Getting started

The Authorisation Registry role is fulfilled by a legal entity that provides solutions for Adhering Parties for the storage of delegation and authorisation information. An Authorisation Registry:

  • Can hold information on delegations to Service Consumers; i.e. information indicating what parts of the rights of an Entitled Party are delegated to a Service Consumer.

  • Can check, based on this information, whether a machine representing a legal entity is authorised to take delivery of a service;

  • Can confirm whether this is the case for the Service Provider;

  • Can issue a DataRights (Verifiable) Credential on behalf of the Entitled Party to Service Consumer to store in a Credential Store (wallet) and present them to Service Providers during access workflows;

  • Can expose them via the DCP Endpoints for machine Service Consumers and via the OIDC4VC/VP Endpoints for human Service Consumers.

For the structure of the DataRights Credential, see the JSON Schema.

  • Can bilaterally provide info about Authorisation Registry to Service Provider and/or Service Consumer.

As a result, Adhering Parties can outsource tasks concerning the management of authorisation and delegation information to an Authorisation Registry instead of implementing their own tooling.

To double-check if required endpoints are implemented, please use the following list as a cheat sheet:

Authorisation Registry

PreviousPresentation Endpoint (OpenID4VP)NextDelegation

Last updated