Version: | 1.0 |
Date: | 2017-4-2 |
Editor: | Michael Schwartz, Gluu |
Authors: | Janusz Ulanowski,, HEAnet |
Meghna Joshi, Gluu |
This specification defines standard application interfaces that enable the creation and management of multi-party federations.
This document is a draft technical specification produced by the OTTO Work Group. See the Kantara Initiative Operating Procedures for more information.
Copyright © 2017 Kantara Initiative and the persons identified as the document authors. All rights reserved.
This document is subject to the Kantara IPR Policy - Option Patent & Copyright: Reciprocal Royalty Free with Opt-Out to Reasonable And Non discriminatory (RAND) (HTML version).
The Open Trust Taxonomy for Federation Operators (OTTO) defines standards to enable the interoperable management of multi-party federations--where a central authority creates the rules for membership, enabling the participants to more efficiently collaborate. The goal of OTTO is to support a range of trust models from very low to very high. By providing a common set of API's and a data model, the OTTO standard provides a scalable technical infrastructure to solve organizational challenges in a number of different ecosystems.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
Unless otherwise noted, all protocol properties and values are case sensitive.
This specification introduces the following terms
This specification defines several APIs. The Registration Authority MUST use TLS protection over these endpoints, governed by [BCP195], which discusses deployment and adoption characteristics of different TLS versions. All endpoints other then the .well-known configuration endpoint SHOULD require some form of authentication and access control, such as Client Authentication as described in [RFC6749] or a separate OAuth access token. The methods of managing and validating these authentication credentials are out of scope of this specification.
OTTO API supports the depth and the filter searching feature. Those are the query parameter to passed in HTTP GET Request. which provide facility to search, navigate and filter the record.
The depth parameter provides the facility to deeply populate records with the full response. The depth parameter also supports to passed the multiple commas separated values. If depth parameter is possible to populated then it returns full response otherwise return an error with "Invalid depth parameter". You can only have depth parameter for the IRI scheme which returns JSON as response.
The below example is without depth parameter. which only shows the IRI value of the field. Non-normative examples of a without depth request.
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c HTTP/1.1
Non-normative response of without depth parameter. Some text was removed for readability (indicated by "..."). The detail description of federation refer Section 3.1:
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation", "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "name": "fed1", ... "sponsor": [ "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5" ], "federates": [ "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6" ], "member": [ "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4" ], ... }
The below example with depth parameter which deeply populates the federates and return the full response of federates of the Federation. Non-normative examples of a depth request.
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=federates HTTP/1.1
Non-normative response of depth parameter. Some text was removed for readability (indicated by "..."). The detail description of federation refer Section 3.1 and federates refer Section 5.1:
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation", "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "name": "fed1", ... "federates": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity", "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": { "@id": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df" }, "description": "entity entity", "metadata": { "@id": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0" }, "federatedBy": [ { "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" } ], "supports": [ { "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" } ] } ], ... }
The below depth parameter deeply populate the federates and sponsor and return the full response of federates and sponsor of the Federation. Non-normative examples of a multiple depth request.
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=federates,sponsor HTTP/1.1
Non-normative response of multiple depth parameter. The detail description of federation refer Section 3.1, for federates refer Section 5.1 and for member refer Section 4.1 :
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation", "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "name": "fed1", ... "sponsor": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant", "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5", "name": "participant 1", "url": "http://otto-test.gluu.org/otto/participant", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "participant participant", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "memberOf": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ], "operates": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "trustMarkAsserted": "http://pa.org" } ], "federates": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity", "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "entity entity", "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0", "federatedBy": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ] } ], ... }
OTTO API supports the depth and the filter feature to navigate, search and filter the record. Those are the request query parameter to passed in HTTP GET Request. The depth parameter allows to deeply populated the record and return full response. The filter parameter enables to navigate and find data within your JSON documents. To select items in JSPath, you use a location path which consists of one or more location steps. Every location step starts with one period (.) or two periods (..), depending on the item you're trying to select. It returns the result with the same key which you are passed in filter request. for detail description refer JSPath Filter.
The below parameter filter find the name property and return filtered output with name key. Non-normative examples of a filter request:
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?filter=.name HTTP/1.1
Non-normative response of filter parameter:
HTTP/1.1 200 OK Content-Type: application/json { "name": [ "fed1" ] }
Filter parameter allows passing multiple parameters by the separating comma(,). Non-normative examples of a multiple filter request:
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?filter=.name,.securityContact HTTP/1.1
Non-normative response of multiple filter parameter:
HTTP/1.1 200 OK Content-Type: application/json { "name": [ "fed1" ], "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ] }
Filter parameter allows filtering using nested property. Non-normative examples of a filter using nested property and depth request:
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=federates&filter=.federates.name HTTP/1.1
Non-normative examples of a filter using nested property and depth response:
HTTP/1.1 200 OK Content-Type: application/json { "federates": { "name": [ "entity 1" ] } }
Filter parameter allows Object predicates can be used in a path expression to filter a subset of items according to boolean expressions working on the properties of each item. All object predicates are parenthesized by curly brackets ({ and }). Non-normative examples of a filter using boolean expressions and depth request:
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=federates&filter=.federates{.name==="entity 1"} HTTP/1.1
Non-normative examples of a filter using boolean expressions and depth request:
HTTP/1.1 200 OK Content-Type: application/json { "federates": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity", "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "entity entity", "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0", "federatedBy": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ], "supports": [] } ] }
This endpoint returns the JSON-LD for the RegistrationAuthority class, which includes information useful to clients prior to making requests. Registration Authority MUST make this JSON-LD class available at the path formed by concatenating the string /.well-known/otto-configuration to the Issuer. The syntax and semantics of .well-known are defined in[RFC5785], and MUST point to a JSON document compliant with this specification and MUST be returned using the application/json content type.
Non-normative example of a configuration request:
GET /otto/.well-known/otto-configuration HTTP/1.1 Host: ra.org
Non-normative example of a configuration response:
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://docs.kantarainitiative.org/otto/vocab-1.0", "@id": "https://ra.acme.ex/otto/.well-known/otto-configuration", "name": "Acme Registration Authority", "url": "https://www.acme.ex", "description": "Registration Authority for the ACME federations", "federation_endpoint":"https://ra.acme.ex/otto/federation", "participant_endpoint":"https://ra.acme.ex/otto/participant", "entity_endpoint":"https://ra.acme.ex/otto/entity", "registers": ["https://rs.acme.ex/otto/federation/28e780f4-eedf", "https://ra.acme.ex/otto/federation/348159fd-8441"] }
This endpoint, hosted by the Registration Authority, enables the creation and management of Federations.
This is POST API endpoint to create the federation. It needs to pass the required parameter to add the new federation. If you try to add federation with the same name which already exists then it returns response with error key with the message is "Federation already exist with the same name".
There are several properties which used for federation.
Property | Value | Description |
---|---|---|
name | REQUIRED | A human friendly name for the Federation |
description | OPTIONAL | It is Optional information about the RA |
url | OPTIONAL | The public, human readable website for the Federation |
operates | OPTIONAL | It is the Entity or array of Entity. A service operated by the Federation |
metadata | OPTIONAL | It is the Metadata or array of Metadata. The metadata (including public signing key) for this Federation |
supports | OPTIONAL | It is the Schema or array of Schema. It describes what schema is supported by this Federation. |
registeredBy | REQUIRED | The Registration Authority where the federation is hosted |
member | OPTIONAL | It is the array of Participants. List of organizational members of the Federation |
federates | OPTIONAL | It is the array of Entity. List of services registered to the federation by Participants |
sponsor | REQUIRED | It is an Organization or array of Organization. The organization legally responsible for management of the Federation |
technicalContact | OPTIONAL | It is the Person or array of Person. Person(s) responsible for registering and maintaining the policies and technical data related to the organization's participation in the Federation |
executiveContact | OPTIONAL | It is the Person or array of Person. Person(s) responsible for all decisions and delegations of authority for the Federation |
securityContact | OPTIONAL | Person(s) to contact in the event of an urgent security issue |
dataProtectionCodeOfConduct | OPTIONAL | It is the URL. The provisions regarding handling of personal information by the Federation Participants |
federationAgreement | OPTIONAL | It is the URL. The rights and responsibilities of the Participant |
federationPolicy | OPTIONAL | It is the URL. Operational practices and technical details for participation in the Federation. |
trustMarkDefinitionSupported | OPTIONAL | It is the instance or array of TrustMarkDefinition or URL. What kinds of Trustmarks are supported by the federation |
badgeSupported | OPTIONAL | It is the instance or array of BadgeClass or IRI. What kinds of Badges are supported by the federation |
Non-normative example of add a federation request
POST /otto/federations HTTP/1.1 { "name": "fed1", "url": "http://otto-test.gluu.org/otto/federation", "registeredBy": "58f5da4957d53d2ffbbb31df", "sponsor": "58f720c7a10d8e1012e76ed4", "description": "fedearation fedearation", "securityContact": [{"name":"Security Person1", "contactNo":"+485647556566"}], "executiveContact": [{"name":"Executive Person1", "contactNo":"+485647556566"}], "technicalContact": [{"name":"Technical Person1", "contactNo":"+485647556566"}], "dataProtectionCodeOfConduct": "https://fd.org", "federationAgreement": "https://fd.org", "federationPolicy": "https://fd.org" }
Non-normative example of add a federation response:
In response it return with "@id" key, This is Unique IRI for the newly added Federation:
HTTP/1.1 200 OK Content-Type: application/json { "@id": "http://otto-test.gluu.org/otto/federations/5909b4218489131c19abfa29" }
This is GET API endpoint to fetch federation information. There are several ways to fetch federation information. you can fetch all the records, fetch all records with depth, fetch specific federation and also filtered using JSPath filter parameter.
Non-normative example of a federation request to fetch all federation list:
GET /otto/federations HTTP/1.1
Non-normative example of a federation response with json array:
HTTP/1.1 200 OK Content-Type: application/json { "federations": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3d" ], "totalResults": 2, "itemsPerPage": 0, "startIndex": 1 }
Non-normative example of a federation request to fetch deep information of each federation:
GET /otto/federations?depth=federations HTTP/1.1
Non-normative example of a federation response with fetch deep information, for federation response description see the Section 3.1
HTTP/1.1 200 OK Content-Type: application/json { "federations": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation", "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "name": "fed1", "url": "http://otto-test.gluu.org/otto/federation", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "fedearation first", "dataProtectionCodeOfConduct": "https://fd.org", "federationAgreement": "https://fd.org", "federationPolicy": "https://fd.org", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "sponsor": [ "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5" ], "federates": [ "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6" ], "member": [ "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4" ], "trustMarkDefinitionSupported": [ "https://fd.org" ], "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ], "metadata": [ "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0" ] }, { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation", "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "name": "fed2", "url": "http://otto-test.gluu.org/otto/federation", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "fedearation Second", "dataProtectionCodeOfConduct": "https://fd.org", "federationAgreement": "https://fd.org", "federationPolicy": "https://fd.org", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "sponsor": [ "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5" ], "federates": [ "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6" ], "member": [ "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4" ], "trustMarkDefinitionSupported": [ "https://fd.org" ], "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ], "metadata": [ "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0" ] } ], "totalResults": 2, "itemsPerPage": 0, "startIndex": 1 }
Non-normative example of a federation request by passing the unique id to fetch specific full response of specific federation. When federation not exists, it returns response "Federation doesn't exist":
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c HTTP/1.1
Non-normative example of a federation response of specific federation, for response description see the Section 3.1.
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation", "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "name": "fed1", "url": "http://otto-test.gluu.org/otto/federation", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "fedearation fedearation", "dataProtectionCodeOfConduct": "https://fd.org", "federationAgreement": "https://fd.org", "federationPolicy": "https://fd.org", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "sponsor": [ "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5" ], "federates": [ "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6" ], "member": [ "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4" ], "trustMarkDefinitionSupported": [ "https://fd.org" ], "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ], "metadata": [ "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0" ] }
Non-normative example of a federation request ot fetch depth of specific federation. for depth parameter description refer Section 1.4:
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=federates HTTP/1.1
Non-normative example of a federation response with deep populate of specific federation, for response description see the Section 3.1:
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation", "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "name": "fed1", "url": "http://otto-test.gluu.org/otto/federation", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "fedearation fedearation", "dataProtectionCodeOfConduct": "https://fd.org", "federationAgreement": "https://fd.org", "federationPolicy": "https://fd.org", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "sponsor": [ "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5" ], "federates": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity", "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": { "@id": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df" }, "description": "entity entity", "metadata": { "@id": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0" }, "federatedBy": [ { "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" } ], "supports": [ { "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" } ] } ], "member": [ "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4" ], "trustMarkDefinitionSupported": [ "https://fd.org" ], "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ], "metadata": [ "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0" ] }
Non-normative example of a federation request with multiple depth parameter:
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=sponsor,federates HTTP/1.1
Non-normative example of a federation response of multiple depth parameter, for response description of federation see the Section 3.1. It populate the sponsor and federates of this federation.
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation", "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "name": "fed1", "url": "http://otto-test.gluu.org/otto/federation", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "fedearation fedearation", "dataProtectionCodeOfConduct": "https://fd.org", "federationAgreement": "https://fd.org", "federationPolicy": "https://fd.org", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "sponsor": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant", "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5", "name": "participant 1", "url": "http://otto-test.gluu.org/otto/participant", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "participant participant", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "memberOf": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ], "operates": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "trustMarkAsserted": "http://pa.org" } ], "federates": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity", "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "entity entity", "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0", "federatedBy": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ] } ], "member": [ "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4" ], "trustMarkDefinitionSupported": [ "https://fd.org" ], "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ], "metadata": [ "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0" ] }
Non-normative example of a federation request when invalid depth parameter is passed, It response with "Invalid depth parameter"
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?depth=description HTTP/1.1
Non-normative example of a federation response
HTTP/1.1 200 OK Content-Type: application/json { "error": [ "Invalid depth parameter" ] }
Non-normative example of a federation request using filter parameter
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?filter=.securityContact HTTP/1.1
Non-normative example of a federation response with filter parameter. It will filter json object as per given JSPath. JSPath is always start from dot(.)
HTTP/1.1 200 OK Content-Type: application/json { "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ] }
Non-normative example of a federation request using multiple filter parameter:
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?filter=.securityContact,.name HTTP/1.1
Non-normative example of a federation response with multiple depth parameter:
HTTP/1.1 200 OK Content-Type: application/json { "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "name": [ "fed1" ] }
Non-normative example of a federation request using filter condition parameter:
GET /otto/federations/58f7200bcf5e0a0f09cf2c3c?filter=.member{.name==="participant 2"} HTTP/1.1
Non-normative example of a federation response with filter condition parameter:
HTTP/1.1 200 OK Content-Type: application/json { "member": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant", "@id": "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4", "name": "participant 2", "url": "http://otto-test.gluu.org/otto/participant", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "participant participant", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "memberOf": [], "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "operates": "" } ] }
Non-normative example of a federation request using page no and page length parameter:
GET /otto/federations?pageno=1&pagelength=5 HTTP/1.1
Non-normative example of a federation response of page no and page length parameter:
HTTP/1.1 200 OK Content-Type: application/json { "federations": [ "http://otto-test.gluu.org/otto/federations/59157847d1285b2273ef83d2", "http://otto-test.gluu.org/otto/federations/5915784bd1285b2273ef83d3", "http://otto-test.gluu.org/otto/federations/59157850d1285b2273ef83d4", "http://otto-test.gluu.org/otto/federations/59157854d1285b2273ef83d5", "http://otto-test.gluu.org/otto/federations/59157857d1285b2273ef83d6" ], "totalResults": 2, "itemsPerPage": 0, "startIndex": 1 }
This is PUT API endpoint to update federation. you need to pass the value of the field which you want to update. It will update only those field which you passed into parameter. The possible parameter you can passed for update, refer Section 3.1:
Non-normative example of update a federation request:
PUT /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "name": "fed1", "url": "http://otto-test.gluu.org/otto/federation", "description": "fedearation fedearation", "securityContact": [{"name":"Security Person1", "contactNo":"+485647556566"}], "executiveContact": [{"name":"Executive Person1", "contactNo":"+485647556566"}], "technicalContact": [{"name":"Technical Person1", "contactNo":"+485647556566"}], "dataProtectionCodeOfConduct": "https://fd.org", "federationAgreement": "https://fd.org", "federationPolicy": "https://fd.org" }
Non-normative example of update a Federation response. It returns response with status 200 when successfully updated the federation.
HTTP/1.1 200 OK
HTTP PATCH is an OPTIONAL server function that enables clients to update one or more attributes of a federation resource using a sequence of operations to "add", "remove", or "replace" values.
The body of an HTTP PATCH request MUST contain the attribute "op", whose value is an array of one or more PATCH operations. Each PATCH operation object MUST have exactly one "op" member, whose value indicates the operation to perform and MAY be one of "add", "remove", or "replace".
The following non-normative example show how to add a executive contact in federation request:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op": "add", "path": "executiveContact", "value": { "contactNo": "+485647556566", "name": "Executive Person2" } }
Non-normative example of add patch operation Federation response. On successful completion, the server either MUST return a 200 OK response code.
HTTP/1.1 200 OK
The "path" attribute value is a String containing an attribute path describing the target of the operation. The "path" attribute is OPTIONAL for "add" and "replace" and is REQUIRED for "remove" operations.
Valid examples of "path" are as follows:
The "add" operation is used to add a new attribute value to an existing resource.
The operation MUST contain a "value" member whose content specifies the value to be added. The value MAY be a quoted value, or it may be a JSON object containing the sub-attributes of the complex attribute specified in the operation's "path".
The result of the add operation depends upon what the target location indicated by "path" references:
Below is the non-normative example of possible patch request.
The following non-normative example shows how to add entity as a federates in federation:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op":"add", "path":"federates", "value":["593e389eef45281765f96128"] }
Non-normative example of add patch operation without path property to federation request:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op":"add", "value":{ "federates": ["593e389eef45281765f96128"] } }
Non-normative example of patch operation to passed single value in multivalued attribute:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op":"add", "value":{ "federates": "593e389eef45281765f96128" } }
Non-normative example of patch to single valued attribute:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op": "add", "path": "name", "value": "fed-test" }
Non-normative example of patch with path parameter condition. Currently It only allow equels(eq) operation:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op": "add", "path": "securityContact[name eq \"sec12\"]", "value": { "contactNo": "+485647556566", "name": "sec1" } }
Non-normative example of patch to sub attribute:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op": "add", "path": "securityContact[name eq \"Person1\"].name", "value":"Person One" }
Non-normative example of patch to multiple attribute:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op": "add", "value": { "name":"fed-name", "description": "fed-desc" } }
The "replace" operation replaces the value at the target location specified by the "path". The operation performs the following functions, depending on the target location specified by "path":
Replace patch also support all the possibilities as describe in Section 3.4.1
Non-normative example of replace patch operation federation request. It remove previous federates and adde new federates:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op": "replace", "path": "federates", "value": ["593e389eef45281765f96128"] }
Non-normative example of add patch operation without path property federation request:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op":"replace", "value":{ "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person2" } ] } }
Non-normative example of replace patch operation Federation response. It returns response with status 200 when successfully patch the federation.
HTTP/1.1 200 OK
The "remove" operation removes the value at the target location specified by the required attribute "path". The operation performs the following functions, depending on the target location specified by "path":
Non-normative example of remove patch operation federation request to remove specific federates from federation:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op":"remove", "path":"/federates/59414908e7748f4d19541f46" }
Non-normative example of remove patch operation federation request to removed multivalued attribute all values. It will remove all executiveContact:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op": "remove", "path": "executiveContact" }
Non-normative example of remove patch operation federation request with path parameter condition. It will remove executiveContact whose name is "sec2":
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 { "op":"remove", "path":"securityContact[name eq \"sec2\"]" }
Non-normative example of remove patch operation Federation response. It returns response with status 200 when successfully patch the federation.
HTTP/1.1 200 OK
The following example shows how to passed multiple operation in patch.
Non-normative example of multiple patch operation federation request:
PATCH /otto/federations/5909b4218489131c19abfa29 HTTP/1.1 [ { "op": "remove", "path": "executiveContact" }, { "op": "replace", "path": "name", "value": "abc" } ]
Non-normative example of multiple patch operation Federation response. It returns response with status 200 when successfully patch the federation.
HTTP/1.1 200 OK
This is DELETE API endpoint to delete federation. It needs to passed unique id of the federation in the federation endpoint.
Non-normative example of delete a federation request:
DELETE /otto/federations/5909b4218489131c19abfa29 HTTP/1.1
Non-normative example of delete a federation success response:
HTTP/1.1 200 OK
Non-normative example of deleting a federation error response when federation not found:
HTTP/1.1 404 OK { "error": [ "Federation doesn't exist" ] }
This is DELETE API for remove services of this federation. It removes entity reference from the federates of the Federation.
Their are two path request parameter.
Non-normative example of a federation leave request:
DELETE /otto/federations/5909b4218489131c19abfa29/entity/58f7218ca10d8e1012e76ed6 HTTP/1.1
Non-normative example of a federation leave success response:
HTTP/1.1 200 OK
Non-normative example of a federation leave fail response when federation not found:
HTTP/1.1 404 OK { "error": [ "Federation doesn't exist" ] }
Non-normative example of a federation leave fail response when entity doesn't exist in federates:
HTTP/1.1 404 OK { "error": [ "Entity doesn't exist in Federation" ] }
Non-normative example of a federation leave fail response when passed any invalid id:
HTTP/1.1 404 OK { "error": [ "Invalid Federation Id" ] }
This is POST API endpoint for add services to this federation. It adds entity reference to federates of the Federation.
Their are two path request parameter.
Non-normative example of a federation link to entity request:
POST/otto/federations/5909b4218489131c19abfa29/entity/58f7218ca10d8e1012e76ed6 HTTP/1.1
Non-normative example of a federation link to entity response:
HTTP/1.1 200 OK
It return response as per like Section 3.6
This is POST API endpoint for add a new service into the federation. It will add new service(entity) to the federation and linked this newly added service(entity) to the Federation.
Their are two request parameter.
Non-normative example of a federation request to add new service:
POST /otto/federation/5909b4218489131c19abfa29 HTTP/1.1 { "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": "58f5da4957d53d2ffbbb31df", "description": "entity entity", "registeredBy": "58f5da4957d53d2ffbbb31df", "metadata": "58f5da4957d53d2ffbbb31e0" }
Non-normative example of a federation response from add new service:
HTTP/1.1 200 OK Content-Type: application/json { "@id": "http://otto-test.gluu.org/otto/federations/5909b4218489131c19abfa29" }
This is POST API endpoint for link participant as a member of the Federation. It adds participant reference to the member of the Federation.
Their are two request parameter.
Non-normative example of a link participant to federation request:
POST /otto/federations/5909b4218489131c19abfa29/participant/58f7218ca10d8e1012e76ed6 HTTP/1.1
Non-normative example of a link participant to federation federation response:
HTTP/1.1 200 OK
It return response as per like Section 3.6
This is POST API endpoint for link participant as a sponsor of the Federation. It adds the participant reference to the sponsor of the Federation.
Their are two request parameter.
Non-normative example of a link participant as a sponsor of federation request:
POST /otto/federations/5909b4218489131c19abfa29/sponsor/58f7218ca10d8e1012e76ed6 HTTP/1.1
Non-normative example of a link participant as a sponsor of federation response:
HTTP/1.1 200 OK
It return response as per like Section 3.6
This endpoint, hosted by the Registration Authority, enables the registration and management of information about an organization so it can be associated with a Federation.
This is POST API endpoint to create participant. It needs to pass the required parameter to add the new participant. If you try to add participant with the same name which already exists then it returns response with error key with the message is "Participant already exist with the same name".
Their are several properties which used for participant.
Property | Value | Description |
---|---|---|
name | REQUIRED | A human friendly name for the Participant |
url | OPTIONAL | The public website for the Participant |
description | OPTIONAL | It is Optional information about the Participant |
memberOf | OPTIONAL | It is the Federation or array of Federation, A federation to which this Participant is a member |
operates | OPTIONAL | It is the entity, A service operated by the Participant |
registeredBy | REQUIRED | It is the registration authority, where the Participant is registered |
technicalContact | OPTIONAL | It is the Person or array of Person, Person(s) responsible for registering and maintaining the policies and technical data related to the Federation |
executiveContact | OPTIONAL | It is the Person or array of Person, Person responsible for all decisions and delegations of authority for the Participant |
securityContact | OPTIONAL | It is the Person or array of Person, Person(s) to contact in the event of an urgent security issue |
trustMarkAsserted | OPTIONAL | It is the instance or array of Trustmark or URL, Link to TrustMarks the Participant claims |
badgeSupported | OPTIONAL | It is the instance or array of BadgeClass or IRI, What Badges the Participant issues |
Non-normative example of add a participant request
POST /otto/entity HTTP/1.1 { "name": "participant1", "url": "http://otto-test.gluu.org/otto/participant", "registeredBy": "58f5da4957d53d2ffbbb31df", "description": "participant participant", "securityContact": [{"name":"Security Person1", "contactNo":"+485647556566"}], "executiveContact": [{"name":"Executive Person1", "contactNo":"+485647556566"}], "technicalContact": [{"name":"Technical Person1", "contactNo":"+485647556566"}] }
Non-normative example of add a participant response:
In response it return with "@id" key, This is Unique IRI for the newly added participant
HTTP/1.1 200 OK Content-Type: application/json { "@id": "http://otto-test.gluu.org/otto/participant/5909b4218489131c19abfa29" }
Non-normative example of a get all participant request:
GET /otto/participant HTTP/1.1
Non-normative example of a get all participant response:
HTTP/1.1 200 OK Content-Type: application/json { "participant": [ "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4", "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5" ], "totalResults": 2, "itemsPerPage": 0, "startIndex": 1 }
Non-normative example of a participant request with depth parameter:
GET /otto/participant?depth=participant HTTP/1.1
Non-normative example of a participant response from depth parameter. for participant response description see the Section 4.1
HTTP/1.1 200 OK Content-Type: application/json { "participant": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant", "@id": "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4", "name": "participant 2", "url": "http://otto-test.gluu.org/otto/participant", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "participant participant", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "memberOf": [], "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "operates": "" }, { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant", "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5", "name": "participant 1", "url": "http://otto-test.gluu.org/otto/participant", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "participant participant", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "memberOf": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ], "operates": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "trustMarkAsserted": "http://pa.org" } ], "totalResults": 2, "itemsPerPage": 0, "startIndex": 1 }
Non-normative example of a fetch specific participant information by passing participant unique id:
GET /otto/participant/58f720e1a10d8e1012e76ed5 HTTP/1.1
Non-normative example of a participant response from specific participant. for participant response description see the Section 4.1
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant", "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5", "name": "participant 1", "url": "http://otto-test.gluu.org/otto/participant", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "participant participant", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "memberOf": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ], "operates": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "trustMarkAsserted": "http://pa.org" }
Non-normative example of a participant request with specified id and depth parameter:
GET /otto/participant/58f720e1a10d8e1012e76ed5?depth=memberOf HTTP/1.1
Non-normative example of a participant response from with specified id and depth parameter:
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant", "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5", "name": "participant 1", "url": "http://otto-test.gluu.org/otto/participant", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "participant participant", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "memberOf": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation", "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "name": "fed1", "url": "http://otto-test.gluu.org/otto/federation", "registeredBy": { "@id": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df" }, "description": "fedearation fedearation", "dataProtectionCodeOfConduct": "https://fd.org", "federationAgreement": "https://fd.org", "federationPolicy": "https://fd.org", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "sponsor": [ { "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5" } ], "federates": [ { "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6" } ], "member": [ { "@id": "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4" } ], "trustMarkDefinitionSupported": [ "https://fd.org" ], "badgeSupported": [ { "@id": "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" } ], "supports": [ { "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" } ], "metadata": [ { "@id": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0" } ] } ], "operates": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "trustMarkAsserted": "http://pa.org" }
Non-normative example of a participant request with multiple depth parameter:
GET /otto/participant/58f720e1a10d8e1012e76ed5?depth=memberOf,operates HTTP/1.1
Non-normative example of a participant response from multiple depth parameter:
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#participant", "@id": "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5", "name": "participant 1", "url": "http://otto-test.gluu.org/otto/participant", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "participant participant", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "memberOf": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation", "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "name": "fed1", "url": "http://otto-test.gluu.org/otto/federation", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "fedearation fedearation", "dataProtectionCodeOfConduct": "https://fd.org", "federationAgreement": "https://fd.org", "federationPolicy": "https://fd.org", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "sponsor": [ "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5" ], "federates": [ "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6" ], "member": [ "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4" ], "trustMarkDefinitionSupported": [ "https://fd.org" ], "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ], "metadata": [ "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0" ] } ], "operates": { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity", "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "entity entity", "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0", "federatedBy": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ], "supports": [] }, "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "trustMarkAsserted": "http://pa.org" }
Non-normative example of a participant request with filter parameter:
GET /otto/participant/58f7200bcf5e0a0f09cf2c3c?filter=.name HTTP/1.1
Non-normative example of a participant response from filter parameter:
HTTP/1.1 200 OK Content-Type: application/json { "name": [ "participant 1" ] }
Non-normative example of a participant request with multiple filter parameter:
GET /otto/participant/58f720e1a10d8e1012e76ed5?filter=.name,.securityContact HTTP/1.1
Non-normative example of a participant response from multiple filter parameter:
HTTP/1.1 200 OK Content-Type: application/json { "name": [ "participant 1" ], "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ] }
Non-normative example of a participant request using page no and page length parameter:
GET /otto/participant?pageno=1&pagelength=5 HTTP/1.1
Non-normative example of a participant response of page no and page length parameter:
HTTP/1.1 200 OK Content-Type: application/json { "participant": [ "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4", "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5", "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed6", "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed7", "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed8" ], "totalResults": 11, "itemsPerPage": 5, "startIndex": 1 }
This is PUT API endpoint to update the Participant. It needs to pass the value of the field which you want to update. It will update only those field which you passed into the parameter. The possible parameter you can passed for update, refer Section 4.1.
Non-normative example of a update participant request:
PUT /otto/participant/5909b4218489131c19abfa29 HTTP/1.1 { "name": "participant1", "url": "http://otto-test.gluu.org/otto/participant", "registeredBy": "58f5da4957d53d2ffbbb31df", "description": "participant participant", "securityContact": [{"name":"Security Person1", "contactNo":"+485647556566"}], "executiveContact": [{"name":"Executive Person1", "contactNo":"+485647556566"}], "technicalContact": [{"name":"Technical Person1", "contactNo":"+485647556566"}] }
Non-normative example of a update participant response:
HTTP/1.1 200 OK
HTTP PATCH is an OPTIONAL server function that enables clients to update one or more attributes of a participant resource using a sequence of operations to "add", "remove", or "replace" values.
The body of an HTTP PATCH request MUST contain the attribute "op", whose value is an array of one or more PATCH operations. Each PATCH operation object MUST have exactly one "op" member, whose value indicates the operation to perform and MAY be one of "add", "remove", or "replace".
The "path" attribute value is a String containing an attribute path describing the target of the operation. The "path" attribute is OPTIONAL for "add" and "replace" and is REQUIRED for "remove" operations.
The "add" operation is used to add a new attribute value to an existing resource. refer Section 3.4.1 for add patch operation description.
The following example show how to link participant with federation:
PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1 { "op":"add", "path":"memberOf", "value":["5909b4218489131c19abfa29"] }
Non-normative example of add patch operation participant response. It returns response with status 200 when successfully patch the participant.
HTTP/1.1 200 OK
Non-normative example of add patch operation without path property to participant request:
PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1 { "op":"add", "value":{ "memberOf": ["5909b4218489131c19abfa29"] } }
Non-normative example of add patch operation without path property to participant response. It returns response with status 200 when successfully patch the federation.
HTTP/1.1 200 OK
The "replace" operation replaces the value at the target location specified by the "path". refer Section 3.4.2 for detail replace patch description.
Non-normative example of replace patch operation participant request:
PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1 { "op": "replace", "path": "executiveContact", "value": [{ "contactNo": "+485647556566", "name": "Executive Person2" }] }
Non-normative example of replace patch operation participant response. It returns response with status 200 when successfully patch the participant.
HTTP/1.1 200 OK
Non-normative example of add patch operation without path property participant request:
PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1 { "op":"replace", "value":{ "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person2" } ] } }
Non-normative example of replace patch operation without path property participant response. It returns response with status 200 when successfully patch the participant.
HTTP/1.1 200 OK
The "remove" operation removes the value at the target location specified by the required attribute "path". Refer Section 3.4.3 for detail description of remove patch.
Non-normative example of remove patch operation participant request to remove specific federation:
PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1 { "op":"remove", "path":"/memberOf/59414908e7748f4d19541f46" }
Non-normative example of remove patch operation participant request:
PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1 { "op": "remove", "path": "executiveContact" }
Non-normative example of remove patch operation participant response. It returns response with status 200 when successfully patch the participant.
HTTP/1.1 200 OK
The following example shows how to passed multiple operation in patch.
Non-normative example of multiple patch operation participant request:
PATCH /otto/participant/5909b4218489131c19abfa29 HTTP/1.1 [ { "op": "remove", "path": "executiveContact" }, { "op": "replace", "path": "name", "value": "abc" } ]
Non-normative example of multiple patch operation participant response. It returns response with status 200 when successfully patch the participant.
HTTP/1.1 200 OK
Non-normative example of a delete participant request
DELETE /otto/participant/5909b4218489131c19abfa29 HTTP/1.1
Non-normative example of a delete participant response:
HTTP/1.1 200 OK
This is POST API endpoint for link participant as a member of Federation. It added the federation reference to memberOf in the participant.
Their are two request parameter.
Non-normative example of a participant request
POST /otto/participant/5909b4218489131c19abfa29/federation/58f7218ca10d8e1012e76ed6 HTTP/1.1
Non-normative example of a participant response:
HTTP/1.1 200 OK
It return response as per like Section 3.6
This is POST API endpoint for link entity as a service of the Participant. It is a service operated by the Participant.
Their are two request parameter.
Non-normative example of a link entity to participant request:
POST /otto/participant/5909b4218489131c19abfa29/entity/58f7218ca10d8e1012e76ed6 HTTP/1.1
Non-normative example of a link entity to participant response:
HTTP/1.1 200 OK
This endpoint, hosted by the Registration Authority, enables the registration and management of digital services at the federation.
This is POST API endpoint to create entity. It needs to pass the required parameter to add the new entity. If you try to add entity with same name which is already exist then it return response with error key with message is "entity already exist with same name".
Their are several properties which used for entity.
Property | Value | Description |
---|---|---|
name | REQUIRED | A human friendly name for the Entity |
operatedBy | OPTIONAL | It is the Federation or Participant, The organization that is responsible for this Entity |
url | OPTIONAL | The public, human readible website for the Entity |
description | OPTIONAL | It is Optional information about the Entity |
registeredBy | REQUIRED | The RA which registered this entity |
federatedBy | OPTIONAL | It is the Federation or array of Federation, The federation to which this entity is affiliated |
metadata | OPTIONAL | The metadata for this Entity |
category | OPTIONAL | It is the category, Used for assignment of standard Category defined in extension |
supports | OPTIONAL | It is the Schema or array of Schema, What schema is supported by this Entity |
Non-normative example of add a entity request
POST /otto/entity HTTP/1.1 { "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": "http://otto-test.gluu.org", "description": "entity entity", "registeredBy": "58f5da4957d53d2ffbbb31df", "metadata": "58f5da4957d53d2ffbbb31e0", "category": "https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim" }
Non-normative example of add a entity response:
In response it return with "@id" key, It is Unique IRI for the newly added entity
HTTP/1.1 200 OK Content-Type: application/json { "@id": "http://otto-test.gluu.org/otto/entity/5909b4218489131c19abfa29" }
Non-normative example of a get all entity request
GET /otto/entity HTTP/1.1
Non-normative example of a get all entity response:
HTTP/1.1 200 OK Content-Type: application/json { "entity": [ "http://otto-test.gluu.org/otto/entity/58f720c7a10d8e1012e76ed4", "http://otto-test.gluu.org/otto/entity/58f720e1a10d8e1012e76ed5" ], "totalResults": 2, "itemsPerPage": 0, "startIndex": 1 }
Non-normative example of a entity with depth parameter request
GET /otto/entity?depth=entity HTTP/1.1
Non-normative example of a entity response from depth parameter. for entity response description see the Section 5.1
HTTP/1.1 200 OK Content-Type: application/json { "@context": "http://otto-test.gluu.org/otto/entity", "entity": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity", "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "entity entity", "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0", "federatedBy": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ] } ], "totalResults": 1, "itemsPerPage": 0, "startIndex": 1 }
Non-normative example of a fetch specific entity request by passing unique entity id:
GET /otto/entity/58f720e1a10d8e1012e76ed5 HTTP/1.1
Non-normative example of a entity response from specified entity unique id. for entity response description see the Section 5.1
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity", "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "entity entity", "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0", "federatedBy": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ] }
Non-normative example of a entity request with specified entity and depth parameter:
GET /otto/entity/58f7218ca10d8e1012e76ed6?depth=registeredBy HTTP/1.1
Non-normative example of a entity response from specified entity and depth parameter:
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity", "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#registration-authority", "@id": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "url": "http://otto-test.gluu.org", "description": "OTTO Registration Authority", "federation_endpoint": "http://otto-test.gluu.org/otto/federations", "participant_endpoint": "http://otto-test.gluu.org/otto/participant", "entity_endpoint": "http://otto-test.gluu.org/otto/entity", "name": "otto-test", "registers": [] }, "description": "entity entity", "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0", "federatedBy": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ] }
Non-normative example of a entity request with multiple depth parameter:
GET /otto/entity/58f720e1a10d8e1012e76ed5?depth=depth=federatedBy,supports HTTP/1.1
Non-normative example of a entity response from multiple depth parameter:
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#entity", "@id": "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6", "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "entity entity", "metadata": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0", "federatedBy": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation", "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "name": "fed1", "url": "http://otto-test.gluu.org/otto/federation", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "fedearation fedearation", "dataProtectionCodeOfConduct": "https://fd.org", "federationAgreement": "https://fd.org", "federationPolicy": "https://fd.org", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "sponsor": [ "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5" ], "federates": [ "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6" ], "member": [ "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4" ], "trustMarkDefinitionSupported": [ "https://fd.org" ], "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ], "metadata": [ "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0" ] } ], "supports": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#schema", "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956", "name": "given_name", "category": "https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim", "required": false, "url": "https://en.wikipedia.org/wiki/Given_name", "sameAs": "https://schema.org/givenName,https://erasmus.gluu.org/schema/457c", "supportedBy": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6" ] } ] }
Non-normative example of a entity request with filter parameter:
GET /otto/entity/58f7218ca10d8e1012e76ed6?filter=.name HTTP/1.1
Non-normative example of a entity response from filter parameter:
HTTP/1.1 200 OK Content-Type: application/json { "name": [ "entity 1" ] }
Non-normative example of a entity request with multiple filter parameter:
GET /otto/entity/58f7218ca10d8e1012e76ed6?filter=.name,.supports HTTP/1.1
Non-normative example of a federation response from multiple filter parameter:
HTTP/1.1 200 OK Content-Type: application/json { "name": [ "entity 1" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ] }
Non-normative example of a entity request using pageno and pagelength parameter:
GET /otto/entity?pageno=1&pagelength=5 HTTP/1.1
Non-normative example of a entity response of page no and page length parameter:
HTTP/1.1 200 OK Content-Type: application/json { "entity": [ "http://otto-test.gluu.org/otto/entity/58f720c7a10d8e1012e76ed4", "http://otto-test.gluu.org/otto/entity/58f720e1a10d8e1012e76ed5", "http://otto-test.gluu.org/otto/entity/58f720e1a10d8e1012e76ed6", "http://otto-test.gluu.org/otto/entity/58f720e1a10d8e1012e76ed7", "http://otto-test.gluu.org/otto/entity/58f720e1a10d8e1012e76ed8" ], "totalResults": 11, "itemsPerPage": 5, "startIndex": 1 }
This is PUT API endpoint to update the entity. It needs to pass the value of the field which you want to update. It will update only those field which you passed into the parameter. The possible parameter you can passed for update, refer Section 5.1.
Non-normative example of a update entity request
PUT /otto/entity/5909b4218489131c19abfa29 HTTP/1.1 { "name": "entity 1", "url": "http://otto-test.gluu.org/otto/entity", "registeredBy": "http://otto-test.gluu.org", "description": "entity entity", "registeredBy": "58f5da4957d53d2ffbbb31df", "metadata": "58f5da4957d53d2ffbbb31e0", "category": "https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim" }
Non-normative example of a update entity response:
HTTP/1.1 200 OK
HTTP PATCH is an OPTIONAL server function that enables clients to update one or more attributes of a entity resource using a sequence of operations to "add", "remove", or "replace" values.
The body of an HTTP PATCH request MUST contain the attribute "op", whose value is an array of one or more PATCH operations. Each PATCH operation object MUST have exactly one "op" member, whose value indicates the operation to perform and MAY be one of "add", "remove", or "replace".
The following example show how to add link entity with federation:
PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1 { "op":"add", "path":"federatedBy", "value":"5909b4218489131c19abfa29" }
The "path" attribute value is a String containing an attribute path describing the target of the operation. The "path" attribute is OPTIONAL for "add" and "replace" and is REQUIRED for "remove" operations.
The "add" operation is used to add a new attribute value to an existing resource. Refer Section 3.4.1 for detail description of patch add operation.
The following example show how to add link entity with federation:
PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1 { "op":"add", "path":"federatedBy", "value":"5909b4218489131c19abfa29" }
Non-normative example of add patch operation entity response. It returns response with status 200 when successfully patch the entity.
HTTP/1.1 200 OK
Non-normative example of add patch operation without path property to entity request:
PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1 { "op":"add", "value":{ "federatedBy": "5909b4218489131c19abfa29" } }
Non-normative example of add patch operation without path property to entity response. It returns response with status 200 when successfully patch the entity.
HTTP/1.1 200 OK
The "replace" operation replaces the value at the target location specified by the "path". Refer Section 3.4.2 for detail description of replace patch.
The following example show how to replace operator of entity. It will replace old operator with new operator:
PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1 { "op":"replace", "path": "operatedBy", "value":"5909b4218489131c19abfa28" }
Non-normative example of replace patch operation entity response. It returns response with status 200 when successfully patch the entity.
HTTP/1.1 200 OK
Non-normative example of add patch operation without path property entity request:
PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1 { "op":"replace", "value":{ "operatedBy": "5909b4218489131c19abfa28" }
Non-normative example of replace patch operation without path property entity response. It returns response with status 200 when successfully patch the entity.
HTTP/1.1 200 OK
The "remove" operation removes the value at the target location specified by the required attribute "path". Refer Section 3.4.3 for detail description of remove patch operation.
Non-normative example of remove patch operation entity request to remove federation:
PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1 { "op":"remove", "path":"/federatedBy/59414908e7748f4d19541f46" }
Non-normative example of remove patch operation entity request:
PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1 { "op": "remove", "path": "operatedBy" }
Non-normative example of remove patch operation entity response. It returns response with status 200 when successfully patch the entity.
HTTP/1.1 200 OK
The following non-normative example shows how to passed multiple operation in patch.
Non-normative example of multiple patch operation entity request:
PATCH /otto/entity/5909b4218489131c19abfa29 HTTP/1.1 [ { "op": "remove", "path": "operatedBy" }, { "op": "replace", "path": "name", "value": "abc" } ]
Non-normative example of multiple patch operation entity response. It returns response with status 200 when successfully patch the entity.
HTTP/1.1 200 OK
This is DELETE API to delete entity. It needs to pass the entity unique id for delete specific entity.
Non-normative example of a entity request
DELETE /otto/entity/5909b4218489131c19abfa29 HTTP/1.1
Non-normative example of a entity response:
HTTP/1.1 200 OK
This is POST API for link entity to the federation. The federation to which this entity is affiliated.
Their are two request parameter.
Non-normative example of a link entity with federation request:
POST /otto/entity/5909b4218489131c19abfa29/federation/58f7218ca10d8e1012e76ed6 HTTP/1.1
Non-normative example of a link entity with federation response:
HTTP/1.1 200 OK
This endpoint, hosted by the Registration Authority, enables the management of metadata of the federation.
This is POST API endpoint to create metadata. It needs to pass the required parameter to add the new metadata.
Their are several properties which used for metadata.
Property | Value | Description |
---|---|---|
category | REQUIRED | It is the Category. Enables extensions to define standard categories for searching |
metadataFormat | OPTIONAL | The serialization type of the metadata |
expiration | OPTIONAL | The date at which this metadata is no longer valid |
Non-normative example of add a metadata request
POST /otto/entity HTTP/1.1 { "name": "BASIC", "descrption": "BASIC............", "category": "http://otto-test.gluu.org/schema_category/scope.jsonld" }
Non-normative example of add a metadata response:
In response it return with "@id" key, It is Unique IRI for the newly added metadata
HTTP/1.1 200 OK Content-Type: application/json { "@id": "http://otto-test.gluu.org/otto/metadata/5909b4218489131c19abfa29" }
Non-normative example of a get all metadata request
GET /otto/metadata HTTP/1.1
Non-normative example of a get all metadata response:
HTTP/1.1 200 OK Content-Type: application/json { "metadata": [ "http://otto-test.gluu.org/otto/metadata/58f720c7a10d8e1012e76ed4", "http://otto-test.gluu.org/otto/metadata/58f720e1a10d8e1012e76ed5" ], "totalResults": 2, "itemsPerPage": 0, "startIndex": 1 }
Non-normative example of a metadata request with depth parameter:
GET /otto/metadata?depth=metadata HTTP/1.1
Non-normative example of a metadata response from depth parameter:
HTTP/1.1 200 OK Content-Type: application/json { "metadata": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#metadata", "@id": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0", "metadataFormat": "Metadata Format", "expiration": "2017-04-18T09:20:09.138Z" } ], "totalResults": 2, "itemsPerPage": 0, "startIndex": 1 }
Non-normative example of a metadata request to fetch specific metadata:
GET /otto/metadata/58f720e1a10d8e1012e76ed5 HTTP/1.1
Non-normative example of a metadata response from specified metadata:
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#metadata", "@id": "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0", "metadataFormat": "Metadata Format", "expiration": "2017-04-18T09:20:09.138Z" }
Non-normative example of a metadata request with filter parameter:
GET /otto/metadata/58f5da4957d53d2ffbbb31e0?filter=.metadataFormat HTTP/1.1
Non-normative example of a metadata response from filter parameter:
HTTP/1.1 200 OK Content-Type: application/json { "metadataFormat": [ "Metadata Format" ] }
Non-normative example of a metadata request using pageno and pagelength parameter:
GET /otto/metadata?pageno=1&pagelength=5 HTTP/1.1
Non-normative example of a metadata response of page no and page length parameter:
HTTP/1.1 200 OK Content-Type: application/json { "metadata": [ "http://otto-test.gluu.org/otto/metadata/58f720c7a10d8e1012e76ed4", "http://otto-test.gluu.org/otto/metadata/58f720e1a10d8e1012e76ed5", "http://otto-test.gluu.org/otto/metadata/58f720e1a10d8e1012e76ed6", "http://otto-test.gluu.org/otto/metadata/58f720e1a10d8e1012e76ed7", "http://otto-test.gluu.org/otto/metadata/58f720e1a10d8e1012e76ed8" ], "totalResults": 11, "itemsPerPage": 5, "startIndex": 1 }
This is PUT API endpoint to update metadata. It needs to pass the value of the field which you want to update. It will update only those field which you passed into the parameter. The possible parameter need to pass for update, refer Section 6.1.
Non-normative example of a metadata update request:
PUT /otto/metadata/5909b4218489131c19abfa29 HTTP/1.1 { "metadataFormat": "metadata format ....", "expiration": "10/10/2017" }
Non-normative example of a metadata update response:
HTTP/1.1 200 OK
This is DELETE API endpoint to delete metadata. It needs to pass the unique id of metadata.
Non-normative example of a metadata request:
DELETE /otto/metadata/5909b4218489131c19abfa29 HTTP/1.1
Non-normative example of a metadata response:
HTTP/1.1 200 OK
This endpoint, hosted by the Registration Authority, enables the management of schema supported by federation.
This is POST API to create schema. It needs to pass the required parameter to add the new schema.
Their are several properties which used for schema.
Property | Value | Description |
---|---|---|
name | REQUIRED | Identifier for this schema item |
category | REQUIRED | The Extensions defined in extensions like "attribute" or "scope" |
description | OPTIONAL | The Human understandable explanation of this term. |
required | REQUIRED | Whether this schema element is required |
url | URL | The URL with more information about this schema |
supportedBy | OPTIONAL | It is the instance or array of Federation or Entity. Which federations support this schema |
sameAs | OPTIONAL | It is the URL or array of URL. Link to another similiar schema class |
Non-normative example of add a schema request
POST /otto/schema HTTP/1.1 { "name":"given_name", "category":"https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim", "description":"Person's first name", "required":false, "url":"https://en.wikipedia.org/wiki/Given_name", "sameAs":[ "https://schema.org/givenName", "https://erasmus.gluu.org/schema/457c" ] }
Non-normative example of add a schema response:
In response it return with "@id" key, It is Unique IRI for the newly added schema
HTTP/1.1 200 OK Content-Type: application/json { "@id": "http://otto-test.gluu.org/otto/schema/5909b4218489131c19abfa29" }
Non-normative example of a get all schema request
GET /otto/schema HTTP/1.1
Non-normative example of a get all schema response:
HTTP/1.1 200 OK Content-Type: application/json { "schema": [ "http://otto-test.gluu.org/otto/schema/58f720c7a10d8e1012e76ed4", "http://otto-test.gluu.org/otto/schema/58f720e1a10d8e1012e76ed5" ], "totalResults": 2, "itemsPerPage": 0, "startIndex": 1 }
Non-normative example of a schema request with depth parameter:
GET /otto/schema?depth=schema HTTP/1.1
Non-normative example of a federation response from depth parameter:
HTTP/1.1 200 OK Content-Type: application/json { "@context": "http://otto-test.gluu.org/otto/schema", "schema": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#schema", "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956", "name": "given_name", "category": "https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim", "required": false, "url": "https://en.wikipedia.org/wiki/Given_name", "sameAs": "https://schema.org/givenName,https://erasmus.gluu.org/schema/457c", "supportedBy": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ] } ], "totalResults": 1, "itemsPerPage": 0, "startIndex": 1 }
Non-normative example of a schema request to fetch specific schema unique Id:
GET /otto/schema/58f720e1a10d8e1012e76ed5 HTTP/1.1
Non-normative example of a schema response from specified schema unique Id:
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#schema", "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956", "name": "given_name", "category": "https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim", "required": false, "url": "https://en.wikipedia.org/wiki/Given_name", "sameAs": "https://schema.org/givenName,https://erasmus.gluu.org/schema/457c", "supportedBy": [ "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c" ] }
Non-normative example of a schema request with specified schema and depth parameter:
GET /otto/schema/590afffd30dd080ed3cda956?depth=supportedBy HTTP/1.1
Non-normative example of a schema response from specified schema and depth parameter:
HTTP/1.1 200 OK Content-Type: application/json { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#schema", "@id": "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956", "name": "given_name", "category": "https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim", "required": false, "url": "https://en.wikipedia.org/wiki/Given_name", "sameAs": "https://schema.org/givenName,https://erasmus.gluu.org/schema/457c", "supportedBy": [ { "@context": "https://rawgit.com/KantaraInitiative/wg-otto/master/html/otto-vocab-1.0.html#federation", "@id": "http://otto-test.gluu.org/otto/federations/58f7200bcf5e0a0f09cf2c3c", "name": "fed1", "url": "http://otto-test.gluu.org/otto/federation", "registeredBy": "http://otto-test.gluu.org/otto/registrationAuthority/58f5da4957d53d2ffbbb31df", "description": "fedearation fedearation", "dataProtectionCodeOfConduct": "https://fd.org", "federationAgreement": "https://fd.org", "federationPolicy": "https://fd.org", "securityContact": [ { "contactNo": "+485647556566", "name": "Security Person1" } ], "executiveContact": [ { "contactNo": "+485647556566", "name": "Executive Person1" } ], "technicalContact": [ { "contactNo": "+485647556566", "name": "Technical Person1" } ], "sponsor": [ "http://otto-test.gluu.org/otto/participant/58f720e1a10d8e1012e76ed5" ], "federates": [ "http://otto-test.gluu.org/otto/entity/58f7218ca10d8e1012e76ed6" ], "member": [ "http://otto-test.gluu.org/otto/participant/58f720c7a10d8e1012e76ed4" ], "trustMarkDefinitionSupported": [ "https://fd.org" ], "badgeSupported": [ "http://otto-test.gluu.org/otto/badge/58fdfa39a6a02d203267da37" ], "supports": [ "http://otto-test.gluu.org/otto/schema/590afffd30dd080ed3cda956" ], "metadata": [ "http://otto-test.gluu.org/otto/metadata/58f5da4957d53d2ffbbb31e0" ] } ] }
Non-normative example of a schema request with filter parameter:
GET /otto/schema/58f5da4957d53d2ffbbb31e0?filter=.name HTTP/1.1
Non-normative example of a schema response from filter parameter:
HTTP/1.1 200 OK Content-Type: application/json { "name": [ "given_name" ] }
Non-normative example of a schema request using page no and page length parameter:
GET /otto/metadata?pageno=1&pagelength=5 HTTP/1.1
Non-normative example of a metadata response of page no and page length parameter:
HTTP/1.1 200 OK Content-Type: application/json { "schema": [ "http://otto-test.gluu.org/otto/schema/58f720c7a10d8e1012e76ed4", "http://otto-test.gluu.org/otto/schema/58f720e1a10d8e1012e76ed5", "http://otto-test.gluu.org/otto/schema/58f720e1a10d8e1012e76ed6", "http://otto-test.gluu.org/otto/schema/58f720e1a10d8e1012e76ed7", "http://otto-test.gluu.org/otto/schema/58f720e1a10d8e1012e76ed8" ], "totalResults": 11, "itemsPerPage": 5, "startIndex": 1 }
This is PUT API endpoint to update the schema. It needs to pass the value of the field which you want to update. It will update only those field which you passed into parameter. The possible parameter you can passed for update, refer Section 7.1
Non-normative example of a schema update request
PUT /otto/schema/5909b4218489131c19abfa29 HTTP/1.1 { "name":"given_name", "category":"https://docs.kantarainitiative.org/otto/openid-vocab-1.0#UserClaim", "description":"Person's first name", "required":false, "url":"https://en.wikipedia.org/wiki/Given_name", "sameAs":[ "https://schema.org/givenName", "https://erasmus.gluu.org/schema/457c" ] }
Non-normative example of a schema update response:
HTTP/1.1 200 OK
This is DELETE API to delete schema. you need to pass schema unique id for delete specific schema.
Non-normative example of a delete schema request
DELETE /otto/schema/5909b4218489131c19abfa29 HTTP/1.1
Non-normative example of a delete schema response:
HTTP/1.1 200 OK
This is POST API endpoint for link schema to the Federation. It shows which federations support this schema.
Their are two request parameter.
Non-normative example of a schema request to link with federation:
POST /otto/schema/5909b4218489131c19abfa29/federation/58f7218ca10d8e1012e76ed6 HTTP/1.1
Non-normative example of a schema response to link with federation:
HTTP/1.1 200 OK
This is POST API endpoint for link schema to the Entity. It show which entity support this schema.
Their are two request parameter.
Non-normative example of a schema request to link with entity:
POST /otto/schema/5909b4218489131c19abfa29/entity/58f7218ca10d8e1012e76ed6 HTTP/1.1
Non-normative example of a schema response to link with entity:
HTTP/1.1 200 OK
Fetch categories.
Non-normative example of a fetch categories request
POST /otto/schema/categories HTTP/1.1
Non-normative example of a fetch categories response:
HTTP/1.1 200 OK [ "http://otto-test.gluu.org/schema_category/acr.jsonld", "http://otto-test.gluu.org/schema_category/scope.jsonld", "http://otto-test.gluu.org/schema_category/userclaim.jsonld" ]
The following people made contributions to the development of this specification:
Additional contributors to this specification include the Kantara OTTO Work Group participants, a list of whom can be found at[OttoWgParticipants].
[OttoWgParticipants] | Schwartz, M., “OTTO Participant Roster”, 2016, <http://kantarainitiative.org/confluence/display/OTTO/Participant+roster>. |
Michael Schwartz
(editor)
Gluu
EMail: mike@gluu.org
Janusz Ulanowski,
HEAnet
EMail: janusz.ulanowski@heanet.ie
Yuriy Zabrovarnyy
Gluu
EMail: yuriy@gluu.org
Meghna Joshi
Gluu
EMail: meg@gluu.org