16.5. Specifica OpenAPI del Credential Issuer PDND

Di seguito è riportata la specifica Open API completa per i servizi elettronici del Credential Issuer PDND:

  1openapi: 3.0.1
  2info:
  3  title: IT Wallet API - Issuer web services
  4  version: 0.1.0
  5servers:
  6  - url: https://issuer.example.it
  7    description: Credential Issuer API
  8paths:
  9  /v0.9.0/notifyWalletRevocation:
 10    post:
 11      tags:
 12        - e-services PDND
 13      summary: >-
 14        Notify Wallet Instance Revocation
 15      description: >-
 16        This service revokes all digital credentials associated with a specific
 17        user
 18      operationId: notifyWalletRevocation
 19      parameters:
 20        - name: Authorization
 21          in: header
 22          description: >-
 23            JWT token obtained from <a target="blank"
 24            href="https://italia.github.io/eid-wallet-it-docs/v1.0.0/en/e-service-pdnd.html#voucher-issuance">PDND
 25            Interoperabilità</a>. Based on the implementation choices, it can be either Bearer or DPoP.<br/><br/><a target="blank"
 26            href="https://jwt.io/#debugger-io?token=eyJhbGciOiJFUzI1NiIsImtpZCI6ImI4MzlmNGM3LTFlNWQtNGE4YS05ZmM2LTcyZDNiN2YwOTFlYyIsInR5cCI6ImF0K2p3dCJ9.eyJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwibmJmIjoxNzM2ODQ2Njg4LCJwdXJwb3NlSWQiOiI1NzBhNDE1ZS0wZTdmLTQxMGQtODVlZC1jNTVlYTU1Mzc5MzIiLCJpc3MiOiJ1YXQuaW50ZXJvcC5wYWdvcGEuaXQiLCJleHAiOjE3MzY4NDY5MjgsImlhdCI6MTczNjg0NjY4OCwiY2xpZW50X2lkIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwianRpIjoiOGI5NzFiNDMtZTk5MC00NGZhLTkwMTMtMWIzNTNiZmM1YTBmIiwiZGlnZXN0Ijp7ImFsZyI6IlNIQTI1NiIsInZhbHVlIjoiMzM2YjYyY2FlZTc0YWFjMzUyOTM1MmJiM2I1ODM5NWFhYzU4MGRjNzYyMDE0Mzc3ZTRmNjdlODY5YWUzNzM4OSJ9LCJjbmYiOnsiamt0IjoiZjgyMTc2MDY2ZWIzOGZkMzM4MGQyZDNkMzRkZWI1ODkwZTY4NWVlOGU5ZTE1YTdlYjg0ODcyYTZmYWMzNDA2MyJ9fQ.y42yfMeW2H9h0b0j0BODUml8yF20stY9q3BwoVU5BB90afBj852Q0QlInncdhjXhUjLS1V76cGBxkutDNvxRNA">EXAMPLE
 27            ON JWT.IO</a>
 28          required: true
 29          schema:
 30            type: string
 31            format: Signed JWT
 32            example: >-
 33              DPoP
 34              eyJhbGciOiJFUzI1NiIsImtpZCI6ImI4MzlmNGM3LTFlNWQtNGE4YS05ZmM2LTcyZDNiN2YwOTFlYyIsInR5cCI6ImF0K2p3dCJ9.eyJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwibmJmIjoxNzM2ODQ2Njg4LCJwdXJwb3NlSWQiOiI1NzBhNDE1ZS0wZTdmLTQxMGQtODVlZC1jNTVlYTU1Mzc5MzIiLCJpc3MiOiJ1YXQuaW50ZXJvcC5wYWdvcGEuaXQiLCJleHAiOjE3MzY4NDY5MjgsImlhdCI6MTczNjg0NjY4OCwiY2xpZW50X2lkIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwianRpIjoiOGI5NzFiNDMtZTk5MC00NGZhLTkwMTMtMWIzNTNiZmM1YTBmIiwiZGlnZXN0Ijp7ImFsZyI6IlNIQTI1NiIsInZhbHVlIjoiMzM2YjYyY2FlZTc0YWFjMzUyOTM1MmJiM2I1ODM5NWFhYzU4MGRjNzYyMDE0Mzc3ZTRmNjdlODY5YWUzNzM4OSJ9LCJjbmYiOnsiamt0IjoiZjgyMTc2MDY2ZWIzOGZkMzM4MGQyZDNkMzRkZWI1ODkwZTY4NWVlOGU5ZTE1YTdlYjg0ODcyYTZmYWMzNDA2MyJ9fQ.y42yfMeW2H9h0b0j0BODUml8yF20stY9q3BwoVU5BB90afBj852Q0QlInncdhjXhUjLS1V76cGBxkutDNvxRNA
 35        - name: DPoP
 36          in: header
 37          description: >-
 38            DPoP proof JWT, to comply with the REST_JWS_2021_POP security
 39            pattern using the POP_DPoP implementation. See also <a target="blank"
 40            href="https://datatracker.ietf.org/doc/html/rfc9449.html">RFC
 41            9449</a>.<br/><br/>
 42
 43            <a target="blank" href="https://jwt.io/#debugger-io?token=eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IkVTMjU2IiwiandrIjp7Imt0eSI6IkVDIiwia2V5X29wcyI6WyJzaWduIl0sImtpZCI6ImRGVTNNRDI4REpfamZzZmloUHZpMm8tQ3RqTEVVejNwT0lWMEJkTk1mZjgiLCJjcnYiOiJQLTI1NiIsIngiOiJodXlYSVFOdjkwMm9Mc3BYNF96b25DOTRHNnlFbG42bHNkbS0xd003MzJvIiwieSI6Ikk5UERFYXdXSHFhRkRHeDFaa05rLTJQVjZXZHBjYUgzQWZPYkJTTGloZ3cifX0.eyJqdGkiOiItQndDM0VTYzZhY2MybFRjIiwiaHRtIjoiUE9TVCIsImF0aCI6ImNiZGJmNmZlZWY0ODA2MjI4ZGJmNDY0Yjc1MGE5NGMyOGQ4ZTUzMDFhNzE1ZmZjM2U2Y2QyZjk0YjZlOGUxNTQiLCJodHUiOiJodHRwczovL3NlcnZlci5leGFtcGxlLmNvbS90b2tlbiIsImlhdCI6MTc2MjI2MjYxNn0.uL017GdfXzJ-9jhs6AUpwtkWLgyBgDWOtlrFvMltLp0C0NFwwMpOGnv-FxxwfYdJj--cteyCjGnmJZhekEKIEA">EXAMPLE
 44            ON JWT.IO</a>
 45          required: false
 46          schema:
 47            type: string
 48            format: JWT
 49            example: >-
 50              eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IkVTMjU2IiwiandrIjp7Imt0eSI6IkVDIiwia2V5X29wcyI6WyJzaWduIl0sImtpZCI6ImRGVTNNRDI4REpfamZzZmloUHZpMm8tQ3RqTEVVejNwT0lWMEJkTk1mZjgiLCJjcnYiOiJQLTI1NiIsIngiOiJodXlYSVFOdjkwMm9Mc3BYNF96b25DOTRHNnlFbG42bHNkbS0xd003MzJvIiwieSI6Ikk5UERFYXdXSHFhRkRHeDFaa05rLTJQVjZXZHBjYUgzQWZPYkJTTGloZ3cifX0.eyJqdGkiOiItQndDM0VTYzZhY2MybFRjIiwiaHRtIjoiUE9TVCIsImF0aCI6ImNiZGJmNmZlZWY0ODA2MjI4ZGJmNDY0Yjc1MGE5NGMyOGQ4ZTUzMDFhNzE1ZmZjM2U2Y2QyZjk0YjZlOGUxNTQiLCJodHUiOiJodHRwczovL3NlcnZlci5leGFtcGxlLmNvbS90b2tlbiIsImlhdCI6MTc2MjI2MjYxNn0.uL017GdfXzJ-9jhs6AUpwtkWLgyBgDWOtlrFvMltLp0C0NFwwMpOGnv-FxxwfYdJj--cteyCjGnmJZhekEKIEA
 51        - name: Agid-JWT-Signature
 52          in: header
 53          description: >-
 54            JWT containing the signature of the message headers whose integrity
 55            needs to be guaranteed, to comply with the INTEGRITY_REST_02
 56            security pattern. <a target="blank"
 57            href="https://italia.github.io/eid-wallet-it-docs/v1.0.0/en/e-service-pdnd.html">e-Service PDND</a>. <br/><br/>
 58
 59            <a target="blank" href="https://jwt.io/#debugger-io?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImY3YjI1NDhjYTZjYjM4NzY2YTU5NTFiYiJ9.eyJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwibmJmIjoxNzM2ODQ2Njg4LCJwdXJwb3NlSWQiOiI1NzBhNDE1ZS0wZTdmLTQxMGQtODVlZC1jNTVlYTU1Mzc5MzIiLCJpc3MiOiIzMTY3MDA5Mi1lZWMwLTRmOTUtODhkYS1lMWM3Y2U1ZTQ1MDUiLCJleHAiOjE3MzY4NDY5MjgsImlhdCI6MTczNjg0NjY4OCwiY2xpZW50X2lkIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwianRpIjoiOGI5NzFiNDMtZTk5MC00NGZhLTkwMTMtMWIzNTNiZmM1YTBkIiwic2lnbmVkX2hlYWRlcnMiOnsiZGlnZXN0IjoiU0hBLTI1Nj05ZGRkYTA4NmEzYjkwMjc1MDhhOTcxZjE2ZTBjNDRhYTJjOWQ4ZDkxMzM0ZjJkNGFlZGQxY2Q2YTBhMmFkM2E4IiwiY29udGVudC10eXBlIjoiYXBwbGljYXRpb24vanNvbiJ9fQ.0zncFKgLgIAhcX7aTIjC44NWYBiQKM4ZmdHfBqZ0O-W38NkBanT1tz9Z7Z0OBqQqDNsehJQa4IKNzbTjAhoccA">EXAMPLE
 60            ON JWT.IO</a>
 61          required: true
 62          schema:
 63            type: string
 64            format: JWT
 65            example: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImY3YjI1NDhjYTZjYjM4NzY2YTU5NTFiYiJ9.eyJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwibmJmIjoxNzM2ODQ2Njg4LCJwdXJwb3NlSWQiOiI1NzBhNDE1ZS0wZTdmLTQxMGQtODVlZC1jNTVlYTU1Mzc5MzIiLCJpc3MiOiIzMTY3MDA5Mi1lZWMwLTRmOTUtODhkYS1lMWM3Y2U1ZTQ1MDUiLCJleHAiOjE3MzY4NDY5MjgsImlhdCI6MTczNjg0NjY4OCwiY2xpZW50X2lkIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwianRpIjoiOGI5NzFiNDMtZTk5MC00NGZhLTkwMTMtMWIzNTNiZmM1YTBkIiwic2lnbmVkX2hlYWRlcnMiOnsiZGlnZXN0IjoiU0hBLTI1Nj05ZGRkYTA4NmEzYjkwMjc1MDhhOTcxZjE2ZTBjNDRhYTJjOWQ4ZDkxMzM0ZjJkNGFlZGQxY2Q2YTBhMmFkM2E4IiwiY29udGVudC10eXBlIjoiYXBwbGljYXRpb24vanNvbiJ9fQ.0zncFKgLgIAhcX7aTIjC44NWYBiQKM4ZmdHfBqZ0O-W38NkBanT1tz9Z7Z0OBqQqDNsehJQa4IKNzbTjAhoccA
 66        - name: Digest
 67          in: header
 68          description: >-
 69            Digest of the message payload, to comply with the INTEGRITY_REST_02
 70            security pattern. According to <a target="blank" href="https://www.rfc-editor.org/rfc/rfc3230.html#section-4.2">RFC
 71            3230 §4.2</a>, the format MUST be the following: digest-algorithm=encoded
 72            digest output.
 73          required: true
 74          schema:
 75            type: string
 76            example: SHA-256=9ddda086a3b9027508a971f16e0c44aa2c9d8d91334f2d4aedd1cd6a0a2ad3a8
 77        - name: Agid-JWT-TrackingEvidence
 78          in: header
 79          description: >-
 80             If the Voucher type is Bearer, this header represents a JWT acting as a proof of possession, to comply with the REST_JWS_2021_POP security
 81             pattern using the POP_TPoP implementation. Otherwise, it is a JWT containing the data tracked in the Consumer's domain, to comply with AUDIT_REST_02 (see <a target="blank"
 82             href="https://italia.github.io/eid-wallet-it-docs/v1.0.0/en/e-service-pdnd.html">e-Service PDND</a>). <br/><br/>
 83             <a target="blank" href="https://jwt.io/#debugger-io?token=eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ0YzNiMmExLTk4NzYtNTQzMi0xMGZlLWRjYmE5ODc2NTQzMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI4MjkxNGIzZi02MGIyLTQ1MjktYjRkNi0zZDRlNjdmMGE5MzMiLCJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0IiwiZXhwIjoxNzMzMDUyNjAwLCJuYmYiOjE3MzMwMzY0NTAsImlhdCI6MTczMzAzNjQwMCwianRpIjoiYTRiNWM2ZDctZThmOS1hYmNkLWVmMTItMzQ1Njc4OTAxMjM0IiwiZG5vbmNlIjo2NTI4NDI0MjEzNjg1LCJwdXJwb3NlSWQiOiJiMmMzZDRlNS1mNmc3LWg4aTktajBrMS1sbW5vMTIzNDU2NzgiLCJ1c2VySUQiOiJhOGI3YzZkNS1lNGYzLWcyaDEtaTlqMC1rbG1ub3BxcnN0dXYiLCJsb2EiOiJzdWJzdGFudGlhbCJ9.y42yfMeW2H9h0b0j0BODUml8yF20stY9q3BwoVU5BB90afBj852Q0QlInncdhjXhUjLS1V76cGBxkutDNvxRNA">EXAMPLE ON JWT.IO</a>
 84          required: false
 85          schema:
 86            type: string
 87            format: JWT
 88            example: eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ0YzNiMmExLTk4NzYtNTQzMi0xMGZlLWRjYmE5ODc2NTQzMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI4MjkxNGIzZi02MGIyLTQ1MjktYjRkNi0zZDRlNjdmMGE5MzMiLCJhdWQiOiJodHRwczovL2F1dGhlbnRpYy1zb3VyY2UuZXhhbXBsZS5pdCIsImV4cCI6MTczMzA1MjYwMCwibmJmIjoxNzMzMDM2NDUwLCJpYXQiOjE3MzMwMzY0MDAsImp0aSI6ImE0YjVjNmQ3LWU4ZjktYWJjZC1lZjEyLTM0NTY3ODkwMTIzNCIsImRub25jZSI6NjUyODQyNDIxMzY4NSwicHVycG9zZUlkIjoiYjJjM2Q0ZTUtZjZnNy1oOGk5LWowazEtbG1ubzEyMzQ1Njc4IiwidXNlcklEIjoiYThiN2M2ZDUtZTRmMy1nMmgxLWk5ajAta2xtbm9wcXJzdHV2IiwibG9hIjoic3Vic3RhbnRpYWwifQ.y42yfMeW2H9h0b0j0BODUml8yF20stY9q3BwoVU5BB90afBj852Q0QlInncdhjXhUjLS1V76cGBxkutDNvxRNA
 89      requestBody:
 90        content:
 91          application/json:
 92            schema:
 93              $ref: "#/components/schemas/RevokeAllCredentials"
 94        required: true
 95      responses:
 96        "200":
 97          description: 200 OK
 98          content:
 99            application/jwt:
100              schema:
101                $ref: "#/components/schemas/e-Service_Response"
102              example: "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImE4ZDEzYzQ1ZWYyZTI4MzBmN2M0NGJkNDk0MWNjYSJ9.eyJpc3MiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0LzEuMC4wL3YxL25vdGlmeVdhbGxldFJldm9jYXRpb24iLCJuYmYiOjE3MzY4NDY2ODgsImV4cCI6MTczNjg0NjkyOCwiaWF0IjoxNzM2ODQ2Njg4LCJhdWQiOiIzMTY3MDA5Mi1lZWMwLTRmOTUtODhkYS1lMWM3Y2U1ZTQ1MDUiLCJqdGkiOiJjOGJkOGEyZi1lOTkwLTQ0ZmEtOTAxMy0xYjM1M2JmYzVhMGQiLCJyZXN1bHRfY29kZSI6InJlcXVlc3RfYWNjZXB0ZWQiLCJyZXN1bHRfZGVzY3JpcHRpb24iOiJUaGUgc2VydmljZSBjb3JyZWN0bHkgcmVjZWl2ZWQgdGhlIHJlcXVlc3QifQ.ExthZCx8LHMlTTtBm9qA8Y3FhlKvTl-_sWXq35e_vTRMmKukrLhBhNa-C1xfli8g_JBixYhsBzUWhE0ING_kIQ"
103        "400":
104          description: Bad Request
105          content:
106            application/json:
107              schema:
108                oneOf:
109                  - type: object
110                    properties:
111                      error:
112                        type: string
113                        description: invalid_request
114                      error_description:
115                        type: string
116                        description: >-
117                          The request cannot be fulfilled because it is missing
118                          required parameters, contains invalid parameters, or
119                          is otherwise malformed.
120                    required:
121                      - error
122                  - type: object
123                    properties:
124                      error:
125                        type: string
126                        description: invalid_dpop_proof
127                      error_description:
128                        type: string
129                        description: >-
130                          The request cannot be fulfilled because it contains an
131                          invalid dpop proof.
132                    required:
133                      - error
134              examples:
135                invalid request:
136                  value:
137                    error: invalid_request
138                    error_description: >-
139                      The request cannot be fulfilled because it is missing
140                      required parameters, contains invalid parameters, or is
141                      otherwise malformed
142                invalid dpop proof:
143                  value:
144                    error: invalid_dpop_proof
145                    error_description: >-
146                      The request cannot be fulfilled because it contains an
147                      invalid dpop proof
148        "401":
149          description: Unauthorized
150          headers:
151            WWW-Authenticate:
152              description: The request cannot be fulfilled because the Voucher is expired, revoked or otherwise malformed. See <a target="blank" href="https://datatracker.ietf.org/doc/html/rfc6750.html#section-3">RFC6750</a> and <a target="blank" href="https://datatracker.ietf.org/doc/html/rfc9449.html#section-7.1-11">RFC9449</a> for details.
153              schema:
154                type: string
155        "404":
156          description: Credentials not found
157          content:
158            application/json:
159              schema:
160                type: object
161                properties:
162                  error:
163                    type: string
164                    description: The error code
165                    example: not_found
166                  error_description:
167                    type: string
168                    description: >-
169                      Text in human-readable form providing further details to
170                      clarify the nature of the error encountered
171                    example: >-
172                      The issuer cannot fulfill the request because the
173                      credentials were not found
174                required:
175                  - error
176        "500":
177          description: Internal Server Error
178          content:
179            application/json:
180              schema:
181                type: object
182                properties:
183                  error:
184                    type: string
185                    description: server_error
186                  error_description:
187                    type: string
188                    description: >-
189                      The request cannot be fulfilled because the e-Service Endpoint encountered an internal problem.
190                required:
191                  - error
192              example:
193                error: invalid_request
194                error_description: >-
195                  The request cannot be fulfilled because the e-Service Endpoint encountered an internal problem.
196        "503":
197          description: Service Unavailable
198          content:
199            application/json:
200              schema:
201                type: object
202                properties:
203                  error:
204                    type: string
205                    description: The error code
206                  error_description:
207                    type: string
208                    description: >-
209                      Text in human-readable form providing further details to
210                      clarify the nature of the error encountered
211                required:
212                  - error
213              example:
214                error: "temporarily_unavailable"
215                error_description: "The request cannot be fulfilled because the e-Service Endpoint is temporarily unavailable (e.g., due to maintainance or overload)"
216  /v0.9.0/wallet-report/{api}:
217    get:
218      tags:
219        - e-services PDND
220      summary: Get Statistics
221      description: This service returns statistical data on issued Digital Credentials
222      operationId: walletGetReport
223      parameters:
224        - name: api
225          in: path
226          required: true
227          schema:
228            type: string
229        - name: typesCredentials
230          in: query
231          required: false
232          schema:
233            type: array
234            items:
235              type: string
236        - name: typeData
237          in: query
238          required: false
239          schema:
240            type: string
241        - name: fromData
242          in: query
243          required: false
244          schema:
245            type: string
246            format: date-time
247        - name: toData
248          in: query
249          required: false
250          schema:
251            type: string
252            format: date-time
253        - name: Authorization
254          in: header
255          description: >-
256            JWT token obtained from <a target="blank"
257            href="https://italia.github.io/eid-wallet-it-docs/v1.0.0/en/e-service-pdnd.html#voucher-issuance">PDND
258            Interoperabilità</a>. Based on the implementation choices, it can be either Bearer or DPoP.<br/><br/><a target="blank"
259            href="https://jwt.io/#debugger-io?token=eyJhbGciOiJFUzI1NiIsImtpZCI6ImI4MzlmNGM3LTFlNWQtNGE4YS05ZmM2LTcyZDNiN2YwOTFlYyIsInR5cCI6ImF0K2p3dCJ9.eyJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwibmJmIjoxNzM2ODQ3NDM2LCJwdXJwb3NlSWQiOiI3MThjZmFkNC00ZmJhLTQwZjMtYjMwNC0wYWJkMjA4YTBiMjAiLCJpc3MiOiJ1YXQuaW50ZXJvcC5wYWdvcGEuaXQiLCJleHAiOjE3MzY4NDc2NzYsImlhdCI6MTczNjg0NzQzNiwiY2xpZW50X2lkIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwianRpIjoiMTA1NmVlZGItMTdkYS00NDY2LWJjNWItYTQzZDg3N2Y0NGM4IiwiZGlnZXN0Ijp7ImFsZyI6IlNIQTI1NiIsInZhbHVlIjoiNjhkZWEwM2QwOTFkNTA2Y2MzMjM0NmViN2UwY2YzZTNhNzVhM2E1M2Q1ZDgyODVlODg2OWQ1ZTk2YjRiY2RmMiJ9LCJjbmYiOnsiamt0IjoiZjgyMTc2MDY2ZWIzOGZkMzM4MGQyZDNkMzRkZWI1ODkwZTY4NWVlOGU5ZTE1YTdlYjg0ODcyYTZmYWMzNDA2MyJ9fQ.mhy3gsKKcstrk9lbD6ia97KqPvPS4xZ7hggsUAk7SkkTNV1af9t9xh7yic_sxUORoYbwQi_J1IVAtOiEN_Gysw">EXAMPLE
260            ON JWT.IO</a>
261          required: true
262          schema:
263            type: string
264            format: Signed JWT
265            example: >-
266              DPoP
267              eyJhbGciOiJFUzI1NiIsImtpZCI6ImI4MzlmNGM3LTFlNWQtNGE4YS05ZmM2LTcyZDNiN2YwOTFlYyIsInR5cCI6ImF0K2p3dCJ9.eyJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwibmJmIjoxNzM2ODQ3NDM2LCJwdXJwb3NlSWQiOiI3MThjZmFkNC00ZmJhLTQwZjMtYjMwNC0wYWJkMjA4YTBiMjAiLCJpc3MiOiJ1YXQuaW50ZXJvcC5wYWdvcGEuaXQiLCJleHAiOjE3MzY4NDc2NzYsImlhdCI6MTczNjg0NzQzNiwiY2xpZW50X2lkIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwianRpIjoiMTA1NmVlZGItMTdkYS00NDY2LWJjNWItYTQzZDg3N2Y0NGM4IiwiZGlnZXN0Ijp7ImFsZyI6IlNIQTI1NiIsInZhbHVlIjoiNjhkZWEwM2QwOTFkNTA2Y2MzMjM0NmViN2UwY2YzZTNhNzVhM2E1M2Q1ZDgyODVlODg2OWQ1ZTk2YjRiY2RmMiJ9LCJjbmYiOnsiamt0IjoiZjgyMTc2MDY2ZWIzOGZkMzM4MGQyZDNkMzRkZWI1ODkwZTY4NWVlOGU5ZTE1YTdlYjg0ODcyYTZmYWMzNDA2MyJ9fQ.mhy3gsKKcstrk9lbD6ia97KqPvPS4xZ7hggsUAk7SkkTNV1af9t9xh7yic_sxUORoYbwQi_J1IVAtOiEN_Gysw
268        - name: DPoP
269          in: header
270          description: >-
271            DPoP proof JWT, to comply with the REST_JWS_2021_POP security
272            pattern using the POP_DPoP implementation. See also <a target="blank"
273            href="https://datatracker.ietf.org/doc/html/rfc9449.html">RFC
274            9449</a>.<br/><br/>
275
276            <a target="blank" href="https://jwt.io/#debugger-io?token=eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IkVTMjU2IiwiandrIjp7Imt0eSI6IkVDIiwia2V5X29wcyI6WyJzaWduIl0sImtpZCI6ImRGVTNNRDI4REpfamZzZmloUHZpMm8tQ3RqTEVVejNwT0lWMEJkTk1mZjgiLCJjcnYiOiJQLTI1NiIsIngiOiJodXlYSVFOdjkwMm9Mc3BYNF96b25DOTRHNnlFbG42bHNkbS0xd003MzJvIiwieSI6Ikk5UERFYXdXSHFhRkRHeDFaa05rLTJQVjZXZHBjYUgzQWZPYkJTTGloZ3cifX0.eyJqdGkiOiItQndDM0VTYzZhY2MybFRjIiwiaHRtIjoiR0VUIiwiYXRoIjoiNzFkZWY4MWYyZjE3MWI1MmFkYWMxNzg5ODI3NmFlZWU5OTlhZWUzZDNkZmE3NjkyMjJjODA0NDBmNDQ0ODgxYSIsImh0dSI6Imh0dHBzOi8vc2VydmVyLmV4YW1wbGUuY29tL3Rva2VuIiwiaWF0IjoxNzYyMjYyNjE2fQ.H9r1N2s8xp_rcNr4Bs7_n-6vNKN4BPsvXzsV_UWwWiyr314xPMv4v6_8ac2SIbM-cJ-O4hlZysOUrjC7rewlag">EXAMPLE
277            ON JWT.IO</a>
278          required: false
279          schema:
280            type: string
281            format: JWT
282            example: >-
283              eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IkVTMjU2IiwiandrIjp7Imt0eSI6IkVDIiwia2V5X29wcyI6WyJzaWduIl0sImtpZCI6ImRGVTNNRDI4REpfamZzZmloUHZpMm8tQ3RqTEVVejNwT0lWMEJkTk1mZjgiLCJjcnYiOiJQLTI1NiIsIngiOiJodXlYSVFOdjkwMm9Mc3BYNF96b25DOTRHNnlFbG42bHNkbS0xd003MzJvIiwieSI6Ikk5UERFYXdXSHFhRkRHeDFaa05rLTJQVjZXZHBjYUgzQWZPYkJTTGloZ3cifX0.eyJqdGkiOiItQndDM0VTYzZhY2MybFRjIiwiaHRtIjoiR0VUIiwiYXRoIjoiNzFkZWY4MWYyZjE3MWI1MmFkYWMxNzg5ODI3NmFlZWU5OTlhZWUzZDNkZmE3NjkyMjJjODA0NDBmNDQ0ODgxYSIsImh0dSI6Imh0dHBzOi8vc2VydmVyLmV4YW1wbGUuY29tL3Rva2VuIiwiaWF0IjoxNzYyMjYyNjE2fQ.H9r1N2s8xp_rcNr4Bs7_n-6vNKN4BPsvXzsV_UWwWiyr314xPMv4v6_8ac2SIbM-cJ-O4hlZysOUrjC7rewlag
284        - name: Agid-JWT-TrackingEvidence
285          in: header
286          description: >-
287             If the Voucher type is Bearer, this header represents a JWT acting as a proof of possession, to comply with the REST_JWS_2021_POP security
288             pattern using the POP_TPoP implementation. Otherwise, it is a JWT containing the data tracked in the Consumer's domain, to comply with AUDIT_REST_02 (see <a target="blank"
289             href="https://italia.github.io/eid-wallet-it-docs/v1.0.0/en/e-service-pdnd.html">e-Service PDND</a>). <br/><br/>
290             <a target="blank" href="https://jwt.io/#debugger-io?token=eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ0YzNiMmExLTk4NzYtNTQzMi0xMGZlLWRjYmE5ODc2NTQzMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI4MjkxNGIzZi02MGIyLTQ1MjktYjRkNi0zZDRlNjdmMGE5MzMiLCJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMTg1ZGJjYmEtODM2Ni00OTRkLWJlMDItNTI2NTk1IiwiZXhwIjoxNzMzMDUyNjAwLCJuYmYiOjE3MzMwMzY0NTAsImlhdCI6MTczMzAzNjQwMCwianRpIjoiYTRiNWM2ZDctZThmOS1hYmNkLWVmMTItMzQ1Njc4OTAxMjM0IiwiZG5vbmNlIjo2NTI4NDI0MjEzNjg1LCJwdXJwb3NlSWQiOiJiMmMzZDRlNS1mNmc3LWg4aTktajBrMS1sbW5vMTIzNDU2NzgiLCJ1c2VySUQiOiJhOGI3YzZkNS1lNGYzLWcyaDEtaTlqMC1rbG1ub3BxcnN0dXYiLCJsb2EiOiJzdWJzdGFudGlhbCJ9.y42yfMeW2H9h0b0j0BODUml8yF20stY9q3BwoVU5BB90afBj852Q0QlInncdhjXhUjLS1V76cGBxkutDNvxRNA">EXAMPLE ON JWT.IO</a>
291          required: false
292          schema:
293            type: string
294            format: JWT
295            example: eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ0YzNiMmExLTk4NzYtNTQzMi0xMGZlLWRjYmE5ODc2NTQzMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI4MjkxNGIzZi02MGIyLTQ1MjktYjRkNi0zZDRlNjdmMGE5MzMiLCJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMTg1ZGJjYmEtODM2Ni00OTRkLWJlMDItNTI2NTk1IiwiZXhwIjoxNzMzMDUyNjAwLCJuYmYiOjE3MzMwMzY0NTAsImlhdCI6MTczMzAzNjQwMCwianRpIjoiYTRiNWM2ZDctZThmOS1hYmNkLWVmMTItMzQ1Njc4OTAxMjM0IiwiZG5vbmNlIjo2NTI4NDI0MjEzNjg1LCJwdXJwb3NlSWQiOiJiMmMzZDRlNS1mNmc3LWg4aTktajBrMS1sbW5vMTIzNDU2NzgiLCJ1c2VySUQiOiJhOGI3YzZkNS1lNGYzLWcyaDEtaTlqMC1rbG1ub3BxcnN0dXYiLCJsb2EiOiJzdWJzdGFudGlhbCJ9.y42yfMeW2H9h0b0j0BODUml8yF20stY9q3BwoVU5BB90afBj852Q0QlInncdhjXhUjLS1V76cGBxkutDNvxRNA
296      responses:
297        "200":
298          description: 200 OK
299          content:
300            application/json:
301              schema:
302                $ref: "#/components/schemas/ResponseReport"
303        "400":
304          description: Bad request
305          content:
306            application/json:
307              schema:
308                $ref: "#/components/schemas/ErrorDTO"
309        "401":
310          description: Unauthorized
311          content:
312            application/json:
313              schema:
314                $ref: "#/components/schemas/ErrorDTO"
315        "500":
316          description: Internal server error
317          content:
318            application/json:
319              schema:
320                $ref: "#/components/schemas/ErrorDTO"
321components:
322  schemas:
323    e-Service_Response:
324      properties:
325        Header:
326          type: object
327          properties:
328            alg:
329              description: A digital signature algorithm identifier.
330              type: string
331              example: RS256
332            kid:
333              description: Unique identifier of the JWK used by the Provider to sign the JWT.
334              type: string
335              example: "cdb52532-dd94-40ef-824d-9c55b10e6bc9"
336            typ:
337              description: It MUST be set to 'JWT'.
338              type: string
339              example: "JWT"
340            use:
341              description: Usage of the algorithm. If present, it MUST be 'sig'.
342              type: string
343              example: "sig"
344          required: [alg, kid, typ]
345        Payload:
346          type: object
347          properties:
348            iss:
349              description: The identifier of the e-Service.
350              type: string
351              example: "https://pre.api.gateway.ipzs.it/t/itwallet.api/utility-wallet/1.0.0/v1/revokeAll"
352            aud:
353              description: The identifier of the Consumer.
354              type: string
355              example: "31670092-eec0-4f95-88da-e1c7ce5e4505"
356            exp:
357              description: UNIX timestamp representing the JWT expiration time.
358              type: integer
359              example: 1736846928
360            iat:
361              description: UNIX timestamp representing the JWT issuance time.
362              type: integer
363              example: 1736846688
364            jti:
365              description: Unique identifier of the JWT to prevent replay attacks.
366              type: string
367              example: "8b971b43-e990-44fa-9013-1b353bfc5a0f"
368            nbf:
369              description: UNIX timestamp representing the JWT first validity time.
370              type: string
371              example: "1736846688"
372            result_code:
373              description: Response Code.
374              type: string
375              example: request_accepted
376              enum:
377                - request_accepted
378                - request_processed
379            result_description:
380              description: Response Description.
381              type: string
382              example: The service correctly received the request
383          required: [iss, aud, exp, iat, jti, result_code, result_description]
384    RevokeAllCredentials:
385      required:
386        - object_id
387        - wallet_provider
388        - signal_type
389      type: object
390      properties:
391        object_id:
392          type: string
393          description: ID ANPR or Tax identification number
394        wallet_provider:
395          type: string
396          description: URL identifier of the Wallet Provider
397        signal_type:
398          type: string
399          enum:
400            - DELETE
401            - SUSPENDED
402          description: URL identifier of the Wallet Provider
403    ErrorDTO:
404      type: object
405      properties:
406        error:
407          type: string
408        error_description:
409          type: string
410    ResponseReport:
411      type: object
412      properties:
413        countEid:
414          type: integer
415          format: int64
416        count:
417          type: integer
418          format: int64
419        countPid:
420          $ref: "#/components/schemas/TotalCountCredential"
421        countMdl:
422          $ref: "#/components/schemas/TotalCountCredential"
423        countEdc:
424          $ref: "#/components/schemas/TotalCountCredential"
425        countTeam:
426          $ref: "#/components/schemas/TotalCountCredential"
427    TotalCountCredential:
428      type: object
429      properties:
430        credEmesse:
431          type: integer
432          format: int64
433        credValide:
434          type: integer
435          format: int64
436        credInvalide:
437          type: integer
438          format: int64