16.5. Specifica OpenAPI del Credential Issuer PDND¶
Di seguito è riportata la specifica Open API completa per i servizi elettronici del Credential Issuer PDND:
1openapi: 3.0.1
2info:
3 title: IT Wallet API - Issuer web services
4 version: 0.1.0
5servers:
6 - url: https://issuer.example.it
7 description: Credential Issuer API
8paths:
9 /v0.9.0/notifyWalletRevocation:
10 post:
11 tags:
12 - e-services PDND
13 summary: >-
14 Notify Wallet Instance Revocation
15 description: >-
16 This service revokes all digital credentials associated with a specific
17 user
18 operationId: notifyWalletRevocation
19 parameters:
20 - name: Authorization
21 in: header
22 description: >-
23 JWT token obtained from <a target="blank"
24 href="https://italia.github.io/eid-wallet-it-docs/v1.0.0/en/e-service-pdnd.html#voucher-issuance">PDND
25 Interoperabilità</a>. Based on the implementation choices, it can be either Bearer or DPoP.<br/><br/><a target="blank"
26 href="https://jwt.io/#debugger-io?token=eyJhbGciOiJFUzI1NiIsImtpZCI6ImI4MzlmNGM3LTFlNWQtNGE4YS05ZmM2LTcyZDNiN2YwOTFlYyIsInR5cCI6ImF0K2p3dCJ9.eyJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwibmJmIjoxNzM2ODQ2Njg4LCJwdXJwb3NlSWQiOiI1NzBhNDE1ZS0wZTdmLTQxMGQtODVlZC1jNTVlYTU1Mzc5MzIiLCJpc3MiOiJ1YXQuaW50ZXJvcC5wYWdvcGEuaXQiLCJleHAiOjE3MzY4NDY5MjgsImlhdCI6MTczNjg0NjY4OCwiY2xpZW50X2lkIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwianRpIjoiOGI5NzFiNDMtZTk5MC00NGZhLTkwMTMtMWIzNTNiZmM1YTBmIiwiZGlnZXN0Ijp7ImFsZyI6IlNIQTI1NiIsInZhbHVlIjoiMzM2YjYyY2FlZTc0YWFjMzUyOTM1MmJiM2I1ODM5NWFhYzU4MGRjNzYyMDE0Mzc3ZTRmNjdlODY5YWUzNzM4OSJ9LCJjbmYiOnsiamt0IjoiZjgyMTc2MDY2ZWIzOGZkMzM4MGQyZDNkMzRkZWI1ODkwZTY4NWVlOGU5ZTE1YTdlYjg0ODcyYTZmYWMzNDA2MyJ9fQ.y42yfMeW2H9h0b0j0BODUml8yF20stY9q3BwoVU5BB90afBj852Q0QlInncdhjXhUjLS1V76cGBxkutDNvxRNA">EXAMPLE
27 ON JWT.IO</a>
28 required: true
29 schema:
30 type: string
31 format: Signed JWT
32 example: >-
33 DPoP
34 eyJhbGciOiJFUzI1NiIsImtpZCI6ImI4MzlmNGM3LTFlNWQtNGE4YS05ZmM2LTcyZDNiN2YwOTFlYyIsInR5cCI6ImF0K2p3dCJ9.eyJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwibmJmIjoxNzM2ODQ2Njg4LCJwdXJwb3NlSWQiOiI1NzBhNDE1ZS0wZTdmLTQxMGQtODVlZC1jNTVlYTU1Mzc5MzIiLCJpc3MiOiJ1YXQuaW50ZXJvcC5wYWdvcGEuaXQiLCJleHAiOjE3MzY4NDY5MjgsImlhdCI6MTczNjg0NjY4OCwiY2xpZW50X2lkIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwianRpIjoiOGI5NzFiNDMtZTk5MC00NGZhLTkwMTMtMWIzNTNiZmM1YTBmIiwiZGlnZXN0Ijp7ImFsZyI6IlNIQTI1NiIsInZhbHVlIjoiMzM2YjYyY2FlZTc0YWFjMzUyOTM1MmJiM2I1ODM5NWFhYzU4MGRjNzYyMDE0Mzc3ZTRmNjdlODY5YWUzNzM4OSJ9LCJjbmYiOnsiamt0IjoiZjgyMTc2MDY2ZWIzOGZkMzM4MGQyZDNkMzRkZWI1ODkwZTY4NWVlOGU5ZTE1YTdlYjg0ODcyYTZmYWMzNDA2MyJ9fQ.y42yfMeW2H9h0b0j0BODUml8yF20stY9q3BwoVU5BB90afBj852Q0QlInncdhjXhUjLS1V76cGBxkutDNvxRNA
35 - name: DPoP
36 in: header
37 description: >-
38 DPoP proof JWT, to comply with the REST_JWS_2021_POP security
39 pattern using the POP_DPoP implementation. See also <a target="blank"
40 href="https://datatracker.ietf.org/doc/html/rfc9449.html">RFC
41 9449</a>.<br/><br/>
42
43 <a target="blank" href="https://jwt.io/#debugger-io?token=eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IkVTMjU2IiwiandrIjp7Imt0eSI6IkVDIiwia2V5X29wcyI6WyJzaWduIl0sImtpZCI6ImRGVTNNRDI4REpfamZzZmloUHZpMm8tQ3RqTEVVejNwT0lWMEJkTk1mZjgiLCJjcnYiOiJQLTI1NiIsIngiOiJodXlYSVFOdjkwMm9Mc3BYNF96b25DOTRHNnlFbG42bHNkbS0xd003MzJvIiwieSI6Ikk5UERFYXdXSHFhRkRHeDFaa05rLTJQVjZXZHBjYUgzQWZPYkJTTGloZ3cifX0.eyJqdGkiOiItQndDM0VTYzZhY2MybFRjIiwiaHRtIjoiUE9TVCIsImF0aCI6ImNiZGJmNmZlZWY0ODA2MjI4ZGJmNDY0Yjc1MGE5NGMyOGQ4ZTUzMDFhNzE1ZmZjM2U2Y2QyZjk0YjZlOGUxNTQiLCJodHUiOiJodHRwczovL3NlcnZlci5leGFtcGxlLmNvbS90b2tlbiIsImlhdCI6MTc2MjI2MjYxNn0.uL017GdfXzJ-9jhs6AUpwtkWLgyBgDWOtlrFvMltLp0C0NFwwMpOGnv-FxxwfYdJj--cteyCjGnmJZhekEKIEA">EXAMPLE
44 ON JWT.IO</a>
45 required: false
46 schema:
47 type: string
48 format: JWT
49 example: >-
50 eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IkVTMjU2IiwiandrIjp7Imt0eSI6IkVDIiwia2V5X29wcyI6WyJzaWduIl0sImtpZCI6ImRGVTNNRDI4REpfamZzZmloUHZpMm8tQ3RqTEVVejNwT0lWMEJkTk1mZjgiLCJjcnYiOiJQLTI1NiIsIngiOiJodXlYSVFOdjkwMm9Mc3BYNF96b25DOTRHNnlFbG42bHNkbS0xd003MzJvIiwieSI6Ikk5UERFYXdXSHFhRkRHeDFaa05rLTJQVjZXZHBjYUgzQWZPYkJTTGloZ3cifX0.eyJqdGkiOiItQndDM0VTYzZhY2MybFRjIiwiaHRtIjoiUE9TVCIsImF0aCI6ImNiZGJmNmZlZWY0ODA2MjI4ZGJmNDY0Yjc1MGE5NGMyOGQ4ZTUzMDFhNzE1ZmZjM2U2Y2QyZjk0YjZlOGUxNTQiLCJodHUiOiJodHRwczovL3NlcnZlci5leGFtcGxlLmNvbS90b2tlbiIsImlhdCI6MTc2MjI2MjYxNn0.uL017GdfXzJ-9jhs6AUpwtkWLgyBgDWOtlrFvMltLp0C0NFwwMpOGnv-FxxwfYdJj--cteyCjGnmJZhekEKIEA
51 - name: Agid-JWT-Signature
52 in: header
53 description: >-
54 JWT containing the signature of the message headers whose integrity
55 needs to be guaranteed, to comply with the INTEGRITY_REST_02
56 security pattern. <a target="blank"
57 href="https://italia.github.io/eid-wallet-it-docs/v1.0.0/en/e-service-pdnd.html">e-Service PDND</a>. <br/><br/>
58
59 <a target="blank" href="https://jwt.io/#debugger-io?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImY3YjI1NDhjYTZjYjM4NzY2YTU5NTFiYiJ9.eyJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwibmJmIjoxNzM2ODQ2Njg4LCJwdXJwb3NlSWQiOiI1NzBhNDE1ZS0wZTdmLTQxMGQtODVlZC1jNTVlYTU1Mzc5MzIiLCJpc3MiOiIzMTY3MDA5Mi1lZWMwLTRmOTUtODhkYS1lMWM3Y2U1ZTQ1MDUiLCJleHAiOjE3MzY4NDY5MjgsImlhdCI6MTczNjg0NjY4OCwiY2xpZW50X2lkIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwianRpIjoiOGI5NzFiNDMtZTk5MC00NGZhLTkwMTMtMWIzNTNiZmM1YTBkIiwic2lnbmVkX2hlYWRlcnMiOnsiZGlnZXN0IjoiU0hBLTI1Nj05ZGRkYTA4NmEzYjkwMjc1MDhhOTcxZjE2ZTBjNDRhYTJjOWQ4ZDkxMzM0ZjJkNGFlZGQxY2Q2YTBhMmFkM2E4IiwiY29udGVudC10eXBlIjoiYXBwbGljYXRpb24vanNvbiJ9fQ.0zncFKgLgIAhcX7aTIjC44NWYBiQKM4ZmdHfBqZ0O-W38NkBanT1tz9Z7Z0OBqQqDNsehJQa4IKNzbTjAhoccA">EXAMPLE
60 ON JWT.IO</a>
61 required: true
62 schema:
63 type: string
64 format: JWT
65 example: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImY3YjI1NDhjYTZjYjM4NzY2YTU5NTFiYiJ9.eyJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwibmJmIjoxNzM2ODQ2Njg4LCJwdXJwb3NlSWQiOiI1NzBhNDE1ZS0wZTdmLTQxMGQtODVlZC1jNTVlYTU1Mzc5MzIiLCJpc3MiOiIzMTY3MDA5Mi1lZWMwLTRmOTUtODhkYS1lMWM3Y2U1ZTQ1MDUiLCJleHAiOjE3MzY4NDY5MjgsImlhdCI6MTczNjg0NjY4OCwiY2xpZW50X2lkIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwianRpIjoiOGI5NzFiNDMtZTk5MC00NGZhLTkwMTMtMWIzNTNiZmM1YTBkIiwic2lnbmVkX2hlYWRlcnMiOnsiZGlnZXN0IjoiU0hBLTI1Nj05ZGRkYTA4NmEzYjkwMjc1MDhhOTcxZjE2ZTBjNDRhYTJjOWQ4ZDkxMzM0ZjJkNGFlZGQxY2Q2YTBhMmFkM2E4IiwiY29udGVudC10eXBlIjoiYXBwbGljYXRpb24vanNvbiJ9fQ.0zncFKgLgIAhcX7aTIjC44NWYBiQKM4ZmdHfBqZ0O-W38NkBanT1tz9Z7Z0OBqQqDNsehJQa4IKNzbTjAhoccA
66 - name: Digest
67 in: header
68 description: >-
69 Digest of the message payload, to comply with the INTEGRITY_REST_02
70 security pattern. According to <a target="blank" href="https://www.rfc-editor.org/rfc/rfc3230.html#section-4.2">RFC
71 3230 §4.2</a>, the format MUST be the following: digest-algorithm=encoded
72 digest output.
73 required: true
74 schema:
75 type: string
76 example: SHA-256=9ddda086a3b9027508a971f16e0c44aa2c9d8d91334f2d4aedd1cd6a0a2ad3a8
77 - name: Agid-JWT-TrackingEvidence
78 in: header
79 description: >-
80 If the Voucher type is Bearer, this header represents a JWT acting as a proof of possession, to comply with the REST_JWS_2021_POP security
81 pattern using the POP_TPoP implementation. Otherwise, it is a JWT containing the data tracked in the Consumer's domain, to comply with AUDIT_REST_02 (see <a target="blank"
82 href="https://italia.github.io/eid-wallet-it-docs/v1.0.0/en/e-service-pdnd.html">e-Service PDND</a>). <br/><br/>
83 <a target="blank" href="https://jwt.io/#debugger-io?token=eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ0YzNiMmExLTk4NzYtNTQzMi0xMGZlLWRjYmE5ODc2NTQzMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI4MjkxNGIzZi02MGIyLTQ1MjktYjRkNi0zZDRlNjdmMGE5MzMiLCJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0IiwiZXhwIjoxNzMzMDUyNjAwLCJuYmYiOjE3MzMwMzY0NTAsImlhdCI6MTczMzAzNjQwMCwianRpIjoiYTRiNWM2ZDctZThmOS1hYmNkLWVmMTItMzQ1Njc4OTAxMjM0IiwiZG5vbmNlIjo2NTI4NDI0MjEzNjg1LCJwdXJwb3NlSWQiOiJiMmMzZDRlNS1mNmc3LWg4aTktajBrMS1sbW5vMTIzNDU2NzgiLCJ1c2VySUQiOiJhOGI3YzZkNS1lNGYzLWcyaDEtaTlqMC1rbG1ub3BxcnN0dXYiLCJsb2EiOiJzdWJzdGFudGlhbCJ9.y42yfMeW2H9h0b0j0BODUml8yF20stY9q3BwoVU5BB90afBj852Q0QlInncdhjXhUjLS1V76cGBxkutDNvxRNA">EXAMPLE ON JWT.IO</a>
84 required: false
85 schema:
86 type: string
87 format: JWT
88 example: eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ0YzNiMmExLTk4NzYtNTQzMi0xMGZlLWRjYmE5ODc2NTQzMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI4MjkxNGIzZi02MGIyLTQ1MjktYjRkNi0zZDRlNjdmMGE5MzMiLCJhdWQiOiJodHRwczovL2F1dGhlbnRpYy1zb3VyY2UuZXhhbXBsZS5pdCIsImV4cCI6MTczMzA1MjYwMCwibmJmIjoxNzMzMDM2NDUwLCJpYXQiOjE3MzMwMzY0MDAsImp0aSI6ImE0YjVjNmQ3LWU4ZjktYWJjZC1lZjEyLTM0NTY3ODkwMTIzNCIsImRub25jZSI6NjUyODQyNDIxMzY4NSwicHVycG9zZUlkIjoiYjJjM2Q0ZTUtZjZnNy1oOGk5LWowazEtbG1ubzEyMzQ1Njc4IiwidXNlcklEIjoiYThiN2M2ZDUtZTRmMy1nMmgxLWk5ajAta2xtbm9wcXJzdHV2IiwibG9hIjoic3Vic3RhbnRpYWwifQ.y42yfMeW2H9h0b0j0BODUml8yF20stY9q3BwoVU5BB90afBj852Q0QlInncdhjXhUjLS1V76cGBxkutDNvxRNA
89 requestBody:
90 content:
91 application/json:
92 schema:
93 $ref: "#/components/schemas/RevokeAllCredentials"
94 required: true
95 responses:
96 "200":
97 description: 200 OK
98 content:
99 application/jwt:
100 schema:
101 $ref: "#/components/schemas/e-Service_Response"
102 example: "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImE4ZDEzYzQ1ZWYyZTI4MzBmN2M0NGJkNDk0MWNjYSJ9.eyJpc3MiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0LzEuMC4wL3YxL25vdGlmeVdhbGxldFJldm9jYXRpb24iLCJuYmYiOjE3MzY4NDY2ODgsImV4cCI6MTczNjg0NjkyOCwiaWF0IjoxNzM2ODQ2Njg4LCJhdWQiOiIzMTY3MDA5Mi1lZWMwLTRmOTUtODhkYS1lMWM3Y2U1ZTQ1MDUiLCJqdGkiOiJjOGJkOGEyZi1lOTkwLTQ0ZmEtOTAxMy0xYjM1M2JmYzVhMGQiLCJyZXN1bHRfY29kZSI6InJlcXVlc3RfYWNjZXB0ZWQiLCJyZXN1bHRfZGVzY3JpcHRpb24iOiJUaGUgc2VydmljZSBjb3JyZWN0bHkgcmVjZWl2ZWQgdGhlIHJlcXVlc3QifQ.ExthZCx8LHMlTTtBm9qA8Y3FhlKvTl-_sWXq35e_vTRMmKukrLhBhNa-C1xfli8g_JBixYhsBzUWhE0ING_kIQ"
103 "400":
104 description: Bad Request
105 content:
106 application/json:
107 schema:
108 oneOf:
109 - type: object
110 properties:
111 error:
112 type: string
113 description: invalid_request
114 error_description:
115 type: string
116 description: >-
117 The request cannot be fulfilled because it is missing
118 required parameters, contains invalid parameters, or
119 is otherwise malformed.
120 required:
121 - error
122 - type: object
123 properties:
124 error:
125 type: string
126 description: invalid_dpop_proof
127 error_description:
128 type: string
129 description: >-
130 The request cannot be fulfilled because it contains an
131 invalid dpop proof.
132 required:
133 - error
134 examples:
135 invalid request:
136 value:
137 error: invalid_request
138 error_description: >-
139 The request cannot be fulfilled because it is missing
140 required parameters, contains invalid parameters, or is
141 otherwise malformed
142 invalid dpop proof:
143 value:
144 error: invalid_dpop_proof
145 error_description: >-
146 The request cannot be fulfilled because it contains an
147 invalid dpop proof
148 "401":
149 description: Unauthorized
150 headers:
151 WWW-Authenticate:
152 description: The request cannot be fulfilled because the Voucher is expired, revoked or otherwise malformed. See <a target="blank" href="https://datatracker.ietf.org/doc/html/rfc6750.html#section-3">RFC6750</a> and <a target="blank" href="https://datatracker.ietf.org/doc/html/rfc9449.html#section-7.1-11">RFC9449</a> for details.
153 schema:
154 type: string
155 "404":
156 description: Credentials not found
157 content:
158 application/json:
159 schema:
160 type: object
161 properties:
162 error:
163 type: string
164 description: The error code
165 example: not_found
166 error_description:
167 type: string
168 description: >-
169 Text in human-readable form providing further details to
170 clarify the nature of the error encountered
171 example: >-
172 The issuer cannot fulfill the request because the
173 credentials were not found
174 required:
175 - error
176 "500":
177 description: Internal Server Error
178 content:
179 application/json:
180 schema:
181 type: object
182 properties:
183 error:
184 type: string
185 description: server_error
186 error_description:
187 type: string
188 description: >-
189 The request cannot be fulfilled because the e-Service Endpoint encountered an internal problem.
190 required:
191 - error
192 example:
193 error: invalid_request
194 error_description: >-
195 The request cannot be fulfilled because the e-Service Endpoint encountered an internal problem.
196 "503":
197 description: Service Unavailable
198 content:
199 application/json:
200 schema:
201 type: object
202 properties:
203 error:
204 type: string
205 description: The error code
206 error_description:
207 type: string
208 description: >-
209 Text in human-readable form providing further details to
210 clarify the nature of the error encountered
211 required:
212 - error
213 example:
214 error: "temporarily_unavailable"
215 error_description: "The request cannot be fulfilled because the e-Service Endpoint is temporarily unavailable (e.g., due to maintainance or overload)"
216 /v0.9.0/wallet-report/{api}:
217 get:
218 tags:
219 - e-services PDND
220 summary: Get Statistics
221 description: This service returns statistical data on issued Digital Credentials
222 operationId: walletGetReport
223 parameters:
224 - name: api
225 in: path
226 required: true
227 schema:
228 type: string
229 - name: typesCredentials
230 in: query
231 required: false
232 schema:
233 type: array
234 items:
235 type: string
236 - name: typeData
237 in: query
238 required: false
239 schema:
240 type: string
241 - name: fromData
242 in: query
243 required: false
244 schema:
245 type: string
246 format: date-time
247 - name: toData
248 in: query
249 required: false
250 schema:
251 type: string
252 format: date-time
253 - name: Authorization
254 in: header
255 description: >-
256 JWT token obtained from <a target="blank"
257 href="https://italia.github.io/eid-wallet-it-docs/v1.0.0/en/e-service-pdnd.html#voucher-issuance">PDND
258 Interoperabilità</a>. Based on the implementation choices, it can be either Bearer or DPoP.<br/><br/><a target="blank"
259 href="https://jwt.io/#debugger-io?token=eyJhbGciOiJFUzI1NiIsImtpZCI6ImI4MzlmNGM3LTFlNWQtNGE4YS05ZmM2LTcyZDNiN2YwOTFlYyIsInR5cCI6ImF0K2p3dCJ9.eyJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwibmJmIjoxNzM2ODQ3NDM2LCJwdXJwb3NlSWQiOiI3MThjZmFkNC00ZmJhLTQwZjMtYjMwNC0wYWJkMjA4YTBiMjAiLCJpc3MiOiJ1YXQuaW50ZXJvcC5wYWdvcGEuaXQiLCJleHAiOjE3MzY4NDc2NzYsImlhdCI6MTczNjg0NzQzNiwiY2xpZW50X2lkIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwianRpIjoiMTA1NmVlZGItMTdkYS00NDY2LWJjNWItYTQzZDg3N2Y0NGM4IiwiZGlnZXN0Ijp7ImFsZyI6IlNIQTI1NiIsInZhbHVlIjoiNjhkZWEwM2QwOTFkNTA2Y2MzMjM0NmViN2UwY2YzZTNhNzVhM2E1M2Q1ZDgyODVlODg2OWQ1ZTk2YjRiY2RmMiJ9LCJjbmYiOnsiamt0IjoiZjgyMTc2MDY2ZWIzOGZkMzM4MGQyZDNkMzRkZWI1ODkwZTY4NWVlOGU5ZTE1YTdlYjg0ODcyYTZmYWMzNDA2MyJ9fQ.mhy3gsKKcstrk9lbD6ia97KqPvPS4xZ7hggsUAk7SkkTNV1af9t9xh7yic_sxUORoYbwQi_J1IVAtOiEN_Gysw">EXAMPLE
260 ON JWT.IO</a>
261 required: true
262 schema:
263 type: string
264 format: Signed JWT
265 example: >-
266 DPoP
267 eyJhbGciOiJFUzI1NiIsImtpZCI6ImI4MzlmNGM3LTFlNWQtNGE4YS05ZmM2LTcyZDNiN2YwOTFlYyIsInR5cCI6ImF0K2p3dCJ9.eyJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwibmJmIjoxNzM2ODQ3NDM2LCJwdXJwb3NlSWQiOiI3MThjZmFkNC00ZmJhLTQwZjMtYjMwNC0wYWJkMjA4YTBiMjAiLCJpc3MiOiJ1YXQuaW50ZXJvcC5wYWdvcGEuaXQiLCJleHAiOjE3MzY4NDc2NzYsImlhdCI6MTczNjg0NzQzNiwiY2xpZW50X2lkIjoiMzE2NzAwOTItZWVjMC00Zjk1LTg4ZGEtZTFjN2NlNWU0NTA1IiwianRpIjoiMTA1NmVlZGItMTdkYS00NDY2LWJjNWItYTQzZDg3N2Y0NGM4IiwiZGlnZXN0Ijp7ImFsZyI6IlNIQTI1NiIsInZhbHVlIjoiNjhkZWEwM2QwOTFkNTA2Y2MzMjM0NmViN2UwY2YzZTNhNzVhM2E1M2Q1ZDgyODVlODg2OWQ1ZTk2YjRiY2RmMiJ9LCJjbmYiOnsiamt0IjoiZjgyMTc2MDY2ZWIzOGZkMzM4MGQyZDNkMzRkZWI1ODkwZTY4NWVlOGU5ZTE1YTdlYjg0ODcyYTZmYWMzNDA2MyJ9fQ.mhy3gsKKcstrk9lbD6ia97KqPvPS4xZ7hggsUAk7SkkTNV1af9t9xh7yic_sxUORoYbwQi_J1IVAtOiEN_Gysw
268 - name: DPoP
269 in: header
270 description: >-
271 DPoP proof JWT, to comply with the REST_JWS_2021_POP security
272 pattern using the POP_DPoP implementation. See also <a target="blank"
273 href="https://datatracker.ietf.org/doc/html/rfc9449.html">RFC
274 9449</a>.<br/><br/>
275
276 <a target="blank" href="https://jwt.io/#debugger-io?token=eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IkVTMjU2IiwiandrIjp7Imt0eSI6IkVDIiwia2V5X29wcyI6WyJzaWduIl0sImtpZCI6ImRGVTNNRDI4REpfamZzZmloUHZpMm8tQ3RqTEVVejNwT0lWMEJkTk1mZjgiLCJjcnYiOiJQLTI1NiIsIngiOiJodXlYSVFOdjkwMm9Mc3BYNF96b25DOTRHNnlFbG42bHNkbS0xd003MzJvIiwieSI6Ikk5UERFYXdXSHFhRkRHeDFaa05rLTJQVjZXZHBjYUgzQWZPYkJTTGloZ3cifX0.eyJqdGkiOiItQndDM0VTYzZhY2MybFRjIiwiaHRtIjoiR0VUIiwiYXRoIjoiNzFkZWY4MWYyZjE3MWI1MmFkYWMxNzg5ODI3NmFlZWU5OTlhZWUzZDNkZmE3NjkyMjJjODA0NDBmNDQ0ODgxYSIsImh0dSI6Imh0dHBzOi8vc2VydmVyLmV4YW1wbGUuY29tL3Rva2VuIiwiaWF0IjoxNzYyMjYyNjE2fQ.H9r1N2s8xp_rcNr4Bs7_n-6vNKN4BPsvXzsV_UWwWiyr314xPMv4v6_8ac2SIbM-cJ-O4hlZysOUrjC7rewlag">EXAMPLE
277 ON JWT.IO</a>
278 required: false
279 schema:
280 type: string
281 format: JWT
282 example: >-
283 eyJ0eXAiOiJkcG9wK2p3dCIsImFsZyI6IkVTMjU2IiwiandrIjp7Imt0eSI6IkVDIiwia2V5X29wcyI6WyJzaWduIl0sImtpZCI6ImRGVTNNRDI4REpfamZzZmloUHZpMm8tQ3RqTEVVejNwT0lWMEJkTk1mZjgiLCJjcnYiOiJQLTI1NiIsIngiOiJodXlYSVFOdjkwMm9Mc3BYNF96b25DOTRHNnlFbG42bHNkbS0xd003MzJvIiwieSI6Ikk5UERFYXdXSHFhRkRHeDFaa05rLTJQVjZXZHBjYUgzQWZPYkJTTGloZ3cifX0.eyJqdGkiOiItQndDM0VTYzZhY2MybFRjIiwiaHRtIjoiR0VUIiwiYXRoIjoiNzFkZWY4MWYyZjE3MWI1MmFkYWMxNzg5ODI3NmFlZWU5OTlhZWUzZDNkZmE3NjkyMjJjODA0NDBmNDQ0ODgxYSIsImh0dSI6Imh0dHBzOi8vc2VydmVyLmV4YW1wbGUuY29tL3Rva2VuIiwiaWF0IjoxNzYyMjYyNjE2fQ.H9r1N2s8xp_rcNr4Bs7_n-6vNKN4BPsvXzsV_UWwWiyr314xPMv4v6_8ac2SIbM-cJ-O4hlZysOUrjC7rewlag
284 - name: Agid-JWT-TrackingEvidence
285 in: header
286 description: >-
287 If the Voucher type is Bearer, this header represents a JWT acting as a proof of possession, to comply with the REST_JWS_2021_POP security
288 pattern using the POP_TPoP implementation. Otherwise, it is a JWT containing the data tracked in the Consumer's domain, to comply with AUDIT_REST_02 (see <a target="blank"
289 href="https://italia.github.io/eid-wallet-it-docs/v1.0.0/en/e-service-pdnd.html">e-Service PDND</a>). <br/><br/>
290 <a target="blank" href="https://jwt.io/#debugger-io?token=eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ0YzNiMmExLTk4NzYtNTQzMi0xMGZlLWRjYmE5ODc2NTQzMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI4MjkxNGIzZi02MGIyLTQ1MjktYjRkNi0zZDRlNjdmMGE5MzMiLCJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMTg1ZGJjYmEtODM2Ni00OTRkLWJlMDItNTI2NTk1IiwiZXhwIjoxNzMzMDUyNjAwLCJuYmYiOjE3MzMwMzY0NTAsImlhdCI6MTczMzAzNjQwMCwianRpIjoiYTRiNWM2ZDctZThmOS1hYmNkLWVmMTItMzQ1Njc4OTAxMjM0IiwiZG5vbmNlIjo2NTI4NDI0MjEzNjg1LCJwdXJwb3NlSWQiOiJiMmMzZDRlNS1mNmc3LWg4aTktajBrMS1sbW5vMTIzNDU2NzgiLCJ1c2VySUQiOiJhOGI3YzZkNS1lNGYzLWcyaDEtaTlqMC1rbG1ub3BxcnN0dXYiLCJsb2EiOiJzdWJzdGFudGlhbCJ9.y42yfMeW2H9h0b0j0BODUml8yF20stY9q3BwoVU5BB90afBj852Q0QlInncdhjXhUjLS1V76cGBxkutDNvxRNA">EXAMPLE ON JWT.IO</a>
291 required: false
292 schema:
293 type: string
294 format: JWT
295 example: eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ0YzNiMmExLTk4NzYtNTQzMi0xMGZlLWRjYmE5ODc2NTQzMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI4MjkxNGIzZi02MGIyLTQ1MjktYjRkNi0zZDRlNjdmMGE5MzMiLCJhdWQiOiJodHRwczovL2lzc3Vlci5leGFtcGxlLml0Iiwic3ViIjoiMTg1ZGJjYmEtODM2Ni00OTRkLWJlMDItNTI2NTk1IiwiZXhwIjoxNzMzMDUyNjAwLCJuYmYiOjE3MzMwMzY0NTAsImlhdCI6MTczMzAzNjQwMCwianRpIjoiYTRiNWM2ZDctZThmOS1hYmNkLWVmMTItMzQ1Njc4OTAxMjM0IiwiZG5vbmNlIjo2NTI4NDI0MjEzNjg1LCJwdXJwb3NlSWQiOiJiMmMzZDRlNS1mNmc3LWg4aTktajBrMS1sbW5vMTIzNDU2NzgiLCJ1c2VySUQiOiJhOGI3YzZkNS1lNGYzLWcyaDEtaTlqMC1rbG1ub3BxcnN0dXYiLCJsb2EiOiJzdWJzdGFudGlhbCJ9.y42yfMeW2H9h0b0j0BODUml8yF20stY9q3BwoVU5BB90afBj852Q0QlInncdhjXhUjLS1V76cGBxkutDNvxRNA
296 responses:
297 "200":
298 description: 200 OK
299 content:
300 application/json:
301 schema:
302 $ref: "#/components/schemas/ResponseReport"
303 "400":
304 description: Bad request
305 content:
306 application/json:
307 schema:
308 $ref: "#/components/schemas/ErrorDTO"
309 "401":
310 description: Unauthorized
311 content:
312 application/json:
313 schema:
314 $ref: "#/components/schemas/ErrorDTO"
315 "500":
316 description: Internal server error
317 content:
318 application/json:
319 schema:
320 $ref: "#/components/schemas/ErrorDTO"
321components:
322 schemas:
323 e-Service_Response:
324 properties:
325 Header:
326 type: object
327 properties:
328 alg:
329 description: A digital signature algorithm identifier.
330 type: string
331 example: RS256
332 kid:
333 description: Unique identifier of the JWK used by the Provider to sign the JWT.
334 type: string
335 example: "cdb52532-dd94-40ef-824d-9c55b10e6bc9"
336 typ:
337 description: It MUST be set to 'JWT'.
338 type: string
339 example: "JWT"
340 use:
341 description: Usage of the algorithm. If present, it MUST be 'sig'.
342 type: string
343 example: "sig"
344 required: [alg, kid, typ]
345 Payload:
346 type: object
347 properties:
348 iss:
349 description: The identifier of the e-Service.
350 type: string
351 example: "https://pre.api.gateway.ipzs.it/t/itwallet.api/utility-wallet/1.0.0/v1/revokeAll"
352 aud:
353 description: The identifier of the Consumer.
354 type: string
355 example: "31670092-eec0-4f95-88da-e1c7ce5e4505"
356 exp:
357 description: UNIX timestamp representing the JWT expiration time.
358 type: integer
359 example: 1736846928
360 iat:
361 description: UNIX timestamp representing the JWT issuance time.
362 type: integer
363 example: 1736846688
364 jti:
365 description: Unique identifier of the JWT to prevent replay attacks.
366 type: string
367 example: "8b971b43-e990-44fa-9013-1b353bfc5a0f"
368 nbf:
369 description: UNIX timestamp representing the JWT first validity time.
370 type: string
371 example: "1736846688"
372 result_code:
373 description: Response Code.
374 type: string
375 example: request_accepted
376 enum:
377 - request_accepted
378 - request_processed
379 result_description:
380 description: Response Description.
381 type: string
382 example: The service correctly received the request
383 required: [iss, aud, exp, iat, jti, result_code, result_description]
384 RevokeAllCredentials:
385 required:
386 - object_id
387 - wallet_provider
388 - signal_type
389 type: object
390 properties:
391 object_id:
392 type: string
393 description: ID ANPR or Tax identification number
394 wallet_provider:
395 type: string
396 description: URL identifier of the Wallet Provider
397 signal_type:
398 type: string
399 enum:
400 - DELETE
401 - SUSPENDED
402 description: URL identifier of the Wallet Provider
403 ErrorDTO:
404 type: object
405 properties:
406 error:
407 type: string
408 error_description:
409 type: string
410 ResponseReport:
411 type: object
412 properties:
413 countEid:
414 type: integer
415 format: int64
416 count:
417 type: integer
418 format: int64
419 countPid:
420 $ref: "#/components/schemas/TotalCountCredential"
421 countMdl:
422 $ref: "#/components/schemas/TotalCountCredential"
423 countEdc:
424 $ref: "#/components/schemas/TotalCountCredential"
425 countTeam:
426 $ref: "#/components/schemas/TotalCountCredential"
427 TotalCountCredential:
428 type: object
429 properties:
430 credEmesse:
431 type: integer
432 format: int64
433 credValide:
434 type: integer
435 format: int64
436 credInvalide:
437 type: integer
438 format: int64