openapi: "3.1.0" info: title: BDI Associatie Register API version: "0.1.0" description: Generated OpenAPI specification for asr. See the BDI reference implementation for wire-format details. servers: - url: "http://localhost:8080" description: local-dev tags: - name: bdi description: BDI core operations paths: /admin/members: post: operationId: startOnboarding summary: Create a draft member tags: - bdi - members requestBody: required: true content: application/json: schema: type: object required: - euid - association_id - legal_name properties: euid: $ref: "#/components/schemas/Euid" association_id: $ref: "#/components/schemas/AssociationId" legal_name: type: string vat_number: type: string lei: type: string responses: 201: description: Created 400: description: Bad input content: application/json: schema: $ref: "#/components/schemas/ErrorResponse" 409: description: Duplicate /admin/members/{id}/run-verifications: post: operationId: runVerifications summary: Run authoritative-register verifications tags: - bdi - members parameters: - name: id in: path required: true schema: type: string responses: 202: description: Accepted /admin/members/{id}/approve: post: operationId: approveMember summary: Record a 4-eyes approval tags: - bdi - members parameters: - name: id in: path required: true schema: type: string requestBody: required: true content: application/json: schema: type: object required: - approver properties: approver: type: string responses: 200: description: Approved /oauth2/token: post: operationId: issueToken summary: OAuth 2.0 client_credentials + token-exchange tags: - bdi - oauth requestBody: required: true content: application/x-www-form-urlencoded: schema: type: object properties: grant_type: type: string client_id: type: string client_assertion_type: type: string client_assertion: type: string audience: type: string scope: type: string responses: 200: description: BVAD issued content: application/json: schema: type: object required: - access_token - token_type - expires_in properties: access_token: type: string token_type: type: string enum: - Bearer expires_in: type: integer 401: description: Invalid client or assertion /.well-known/jwks.json: get: operationId: jwks summary: Published signing keys tags: - bdi responses: 200: description: JWKS content: application/json: schema: type: object /.well-known/bdi/trustlist/{association}: get: operationId: trustlist summary: Signed association trustlist tags: - bdi parameters: - name: association in: path required: true schema: $ref: "#/components/schemas/AssociationId" responses: 200: description: Trustlist JWS /.well-known/bdi/members/{euid}: get: operationId: memberDescriptor summary: Signed member descriptor tags: - bdi parameters: - name: euid in: path required: true schema: $ref: "#/components/schemas/Euid" responses: 200: description: Member descriptor JWS /acme/directory: get: operationId: acmeDirectory summary: ACME v2 directory (RFC 8555) tags: - bdi - acme responses: 200: description: Directory document content: application/json: schema: type: object /metrics: get: operationId: metrics summary: Prometheus exposition tags: - ops responses: 200: description: text/plain components: schemas: Euid: type: string pattern: "^[A-Z]{2}\\.[A-Z]+\\.[A-Z0-9-]+$" description: EUID — country.register.localId AssociationId: type: string pattern: "^[a-z][a-z0-9_-]{1,31}$" ConnectorId: type: string pattern: "^urn:bdi:connector:[0-9a-f-]{36}$" ChainContextId: type: string pattern: "^[0-9a-f-]{36}$" Assurance: type: string enum: - substantial - high MemberStatus: type: string enum: - draft - verified - activated - suspended - revoked ErrorResponse: type: object required: - error properties: error: type: string detail: type: string securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT oauth2: type: oauth2 flows: clientCredentials: tokenUrl: /oauth2/token scopes: {}