iSHARE Developer Portal
Other resources
Version 2.1 (current version)
Version 2.1 (current version)
  • Welcome to the iSHARE Developer Portal
  • Introduction
    • Getting started
      • Test certificates
      • Test participants
      • Postman collections
    • Release info
    • Help & support
    • Specific technical standards
      • JSON Web Token (JWT)
      • OAuth 2.0
      • OpenID Connect 1.0
      • PKI
      • TLS
      • XACML 3.0
      • Caching
      • DID
      • UTC
      • X.509
      • HTTP response codes
    • UI Guidelines
    • Conformance test tool
  • Roles
    • Roles
  • All roles (common endpoints)
    • Access token (M2M)
    • Capabilities
  • Authorisation Registry Role
    • Getting started
    • Access token (M2M)
    • Capabilities
    • Delegation
    • Delegation Policy
  • Entitled Party
    • Getting started
  • Identity Provider
    • Getting started
    • Authorize
    • Login
    • Access token
    • User info
    • Capabilities
  • Participant Registry role
    • Getting started
    • Access token (M2M)
    • Capabilities
    • Parties
    • Parties (single party)
    • Trusted list
    • Versions
    • Data Spaces
    • Create Entitled Party / Service Consumer
  • Service Consumer Role
    • Getting started
  • Service Provider Role
    • Getting started
      • Service
    • Access token (M2M)
    • Capabilities
    • Return
  • Reference
    • iSHARE JWT
      • Client Assertion
    • Authentication
    • Authorization
    • Authorisation rules
Powered by GitBook
LogoLogo

  • Cookie Policy

  • Privacy Policy

  • Imprint

  • Contact Us

Copyright © 2024 iSHARE Foundation

On this page
  1. Introduction

Specific technical standards

PreviousHelp & supportNextJSON Web Token (JWT)

Last updated 2 months ago

Specific implementations of OAuth 2.0 and OpenID Connect 1.0 are used to facilitate an ecosystem in which parties can interact with previously unknown parties. Pre-registration, therefore, is not a prerequisite and this requires alterations to the official standards. Also, for the authentication of parties within an iSHARE (data spaces/network) context, it uses PKI and digital certificates relating to all participating parties.

Technical standards used in iSHARE and configuration aspects

The iSHARE Trust Framework also prescribes various general interface specifications described in the corresponding topic pages. More information on the technical standards can be found in the

Technical standard
Character
Description

Architectural principle

For interoperability on a European scale, all trusted roots under the eIDAS regulation will be trusted within data spaces/iSHARE network.

Open standard for authentication

The OAuth 2.0 subpage describes the generic Authentication flow.

Open standard for authentication of humans

Functions as an additional layer on top of the OAuth 2.0 protocol.

Communication protocol

An overview of relevant iSHARE HTTP response codes can be found here.

Cryptographic protocol

Within data spaces/iSHARE network, TLS 1.2 MUST be used for securing all HTTP communications.

Open standard for definition of access tokens

A JSON Web Token (JWT) is used in data spaces/ iSHARE network when non-repudiation between parties is required.

Access control policy language

Within data spaces/ iSHARE network, a JSON port of XACML 3.0 is used to enable parties to communicate delegation evidence.

Temporary data storage

In iSHARE, caching is used to optimise API interactions by reducing latency and load on services while ensuring data consistency and security.

Identifier

A Decentralised Identifier (DID) is assigned to legal entities during onboarding in compliance with the iSHARE framework using the did:ishare method.

Time Format

All dates and times in iSHARE must be communicated in UTC and formatted as Unix timestamps.

Cryptographic protocol

In iSHARE, X.509 certificates are used for secure identity verification, authentication, and encryption

PKI
OAuth 2.0
OpenID Connect 1.0
HTTP(S)
TLS
JSON Web Token (JWT)
XACML 3.0
Caching
DID
UTC
X.509
Knowledge Base.