a single-value attribute, the attributes value is replaced.
If the target location specifies a complex attribute, a set of sub-attributes SHALL be specified in the "value" parameter, which replaces any existing values or adds where an attribute did not previously exist. Sub-attributes that are not specified in the "value" parameter are left unchanged.
If the target location is a multi-valued attribute and a value selection filter is specified that matches one or more values of the multi-valued attribute, then all matching record values SHALL be replaced.
If the target location is a complex multi-valued attribute with a value selection filter ("valuePath") and a specific sub-attribute (e.g., "securityContact[name eq "abc"].contactNo"), the matching sub-attribute of all matching records is replaced.

Replace patch also support all the possibilities as describe in Section 3.4.1

Non-normative example of replace patch operation federation request. It remove previous federates and adde new federates:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
 "op": "replace",
 "path": "federates",
 "value": ["593e389eef45281765f96128"]
}

Non-normative example of add patch operation without path property federation request:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"replace",
"value":{
 "executiveContact": [
    {
      "contactNo": "+485647556566",
      "name": "Executive Person2"
    }
  ]
 }
}

Non-normative example of replace patch operation Federation response. It returns response with status 200 when successfully patch the federation.

HTTP/1.1 200 OK

3.4.3 Remove Operation

The "remove" operation removes the value at the target location specified by the required attribute "path". The operation performs the following functions, depending on the target location specified by "path":

If the target location is a single-value attribute, the attribute and its associated value is removed, and the attribute SHALL be considered unassigned null.
If the target location is a multi-valued attribute, the attribute and all values are removed, and the attribute SHALL be considered null array.
If the target location is a multi-valued attribute and a complex filter is specified comparing a "value", the values matched by the filter are removed. If no other values remain after removal of the selected values, the multi-valued attribute SHALL be considered null.
If the target location is a complex multi-valued attribute and a complex filter is specified based on the attribute's sub-attributes, the matching records are removed. Sub-attributes whose values have been removed SHALL be considered unassigned. If the complex multi-valued attribute has no remaining records, the attribute SHALL be considered unassigned.

Non-normative example of remove patch operation federation request to remove specific federates from federation:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
 "op":"remove",
 "path":"/federates/59414908e7748f4d19541f46"
}

Non-normative example of remove patch operation federation request to removed multivalued attribute all values. It will remove all executiveContact:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
 "op": "remove",
 "path": "executiveContact"
}

Non-normative example of remove patch operation federation request with path parameter condition. It will remove executiveContact whose name is "sec2":

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
{
 "op":"remove",
 "path":"securityContact[name eq \"sec2\"]"
}

Non-normative example of remove patch operation Federation response. It returns response with status 200 when successfully patch the federation.

HTTP/1.1 200 OK

The following example shows how to passed multiple operation in patch.

Non-normative example of multiple patch operation federation request:

PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
[
 {
  "op": "remove",
  "path": "executiveContact"
 },
 {
  "op": "replace",
  "path": "name",
  "value": "abc"
 }
]

Non-normative example of multiple patch operation Federation response. It returns response with status 200 when successfully patch the federation.

HTTP/1.1 200 OK

3.5 Delete Federation

This is DELETE API endpoint to delete federation. It needs to passed unique id of the federation in the federation endpoint.

Non-normative example of delete a federation request:

DELETE /otto/federations/5909b4218489131c19abfa29 HTTP/1.1

Non-normative example of delete a federation success response:

HTTP/1.1 200 OK

Non-normative example of deleting a federation error response when federation not found:

HTTP/1.1 404 OK
{
  "error": [
    "Federation doesn't exist"
  ]
}

3.6 Leave Federation

This is DELETE API for remove services of this federation. It removes entity reference from the federates of the Federation.

Their are two path request parameter.

Federation Id: first path parameter is federation unique id.
Entity Id: Second path parameter is entity unique id.

Non-normative example of a federation leave request:

DELETE /otto/federations/5909b4218489131c19abfa29/entity/58f7218ca10d8e1012e76ed6 HTTP/1.1

Non-normative example of a federation leave success response:

HTTP/1.1 200 OK

Non-normative example of a federation leave fail response when federation not found:

HTTP/1.1 404 OK
{
  "error": [
    "Federation doesn't exist"
  ]
}

Non-normative example of a federation leave fail response when entity doesn't exist in federates:

HTTP/1.1 404 OK
{
  "error": [
    "Entity doesn't exist in Federation"
  ]
}

Non-normative example of a federation leave fail response when passed any invalid id:

HTTP/1.1 404 OK
{
  "error": [
    "Invalid Federation Id"
  ]
}

3.7 Link entity to federation

This is POST API endpoint for add services to this federation. It adds entity reference to federates of the Federation.

Their are two path request parameter.

Federation Id: The first path parameter is federation unique id.
Entity Id: The second path parameter is entity unique id.

Non-normative example of a federation link to entity request:

POST/otto/federations/5909b4218489131c19abfa29/entity/58f7218ca10d8e1012e76ed6 HTTP/1.1

Non-normative example of a federation link to entity response:

HTTP/1.1 200 OK

It return response as per like Section 3.6

3.8 Add new service to federation

This is POST API endpoint for add a new service into the federation. It will add new service(entity) to the federation and linked this newly added service(entity) to the Federation.

Their are two request parameter.

Federation Id: The first path parameter is federation unique id.
Entity: This is full requested body of entity. for possible parameter refer Section 5.1

Non-normative example of a federation request to add new service:

POST /otto/federation/5909b4218489131c19abfa29 HTTP/1.1
{
	"name": "entity 1",
	"url": "http://otto-test.gluu.org/otto/entity",
	"registeredBy": "58f5da4957d53d2ffbbb31df",
	"description": "entity entity",
	"registeredBy": "58f5da4957d53d2ffbbb31df",
	"metadata": "58f5da4957d53d2ffbbb31e0"
}

Non-normative example of a federation response from add new service:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@id": "http://otto-test.gluu.org/otto/federations/5909b4218489131c19abfa29"
}

3.9 Link participant(member) to federation

This is POST API endpoint for link participant as a member of the Federation. It adds participant reference to the member of the Federation.

Their are two request parameter.

Federation Id: The first path parameter is federation unique id.
Participant Id: The second path parameter is participant unique id.

Non-normative example of a link participant to federation request:

POST /otto/federations/5909b4218489131c19abfa29/participant/58f7218ca10d8e1012e76ed6 HTTP/1.1

Non-normative example of a link participant to federation federation response:

HTTP/1.1 200 OK

It return response as per like Section 3.6

4. Participant Endpoint

This endpoint, hosted by the Registration Authority, enables the registration and management of information about an organization so it can be associated with a Federation.

4.1 Create Participant

This is POST API endpoint to create participant. It needs to pass the required parameter to add the new participant. If you try to add participant with the same name which already exists then it returns response with error key with the message is "Participant already exist with the same name".

Their are several properties which used for participant.

Table 2: Participant
Property	Value	Description
name	REQUIRED	A human friendly name for the Participant
url	OPTIONAL	The public website for the Participant
description	OPTIONAL	It is Optional information about the Participant
memberOf	OPTIONAL	It is the Federation or array of Federation, A federation to which this Participant is a member
operates	OPTIONAL	It is the entity, A service operated by the Participant
registeredBy	REQUIRED	It is the registration authority, where the Participant is registered
technicalContact	OPTIONAL	It is the Person or array of Person, Person(s) responsible for registering and maintaining the policies and technical data related to the Federation
executiveContact	OPTIONAL	It is the Person or array of Person, Person responsible for all decisions and delegations of authority for the Participant
securityContact	OPTIONAL	It is the Person or array of Person, Person(s) to contact in the event of an urgent security issue
trustMarkAsserted	OPTIONAL	It is the instance or array of Trustmark or URL, Link to TrustMarks the Participant claims
badgeSupported	OPTIONAL	It is the instance or array of BadgeClass or IRI, What Badges the Participant issues

Non-normative example of add a participant request

POST /otto/entity HTTP/1.1
{
	"name": "participant1",
	"url": "http://otto-test.gluu.org/otto/participant",
	"registeredBy": "58f5da4957d53d2ffbbb31df",
	"description": "participant participant",
	"securityContact": [{"name":"Security Person1", "contactNo":"+485647556566"}],
	"executiveContact": [{"name":"Executive Person1", "contactNo":"+485647556566"}],
	"technicalContact": [{"name":"Technical Person1", "contactNo":"+485647556566"}]
}

Non-normative example of add a participant response:

In response it return with "@id" key, This is Unique IRI for the newly added participant

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@id": "http://otto-test.gluu.org/otto/participant/5909b4218489131c19abfa29"
}

4.2 Fetch Participant

Non-normative example of a get all participant request:

GET /otto/participant HTTP/1.1

Non-normative example of a get all participant response:

participant: List of participant
itemsPerPage: Non-negative integer. Specifies the number of query results returned in a query response page, e.g., 10.
totalResults: Non-negative integer. Specifies the total number of results matching the client query, e.g., 1000.
startIndex: The 1-based index of the first result in the current set of query results, e.g., 1.

HTTP/1.1 200 OK
Content-Type: application/json

{
  "participant": [
    "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4",
    "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5"
  ],
  "totalResults": 2,
  "itemsPerPage": 0,
  "startIndex": 1
}

Non-normative example of a participant request with depth parameter:

GET /otto/participant?depth=participant HTTP/1.1

Non-normative example of a participant response from depth parameter. for participant response description see the Section 4.1

HTTP/1.1 200 OK
Content-Type: application/json

{
  "participant": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant",
      "@id": "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4",
      "name": "participant 2",
      "url": "http://otto-test.gluu.org/otto/participant",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "participant participant",
      "securityContact": [
        {
          "contactNo": "+485647556566",
          "name": "Security Person1"
        }
      ],
      "executiveContact": [
        {
          "contactNo": "+485647556566",
          "name": "Executive Person1"
        }
      ],
      "technicalContact": [
        {
          "contactNo": "+485647556566",
          "name": "Technical Person1"
        }
      ],
      "memberOf": [],
      "badgeSupported": [
        "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
      ],
      "operates": ""
    },
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant",
      "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5",
      "name": "participant 1",
      "url": "http://otto-test.gluu.org/otto/participant",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "participant participant",
      "securityContact": [
        {
          "contactNo": "+485647556566",
          "name": "Security Person1"
        }
      ],
      "executiveContact": [
        {
          "contactNo": "+485647556566",
          "name": "Executive Person1"
        }
      ],
      "technicalContact": [
        {
          "contactNo": "+485647556566",
          "name": "Technical Person1"
        }
      ],
      "memberOf": [
        "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
      ],
      "operates": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
      "badgeSupported": [
        "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
      ],
      "trustMarkAsserted": "http://pa.org"
    }
  ],
  "totalResults": 2,
  "itemsPerPage": 0,
  "startIndex": 1
}

Non-normative example of a fetch specific participant information by passing participant unique id:

GET /otto/participant/58f720e1a10d8e1012e76ed5 HTTP/1.1

Non-normative example of a participant response from specific participant. for participant response description see the Section 4.1

HTTP/1.1 200 OK
Content-Type: application/json

{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant",
  "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5",
  "name": "participant 1",
  "url": "http://otto-test.gluu.org/otto/participant",
  "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
  "description": "participant participant",
  "securityContact": [
    {
      "contactNo": "+485647556566",
      "name": "Security Person1"
    }
  ],
  "executiveContact": [
    {
      "contactNo": "+485647556566",
      "name": "Executive Person1"
    }
  ],
  "technicalContact": [
    {
      "contactNo": "+485647556566",
      "name": "Technical Person1"
    }
  ],
  "memberOf": [
    "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
  ],
  "operates": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
  "badgeSupported": [
    "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
  ],
  "trustMarkAsserted": "http://pa.org"
}

Non-normative example of a participant request with specified id and depth parameter:

GET /otto/participant/58f720e1a10d8e1012e76ed5?depth=memberOf HTTP/1.1

Non-normative example of a participant response from with specified id and depth parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant",
  "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5",
  "name": "participant 1",
  "url": "http://otto-test.gluu.org/otto/participant",
  "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
  "description": "participant participant",
  "securityContact": [
    {
      "contactNo": "+485647556566",
      "name": "Security Person1"
    }
  ],
  "executiveContact": [
    {
      "contactNo": "+485647556566",
      "name": "Executive Person1"
    }
  ],
  "technicalContact": [
    {
      "contactNo": "+485647556566",
      "name": "Technical Person1"
    }
  ],
  "memberOf": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation",
      "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
      "name": "fed1",
      "url": "http://otto-test.gluu.org/otto/federation",
      "registeredBy": {
        "@id": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df"
      },
      "description": "fedearation fedearation",
      "dataProtectionCodeOfConduct": "https://fd.org",
      "federationAgreement": "https://fd.org",
      "federationPolicy": "https://fd.org",
      "securityContact": [
        {
          "contactNo": "+485647556566",
          "name": "Security Person1"
        }
      ],
      "executiveContact": [
        {
          "contactNo": "+485647556566",
          "name": "Executive Person1"
        }
      ],
      "technicalContact": [
        {
          "contactNo": "+485647556566",
          "name": "Technical Person1"
        }
      ],
      "sponsor": [
        {
          "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5"
        }
      ],
      "federates": [
        {
          "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6"
        }
      ],
      "member": [
        {
          "@id": "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4"
        }
      ],
      "trustMarkDefinitionSupported": [
        "https://fd.org"
      ],
      "badgeSupported": [
        {
          "@id": "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
        }
      ],
      "supports": [
        {
          "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
        }
      ],
      "metadata": [
        {
          "@id": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0"
        }
      ]
    }
  ],
  "operates": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
  "badgeSupported": [
    "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
  ],
  "trustMarkAsserted": "http://pa.org"
}

Non-normative example of a participant request with multiple depth parameter:

GET /otto/participant/58f720e1a10d8e1012e76ed5?depth=memberOf,operates HTTP/1.1

Non-normative example of a participant response from multiple depth parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant",
  "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5",
  "name": "participant 1",
  "url": "http://otto-test.gluu.org/otto/participant",
  "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
  "description": "participant participant",
  "securityContact": [
    {
      "contactNo": "+485647556566",
      "name": "Security Person1"
    }
  ],
  "executiveContact": [
    {
      "contactNo": "+485647556566",
      "name": "Executive Person1"
    }
  ],
  "technicalContact": [
    {
      "contactNo": "+485647556566",
      "name": "Technical Person1"
    }
  ],
  "memberOf": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation",
      "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
      "name": "fed1",
      "url": "http://otto-test.gluu.org/otto/federation",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "fedearation fedearation",
      "dataProtectionCodeOfConduct": "https://fd.org",
      "federationAgreement": "https://fd.org",
      "federationPolicy": "https://fd.org",
      "securityContact": [
        {
          "contactNo": "+485647556566",
          "name": "Security Person1"
        }
      ],
      "executiveContact": [
        {
          "contactNo": "+485647556566",
          "name": "Executive Person1"
        }
      ],
      "technicalContact": [
        {
          "contactNo": "+485647556566",
          "name": "Technical Person1"
        }
      ],
      "sponsor": [
        "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5"
      ],
      "federates": [
        "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6"
      ],
      "member": [
        "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4"
      ],
      "trustMarkDefinitionSupported": [
        "https://fd.org"
      ],
      "badgeSupported": [
        "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
      ],
      "supports": [
        "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
      ],
      "metadata": [
        "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0"
      ]
    }
  ],
  "operates": {
    "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity",
    "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
    "name": "entity 1",
    "url": "http://otto-test.gluu.org/otto/entity",
    "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
    "description": "entity entity",
    "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0",
    "federatedBy": [
      "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
    ],
    "supports": []
  },
  "badgeSupported": [
    "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
  ],
  "trustMarkAsserted": "http://pa.org"
}

Non-normative example of a participant request with filter parameter:

GET /otto/participant/58f7200bcf5e0a0f09cf2c3c?filter=.name HTTP/1.1

Non-normative example of a participant response from filter parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "name": [
    "participant 1"
  ]
}

Non-normative example of a participant request with multiple filter parameter:

GET /otto/participant/58f720e1a10d8e1012e76ed5?filter=.name,.securityContact HTTP/1.1

Non-normative example of a participant response from multiple filter parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "name": [
    "participant 1"
  ],
  "securityContact": [
    {
      "contactNo": "+485647556566",
      "name": "Security Person1"
    }
  ]
}

Non-normative example of a participant request using page no and page length parameter:

pageno: The 1-based index of the first query result. A value less than 1 SHALL be interpreted as 1.
pagelength: Non-negative integer. Specifies the desired maximum number of query results per page, e.g., 10.

GET /otto/participant?pageno=1&pagelength=5 HTTP/1.1

Non-normative example of a participant response of page no and page length parameter:

participant: The list of participant array
itemsPerPage: Non-negative integer. Specifies the number of query results returned in a query response page, e.g., 10.
totalResults: Non-negative integer. Specifies the total number of results matching the client query, e.g., 1000.
startIndex: The 1-based index of the first result in the current set of query results, e.g., 1.

HTTP/1.1 200 OK
Content-Type: application/json
{
  "participant": [
    "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4",
    "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5",
    "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed6",
    "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed7",
    "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed8"
  ],
  "totalResults": 11,
  "itemsPerPage": 5,
  "startIndex": 1
}

4.3 Update Participant

This is PUT API endpoint to update the Participant. It needs to pass the value of the field which you want to update. It will update only those field which you passed into the parameter. The possible parameter you can passed for update, refer Section 4.1.

Non-normative example of a update participant request:

PUT /otto/participant/5909b4218489131c19abfa29 HTTP/1.1
{
	"name": "participant1",
	"url": "http://otto-test.gluu.org/otto/participant",
	"registeredBy": "58f5da4957d53d2ffbbb31df",
	"description": "participant participant",
	"securityContact": [{"name":"Security Person1", "contactNo":"+485647556566"}],
	"executiveContact": [{"name":"Executive Person1", "contactNo":"+485647556566"}],
	"technicalContact": [{"name":"Technical Person1", "contactNo":"+485647556566"}]
}

Non-normative example of a update participant response:

HTTP/1.1 200 OK

4.4 Patch participant

HTTP PATCH is an OPTIONAL server function that enables clients to update one or more attributes of a participant resource using a sequence of operations to "add", "remove", or "replace" values.

4.4.1 Add Operation

The "add" operation is used to add a new attribute value to an existing resource. refer Section 3.4.1 for add patch operation description.

The following example show how to link participant with federation:

PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"add",
"path":"memberOf",
"value":["5909b4218489131c19abfa29"]
}

Non-normative example of add patch operation participant response. It returns response with status 200 when successfully patch the participant.

HTTP/1.1 200 OK

Non-normative example of add patch operation without path property to participant request:

PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"add",
"value":{
 "memberOf": ["5909b4218489131c19abfa29"]
 }
}

Non-normative example of add patch operation without path property to participant response. It returns response with status 200 when successfully patch the federation.

HTTP/1.1 200 OK

4.4.2 Replace Operation

The "replace" operation replaces the value at the target location specified by the "path". refer Section 3.4.2 for detail replace patch description.

Non-normative example of replace patch operation participant request:

PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1
{
"op": "replace",
"path": "executiveContact",
"value": [{
      "contactNo": "+485647556566",
      "name": "Executive Person2"
  }]
}

Non-normative example of replace patch operation participant response. It returns response with status 200 when successfully patch the participant.

HTTP/1.1 200 OK

Non-normative example of add patch operation without path property participant request:

PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"replace",
"value":{
 "executiveContact": [
    {
      "contactNo": "+485647556566",
      "name": "Executive Person2"
    }
  ]
 }
}

Non-normative example of replace patch operation without path property participant response. It returns response with status 200 when successfully patch the participant.

HTTP/1.1 200 OK

4.4.3 Remove Operation

The "remove" operation removes the value at the target location specified by the required attribute "path". Refer Section 3.4.3 for detail description of remove patch.

Non-normative example of remove patch operation participant request to remove specific federation:

PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1
{
 "op":"remove",
 "path":"/memberOf/59414908e7748f4d19541f46"
}

Non-normative example of remove patch operation participant request:

PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1
{
 "op": "remove",
 "path": "executiveContact"
}

Non-normative example of remove patch operation participant response. It returns response with status 200 when successfully patch the participant.

HTTP/1.1 200 OK

The following example shows how to passed multiple operation in patch.

Non-normative example of multiple patch operation participant request:

PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1
[
 {
  "op": "remove",
  "path": "executiveContact"
 },
 {
  "op": "replace",
  "path": "name",
  "value": "abc"
 }
]

Non-normative example of multiple patch operation participant response. It returns response with status 200 when successfully patch the participant.

HTTP/1.1 200 OK

4.5 Delete Participant

Non-normative example of a delete participant request

DELETE /otto/participant/5909b4218489131c19abfa29 HTTP/1.1

Non-normative example of a delete participant response:

HTTP/1.1 200 OK

4.6 Link participant(member) of federation

This is POST API endpoint for link participant as a member of Federation. It added the federation reference to memberOf in the participant.

Their are two request parameter.

Participant Id: The first path parameter is participant unique id.
Federation Id: The second path parameter is federation unique id.

Non-normative example of a participant request

POST /otto/participant/5909b4218489131c19abfa29/federation/58f7218ca10d8e1012e76ed6 HTTP/1.1

Non-normative example of a participant response:

HTTP/1.1 200 OK

It return response as per like Section 3.6

4.7 Link entity(service) to participant

This is POST API endpoint for link entity as a service of the Participant. It is a service operated by the Participant.

Their are two request parameter.

Participant Id: The first path parameter is participant unique id.
Entity Id: The second path parameter is entity unique id.

Non-normative example of a link entity to participant request:

POST /otto/participant/5909b4218489131c19abfa29/entity/58f7218ca10d8e1012e76ed6 HTTP/1.1

Non-normative example of a link entity to participant response:

HTTP/1.1 200 OK

5. Entity Endpoint

This endpoint, hosted by the Registration Authority, enables the registration and management of digital services at the federation.

5.1 Create Entity

This is POST API endpoint to create entity. It needs to pass the required parameter to add the new entity. If you try to add entity with same name which is already exist then it return response with error key with message is "entity already exist with same name".

Their are several properties which used for entity.

Table 3: Entity
Property	Value	Description
name	REQUIRED	A human friendly name for the Entity
operatedBy	OPTIONAL	It is the Federation or Participant, The organization that is responsible for this Entity
url	OPTIONAL	The public, human readible website for the Entity
description	OPTIONAL	It is Optional information about the Entity
registeredBy	REQUIRED	The RA which registered this entity
federatedBy	OPTIONAL	It is the Federation or array of Federation, The federation to which this entity is affiliated
metadata	OPTIONAL	The metadata for this Entity
category	OPTIONAL	It is the category, Used for assignment of standard Category defined in extension
supports	OPTIONAL	It is the Schema or array of Schema, What schema is supported by this Entity

Non-normative example of add a entity request

POST /otto/entity HTTP/1.1
{
	"name": "entity 1",
	"url": "http://otto-test.gluu.org/otto/entity",
	"registeredBy": "http://otto-test.gluu.org",
	"description": "entity entity",
	"registeredBy": "58f5da4957d53d2ffbbb31df",
	"metadata": "58f5da4957d53d2ffbbb31e0",
	"category": "https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim"
}

Non-normative example of add a entity response:

In response it return with "@id" key, It is Unique IRI for the newly added entity

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@id": "http://otto-test.gluu.org/otto/entity/5909b4218489131c19abfa29"
}

5.2 Fetch Entity

Non-normative example of a get all entity request

GET /otto/entity HTTP/1.1

Non-normative example of a get all entity response:

entity: List of entity
itemsPerPage: Non-negative integer. Specifies the number of query results returned in a query response page, e.g., 10.
totalResults: Non-negative integer. Specifies the total number of results matching the client query, e.g., 1000.
startIndex: The 1-based index of the first result in the current set of query results, e.g., 1.

HTTP/1.1 200 OK
Content-Type: application/json

{
  "entity": [
    "http://otto-test.gluu.org/otto/entity/58f720c7a10d8e1012e76ed4",
    "http://otto-test.gluu.org/otto/entity/58f720e1a10d8e1012e76ed5"
  ],
  "totalResults": 2,
  "itemsPerPage": 0,
  "startIndex": 1
}

Non-normative example of a entity with depth parameter request

GET /otto/entity?depth=entity HTTP/1.1

Non-normative example of a entity response from depth parameter. for entity response description see the Section 5.1

HTTP/1.1 200 OK
Content-Type: application/json

{
  "@context": "http://otto-test.gluu.org/otto/entity",
  "entity": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity",
      "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
      "name": "entity 1",
      "url": "http://otto-test.gluu.org/otto/entity",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "entity entity",
      "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0",
      "federatedBy": [
        "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
      ],
      "supports": [
        "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
      ]
    }
  ],
  "totalResults": 1,
  "itemsPerPage": 0,
  "startIndex": 1
}

Non-normative example of a fetch specific entity request by passing unique entity id:

GET /otto/entity/58f720e1a10d8e1012e76ed5 HTTP/1.1

Non-normative example of a entity response from specified entity unique id. for entity response description see the Section 5.1

HTTP/1.1 200 OK
Content-Type: application/json

{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity",
  "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
  "name": "entity 1",
  "url": "http://otto-test.gluu.org/otto/entity",
  "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
  "description": "entity entity",
  "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0",
  "federatedBy": [
    "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
  ],
  "supports": [
    "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
  ]
}

Non-normative example of a entity request with specified entity and depth parameter:

GET /otto/entity/58f7218ca10d8e1012e76ed6?depth=registeredBy HTTP/1.1

Non-normative example of a entity response from specified entity and depth parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity",
  "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
  "name": "entity 1",
  "url": "http://otto-test.gluu.org/otto/entity",
  "registeredBy": {
    "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#registration-authority",
    "@id": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
    "url": "http://otto-test.gluu.org",
    "description": "OTTO Registration Authority",
    "federation_endpoint": "http://otto-test.gluu.org/otto/federations",
    "participant_endpoint": "http://otto-test.gluu.org/otto/participant",
    "entity_endpoint": "http://otto-test.gluu.org/otto/entity",
    "name": "otto-test",
    "registers": []
  },
  "description": "entity entity",
  "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0",
  "federatedBy": [
    "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
  ],
  "supports": [
    "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
  ]
}

Non-normative example of a entity request with multiple depth parameter:

GET /otto/entity/58f720e1a10d8e1012e76ed5?depth=depth=federatedBy,supports HTTP/1.1

Non-normative example of a entity response from multiple depth parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity",
  "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6",
  "name": "entity 1",
  "url": "http://otto-test.gluu.org/otto/entity",
  "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
  "description": "entity entity",
  "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0",
  "federatedBy": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation",
      "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
      "name": "fed1",
      "url": "http://otto-test.gluu.org/otto/federation",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "fedearation fedearation",
      "dataProtectionCodeOfConduct": "https://fd.org",
      "federationAgreement": "https://fd.org",
      "federationPolicy": "https://fd.org",
      "securityContact": [
        {
          "contactNo": "+485647556566",
          "name": "Security Person1"
        }
      ],
      "executiveContact": [
        {
          "contactNo": "+485647556566",
          "name": "Executive Person1"
        }
      ],
      "technicalContact": [
        {
          "contactNo": "+485647556566",
          "name": "Technical Person1"
        }
      ],
      "sponsor": [
        "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5"
      ],
      "federates": [
        "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6"
      ],
      "member": [
        "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4"
      ],
      "trustMarkDefinitionSupported": [
        "https://fd.org"
      ],
      "badgeSupported": [
        "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
      ],
      "supports": [
        "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
      ],
      "metadata": [
        "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0"
      ]
    }
  ],
  "supports": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#schema",
      "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956",
      "name": "given_name",
      "category": "https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim",
      "required": false,
      "url": "https://en.wikipedia.org/wiki/Given_name",
      "sameAs": "https://schema.org/givenName,https://erasmus.gluu.org/schema/457c",
      "supportedBy": [
        "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
        "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6"
      ]
    }
  ]
}

Non-normative example of a entity request with filter parameter:

GET /otto/entity/58f7218ca10d8e1012e76ed6?filter=.name HTTP/1.1

Non-normative example of a entity response from filter parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "name": [
    "entity 1"
  ]
}

Non-normative example of a entity request with multiple filter parameter:

GET /otto/entity/58f7218ca10d8e1012e76ed6?filter=.name,.supports HTTP/1.1

Non-normative example of a federation response from multiple filter parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "name": [
    "entity 1"
  ],
  "supports": [
    "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
  ]
}

Non-normative example of a entity request using pageno and pagelength parameter:

pageno: The 1-based index of the first query result. A value less than 1 SHALL be interpreted as 1.
pagelength: Non-negative integer. Specifies the desired maximum number of query results per page, e.g., 10.

GET /otto/entity?pageno=1&pagelength=5 HTTP/1.1

Non-normative example of a entity response of page no and page length parameter:

entity: Contain list of entity array
itemsPerPage: Non-negative integer. Specifies the number of query results returned in a query response page, e.g., 10.
totalResults: Non-negative integer. Specifies the total number of results matching the client query, e.g., 1000.
startIndex: The 1-based index of the first result in the current set of query results, e.g., 1.

HTTP/1.1 200 OK
Content-Type: application/json
{
  "entity": [
    "http://otto-test.gluu.org/otto/entity/58f720c7a10d8e1012e76ed4",
    "http://otto-test.gluu.org/otto/entity/58f720e1a10d8e1012e76ed5",
    "http://otto-test.gluu.org/otto/entity/58f720e1a10d8e1012e76ed6",
    "http://otto-test.gluu.org/otto/entity/58f720e1a10d8e1012e76ed7",
    "http://otto-test.gluu.org/otto/entity/58f720e1a10d8e1012e76ed8"
  ],
  "totalResults": 11,
  "itemsPerPage": 5,
  "startIndex": 1
}

5.3 Update entity

This is PUT API endpoint to update the entity. It needs to pass the value of the field which you want to update. It will update only those field which you passed into the parameter. The possible parameter you can passed for update, refer Section 5.1.

Non-normative example of a update entity request

PUT /otto/entity/5909b4218489131c19abfa29 HTTP/1.1
{
	"name": "entity 1",
	"url": "http://otto-test.gluu.org/otto/entity",
	"registeredBy": "http://otto-test.gluu.org",
	"description": "entity entity",
	"registeredBy": "58f5da4957d53d2ffbbb31df",
	"metadata": "58f5da4957d53d2ffbbb31e0",
	"category": "https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim"
}

Non-normative example of a update entity response:

HTTP/1.1 200 OK

5.4 Patch Entity

HTTP PATCH is an OPTIONAL server function that enables clients to update one or more attributes of a entity resource using a sequence of operations to "add", "remove", or "replace" values.

The following example show how to add link entity with federation:

PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"add",
"path":"federatedBy",
"value":"5909b4218489131c19abfa29"
}

5.4.1 Add Operation

The "add" operation is used to add a new attribute value to an existing resource. Refer Section 3.4.1 for detail description of patch add operation.

The following example show how to add link entity with federation:

PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"add",
"path":"federatedBy",
"value":"5909b4218489131c19abfa29"
}

Non-normative example of add patch operation entity response. It returns response with status 200 when successfully patch the entity.

HTTP/1.1 200 OK

Non-normative example of add patch operation without path property to entity request:

PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"add",
"value":{
  "federatedBy": "5909b4218489131c19abfa29"
 }
}

Non-normative example of add patch operation without path property to entity response. It returns response with status 200 when successfully patch the entity.

HTTP/1.1 200 OK

5.4.2 Replace Operation

The "replace" operation replaces the value at the target location specified by the "path". Refer Section 3.4.2 for detail description of replace patch.

The following example show how to replace operator of entity. It will replace old operator with new operator:

PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"replace",
"path": "operatedBy",
"value":"5909b4218489131c19abfa28"
}

Non-normative example of replace patch operation entity response. It returns response with status 200 when successfully patch the entity.

HTTP/1.1 200 OK

Non-normative example of add patch operation without path property entity request:

PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"replace",
"value":{
 "operatedBy": "5909b4218489131c19abfa28"
}

Non-normative example of replace patch operation without path property entity response. It returns response with status 200 when successfully patch the entity.

HTTP/1.1 200 OK

5.4.3 Remove Operation

The "remove" operation removes the value at the target location specified by the required attribute "path". Refer Section 3.4.3 for detail description of remove patch operation.

Non-normative example of remove patch operation entity request to remove federation:

PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1
{
"op":"remove",
"path":"/federatedBy/59414908e7748f4d19541f46"
}

Non-normative example of remove patch operation entity request:

PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1
{
"op": "remove",
"path": "operatedBy"
}

Non-normative example of remove patch operation entity response. It returns response with status 200 when successfully patch the entity.

HTTP/1.1 200 OK

The following non-normative example shows how to passed multiple operation in patch.

Non-normative example of multiple patch operation entity request:

PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1
[
 {
  "op": "remove",
  "path": "operatedBy"
 },
 {
  "op": "replace",
  "path": "name",
  "value": "abc"
 }
]

Non-normative example of multiple patch operation entity response. It returns response with status 200 when successfully patch the entity.

HTTP/1.1 200 OK

5.5 Delete Entity

This is DELETE API to delete entity. It needs to pass the entity unique id for delete specific entity.

Non-normative example of a entity request

DELETE /otto/entity/5909b4218489131c19abfa29 HTTP/1.1

Non-normative example of a entity response:

HTTP/1.1 200 OK

5.6 Link entity with federation

This is POST API for link entity to the federation. The federation to which this entity is affiliated.

Their are two request parameter.

Entity Id: first path parameter is entity unique id.
Federation Id: Second path parameter is Federation unique id.

Non-normative example of a link entity with federation request:

POST /otto/entity/5909b4218489131c19abfa29/federation/58f7218ca10d8e1012e76ed6 HTTP/1.1

Non-normative example of a link entity with federation response:

HTTP/1.1 200 OK

6. Metadata Endpoint

This endpoint, hosted by the Registration Authority, enables the management of metadata of the federation.

6.1 Create Metadata

This is POST API endpoint to create metadata. It needs to pass the required parameter to add the new metadata.

Their are several properties which used for metadata.

Table 4: Metadata
Property	Value	Description
category	REQUIRED	It is the Category. Enables extensions to define standard categories for searching
metadataFormat	OPTIONAL	The serialization type of the metadata
expiration	OPTIONAL	The date at which this metadata is no longer valid

Non-normative example of add a metadata request

POST /otto/entity HTTP/1.1
{
	"name": "BASIC",
	"descrption": "BASIC............",
	"category": "http://otto-test.gluu.org/schema_category/scope.jsonld"
}

Non-normative example of add a metadata response:

In response it return with "@id" key, It is Unique IRI for the newly added metadata

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@id": "http://otto-test.gluu.org/otto/metadata/5909b4218489131c19abfa29"
}

6.2 Fetch Metadata

Non-normative example of a get all metadata request

GET /otto/metadata HTTP/1.1

Non-normative example of a get all metadata response:

metadata: List of metadata
itemsPerPage: Non-negative integer. Specifies the number of query results returned in a query response page, e.g., 10.
totalResults: Non-negative integer. Specifies the total number of results matching the client query, e.g., 1000.
startIndex: The 1-based index of the first result in the current set of query results, e.g., 1.

HTTP/1.1 200 OK
Content-Type: application/json

{
  "metadata": [
    "http://otto-test.gluu.org/otto/metadata/58f720c7a10d8e1012e76ed4",
    "http://otto-test.gluu.org/otto/metadata/58f720e1a10d8e1012e76ed5"
  ],
  "totalResults": 2,
  "itemsPerPage": 0,
  "startIndex": 1
}

Non-normative example of a metadata request with depth parameter:

GET /otto/metadata?depth=metadata HTTP/1.1

Non-normative example of a metadata response from depth parameter:

metadata: List of metadata
itemsPerPage: Non-negative integer. Specifies the number of query results returned in a query response page, e.g., 10.
totalResults: Non-negative integer. Specifies the total number of results matching the client query, e.g., 1000.
startIndex: The 1-based index of the first result in the current set of query results, e.g., 1.

HTTP/1.1 200 OK
Content-Type: application/json

{
  "metadata": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#metadata",
      "@id": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0",
      "metadataFormat": "Metadata Format",
      "expiration": "2017-04-18T09:20:09.138Z"
    }
  ],
  "totalResults": 2,
  "itemsPerPage": 0,
  "startIndex": 1
}

Non-normative example of a metadata request to fetch specific metadata:

GET /otto/metadata/58f720e1a10d8e1012e76ed5 HTTP/1.1

Non-normative example of a metadata response from specified metadata:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#metadata",
  "@id": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0",
  "metadataFormat": "Metadata Format",
  "expiration": "2017-04-18T09:20:09.138Z"
}

Non-normative example of a metadata request with filter parameter:

GET /otto/metadata/58f5da4957d53d2ffbbb31e0?filter=.metadataFormat HTTP/1.1

Non-normative example of a metadata response from filter parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "metadataFormat": [
    "Metadata Format"
  ]
}

Non-normative example of a metadata request using pageno and pagelength parameter:

pageno: The 1-based index of the first query result. A value less than 1 SHALL be interpreted as 1.
pagelength: Non-negative integer. Specifies the desired maximum number of query results per page, e.g., 10.

GET /otto/metadata?pageno=1&pagelength=5 HTTP/1.1

Non-normative example of a metadata response of page no and page length parameter:

entity: Contain list of metadata array
itemsPerPage: Non-negative integer. Specifies the number of query results returned in a query response page, e.g., 10.
totalResults: Non-negative integer. Specifies the total number of results matching the client query, e.g., 1000.
startIndex: The 1-based index of the first result in the current set of query results, e.g., 1.

HTTP/1.1 200 OK
Content-Type: application/json
{
  "metadata": [
    "http://otto-test.gluu.org/otto/metadata/58f720c7a10d8e1012e76ed4",
    "http://otto-test.gluu.org/otto/metadata/58f720e1a10d8e1012e76ed5",
    "http://otto-test.gluu.org/otto/metadata/58f720e1a10d8e1012e76ed6",
    "http://otto-test.gluu.org/otto/metadata/58f720e1a10d8e1012e76ed7",
    "http://otto-test.gluu.org/otto/metadata/58f720e1a10d8e1012e76ed8"
  ],
  "totalResults": 11,
  "itemsPerPage": 5,
  "startIndex": 1
}

6.3 Update Metadata

This is PUT API endpoint to update metadata. It needs to pass the value of the field which you want to update. It will update only those field which you passed into the parameter. The possible parameter need to pass for update, refer Section 6.1.

Non-normative example of a metadata update request:

PUT /otto/metadata/5909b4218489131c19abfa29 HTTP/1.1

{
	"metadataFormat": "metadata format ....",
	"expiration": "10/10/2017"
}

Non-normative example of a metadata update response:

HTTP/1.1 200 OK

6.4 Delete Metadata

This is DELETE API endpoint to delete metadata. It needs to pass the unique id of metadata.

Non-normative example of a metadata request:

DELETE /otto/metadata/5909b4218489131c19abfa29 HTTP/1.1

Non-normative example of a metadata response:

HTTP/1.1 200 OK

7. Schema Endpoint

This endpoint, hosted by the Registration Authority, enables the management of schema supported by federation.

7.1 Create schema

This is POST API to create schema. It needs to pass the required parameter to add the new schema.

Their are several properties which used for schema.

Table 5: Schema
Property	Value	Description
name	REQUIRED	Identifier for this schema item
category	REQUIRED	The Extensions defined in extensions like "attribute" or "scope"
description	OPTIONAL	The Human understandable explanation of this term.
required	REQUIRED	Whether this schema element is required
url	URL	The URL with more information about this schema
supportedBy	OPTIONAL	It is the instance or array of Federation or Entity. Which federations support this schema
sameAs	OPTIONAL	It is the URL or array of URL. Link to another similiar schema class

Non-normative example of add a schema request

POST /otto/schema HTTP/1.1
{
   "name":"given_name",
   "category":"https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim",
   "description":"Person's first name",
   "required":false,
   "url":"https://en.wikipedia.org/wiki/Given_name",
   "sameAs":[
      "https://schema.org/givenName",
      "https://erasmus.gluu.org/schema/457c"
   ]
}

Non-normative example of add a schema response:

In response it return with "@id" key, It is Unique IRI for the newly added schema

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@id": "http://otto-test.gluu.org/otto/schema/5909b4218489131c19abfa29"
}

7.2 Fetch Schema

Non-normative example of a get all schema request

GET /otto/schema HTTP/1.1

Non-normative example of a get all schema response:

schema: List of schema
itemsPerPage: Non-negative integer. Specifies the number of query results returned in a query response page, e.g., 10.
totalResults: Non-negative integer. Specifies the total number of results matching the client query, e.g., 1000.
startIndex: The 1-based index of the first result in the current set of query results, e.g., 1.

HTTP/1.1 200 OK
Content-Type: application/json

{
  "schema": [
    "http://otto-test.gluu.org/otto/schema/58f720c7a10d8e1012e76ed4",
    "http://otto-test.gluu.org/otto/schema/58f720e1a10d8e1012e76ed5"
  ],
  "totalResults": 2,
  "itemsPerPage": 0,
  "startIndex": 1
}

Non-normative example of a schema request with depth parameter:

GET /otto/schema?depth=schema HTTP/1.1

Non-normative example of a federation response from depth parameter:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "@context": "http://otto-test.gluu.org/otto/schema",
  "schema": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#schema",
      "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956",
      "name": "given_name",
      "category": "https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim",
      "required": false,
      "url": "https://en.wikipedia.org/wiki/Given_name",
      "sameAs": "https://schema.org/givenName,https://erasmus.gluu.org/schema/457c",
      "supportedBy": [
        "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
      ]
    }
  ],
  "totalResults": 1,
  "itemsPerPage": 0,
  "startIndex": 1
}

Non-normative example of a schema request to fetch specific schema unique Id:

GET /otto/schema/58f720e1a10d8e1012e76ed5 HTTP/1.1

Non-normative example of a schema response from specified schema unique Id:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#schema",
  "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956",
  "name": "given_name",
  "category": "https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim",
  "required": false,
  "url": "https://en.wikipedia.org/wiki/Given_name",
  "sameAs": "https://schema.org/givenName,https://erasmus.gluu.org/schema/457c",
  "supportedBy": [
    "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c"
  ]
}

Non-normative example of a schema request with specified schema and depth parameter:

GET /otto/schema/590afffd30dd080ed3cda956?depth=supportedBy HTTP/1.1

Non-normative example of a schema response from specified schema and depth parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#schema",
  "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956",
  "name": "given_name",
  "category": "https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim",
  "required": false,
  "url": "https://en.wikipedia.org/wiki/Given_name",
  "sameAs": "https://schema.org/givenName,https://erasmus.gluu.org/schema/457c",
  "supportedBy": [
    {
      "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation",
      "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c",
      "name": "fed1",
      "url": "http://otto-test.gluu.org/otto/federation",
      "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df",
      "description": "fedearation fedearation",
      "dataProtectionCodeOfConduct": "https://fd.org",
      "federationAgreement": "https://fd.org",
      "federationPolicy": "https://fd.org",
      "securityContact": [
        {
          "contactNo": "+485647556566",
          "name": "Security Person1"
        }
      ],
      "executiveContact": [
        {
          "contactNo": "+485647556566",
          "name": "Executive Person1"
        }
      ],
      "technicalContact": [
        {
          "contactNo": "+485647556566",
          "name": "Technical Person1"
        }
      ],
      "sponsor": [
        "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5"
      ],
      "federates": [
        "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6"
      ],
      "member": [
        "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4"
      ],
      "trustMarkDefinitionSupported": [
        "https://fd.org"
      ],
      "badgeSupported": [
        "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37"
      ],
      "supports": [
        "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956"
      ],
      "metadata": [
        "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0"
      ]
    }
  ]
}

Non-normative example of a schema request with filter parameter:

GET /otto/schema/58f5da4957d53d2ffbbb31e0?filter=.name HTTP/1.1

Non-normative example of a schema response from filter parameter:

HTTP/1.1 200 OK
Content-Type: application/json
{
  "name": [
    "given_name"
  ]
}

Non-normative example of a schema request using page no and page length parameter:

pageno: The 1-based index of the first query result. A value less than 1 SHALL be interpreted as 1.
pagelength: Non-negative integer. Specifies the desired maximum number of query results per page, e.g., 10.

GET /otto/metadata?pageno=1&pagelength=5 HTTP/1.1

Non-normative example of a metadata response of page no and page length parameter:

schema: Contain list of schema array
itemsPerPage: Non-negative integer. Specifies the number of query results returned in a query response page, e.g., 10.
totalResults: Non-negative integer. Specifies the total number of results matching the client query, e.g., 1000.
startIndex: The 1-based index of the first result in the current set of query results, e.g., 1.

HTTP/1.1 200 OK
Content-Type: application/json
{
  "schema": [
    "http://otto-test.gluu.org/otto/schema/58f720c7a10d8e1012e76ed4",
    "http://otto-test.gluu.org/otto/schema/58f720e1a10d8e1012e76ed5",
    "http://otto-test.gluu.org/otto/schema/58f720e1a10d8e1012e76ed6",
    "http://otto-test.gluu.org/otto/schema/58f720e1a10d8e1012e76ed7",
    "http://otto-test.gluu.org/otto/schema/58f720e1a10d8e1012e76ed8"
  ],
  "totalResults": 11,
  "itemsPerPage": 5,
  "startIndex": 1
}

7.3 Update Schema

This is PUT API endpoint to update the schema. It needs to pass the value of the field which you want to update. It will update only those field which you passed into parameter. The possible parameter you can passed for update, refer Section 7.1

Non-normative example of a schema update request

PUT /otto/schema/5909b4218489131c19abfa29 HTTP/1.1
{
   "name":"given_name",
   "category":"https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim",
   "description":"Person's first name",
   "required":false,
   "url":"https://en.wikipedia.org/wiki/Given_name",
   "sameAs":[
      "https://schema.org/givenName",
      "https://erasmus.gluu.org/schema/457c"
   ]
}

Non-normative example of a schema update response:

HTTP/1.1 200 OK

7.4 Delete Schema

This is DELETE API to delete schema. you need to pass schema unique id for delete specific schema.

Non-normative example of a delete schema request

DELETE /otto/schema/5909b4218489131c19abfa29 HTTP/1.1

Non-normative example of a delete schema response:

HTTP/1.1 200 OK

7.5 Link schema with federation

This is POST API endpoint for link schema to the Federation. It shows which federations support this schema.

Their are two request parameter.

Schema Id: first path parameter is schema unique id.
Federation Id: Second path parameter is Federation unique id.

Non-normative example of a schema request to link with federation:

POST /otto/schema/5909b4218489131c19abfa29/federation/58f7218ca10d8e1012e76ed6 HTTP/1.1

Non-normative example of a schema response to link with federation:

HTTP/1.1 200 OK

7.6 Link schema with entity

This is POST API endpoint for link schema to the Entity. It show which entity support this schema.

Their are two request parameter.

Schema Id: first path parameter is schema unique id.
Entity Id: Second path parameter is entity unique id.

Non-normative example of a schema request to link with entity:

POST /otto/schema/5909b4218489131c19abfa29/entity/58f7218ca10d8e1012e76ed6 HTTP/1.1

Non-normative example of a schema response to link with entity:

HTTP/1.1 200 OK

7.7 Schema Categories

Fetch categories.

Non-normative example of a fetch categories request

POST /otto/schema/categories HTTP/1.1

Non-normative example of a fetch categories response:

HTTP/1.1 200 OK
[
  "http://otto-test.gluu.org/schema_category/acr.jsonld",
  "http://otto-test.gluu.org/schema_category/scope.jsonld",
  "http://otto-test.gluu.org/schema_category/userclaim.jsonld"
]

[BCP195]	Sheffer, Y., “Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)”, May 2015, <https://tools.ietf.org/html/bcp195>.
[RFC2119]	Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels”, BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/info/rfc2119>.
[RFC3986]	Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax”, STD 66, RFC 3986, DOI 10.17487/RFC3986, January 2005, <https://www.rfc-editor.org/info/rfc3986>.
[RFC5785]	Nottingham, M. and E. Hammer-Lahav, “Defining Well-Known Uniform Resource Identifiers (URIs)”, RFC 5785, DOI 10.17487/RFC5785, April 2010, <https://www.rfc-editor.org/info/rfc5785>.
[RFC6749]	Hardt, D., Ed., “The OAuth 2.0 Authorization Framework”, RFC 6749, DOI 10.17487/RFC6749, October 2012, <https://www.rfc-editor.org/info/rfc6749>.
[RFC7159]	Bray, T., Ed., “The JavaScript Object Notation (JSON) Data Interchange Format”, RFC 7159, DOI 10.17487/RFC7159, March 2014, <https://www.rfc-editor.org/info/rfc7159>.

OTTO API's 1.0

1.1 Notational Conventions

9. References

9.1 Normative References

9.2 Informative References