Get trusted CA List

Every iSHARE request must be signed with a certificate issued by a Certificate Authority (CA) on the iSHARE trusted list. Participants can retrieve this list via the /trusted_list endpoint. The trusted list consists of CAs of qualified Trust Service Providers (currently eIDAS issuers). The receiver of a signed request is responsible for verifying that the signer’s certificate chains to a CA from this list.

Steps to Follow

1.1 Create client assertion The Service Provider creates a signed JWT client assertion to authenticate with the Participant Registry’s token endpoint.

1.2 Request access token (GET/POST /connect/token) The Service Provider sends the client assertion to the Participant Registry’s OAuth token endpoint to obtain an access token.

1.3 Receive access token (200 OK) The Participant Registry returns an access token (JWT).

1.4 Request trusted list (GET /trusted_list) The Service Provider calls the Participant Registry’s /trusted_list endpoint with the bearer token.

1.5 Receive trusted CAs (200 OK) The Participant Registry returns the trusted CA list (typically in an iSHARE-signed JWT).

Get a list of trusted CA's from the /trusted_list capabilities endpoint
PreviousAuthenticationNextAuthorisation

Last updated