iSHARE Developer Portal
Other resources
Version 2.2 (current version)
Version 2.2 (current version)
  • Welcome to the iSHARE Developer Portal
  • Introduction
    • Getting started
      • Test certificates
      • Test participants
      • OpenAPI Descriptions
      • Postman collections
    • Release info
    • Help & support
    • Specific technical standards
      • JSON Web Token (JWT)
      • OAuth 2.0
      • OpenID Connect 1.0
      • PKI
      • TLS
      • XACML 3.0
      • Caching
      • DID
      • UTC
      • X.509
      • HTTP response codes
    • UI Guidelines
    • Conformance test tool
  • Roles
    • Roles
  • All roles (common endpoints)
    • Access token (M2M)
    • Capabilities
  • Authorisation Registry Role
    • Getting started
    • Access token (M2M)
    • Capabilities
    • Delegation
    • Delegation Policy
  • Entitled Party
    • Getting started
  • Identity Provider
    • Getting started
    • Authorize
    • Login
    • Access token
    • User info
    • Capabilities
  • Participant Registry role
    • Getting started
    • Access token (M2M)
    • Capabilities
    • Parties [GET]
    • Parties [OPTIONS]
    • Parties [POST]
    • Parties (single party) [GET]
    • Parties (single party) [OPTIONS]
    • Parties (single party) [PUT]
    • Trusted list
    • Versions
    • Data Spaces
    • Create Entitled Party / Service Consumer
  • Service Consumer Role
    • Getting started
  • Service Provider Role
    • Getting started
      • Service
    • Access token (M2M)
    • Capabilities
    • Return
  • Reference
    • iSHARE JWT
      • Client Assertion
    • Authentication
    • Authorization
    • Authorisation rules
  • Licenses model
Powered by GitBook
LogoLogo

  • Cookie Policy

  • Privacy Policy

  • Imprint

  • Contact Us

Copyright © 2024 iSHARE Foundation

On this page
  • Role definition
  • Role identifiers
  1. Roles

Roles

This page must be considered part of the iSHARE Framework

This page is considered normative and is therefore compliant with RFC 2119.

One of the iSHARE Trust Framework's core features is its description of functional roles. These roles represent the different ways organisations can interact with each other. To assure federation of all aspects, and no single points of ‘failure’ or ‘power’ in the structure, all roles are defined and can be executed by multiple parties.

Role definition

The principle of a role is that its execution can be done by the same legal entity, but the interface specification assures that always level playing field / federation is possible. The Trust Framework introduces two core role types: "Adhering Parties" and "Certified Parties”

"Adhering parties" directly engage with data and include:

  • Entitled party: Organisations with rights to access specific services or data.

  • Service Provider: Organisations offering services for consumption.

  • Service Consumer: Organisations using services provided by service providers.

"Certified Parties" are certified to facilitate trusted exchanges between Adhering Parties. They encompass these specific roles:

  • Participant Registry (former name: iSHARE Satellite): Organisations responsible for onboarding participants and trust assurance.

  • Authorisation Registry: Organisations providing Authorisation registry services.

  • Identity Provider: Organisations offering identification services for humans.

  • Identity Broker: Organisations serving as intermediaries between Service Providers and Identity Providers.

Role identifiers

In certain situations, a role identifier is used to identify the role(s) of a participant. For this purpose, the Trust Framework specifies the following identifiers:

Role identifier
Role

ServiceConsumer

Service Consumer

ServiceProvider

Service Provider

EntitledParty

Entitled Party

AuthorisationRegistry

Authorisation Registry

IdentityProvider

Identity Provider

IdentityBroker

Identity Broker

ParticipantRegistry (former identifier iShareSatellite)

Participant Registry (former name iSHARE Satellite)

PreviousConformance test toolNextAccess token (M2M)

Last updated 3 months ago