Delegation
Used to obtain delegation evidence from an Authorization Registry. The response is a signed JSON Web Token. Please refer to the models ‘jwt_header’ and ‘jwt_payload_delegation_evidence_token’ which indicate what the decoded response will look like.
The model used for request body in /delegation endpoint, for obtaining delegation evidence.
POST /delegation HTTP/1.1
Host: isharetest.net
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 355
{
"delegationRequest": {
"policyIssuer": "text",
"target": {
"accessSubject": "text"
},
"policySets": [
{
"target": {
"environment": {
"licenses": "[Circular Reference]"
}
},
"policies": [
{
"target": {
"resource": {
"type": "text",
"identifiers": [
"text"
],
"attributes": [
"text"
]
},
"actions": [
"text"
]
},
"rules": [
{
"effect": "text"
}
]
}
]
}
],
"delegation_path": [
"text"
],
"previous_steps": [
"text"
]
}
}
{
"delegation_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlHbERDQ0JIeWdBd0lCQWdJVWJsT1hOMmpiamVSaWJUcnoxN3FzTWd1Tlk4MHdEUVlKS29aSWh2Y05BUUVMQlFBd1hURWVNQndHQTFVRUF3d1ZaVWxFUVZObFUwVkJURTlKUkY5SmMzTkRRVWMwTVJrd0Z3WURWUVJoRXhCT1ZGSk9UQzFwVTBoQlVrVlVSVk5VTVJNd0VRWURWUVFLRXdwcFUwaEJVa1ZVWlhOME1Rc3dDUVlEVlFRR0V3SllXREFlRncweU5ERXhNRFl4TkRNME16SmFGdzB5TnpFeE1EWXhORE0wTXpGYU1ISXhDekFKQmdOVkJBWVRBazVNTVNRd0lnWURWUVFLREJ0VVpYTjBJRUYxZEdodmNtbHpZWFJwYjI0Z1VtVm5hWE4wY25reEpEQWlCZ05WQkFNTUcxUmxjM1FnUVhWMGFHOXlhWE5oZEdsdmJpQlNaV2RwYzNSeWVURVhNQlVHQTFVRVlRd09UbFJTVGt3dE1UQXdNREF3TURRd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUM4VndPQzIvWXVCNVpXeE5YMzNUYW55WFF6dEUzWWU3TjN0bTZsVGJ1OXEzbDlMYkNJeTlGelZvNHVWTjI1YnpKVDg2MlpQWXp4MFNrVVhvUkVUMFF0MnNMRFpZZ05SdjN0SDFuSkRFM0FKUlM4RUtDVlZ4Rllvc0tiQ2gzNDhadGRwd0tMVUtzUnE1M1VJcTBIaHF1bUptdHhVY2NUYk1OMXYwY1RXaDdXMVdBaVlRY0lqWmQwY0pweFBOYVRmVk5Ha093aHcyRDJTZlA4S0dlL1NicVBxVVUwVjNNNUJlWlRKS21HZDhJUzFlRUk1ZmRrK0ZhUGhRL2ZjbC9NaHRobzhXclJNVW1tNWw2Q21tMkkrbHVxVThSbkVQVjFYUlpJUFlzcmlJc1ZyaUFyb2FjNTdYaTB2SHh3bGUwK2JPdzJWZkpMUmgwM2l3NGFEMTVHKzYxVkFnTUJBQUdqZ2dJMU1JSUNNVEFPQmdOVkhROEJBZjhFQkFNQ0JrQXdEQVlEVlIwVEFRSC9CQUl3QURBZkJnTlZIU01FR0RBV2dCU3pHazlDUU9uWWVKMXIvL3drc0JDeE5EendpVEJYQmdnckJnRUZCUWNCQVFSTE1Fa3dSd1lJS3dZQkJRVUhNQUdHTzJoMGRIQnpPaTh2WTJFM0xtbHphR0Z5WlhSbGMzUXVibVYwT2pnME5ESXZaV3BpWTJFdmNIVmliR2xqZDJWaUwzTjBZWFIxY3k5dlkzTndNQkFHQTFVZElBUUpNQWN3QlFZRFZSMGdNQjhHQTFVZEpRUVlNQllHQ0NzR0FRVUZCd01FQmdvckJnRUVBWUkzQ2dNTU1Gc0dDQ3NHQVFVRkJ3RURCRTh3VFRBVEJnWUVBSTVHQVFZd0NRWUhCQUNPUmdFR0FqQTJCZ2dyQmdFRkJRY0JBd3dxVkdocGN5QnBjeUIwWlhOMElHVnpaV0ZzSUdObGNuUnBabWxqWVhSbElHWnZjaUIwWlhOMGFXNW5NQjRHQldlQkRBTUJCQlV3RXhNRFRsUlNFd0pPVEF3SU1UQXdNREF3TURRd2djY0dBMVVkSHdTQnZ6Q0J2RENCdWFDQnRxQ0JzNGFCc0doMGRIQnpPaTh2WTJFM0xtbHphR0Z5WlhSbGMzUXVibVYwT2pnME5ESXZaV3BpWTJFdmNIVmliR2xqZDJWaUwzZGxZbVJwYzNRdlkyVnlkR1JwYzNRL1kyMWtQV055YkNacGMzTjFaWEk5UTA0bE0wUmxTVVJCVTJWVFJVRk1UMGxFWDBsemMwTkJSelFsTWtOdmNtZGhibWw2WVhScGIyNUpaR1Z1ZEdsbWFXVnlKVE5FVGxSU1Rrd3RhVk5JUVZKRlZFVlRWQ1V5UTA4bE0wUnBVMGhCVWtWVVpYTjBKVEpEUXlVelJGaFlNQjBHQTFVZERnUVdCQlJBdHJ4TFpQQ2JCbnlQYy9ualdYYk9zQy95Q1RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVJzTktsVFBnVWRNTGZMU1V3b2ZuKzNSZmM2amVIR2d6bCtxQ29MMlRkbmxOOWZFdHY1TlMweFZyL2x5Ykx1MDFQdUk0Mmd4bmgvZ1BLUDA2ZlV1VXI1WVpySzVNeHczUUhZdzhpdlNDcndvcE1zSUhob1FjN0g2MUtZNlV1WlFJVXRCUitHdmVBVUx4NC9Vd2pKY0MrdTM3aWd3akZ6QkVneUQ1dzJGNHViajh5N0hlNEthVGhBM2xOVmkwVXprdDhUb1NBNnBoSTA2eTMwREYyUGN3UkloT1NkT1NSMzJZVTZxVXgxSXJnRU13K3VYa3NMYmt4eU0rdjQxek9jMkh5alpXZGpJTFZLbDBQYnhXcE9DYmdndm4wdDE0anhzaVVoekRFcHd1RVNFZHJhUnBoaVVrWlMrbHdqeEhEengyRlhVKys0d053ak9yUldhdXlkSHlsaGZtMlMvMWFwTmlvUk0zcXZscXVrUWEyVzhqZWRYR2Y5d0tEcDZBc2VBK3RlNWJVb1VRUGZTYnNzYWFHMllucWRjNTFDbk1WZldmemlZWTJ3RWpKVHpwZ004SXRmRDlrV1VXbWwxYi9wODhiQ3RTZFZLbHFKRUlXazdvK1V5QTZCUFBIVUhsUkRRNlU5aGlCM3dGeHQ3K3FPNXFDd2hPN0xkSmkzNEZtUEE4WHhOdHZCMjB6dFlveS9PcXlDanVUbUxQU0p6Yk9BcVlPSzl0TmozSU5aMWUvZjdYV2Q0ME9JVnRXeFYzdEM4ZUQ4TS9zV0k3ZUt2ajhET0JWcDBjMkNBL1E2ekVRSzNTNWM5U1ZuVGZLQzQ1RFhWaU8zYTV2cGhHakNlSG5EWWN4SmpHTzZ3d0szR1hmNHVGeVZzRjducGVoN1N2NnR4UDE5QjBnWHprWWdFPSIsIk1JSUYyakNDQThLZ0F3SUJBZ0lVUEczK1RBbnhWT0JjZTlOYVB0OXBUQWdtNVI0d0RRWUpLb1pJaHZjTkFRRUxCUUF3UWpFZU1Cd0dBMVVFQXd3VlpVbEVRVk5sVTBWQlRFOUpSRjlUZFdKRFFVY3pNUk13RVFZRFZRUUtFd3BwVTBoQlVrVlVaWE4wTVFzd0NRWURWUVFHRXdKWVdEQWVGdzB5TXpBNE1qVXdPVEF4TXpKYUZ3MDBPREE0TWpVd09UQXdNRFZhTUYweEhqQWNCZ05WQkFNTUZXVkpSRUZUWlZORlFVeFBTVVJmU1hOelEwRkhOREVaTUJjR0ExVUVZUk1RVGxSU1Rrd3RhVk5JUVZKRlZFVlRWREVUTUJFR0ExVUVDaE1LYVZOSVFWSkZWR1Z6ZERFTE1Ba0dBMVVFQmhNQ1dGZ3dnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDRHdBd2dnSUtBb0lDQVFEYW5VZ00xL1BReVhOVFgrVU9MR3JaalM4SGFUV1IvUDR4RDhTTUNSeE9YSEt6SExRcUVRT3VIRC93K3J4OS9iRXd6SDR3VmZKMG02L3I1NktPZzB3TFVsVndPeWlrT1hHb0lURDJ1K1VpOXQyNHRZSWt4OHpqTEc3VkhWY3c0ZFhPdDkyc3ZLWTFMeWJ2bHByb1d6VEhsUndvSU8xWVE0aE8rcnlic3cvS0VERVhVYmtvd2psSEFQY3duc09XNjQzNjdFTitlelQxc1M4ZHpGSXhtRzhxQzJMck0yc1hKV3FxNXZKZUUvODZUZloyTk1PK0NVeGtqajd1UGdiVzJWL01PVWhZeUF0R0FqemQvS3dPckxNUk1ZYVhPSWo2MW04UjcxbmgvTFY5bjhkbmowd1RRT05USGh1TTdtZFpReGhxT2RrTDJja1NyQldpM2F0RVZUMU9oQlJYNEZtbWhJaG1TV3VDdGd5S2lEQ0lvdHlHQXNYMm82ODE3ZmVlNFJkdHdmdzlRNG9OM05BaHRvZDYwaU9BV0FwVnQrQlQ1dHZkZ0dPWVdQY2JNUjVwR3picDM4ZEdVeXV3WVpWNExBbklHU201eWF1Y05FMkUyeHJRQ2JFZVptNFJQc3g1SmxlV3ppcGsrNDJkN3ZxdldEODhJUWNRK2JaTTJYNHJKQlpOczE2NkNseCttNkhtS3hLQUxlYlV0anN6c2d5SDhjcTEwZCtrNEFvOG9DYU9ZanYySWFFYk1kK2ZWL1VmOGtQa3pUdEtsdHRkcWlpeG9JcXljWE1FZ0JhU2drdWI3WG9RNksyNnRSUEowdzVRa3V1aDNNS3RHRVdmVzdFRUdtcG5DcWpPdjYvckFNSmlNV3loMUlnTGdOQlVQUDd6YVZQcERBdEM4OE9TSlFJREFRQUJvNEdzTUlHcE1CSUdBMVVkRXdFQi93UUlNQVlCQWY4Q0FRRXdId1lEVlIwakJCZ3dGb0FVNHViWDBwNkRWak45REt0T1dXTVlBcytIeGRRd0dBWURWUjBnQkJFd0R6QUZCZ05WSFNBd0JnWUVWUjBnQURBcEJnTlZIU1VFSWpBZ0JnZ3JCZ0VGQlFjREFnWUlLd1lCQlFVSEF3UUdDaXNHQVFRQmdqY0tBd3d3SFFZRFZSME9CQllFRkxNYVQwSkE2ZGg0bld2Ly9DU3dFTEUwUFBDSk1BNEdBMVVkRHdFQi93UUVBd0lCQmpBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVp2NUd1a3gwUEV2VlJFSXQ4TVRhUGZDSDRhd3lpaVl5aTE3aDZSNUxMazFyZXJ3UXNTU1NIZlZxZnRkd1JGMG9jTHAyUFhKaGUwNzVxVjQwNkMwNENqYW1OazNlejlaaU5IQ05qUHRmaWQ2b094cXoxWGs4WFBqTllFbGJBRm1QN2VLbC80NDF2WmhHdWsvUmhYR054UWJ0bzBRMTZnOElSY0dEdldnTmh0cnRCMUcyeFNtdEIxUzJ1VXBTYWlaVk5PcmtkelRoaUVKc2VVUkJvWHhVWElxcEx5UFRSbDZNTWdWYUxHUllSYzN2WWlqNEI3TTJoQk43L2NqbkdMc01WdGdiT3Y2Q1YyMWcyU1hvd2JnT3F6QnlINTFVVFI2T2JIaUdqMGtTQ0FMRzE0SVFQa3pRUGlTcGp1Kys5TTJqQWpQTTNvNDIxWk9VRE1QMjQ2Q3NxUFhyVEFiUFhKVlVSL2dpNHU1M2ttekMyMTBqdlZxOWhId2VseFFPVFBGaGxNNkUxQ2g0SmI0UFFSTEtEUEZsKzVOVzRGeTJKQURqeXVweVZIbmNkTEV1UHkwUGdDTDJZbzE0N0hTcFBqNHU3amMxUm1IVTdOTzEyRVYyWkNNZkZsUndkR3Y2aWY4cU83cy82bHBaSmpwUHRMRU9iQTV0RDRhaGMrYVBOQWk5V0NrMHBlUm0xS0U1VkdEV0tGTlNOQWlMSk56UDdtMlE2eThmT3kzOGNOZ0ZCaEdPRi9LZ0VJc1QxMFYrNUs1byt5bFZWdFBWZVJSRU5FdktPOUVMa3plMElIZ3NUQi82Y3dPaWo0cHhNOUp2YXVqMDZHZ2xoSWhpSUE2cTBpRFVxQjFNVVIwSHppWTlCc25XWTlrUjhod1YzT1crbnNtenRRd0dWRXcya2pVPSIsIk1JSUZqakNDQTNhZ0F3SUJBZ0lVRmo5LzNqR09SaHRJcFo5OE9MUnRSSHMwQVlzd0RRWUpLb1pJaHZjTkFRRUxCUUF3UVRFZE1Cc0dBMVVFQXd3VVpVbEVRVk5sVTBWQlRFOUpSRjlTYjI5MFJ6SXhFekFSQmdOVkJBb1RDbWxUU0VGU1JWUmxjM1F4Q3pBSkJnTlZCQVlUQWxoWU1CNFhEVEl6TURneU5UQTVNREEwTkZvWERUUTRNRGd5TlRBNU1EQXdOVm93UWpFZU1Cd0dBMVVFQXd3VlpVbEVRVk5sVTBWQlRFOUpSRjlUZFdKRFFVY3pNUk13RVFZRFZRUUtFd3BwVTBoQlVrVlVaWE4wTVFzd0NRWURWUVFHRXdKWVdEQ0NBaUl3RFFZSktvWklodmNOQVFFQkJRQURnZ0lQQURDQ0Fnb0NnZ0lCQUw3bnpreW9GWFdnMWdoZEc2Zm51enV2QWRNV3NtL0krbVgzRGJ6M0kvS3lxTGRXdDdYRzNPV1ZTbmhvc0FEMlcyU1hubEdYcXh5ZTBoUHRFZ2tRSWRlbDdGbkZvc1dXcnNFT3JhdGdYbG5NNE5XcFlES01XRVZZcm83aHpIZ0NaMTI2WlBRVUxsczUyTmN2cFJNOFMzZFprK1hLMWtmM1ZlUzBKMmhVU0ZFQVpITHlYQ1hraFRuVUk3cW8xdXIxVG1EV1lzTlF3eERHT3U3Q1F5WllkS0l3S3FJOWVHc1JMZ002UFFsZzN2WkNyb3BPb2RNN2xvVHVpckNsM1VLdzRIckdrMmNPaUFmNElkLy9lYVZDYWZ3a2pLc0pUUXVBYWh1Uno0cU1zSFlBM2tEUXorMCtoZ25SNzRyK2lMcis4bHIwNDRnbG5hV0lXdnJFR2NpUlIrUGVjdGZyTE9RUUlXN2hhMTNkeldvemtUMGFnblQxTGsvQ0dyZ05YVnFob3NHQzBydUFRUEk2RGNQTnkySU5NOUpndENtQnNTak1NMTg1RklCWDRDeTE3bTczaDlyS2pYWk14YjZUeFg3Q0laeWVzZ0FTMGJCUmI2eElwS3NacmxyakVhenNqQzJWSFJSV09NSldZcWNYTEQ1Wk56R01aVXI2VHQyeUNVQXRhbWVjREFUS042L0dic3hlMHRBQk4wcGswcng1aWMrNFRYZEJyb045T0FaY2hINHRKQ3NPQ0tvbkN6QXBQeFZUaEROTXhzb295RnE5RG1nWGh5RVVPT29lUytGcjRGZ0gralNBTm0vbDE3OEpoOWVwZlhROWdFLzZhcVB4WWpOU0JnUzYwUzFFVnFDcHh3MnJUMW1VWWVHZndpYlZtNTNpeEdwdFI4a3RlNzBuQWdNQkFBR2pmVEI3TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SHdZRFZSMGpCQmd3Rm9BVTJMdWJOUzFiUCsvaGE4dk1ETStpTHJwcGVvd3dHQVlEVlIwZ0JCRXdEekFGQmdOVkhTQXdCZ1lFVlIwZ0FEQWRCZ05WSFE0RUZnUVU0dWJYMHA2RFZqTjlES3RPV1dNWUFzK0h4ZFF3RGdZRFZSMFBBUUgvQkFRREFnRUdNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUNBUUI4anFZVXc3VHYrVzRaSDA2UHJhRjZ6ZmRDeFQwM0RoUkNodzRaL1FtMFhWUzJnUnlSd2NNcHRRRkVSaFBOT0EyMjF1OUxxb3paMWFLM0IzNXdrY0dEL2RGSmdKQ0pCOTZTTXR0UWwySHAvRWlRejlQRkYwMmRCU3J1WGhJYXJhUGJNK05JR2RteU4yWnl3R0dYSTFhVTdKRDNYRzI5U2gyQUFkT2t2OGRJNmdFZ3p0L0RIU0lJYmFrYmFMZEVJYzdXQjk1R1VIY0huTmo1OFR6VFN5VmZCbXRiM3ZCSzlKRzBJbzZOQVBXUVl4MlZQOCtmSXlsamEyZDEyOGhnaDBkc0RyWEZBTSs5QVg4aGFlNXZ2eFZpOFRXcy96MmluZytrK2ltbXRTTmZ6ektNaU83cjV3SkFreWp3dFVCbEJTdEtJQTZaZXIyMnBtU1RaWmV1Y0hkRVRoYWJjV1FpZFZabU1QM0lmNml4NVVleVg4VjZPQXcwZ3NJM0lVYjkxUTc2ZDRzTFdiem9HTk9OQVlGQzFJeXoweFdqNDdaZDZQN1oyR2ZoMVZpSWJNeFZpRkRsTm1iRVpmbHBFUzg3Sy95aEJVUS90bkNOR1FvU2R0c3V5dVdnM05mV2J5Sm9OWnpsVTk2Sld4Y3FTYVhrenNlOWo4d2FoYXlLTk02U1dLU1kxWjA1aDhKU2NPQ21GQjVGOFYzYmQ1blAvdUtqYTdIOE80R09BQVBNM090RytlcTM3eFcveE4wb0FzamJ2dDRvam5VYkpzMmtpQXhFZHdYeDBLN21jUGVTN3pXbVZ0OGg0UmRjRG0vUEdURGE5bThPcWhRdWNrODBRbnV4SVVXVnI3R1dhZGgxTHkvdGwwK2J2bWtjbk8yeWJSSitnYnFSRUhEVGUwc3hzdz09IiwiTUlJRmN6Q0NBMXVnQXdJQkFnSVVDdmZTdlFlcmpGRG1NMkx2bWpvVERPSW5MQXd3RFFZSktvWklodmNOQVFFTEJRQXdRVEVkTUJzR0ExVUVBd3dVWlVsRVFWTmxVMFZCVEU5SlJGOVNiMjkwUnpJeEV6QVJCZ05WQkFvVENtbFRTRUZTUlZSbGMzUXhDekFKQmdOVkJBWVRBbGhZTUI0WERUSXpNRGd5TlRBNU1EQXdObG9YRFRRNE1EZ3lOVEE1TURBd05Wb3dRVEVkTUJzR0ExVUVBd3dVWlVsRVFWTmxVMFZCVEU5SlJGOVNiMjkwUnpJeEV6QVJCZ05WQkFvVENtbFRTRUZTUlZSbGMzUXhDekFKQmdOVkJBWVRBbGhZTUlJQ0lqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FnOEFNSUlDQ2dLQ0FnRUF4Vk1LSTlSTWhuT1NBMkxvcmdFQzNZRE5kMml0bjcyTE9kZlJSVXU0NWZHNzBJZXYrRTRrUnJ6SjFrMjNXWEg1c0hUYmNzbHBFVGVBWm5qMC94S0JZZEVMdXdlNkhYOGtJd2QxczZXR2xaYzBsN2tpMWZtajRIcVNzdEdKL0JLR2oxYTcyMzZXd1BKRVdFSHFmeDlRTUVldUpLbFVTVkZGeUU0ak1zZllwODdpZklwdXdFOG9MT3c0eWtERE9QNTJUZDA2dkhDSVlycURCcnZ4RmRBdUVuRnhOeGxQWFJFNGdMc3lnZzYySE94T3VHbWhXZnN5NlRjY0lwNVhJT2RqMkN6ZW9YSjgybTUvaW1CUEp2a2VmbnJqRVFYemlTRTJtaTJJQkR0R1AvQXdGV0k3V3BzRXlEWFdJbU1TUjBUM0N1RG1rZVExNHBObWNxTXAvYnFYM2kxYWV0YWRGVFdzdWhsMG5IMmlScUtaREp4WmxTY3U5OXRvcTVHcmRjRlVjeEdSUXlsK3NGaFVoM1hjQldKVjdZMnduRkwydFk3dGh0UThaUG16VE84a1BLQ2JFbDVVNmdDU0lrcFJQTlpCUEc0ZFQwcXUrOEJkNzFQdTduQXkxaUI0VTZ5czM0Y0ZsT2xKcEdNMEZHcjM1TGVmYlBSOGJnejZNOVhOalJiZ01EUWNYRE1uZmlESjdFODFvVkJwQ1hOOXlkSGkxYmxoYWt1RUJhb2E5TS9rYXppcEdQbUF1eHJXQk1tcDJxMHd6UXA5R1MyZThrZUpJRHdKdXl6RUxhUlpDNHlqVnNWWlFNSy8vRCs0SjNib1U1ZHJDbW1tNkMxcndOUmZTWnVGR05jSVlEWmVIdGVHb0NGNEVBNWpjZ2RGYUlZckRlajZWQWFiNDJ2TjVMVUNBd0VBQWFOak1HRXdEd1lEVlIwVEFRSC9CQVV3QXdFQi96QWZCZ05WSFNNRUdEQVdnQlRZdTVzMUxWcy83K0ZyeTh3TXo2SXV1bWw2akRBZEJnTlZIUTRFRmdRVTJMdWJOUzFiUCsvaGE4dk1ETStpTHJwcGVvd3dEZ1lEVlIwUEFRSC9CQVFEQWdFR01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQ0FRQmJjSHlWMmI1bUd3SFd4Q1NiRHdyNVY3UGdTWklKYTFzY3JDbklIRDNaL3l4RzdYcDVjSWxCajRNeTRsUkhqWnRKVnZVZlRqRnBzRURFdi9QQXE3NE9Jb2xOL2tQZE1mVGN6RkJHcHZzWnIweDJ5VVBFSnpRc1RTTHgwZ3daK3d2b0tIV0UwQzdHcWdrQUJOckZXOEZMcVJ6TnFYc21NNW9JNGMzVjVzeXh3QllGRFVZNU1QV2RxSkVEZlJ2ampKUENYbUtPUDFsTytpK0UwN3ZzRnBEekhTMkZLQjVjNnNUSVprdnQrSC9DRzRoVnU2WnZjRlhYenYySksvRW9WWjZ3VWRDbHQ0cExnVFFaL1cwcVFDSjNHakZlL1BaNzRtY2tXMXgvems5ejBWUWpVcFRxejNBalBMSWpqNjBuTUxUTHA1MG9GY01ManVYc3MwdnY0dFVqQ1RwczJRZzluMEd3TGxEUjQyTnl3MlRLY01NQjZ5Y0VvTmlVRXUwbGdhMUpNMFNWU3NGUDdHU1UvVzlWcWF0Szd4cC9YVzkvR0R2Z3AzWi9wUE0wRTNpMXRxcC9uT1U0M1lvZjhXaTRKSjZ6T2dYQnpxUXhPNk1JTFpKNHFFZmVuQXRJN285NVR5NXlrOXZSYm9Vc3R5d3NmQzZDVnN1MDhOTC90dHc0T1NYT3Zia1ErN3pNeENZVDlZeVFENWwvbHRDM2JnZGovbEJaem5zQnVHWU5PQjE2d0ROY0dwdXVhZWtzZlFmQkRQSFQrdlI2Z1BWRlpweVZ3eS90ekg2TlRwVUdEam9IVnNDeFVqWTg3ME9NNEQySmNqOU9JcXFkbGtDb1dPNmk0VmVjN3NUenhpWDM5b05TcjFHN0NvYmMzc1lkaG54Zy92bGcxQmVDSjg3cDBBPT0iXX0.eyJpc3MiOiJkaWQ6aXNoYXJlOkVVLk5MLk5UUk5MLTEwMDAwMDA0Iiwic3ViIjoiZGlkOmlzaGFyZTpFVS5OTC5OVFJOTC0xMDAwMDAwNCIsImp0aSI6IjdmYTFlYzM5YmFjMzRmZmZhMmNhNDgyMDFlNDhmMDNhIiwiaWF0IjoxNzExNDY2OTg1LCJleHAiOjE3MTE0NjcwMTUsImF1ZCI6ImRpZDppc2hhcmU6RVUuTkwuTlRSTkwtMTAwMDAwMDEiLCJkZWxlZ2F0aW9uRXZpZGVuY2UiOnsibm90QmVmb3JlIjoxNTQxMDU4OTM5LCJub3RPbk9yQWZ0ZXIiOjIxNDc0ODM2NDcsInBvbGljeUlzc3VlciI6ImRpZDppc2hhcmU6RVUuTkwuTlRSTkwtMTAwMDAwMDUiLCJ0YXJnZXQiOnsiYWNjZXNzU3ViamVjdCI6ImRpZDppc2hhcmU6RVUuTkwuTlRSTkwtMTAwMDAwMDEifSwicG9saWN5U2V0cyI6W3sibWF4RGVsZWdhdGlvbkRlcHRoIjowLCJ0YXJnZXQiOnsiZW52aXJvbm1lbnQiOnsibGljZW5zZXMiOlsiSVNIQVJFLjAwMDEiXX19LCJwb2xpY2llcyI6W3sidGFyZ2V0Ijp7InJlc291cmNlIjp7InR5cGUiOiJHUzEuQ09OVEFJTkVSIiwiaWRlbnRpZmllcnMiOlsiMTgwNjIxLkFCQzEyMzQiXSwiYXR0cmlidXRlcyI6WyJHUzEuQ09OVEFJTkVSLkFUVFJJQlVURS5FVEEiXX0sImVudmlyb25tZW50Ijp7InNlcnZpY2VQcm92aWRlcnMiOlsiZGlkOmlzaGFyZTpFVS5OTC5OVFJOTC0xMDAwMDAwMyJdfSwiYWN0aW9ucyI6WyJJU0hBUkUuUkVBRCJdfSwicnVsZXMiOlt7ImVmZmVjdCI6IlBlcm1pdCJ9XX1dfV19fQ.dNiITX_uHj3CJagOm54W-_MD2PXIsh1snviAtuoRbc7a7nRkQXZShJJDpldpyQOugsqFFhgLedUXM5z8kST0-5a9BNaaxrW5KAZNqyXtDgudRgB8T2vrohcmgLin39pgvD1gydoHHIXolJxPHCOYdxAamMD-8umvTzCFogjdwFaB9RMVWUHMbDuAZGYup-lSewuIK2pkwKJZft5ZRWxfignBBt2mauB4wot5Z92VLPReNA8EH0R9C_GkykP6pRCu2Km7La3c116WNP0szN02l8P87rqVNwDsjLpzhpH1cs17shDvbis8DbKb3KsHnq_LALAG9nx4GOFrupxuAadhGw"
}
Request model
Headers
Authorization
String. OAuth 2.0 authorization based on bearer token. MUST contain “Bearer “ + access token value. How to retrieve the access token can be found at Access Token Endpoint section.Content-Type
String. Defines request body content type. MUST be equal to application/json.
Parameters
The body of the request MUST contain a JSON with the following structure.
delegationRequest
Object. Root level. (Required) The request for delegation evidence.policyIssuer
String. Contained indelegationRequest
. (Required) Identifier of the delegator (the delegating entity, usually the Entitled Party).target
Object. Contained indelegationRequest
. (Required) MUST for the root level contain anaccessSubject
. No other elements are allowed.accessSubject
String. Contained intarget
. (Required) Identifier of the delegate, also known as the entity that receives the delegated rights (usually the Service Consumer).
policySets
Array of Objects. Contained indelegationRequest
. (Required) Container for one or more objects containing policy elements with an indication for further delegation. Note that policySet elements within one delegationRequest MUST not restrict each other, but rather offer a mechanism to express additional rights. They will be evaluated by the Authorization Registry in a permit-override manner, allowing a Permit if only one of the policySet elements evaluates to Permit.policies
Array of Objects. Contained in
policySets
. (Required)Used to express the actual rights for which evidence is being requested. Note that policies within one policySets object MUST not restrict each other, but rather offer a mechanism to express additional rights. They will be evaluated in a permit-override manner, allowing a Permit if only one of the policy elements evaluates to Permit.
target
Object. Contained inpolicies
. (Required) Describes the target, in terms of resource and action, this request applies to. It is also the scope that is permitted through the default rule.resource
Object. Contained intarget
. (Required) Containstype
,identifiers
andattributes
.type
String. Contained inresource
. (Required) String which describes the type of the resource for which delegation evidence is requested.identifiers
Array of Strings. Contained inresource
. (Required) Array of strings containing one or more resource identifiers for which the delegation evidence is requested. Use of wildcards (for example "*") is allowed.attributes
Array of Strings. Contained inresource
. (Required) Array of attributes of the resources for which the delegation evidence is requested. Use of wildcards (for example "*") is allowed.
actions
Array of Strings. Contained intarget
. (Required) Array of actions for which delegation evidence is requested.
rules
Array of Objects. Contained inpolicies
. (Required)effect
String. Contained inrules
.(Required) Value must be equal to Permit or Deny.
delegation_path
Array of Strings. Root level. Optional. Container for one or more iSHARE identifiers values for a situation where multiple delegation policies need to be linked together.previous_steps
Array of Strings. Root level. Optional. Container for one or more pieces of evidence such that the client has legitimate reason to request delegation evidence. For example:Client_assertion
Delegation_evidence in a delegation chain
Other evidence or information as determined by the data space (could also be verified post-transaction), specification beyond the scope of this framework
Privacy considerations: to prevent unallowed access to delegation evidence, a data space or participant can decide to require evidence or information in the previous_steps attribute, depending on the nature of the data that is being shared.
Response model
The response contains a delegation_evidence_token
, containing an iSHARE JWT. The model of the delegation_evidence_token
JWT response is available on the iSHARE OpenAPI documentation. For convenience the model of the delegationEvidence object, contained within the token, is described below:
delegationEvidence
Object. Root level. (Required) The root of any delegation evidence.notBefore
Integer. Contained indelegationEvidence
. (Required) Unix timestamp in UTC indicating the start of validity period of this delegation evidence. SHOULD equal the time of issuing of the evidence unless historic evidence is requested.notOnOrAfter
Integer. Contained indelegationEvidence
. (Required) Unix timestamp in UTC indicating the end of validity period of this delegation evidence. It is up to the issuer off the evidence to set this time. Note that a reasonable amount of time SHOULD be allowed for processing of longer delegation paths. Also note that evidence cannot be revoked, so setting very long validity periods SHOULD be avoided.policyIssuer
String. Contained indelegationEvidence
. (Required) Identifier of the delegator, also know as the delegating entity (usually the Entitled Party).target
Object. Contained indelegationEvidence
. (Required) MUST for the root level contain an accessSubject. No other elements are allowed. It makes the entire delegation evidence applicable only to this accessSubject.accessSubject
Object. Contained intarget
. (Required) iSHARE identifier of the delegate, also known as the entity that receives the delegated rights (usually the Service Consumer). It should be either iSHARE identifier for M2M cases or human pseudonym for H2M cases.
policySets
Array of Objects. Contained indelegationEvidence
. (Required) Container for one or more objects containing policy elements with an indication for further delegation. Note that policySet elements within one delegationEvidence MUST not restrict each other, but rather offer a mechanism to express additional rights. They MUST be evaluated in a permit-override manner, allowing a Permit if only one of the policySet elements evaluates to Permit.maxDelegationDepth
Integer. Contained inpolicySets
. Optional. Optional element that, if present, indicates that further delegation of the rights, conveyed in the policy elements that are part of this PolicySet, is allowed. The value indicates the delegation steps that are allowed after this step in order to evaluate the entire delegation path to Permit.target
Object. Contained in
policySets
.Contains
environment
.environment
Object. Contained in
target
.Contains
licenses
.licenses
Array of Strings and Objects. Contained in
environment
.Array which describes which iSHARE licenses apply to this policySet. Please refer to the Licenses model for more information about structuring this array.
policies
Array of Objects. Contained in
policySets
. (Required)Used to express the actual rights for which evidence is being provided. Note that policies within one policySets object MUST not restrict each other, but rather offer a mechanism to express additional rights. They will be evaluated in a permit-override manner, allowing a Permit if only one of the policy elements evaluates to Permit.
target
Object. Contained inpolicies
. (Required) Describes the target, in terms of resource and action, this request applies to. It is also the scope that is permitted through the default rule.resource
Object. Contained intarget
. (Required) Containstype
,identifiers
andattributes
.type
String. Contained inresource
. (Required) String which describes the type of resource to which the rules apply.identifiers
Array of Strings. Contained inresource
. (Required) Array of strings containing one or more resource identifiers to which the rules apply.attributes
Array of Strings. Contained inresource
. (Required) Array of attributes of the resources to which the rules apply.
actions
Array of Strings. Contained intarget
. (Required) Array of actions that apply to this policy.environment
Object. Contained intarget
. (Required) Optional field that containsserviceProviders
.serviceProviders
Array of Strings. Contained inenvironment
. Optional. Array which lists the party identifier of Service Providers which are allowed to provide services to the accessSubject as described within this policy.
rules
Array of Objects. Contained inpolicies
. (Required)effect
String. Contained inrules
. (Required) Value must be equal to Permit or Deny.
Example request
> Authorization: Bearer IIeDIrdnYo2ngwDQYJKoZIhvcNAQELBQAwSDEZMBcGA1UEAwwQaVNIQ
POST /delegation
{
"delegationRequest": {
"policyIssuer": "did:ishare:EU.NL.NTRNL-10000005",
"target": {
"accessSubject": "did:ishare:EU.NL.NTRNL-10000001"
},
"policySets": [
{
"policies": [
{
"target": {
"resource": {
"type": "GS1.CONTAINER",
"identifiers": [
"180621.CONTAINER-Z"
],
"attributes": [
"GS1.CONTAINER.ATTRIBUTE.ETA",
"GS1.CONTAINER.ATTRIBUTE.WEIGHT"
]
},
"actions": [
"ISHARE.READ",
"ISHARE.CREATE",
"ISHARE.UPDATE",
"ISHARE.DELETE"
],
"environment": {
"serviceProviders": [
"did:ishare:EU.NL.NTRNL-10000003"
]
}
},
"rules": [
{
"effect": "Permit"
}
]
}
]
}
]
},
"delegation_path": [
"did:ishare:EU.NL.NTRNL-10000007"
],
"previous_steps": [
"<delegation evidence token>"
]
}
Example response
The response contains an encoded JWT:
{
"delegation_evidence_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlHbERDQ0JIeWdBd0lCQWdJVWJsT1hOMmpiamVSaWJUcnoxN3FzTWd1Tlk4MHdEUVlKS29aSWh2Y05BUUVMQlFBd1hURWVNQndHQTFVRUF3d1ZaVWxFUVZObFUwVkJURTlKUkY5SmMzTkRRVWMwTVJrd0Z3WURWUVJoRXhCT1ZGSk9UQzFwVTBoQlVrVlVSVk5VTVJNd0VRWURWUVFLRXdwcFUwaEJVa1ZVWlhOME1Rc3dDUVlEVlFRR0V3SllXREFlRncweU5ERXhNRFl4TkRNME16SmFGdzB5TnpFeE1EWXhORE0wTXpGYU1ISXhDekFKQmdOVkJBWVRBazVNTVNRd0lnWURWUVFLREJ0VVpYTjBJRUYxZEdodmNtbHpZWFJwYjI0Z1VtVm5hWE4wY25reEpEQWlCZ05WQkFNTUcxUmxjM1FnUVhWMGFHOXlhWE5oZEdsdmJpQlNaV2RwYzNSeWVURVhNQlVHQTFVRVlRd09UbFJTVGt3dE1UQXdNREF3TURRd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUUM4VndPQzIvWXVCNVpXeE5YMzNUYW55WFF6dEUzWWU3TjN0bTZsVGJ1OXEzbDlMYkNJeTlGelZvNHVWTjI1YnpKVDg2MlpQWXp4MFNrVVhvUkVUMFF0MnNMRFpZZ05SdjN0SDFuSkRFM0FKUlM4RUtDVlZ4Rllvc0tiQ2gzNDhadGRwd0tMVUtzUnE1M1VJcTBIaHF1bUptdHhVY2NUYk1OMXYwY1RXaDdXMVdBaVlRY0lqWmQwY0pweFBOYVRmVk5Ha093aHcyRDJTZlA4S0dlL1NicVBxVVUwVjNNNUJlWlRKS21HZDhJUzFlRUk1ZmRrK0ZhUGhRL2ZjbC9NaHRobzhXclJNVW1tNWw2Q21tMkkrbHVxVThSbkVQVjFYUlpJUFlzcmlJc1ZyaUFyb2FjNTdYaTB2SHh3bGUwK2JPdzJWZkpMUmgwM2l3NGFEMTVHKzYxVkFnTUJBQUdqZ2dJMU1JSUNNVEFPQmdOVkhROEJBZjhFQkFNQ0JrQXdEQVlEVlIwVEFRSC9CQUl3QURBZkJnTlZIU01FR0RBV2dCU3pHazlDUU9uWWVKMXIvL3drc0JDeE5EendpVEJYQmdnckJnRUZCUWNCQVFSTE1Fa3dSd1lJS3dZQkJRVUhNQUdHTzJoMGRIQnpPaTh2WTJFM0xtbHphR0Z5WlhSbGMzUXVibVYwT2pnME5ESXZaV3BpWTJFdmNIVmliR2xqZDJWaUwzTjBZWFIxY3k5dlkzTndNQkFHQTFVZElBUUpNQWN3QlFZRFZSMGdNQjhHQTFVZEpRUVlNQllHQ0NzR0FRVUZCd01FQmdvckJnRUVBWUkzQ2dNTU1Gc0dDQ3NHQVFVRkJ3RURCRTh3VFRBVEJnWUVBSTVHQVFZd0NRWUhCQUNPUmdFR0FqQTJCZ2dyQmdFRkJRY0JBd3dxVkdocGN5QnBjeUIwWlhOMElHVnpaV0ZzSUdObGNuUnBabWxqWVhSbElHWnZjaUIwWlhOMGFXNW5NQjRHQldlQkRBTUJCQlV3RXhNRFRsUlNFd0pPVEF3SU1UQXdNREF3TURRd2djY0dBMVVkSHdTQnZ6Q0J2RENCdWFDQnRxQ0JzNGFCc0doMGRIQnpPaTh2WTJFM0xtbHphR0Z5WlhSbGMzUXVibVYwT2pnME5ESXZaV3BpWTJFdmNIVmliR2xqZDJWaUwzZGxZbVJwYzNRdlkyVnlkR1JwYzNRL1kyMWtQV055YkNacGMzTjFaWEk5UTA0bE0wUmxTVVJCVTJWVFJVRk1UMGxFWDBsemMwTkJSelFsTWtOdmNtZGhibWw2WVhScGIyNUpaR1Z1ZEdsbWFXVnlKVE5FVGxSU1Rrd3RhVk5JUVZKRlZFVlRWQ1V5UTA4bE0wUnBVMGhCVWtWVVpYTjBKVEpEUXlVelJGaFlNQjBHQTFVZERnUVdCQlJBdHJ4TFpQQ2JCbnlQYy9ualdYYk9zQy95Q1RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVJzTktsVFBnVWRNTGZMU1V3b2ZuKzNSZmM2amVIR2d6bCtxQ29MMlRkbmxOOWZFdHY1TlMweFZyL2x5Ykx1MDFQdUk0Mmd4bmgvZ1BLUDA2ZlV1VXI1WVpySzVNeHczUUhZdzhpdlNDcndvcE1zSUhob1FjN0g2MUtZNlV1WlFJVXRCUitHdmVBVUx4NC9Vd2pKY0MrdTM3aWd3akZ6QkVneUQ1dzJGNHViajh5N0hlNEthVGhBM2xOVmkwVXprdDhUb1NBNnBoSTA2eTMwREYyUGN3UkloT1NkT1NSMzJZVTZxVXgxSXJnRU13K3VYa3NMYmt4eU0rdjQxek9jMkh5alpXZGpJTFZLbDBQYnhXcE9DYmdndm4wdDE0anhzaVVoekRFcHd1RVNFZHJhUnBoaVVrWlMrbHdqeEhEengyRlhVKys0d053ak9yUldhdXlkSHlsaGZtMlMvMWFwTmlvUk0zcXZscXVrUWEyVzhqZWRYR2Y5d0tEcDZBc2VBK3RlNWJVb1VRUGZTYnNzYWFHMllucWRjNTFDbk1WZldmemlZWTJ3RWpKVHpwZ004SXRmRDlrV1VXbWwxYi9wODhiQ3RTZFZLbHFKRUlXazdvK1V5QTZCUFBIVUhsUkRRNlU5aGlCM3dGeHQ3K3FPNXFDd2hPN0xkSmkzNEZtUEE4WHhOdHZCMjB6dFlveS9PcXlDanVUbUxQU0p6Yk9BcVlPSzl0TmozSU5aMWUvZjdYV2Q0ME9JVnRXeFYzdEM4ZUQ4TS9zV0k3ZUt2ajhET0JWcDBjMkNBL1E2ekVRSzNTNWM5U1ZuVGZLQzQ1RFhWaU8zYTV2cGhHakNlSG5EWWN4SmpHTzZ3d0szR1hmNHVGeVZzRjducGVoN1N2NnR4UDE5QjBnWHprWWdFPSIsIk1JSUYyakNDQThLZ0F3SUJBZ0lVUEczK1RBbnhWT0JjZTlOYVB0OXBUQWdtNVI0d0RRWUpLb1pJaHZjTkFRRUxCUUF3UWpFZU1Cd0dBMVVFQXd3VlpVbEVRVk5sVTBWQlRFOUpSRjlUZFdKRFFVY3pNUk13RVFZRFZRUUtFd3BwVTBoQlVrVlVaWE4wTVFzd0NRWURWUVFHRXdKWVdEQWVGdzB5TXpBNE1qVXdPVEF4TXpKYUZ3MDBPREE0TWpVd09UQXdNRFZhTUYweEhqQWNCZ05WQkFNTUZXVkpSRUZUWlZORlFVeFBTVVJmU1hOelEwRkhOREVaTUJjR0ExVUVZUk1RVGxSU1Rrd3RhVk5JUVZKRlZFVlRWREVUTUJFR0ExVUVDaE1LYVZOSVFWSkZWR1Z6ZERFTE1Ba0dBMVVFQmhNQ1dGZ3dnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDRHdBd2dnSUtBb0lDQVFEYW5VZ00xL1BReVhOVFgrVU9MR3JaalM4SGFUV1IvUDR4RDhTTUNSeE9YSEt6SExRcUVRT3VIRC93K3J4OS9iRXd6SDR3VmZKMG02L3I1NktPZzB3TFVsVndPeWlrT1hHb0lURDJ1K1VpOXQyNHRZSWt4OHpqTEc3VkhWY3c0ZFhPdDkyc3ZLWTFMeWJ2bHByb1d6VEhsUndvSU8xWVE0aE8rcnlic3cvS0VERVhVYmtvd2psSEFQY3duc09XNjQzNjdFTitlelQxc1M4ZHpGSXhtRzhxQzJMck0yc1hKV3FxNXZKZUUvODZUZloyTk1PK0NVeGtqajd1UGdiVzJWL01PVWhZeUF0R0FqemQvS3dPckxNUk1ZYVhPSWo2MW04UjcxbmgvTFY5bjhkbmowd1RRT05USGh1TTdtZFpReGhxT2RrTDJja1NyQldpM2F0RVZUMU9oQlJYNEZtbWhJaG1TV3VDdGd5S2lEQ0lvdHlHQXNYMm82ODE3ZmVlNFJkdHdmdzlRNG9OM05BaHRvZDYwaU9BV0FwVnQrQlQ1dHZkZ0dPWVdQY2JNUjVwR3picDM4ZEdVeXV3WVpWNExBbklHU201eWF1Y05FMkUyeHJRQ2JFZVptNFJQc3g1SmxlV3ppcGsrNDJkN3ZxdldEODhJUWNRK2JaTTJYNHJKQlpOczE2NkNseCttNkhtS3hLQUxlYlV0anN6c2d5SDhjcTEwZCtrNEFvOG9DYU9ZanYySWFFYk1kK2ZWL1VmOGtQa3pUdEtsdHRkcWlpeG9JcXljWE1FZ0JhU2drdWI3WG9RNksyNnRSUEowdzVRa3V1aDNNS3RHRVdmVzdFRUdtcG5DcWpPdjYvckFNSmlNV3loMUlnTGdOQlVQUDd6YVZQcERBdEM4OE9TSlFJREFRQUJvNEdzTUlHcE1CSUdBMVVkRXdFQi93UUlNQVlCQWY4Q0FRRXdId1lEVlIwakJCZ3dGb0FVNHViWDBwNkRWak45REt0T1dXTVlBcytIeGRRd0dBWURWUjBnQkJFd0R6QUZCZ05WSFNBd0JnWUVWUjBnQURBcEJnTlZIU1VFSWpBZ0JnZ3JCZ0VGQlFjREFnWUlLd1lCQlFVSEF3UUdDaXNHQVFRQmdqY0tBd3d3SFFZRFZSME9CQllFRkxNYVQwSkE2ZGg0bld2Ly9DU3dFTEUwUFBDSk1BNEdBMVVkRHdFQi93UUVBd0lCQmpBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVp2NUd1a3gwUEV2VlJFSXQ4TVRhUGZDSDRhd3lpaVl5aTE3aDZSNUxMazFyZXJ3UXNTU1NIZlZxZnRkd1JGMG9jTHAyUFhKaGUwNzVxVjQwNkMwNENqYW1OazNlejlaaU5IQ05qUHRmaWQ2b094cXoxWGs4WFBqTllFbGJBRm1QN2VLbC80NDF2WmhHdWsvUmhYR054UWJ0bzBRMTZnOElSY0dEdldnTmh0cnRCMUcyeFNtdEIxUzJ1VXBTYWlaVk5PcmtkelRoaUVKc2VVUkJvWHhVWElxcEx5UFRSbDZNTWdWYUxHUllSYzN2WWlqNEI3TTJoQk43L2NqbkdMc01WdGdiT3Y2Q1YyMWcyU1hvd2JnT3F6QnlINTFVVFI2T2JIaUdqMGtTQ0FMRzE0SVFQa3pRUGlTcGp1Kys5TTJqQWpQTTNvNDIxWk9VRE1QMjQ2Q3NxUFhyVEFiUFhKVlVSL2dpNHU1M2ttekMyMTBqdlZxOWhId2VseFFPVFBGaGxNNkUxQ2g0SmI0UFFSTEtEUEZsKzVOVzRGeTJKQURqeXVweVZIbmNkTEV1UHkwUGdDTDJZbzE0N0hTcFBqNHU3amMxUm1IVTdOTzEyRVYyWkNNZkZsUndkR3Y2aWY4cU83cy82bHBaSmpwUHRMRU9iQTV0RDRhaGMrYVBOQWk5V0NrMHBlUm0xS0U1VkdEV0tGTlNOQWlMSk56UDdtMlE2eThmT3kzOGNOZ0ZCaEdPRi9LZ0VJc1QxMFYrNUs1byt5bFZWdFBWZVJSRU5FdktPOUVMa3plMElIZ3NUQi82Y3dPaWo0cHhNOUp2YXVqMDZHZ2xoSWhpSUE2cTBpRFVxQjFNVVIwSHppWTlCc25XWTlrUjhod1YzT1crbnNtenRRd0dWRXcya2pVPSIsIk1JSUZqakNDQTNhZ0F3SUJBZ0lVRmo5LzNqR09SaHRJcFo5OE9MUnRSSHMwQVlzd0RRWUpLb1pJaHZjTkFRRUxCUUF3UVRFZE1Cc0dBMVVFQXd3VVpVbEVRVk5sVTBWQlRFOUpSRjlTYjI5MFJ6SXhFekFSQmdOVkJBb1RDbWxUU0VGU1JWUmxjM1F4Q3pBSkJnTlZCQVlUQWxoWU1CNFhEVEl6TURneU5UQTVNREEwTkZvWERUUTRNRGd5TlRBNU1EQXdOVm93UWpFZU1Cd0dBMVVFQXd3VlpVbEVRVk5sVTBWQlRFOUpSRjlUZFdKRFFVY3pNUk13RVFZRFZRUUtFd3BwVTBoQlVrVlVaWE4wTVFzd0NRWURWUVFHRXdKWVdEQ0NBaUl3RFFZSktvWklodmNOQVFFQkJRQURnZ0lQQURDQ0Fnb0NnZ0lCQUw3bnpreW9GWFdnMWdoZEc2Zm51enV2QWRNV3NtL0krbVgzRGJ6M0kvS3lxTGRXdDdYRzNPV1ZTbmhvc0FEMlcyU1hubEdYcXh5ZTBoUHRFZ2tRSWRlbDdGbkZvc1dXcnNFT3JhdGdYbG5NNE5XcFlES01XRVZZcm83aHpIZ0NaMTI2WlBRVUxsczUyTmN2cFJNOFMzZFprK1hLMWtmM1ZlUzBKMmhVU0ZFQVpITHlYQ1hraFRuVUk3cW8xdXIxVG1EV1lzTlF3eERHT3U3Q1F5WllkS0l3S3FJOWVHc1JMZ002UFFsZzN2WkNyb3BPb2RNN2xvVHVpckNsM1VLdzRIckdrMmNPaUFmNElkLy9lYVZDYWZ3a2pLc0pUUXVBYWh1Uno0cU1zSFlBM2tEUXorMCtoZ25SNzRyK2lMcis4bHIwNDRnbG5hV0lXdnJFR2NpUlIrUGVjdGZyTE9RUUlXN2hhMTNkeldvemtUMGFnblQxTGsvQ0dyZ05YVnFob3NHQzBydUFRUEk2RGNQTnkySU5NOUpndENtQnNTak1NMTg1RklCWDRDeTE3bTczaDlyS2pYWk14YjZUeFg3Q0laeWVzZ0FTMGJCUmI2eElwS3NacmxyakVhenNqQzJWSFJSV09NSldZcWNYTEQ1Wk56R01aVXI2VHQyeUNVQXRhbWVjREFUS042L0dic3hlMHRBQk4wcGswcng1aWMrNFRYZEJyb045T0FaY2hINHRKQ3NPQ0tvbkN6QXBQeFZUaEROTXhzb295RnE5RG1nWGh5RVVPT29lUytGcjRGZ0gralNBTm0vbDE3OEpoOWVwZlhROWdFLzZhcVB4WWpOU0JnUzYwUzFFVnFDcHh3MnJUMW1VWWVHZndpYlZtNTNpeEdwdFI4a3RlNzBuQWdNQkFBR2pmVEI3TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SHdZRFZSMGpCQmd3Rm9BVTJMdWJOUzFiUCsvaGE4dk1ETStpTHJwcGVvd3dHQVlEVlIwZ0JCRXdEekFGQmdOVkhTQXdCZ1lFVlIwZ0FEQWRCZ05WSFE0RUZnUVU0dWJYMHA2RFZqTjlES3RPV1dNWUFzK0h4ZFF3RGdZRFZSMFBBUUgvQkFRREFnRUdNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUNBUUI4anFZVXc3VHYrVzRaSDA2UHJhRjZ6ZmRDeFQwM0RoUkNodzRaL1FtMFhWUzJnUnlSd2NNcHRRRkVSaFBOT0EyMjF1OUxxb3paMWFLM0IzNXdrY0dEL2RGSmdKQ0pCOTZTTXR0UWwySHAvRWlRejlQRkYwMmRCU3J1WGhJYXJhUGJNK05JR2RteU4yWnl3R0dYSTFhVTdKRDNYRzI5U2gyQUFkT2t2OGRJNmdFZ3p0L0RIU0lJYmFrYmFMZEVJYzdXQjk1R1VIY0huTmo1OFR6VFN5VmZCbXRiM3ZCSzlKRzBJbzZOQVBXUVl4MlZQOCtmSXlsamEyZDEyOGhnaDBkc0RyWEZBTSs5QVg4aGFlNXZ2eFZpOFRXcy96MmluZytrK2ltbXRTTmZ6ektNaU83cjV3SkFreWp3dFVCbEJTdEtJQTZaZXIyMnBtU1RaWmV1Y0hkRVRoYWJjV1FpZFZabU1QM0lmNml4NVVleVg4VjZPQXcwZ3NJM0lVYjkxUTc2ZDRzTFdiem9HTk9OQVlGQzFJeXoweFdqNDdaZDZQN1oyR2ZoMVZpSWJNeFZpRkRsTm1iRVpmbHBFUzg3Sy95aEJVUS90bkNOR1FvU2R0c3V5dVdnM05mV2J5Sm9OWnpsVTk2Sld4Y3FTYVhrenNlOWo4d2FoYXlLTk02U1dLU1kxWjA1aDhKU2NPQ21GQjVGOFYzYmQ1blAvdUtqYTdIOE80R09BQVBNM090RytlcTM3eFcveE4wb0FzamJ2dDRvam5VYkpzMmtpQXhFZHdYeDBLN21jUGVTN3pXbVZ0OGg0UmRjRG0vUEdURGE5bThPcWhRdWNrODBRbnV4SVVXVnI3R1dhZGgxTHkvdGwwK2J2bWtjbk8yeWJSSitnYnFSRUhEVGUwc3hzdz09IiwiTUlJRmN6Q0NBMXVnQXdJQkFnSVVDdmZTdlFlcmpGRG1NMkx2bWpvVERPSW5MQXd3RFFZSktvWklodmNOQVFFTEJRQXdRVEVkTUJzR0ExVUVBd3dVWlVsRVFWTmxVMFZCVEU5SlJGOVNiMjkwUnpJeEV6QVJCZ05WQkFvVENtbFRTRUZTUlZSbGMzUXhDekFKQmdOVkJBWVRBbGhZTUI0WERUSXpNRGd5TlRBNU1EQXdObG9YRFRRNE1EZ3lOVEE1TURBd05Wb3dRVEVkTUJzR0ExVUVBd3dVWlVsRVFWTmxVMFZCVEU5SlJGOVNiMjkwUnpJeEV6QVJCZ05WQkFvVENtbFRTRUZTUlZSbGMzUXhDekFKQmdOVkJBWVRBbGhZTUlJQ0lqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FnOEFNSUlDQ2dLQ0FnRUF4Vk1LSTlSTWhuT1NBMkxvcmdFQzNZRE5kMml0bjcyTE9kZlJSVXU0NWZHNzBJZXYrRTRrUnJ6SjFrMjNXWEg1c0hUYmNzbHBFVGVBWm5qMC94S0JZZEVMdXdlNkhYOGtJd2QxczZXR2xaYzBsN2tpMWZtajRIcVNzdEdKL0JLR2oxYTcyMzZXd1BKRVdFSHFmeDlRTUVldUpLbFVTVkZGeUU0ak1zZllwODdpZklwdXdFOG9MT3c0eWtERE9QNTJUZDA2dkhDSVlycURCcnZ4RmRBdUVuRnhOeGxQWFJFNGdMc3lnZzYySE94T3VHbWhXZnN5NlRjY0lwNVhJT2RqMkN6ZW9YSjgybTUvaW1CUEp2a2VmbnJqRVFYemlTRTJtaTJJQkR0R1AvQXdGV0k3V3BzRXlEWFdJbU1TUjBUM0N1RG1rZVExNHBObWNxTXAvYnFYM2kxYWV0YWRGVFdzdWhsMG5IMmlScUtaREp4WmxTY3U5OXRvcTVHcmRjRlVjeEdSUXlsK3NGaFVoM1hjQldKVjdZMnduRkwydFk3dGh0UThaUG16VE84a1BLQ2JFbDVVNmdDU0lrcFJQTlpCUEc0ZFQwcXUrOEJkNzFQdTduQXkxaUI0VTZ5czM0Y0ZsT2xKcEdNMEZHcjM1TGVmYlBSOGJnejZNOVhOalJiZ01EUWNYRE1uZmlESjdFODFvVkJwQ1hOOXlkSGkxYmxoYWt1RUJhb2E5TS9rYXppcEdQbUF1eHJXQk1tcDJxMHd6UXA5R1MyZThrZUpJRHdKdXl6RUxhUlpDNHlqVnNWWlFNSy8vRCs0SjNib1U1ZHJDbW1tNkMxcndOUmZTWnVGR05jSVlEWmVIdGVHb0NGNEVBNWpjZ2RGYUlZckRlajZWQWFiNDJ2TjVMVUNBd0VBQWFOak1HRXdEd1lEVlIwVEFRSC9CQVV3QXdFQi96QWZCZ05WSFNNRUdEQVdnQlRZdTVzMUxWcy83K0ZyeTh3TXo2SXV1bWw2akRBZEJnTlZIUTRFRmdRVTJMdWJOUzFiUCsvaGE4dk1ETStpTHJwcGVvd3dEZ1lEVlIwUEFRSC9CQVFEQWdFR01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQ0FRQmJjSHlWMmI1bUd3SFd4Q1NiRHdyNVY3UGdTWklKYTFzY3JDbklIRDNaL3l4RzdYcDVjSWxCajRNeTRsUkhqWnRKVnZVZlRqRnBzRURFdi9QQXE3NE9Jb2xOL2tQZE1mVGN6RkJHcHZzWnIweDJ5VVBFSnpRc1RTTHgwZ3daK3d2b0tIV0UwQzdHcWdrQUJOckZXOEZMcVJ6TnFYc21NNW9JNGMzVjVzeXh3QllGRFVZNU1QV2RxSkVEZlJ2ampKUENYbUtPUDFsTytpK0UwN3ZzRnBEekhTMkZLQjVjNnNUSVprdnQrSC9DRzRoVnU2WnZjRlhYenYySksvRW9WWjZ3VWRDbHQ0cExnVFFaL1cwcVFDSjNHakZlL1BaNzRtY2tXMXgvems5ejBWUWpVcFRxejNBalBMSWpqNjBuTUxUTHA1MG9GY01ManVYc3MwdnY0dFVqQ1RwczJRZzluMEd3TGxEUjQyTnl3MlRLY01NQjZ5Y0VvTmlVRXUwbGdhMUpNMFNWU3NGUDdHU1UvVzlWcWF0Szd4cC9YVzkvR0R2Z3AzWi9wUE0wRTNpMXRxcC9uT1U0M1lvZjhXaTRKSjZ6T2dYQnpxUXhPNk1JTFpKNHFFZmVuQXRJN285NVR5NXlrOXZSYm9Vc3R5d3NmQzZDVnN1MDhOTC90dHc0T1NYT3Zia1ErN3pNeENZVDlZeVFENWwvbHRDM2JnZGovbEJaem5zQnVHWU5PQjE2d0ROY0dwdXVhZWtzZlFmQkRQSFQrdlI2Z1BWRlpweVZ3eS90ekg2TlRwVUdEam9IVnNDeFVqWTg3ME9NNEQySmNqOU9JcXFkbGtDb1dPNmk0VmVjN3NUenhpWDM5b05TcjFHN0NvYmMzc1lkaG54Zy92bGcxQmVDSjg3cDBBPT0iXX0.eyJpc3MiOiJkaWQ6aXNoYXJlOkVVLk5MLk5UUk5MLTEwMDAwMDA0Iiwic3ViIjoiZGlkOmlzaGFyZTpFVS5OTC5OVFJOTC0xMDAwMDAwNCIsImp0aSI6IjdmYTFlYzM5YmFjMzRmZmZhMmNhNDgyMDFlNDhmMDNhIiwiaWF0IjoxNzExNDY2OTg1LCJleHAiOjE3MTE0NjcwMTUsImF1ZCI6ImRpZDppc2hhcmU6RVUuTkwuTlRSTkwtMTAwMDAwMDEiLCJkZWxlZ2F0aW9uRXZpZGVuY2UiOnsibm90QmVmb3JlIjoxNTQxMDU4OTM5LCJub3RPbk9yQWZ0ZXIiOjIxNDc0ODM2NDcsInBvbGljeUlzc3VlciI6ImRpZDppc2hhcmU6RVUuTkwuTlRSTkwtMTAwMDAwMDUiLCJ0YXJnZXQiOnsiYWNjZXNzU3ViamVjdCI6ImRpZDppc2hhcmU6RVUuTkwuTlRSTkwtMTAwMDAwMDEifSwicG9saWN5U2V0cyI6W3sibWF4RGVsZWdhdGlvbkRlcHRoIjowLCJ0YXJnZXQiOnsiZW52aXJvbm1lbnQiOnsibGljZW5zZXMiOlsiSVNIQVJFLjAwMDEiXX19LCJwb2xpY2llcyI6W3sidGFyZ2V0Ijp7InJlc291cmNlIjp7InR5cGUiOiJHUzEuQ09OVEFJTkVSIiwiaWRlbnRpZmllcnMiOlsiMTgwNjIxLkFCQzEyMzQiXSwiYXR0cmlidXRlcyI6WyJHUzEuQ09OVEFJTkVSLkFUVFJJQlVURS5FVEEiXX0sImVudmlyb25tZW50Ijp7InNlcnZpY2VQcm92aWRlcnMiOlsiZGlkOmlzaGFyZTpFVS5OTC5OVFJOTC0xMDAwMDAwMyJdfSwiYWN0aW9ucyI6WyJJU0hBUkUuUkVBRCJdfSwicnVsZXMiOlt7ImVmZmVjdCI6IlBlcm1pdCJ9XX1dfV19fQ.dNiITX_uHj3CJagOm54W-_MD2PXIsh1snviAtuoRbc7a7nRkQXZShJJDpldpyQOugsqFFhgLedUXM5z8kST0-5a9BNaaxrW5KAZNqyXtDgudRgB8T2vrohcmgLin39pgvD1gydoHHIXolJxPHCOYdxAamMD-8umvTzCFogjdwFaB9RMVWUHMbDuAZGYup-lSewuIK2pkwKJZft5ZRWxfignBBt2mauB4wot5Z92VLPReNA8EH0R9C_GkykP6pRCu2Km7La3c116WNP0szN02l8P87rqVNwDsjLpzhpH1cs17shDvbis8DbKb3KsHnq_LALAG9nx4GOFrupxuAadhGw"
}
After decoding, the example content of the JWT looks like this:
{
"iss": "did:ishare:EU.NL.NTRNL-10000004",
"sub": "did:ishare:EU.NL.NTRNL-10000004",
"jti": "7fa1ec39bac34fffa2ca48201e48f03a",
"iat": 1711466985,
"exp": 1711467015,
"aud": "did:ishare:EU.NL.NTRNL-10000001",
"delegationEvidence": {
"notBefore": 1541058939,
"notOnOrAfter": 2147483647,
"policyIssuer": "did:ishare:EU.NL.NTRNL-10000005",
"target": {
"accessSubject": "did:ishare:EU.NL.NTRNL-10000001"
},
"policySets": [
{
"maxDelegationDepth": 0,
"target": {
"environment": {
"licenses": [
"https://licenses.ishare.eu/general-unrestricted/1.0"
]
}
},
"policies": [
{
"target": {
"resource": {
"type": "GS1.CONTAINER",
"identifiers": [
"180621.ABC1234"
],
"attributes": [
"GS1.CONTAINER.ATTRIBUTE.ETA"
]
},
"environment": {
"serviceProviders": [
"did:ishare:EU.NL.NTRNL-10000003"
]
},
"actions": [
"ISHARE.READ"
]
},
"rules": [
{
"effect": "Permit"
}
]
}
]
}
]
}
}
Last updated