{ "openapi": "3.1.0", "info": { "title": "BDI Associatie Register API", "version": "0.1.0", "description": "Generated OpenAPI specification for asr. See the BDI reference implementation for wire-format details." }, "servers": [ { "url": "http://localhost:8080", "description": "local-dev" } ], "tags": [ { "name": "bdi", "description": "BDI core operations" } ], "paths": { "/admin/members": { "post": { "operationId": "startOnboarding", "summary": "Create a draft member", "tags": [ "bdi", "members" ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "required": [ "euid", "association_id", "legal_name" ], "properties": { "euid": { "$ref": "#/components/schemas/Euid" }, "association_id": { "$ref": "#/components/schemas/AssociationId" }, "legal_name": { "type": "string" }, "vat_number": { "type": "string" }, "lei": { "type": "string" } } } } } }, "responses": { "201": { "description": "Created" }, "400": { "description": "Bad input", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorResponse" } } } }, "409": { "description": "Duplicate" } } } }, "/admin/members/{id}/run-verifications": { "post": { "operationId": "runVerifications", "summary": "Run authoritative-register verifications", "tags": [ "bdi", "members" ], "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" } } ], "responses": { "202": { "description": "Accepted" } } } }, "/admin/members/{id}/approve": { "post": { "operationId": "approveMember", "summary": "Record a 4-eyes approval", "tags": [ "bdi", "members" ], "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" } } ], "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "required": [ "approver" ], "properties": { "approver": { "type": "string" } } } } } }, "responses": { "200": { "description": "Approved" } } } }, "/oauth2/token": { "post": { "operationId": "issueToken", "summary": "OAuth 2.0 client_credentials + token-exchange", "tags": [ "bdi", "oauth" ], "requestBody": { "required": true, "content": { "application/x-www-form-urlencoded": { "schema": { "type": "object", "properties": { "grant_type": { "type": "string" }, "client_id": { "type": "string" }, "client_assertion_type": { "type": "string" }, "client_assertion": { "type": "string" }, "audience": { "type": "string" }, "scope": { "type": "string" } } } } } }, "responses": { "200": { "description": "BVAD issued", "content": { "application/json": { "schema": { "type": "object", "required": [ "access_token", "token_type", "expires_in" ], "properties": { "access_token": { "type": "string" }, "token_type": { "type": "string", "enum": [ "Bearer" ] }, "expires_in": { "type": "integer" } } } } } }, "401": { "description": "Invalid client or assertion" } } } }, "/.well-known/jwks.json": { "get": { "operationId": "jwks", "summary": "Published signing keys", "tags": [ "bdi" ], "responses": { "200": { "description": "JWKS", "content": { "application/json": { "schema": { "type": "object" } } } } } } }, "/.well-known/bdi/trustlist/{association}": { "get": { "operationId": "trustlist", "summary": "Signed association trustlist", "tags": [ "bdi" ], "parameters": [ { "name": "association", "in": "path", "required": true, "schema": { "$ref": "#/components/schemas/AssociationId" } } ], "responses": { "200": { "description": "Trustlist JWS" } } } }, "/.well-known/bdi/members/{euid}": { "get": { "operationId": "memberDescriptor", "summary": "Signed member descriptor", "tags": [ "bdi" ], "parameters": [ { "name": "euid", "in": "path", "required": true, "schema": { "$ref": "#/components/schemas/Euid" } } ], "responses": { "200": { "description": "Member descriptor JWS" } } } }, "/acme/directory": { "get": { "operationId": "acmeDirectory", "summary": "ACME v2 directory (RFC 8555)", "tags": [ "bdi", "acme" ], "responses": { "200": { "description": "Directory document", "content": { "application/json": { "schema": { "type": "object" } } } } } } }, "/metrics": { "get": { "operationId": "metrics", "summary": "Prometheus exposition", "tags": [ "ops" ], "responses": { "200": { "description": "text/plain" } } } } }, "components": { "schemas": { "Euid": { "type": "string", "pattern": "^[A-Z]{2}\\.[A-Z]+\\.[A-Z0-9-]+$", "description": "EUID — country.register.localId" }, "AssociationId": { "type": "string", "pattern": "^[a-z][a-z0-9_-]{1,31}$" }, "ConnectorId": { "type": "string", "pattern": "^urn:bdi:connector:[0-9a-f-]{36}$" }, "ChainContextId": { "type": "string", "pattern": "^[0-9a-f-]{36}$" }, "Assurance": { "type": "string", "enum": [ "substantial", "high" ] }, "MemberStatus": { "type": "string", "enum": [ "draft", "verified", "activated", "suspended", "revoked" ] }, "ErrorResponse": { "type": "object", "required": [ "error" ], "properties": { "error": { "type": "string" }, "detail": { "type": "string" } } } }, "securitySchemes": { "bearerAuth": { "type": "http", "scheme": "bearer", "bearerFormat": "JWT" }, "oauth2": { "type": "oauth2", "flows": { "clientCredentials": { "tokenUrl": "/oauth2/token", "scopes": {} } } } } } }