API Usage Flow
Below are the requests that a user needs to make to go through each level of the delegation process, from creating an invite to delegating access. Refer to the Request Attributes table provided to appropriately realize each request.
Create Invite
note
The Wallet Session of the person creating the invite is used in the following call
Request Attributes
| Parameter | Description | Suggested value |
|---|---|---|
| wallet_account | The wallet account id of the wallet user creating the invite link | wallet account id |
| invite_name | The given name to the inviter | Inviter name |
Sample Request
curl --location --request POST '{{WS_BASE_URI}}/me/delegate-connection-invitations' \
--header 'Authorization: {{WALLET_SESSION_TOKEN}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"wallet_account": "wallet_account_id",
"invite_name": "Wallet-A"
}'
Sample Response
{
"invite_link": "http://localhost:8084/me/delegate-connection-invitations/invite-response/dfe797bd-2d56-4a46-ab22-d7e5cfd82f18"
}
Accept Invite
note
The Wallet Session must be of the user that did not call Create Invite
Request Attributes
| Parameter | Description | Suggested value |
|---|---|---|
invitationId | The identifier for the invitation | Invitation Id |
accept | A true or false value that configures whether to accept invitation or not | Boolean |
receiverName | This field is for the person receiving the invitation (Wallet User B) to set a name by which the invitation will be addressed by | Name (e.g. Wallet-B) |
Sample Request
curl --location --request PUT '{{WS_BASE_URI}}/me/delegate-connection-invitations/invite-response/{invitationId}?accept=true&receiverName=Wallet-B' \
--header 'Authorization: {{WALLET_SESSION_TOKEN}}'
Sample Response
{
"identifier": "dfe797bd-2d56-4a46-ab22-d7e5cfd82f18",
"inviter_wallet_account_id": "7e941e99-d3e2-4c2f-921f-36f3d563f8fe",
"receiver_wallet_account_id": "290875ef-ff02-4c6f-a781-9ee621e449d0",
"invite_name": "Alice",
"receiver_name": "Bob",
"status": "PENDING_CONFIRMATION",
"expires_at": "2022-10-11T10:21:52.000Z",
"revoked_on": null
}
Confirm Invite
note
The Wallet Session must be of the user that called Create Invite
Request Attributes
| Parameter | Description | Suggested value |
|---|---|---|
invitationId | The identifier for the invitation | Invitation Id |
confirm | A true or false value that configures whether to confirm invitation or not | Boolean |
Sample Request
curl --location --request PUT '{{WS_BASE_URI}}/me/delegate-connection-invitations/response-confirm/{invitationId}?confirm=true' \
--header 'Authorization: {{WALLET_SESSION_TOKEN}}'
Sample Response
{
"identifier": "dfe797bd-2d56-4a46-ab22-d7e5cfd82f18",
"inviter_wallet_account_id": "7e941e99-d3e2-4c2f-921f-36f3d563f8fe",
"receiver_wallet_account_id": "290875ef-ff02-4c6f-a781-9ee621e449d0",
"invite_name": "Alice",
"receiver_name": "Bob",
"status": "COMPLETED",
"expires_at": "2022-10-11T10:21:52.000Z",
"revoked_on": null
}
Create Delegate Access
note
The Wallet Session of the delegator is used in the following call
Request Attributes
| Parameter | Description | Suggested value |
|---|---|---|
| client_id | The identifier of the UMA client | UMA client id |
| display_name | The name given to the delegation. For instance, if Alice delegated access to Bob, the display name could be Alice-Bob | Display name |
| expires_in | The duration after which the delegated access will expire | Numerical Value in milliseconds (E.G., 30000000) |
| dsa_id | The datasource account id of the delegator | datasource account id |
| delegate_connection_id | The identifier of the delegate connection | connection id |
Sample Request
curl --location --request POST '{{WS_BASE_URI}}/me/delegate-access' \
--header 'Authorization: {{WALLET_SESSION_TOKEN}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"dsa_id": "datasource_account_id",
"expires_in": "30000000",
"client_id": "uma_client_id",
"delegate_connection_id": "connection_id",
"display_name": "Alice-Bob"
}'
Sample Response
[
{
"identifier": "db12004d-2af1-4ed6-95ff-40f858486423",
"expires_at": "2022-10-12T10:24:57.000Z",
"wallet_account_a": "7e941e99-d3e2-4c2f-921f-36f3d563f8fe",
"wallet_account_b": "290875ef-ff02-4c6f-a781-9ee621e449d0",
"created_by_invitation_id": "dfe797bd-2d56-4a46-ab22-d7e5cfd82f18"
}
]
Create Permission with Delegate Access
note
The Wallet Session of the delegatee is used in the following call
Request Attributes
| Parameter | Description | Suggested value |
|---|---|---|
| delegate_access_id | An identifier for access delegation | access id |
| rs_res_id | An identifier for the resource server resource | resource_id |
| client_id | The identifier for the UMA client | uma_client_id |
| scopes_granted | The scopes that are granted (read, edit, etc.) | ["granted scope"] |
Sample Request
curl --location --request POST '{{WS_BASE_URI}}/tx/{tx_id}/permissions'
--header 'Authorization: {{WALLET_SESSION_TOKEN}}'
--header 'Content-Type: application/json'
--data-raw '[{
"delegate_access_id": "access_id",
"rs_res_id": "resource_id",
"client_id": "uma_client-id",
"scopes_granted": ["read"]
}]'
Sample Response
{
"permission_code": "601010",
"permissions": [
{
"id": "WTSJb6OLG7UPzIhZ",
"created": "2022-10-11T10:48:13.000Z"
}
]
}
Delegate Access Revocation
note
The Wallet Session of the delegator is used in the following call
Sample Request
curl --location --request DELETE '{{WS_BASE_URI}}/me/delegate-access/identifier' \
--header 'Authorization: {{WALLET_SESSION_TOKEN}}'
Sample Response
{
"identifier": "8e0d0afd-83cc-4971-8741-831a064ababc",
"owner": "7e941e99-d3e2-4c2f-921f-36f3d563f8fe",
"delegated_to": "290875ef-ff02-4c6f-a781-9ee621e449d0",
"expires_at": "2022-10-11T18:57:53.000Z",
"revoked_on": "2022-10-11T11:20:18.993Z",
"enrolled_client": {
"identifier": "fpxsp_uma_client",
"name": "Learning Management Platform",
"policy_uri": "https://identos.com/wp-content/themes/identos/images/apple-touch-icon-114x114.png",
"icon_uri": "https://identos.com/wp-content/themes/identos/images/apple-touch-icon-114x114.png",
"tos_uri": " ",
"authorization_server": {
"identifier": "IDN AuthServer",
"organization": {
"id": "1",
"name": "Learning Management Platform"
}
}
},
"display_name": "Alice-Bob"
}