{ "openapi": "3.0.2", "info": { "title": "Simplistic Entitlement Service", "version": "0.0.2", "description": "A simplistic entitlement service\n\nThe approach allows for the provider to select the type of\nrecord returned (response).\n\nThe initial implementation is labelled \"TYPE A\" or \"TYPE B\".\n\nA future implementation is a type \"PingAuthorize\"" }, "paths": { "/healthcheck": { "summary": "Health service", "description": "This service end point is to discover the health of the\nservice. The information provides an overall health\nand also health individual upstream dependencies.\n\n# Security\n\nThe service is secured to stop abuse.", "get": { "tags": [ "Draft", "ManageService" ], "responses": { "200": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/health-model" }, "examples": { "Simple-health": { "value": { "status": "PASS", "version": "some text", "notes": [ "some text", "some text" ], "output": "some text", "description": "some text", "checks": { }, "release_id": "some text", "service_id": "some text", "links": [ { "href": "some text", "rel": "some text", "operation": "PUT", "caption": "some text", "media_type": "some text" }, { "href": "some text", "rel": "some text", "operation": "POST", "caption": "some text", "media_type": "some text" } ] } } } } }, "description": "The service is healthy" }, "400": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" } } }, "description": "Request is not valid" }, "401": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" } } }, "description": "Unauthorised request" }, "500": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" }, "examples": { "health500error": { "value": { "status": "some text", "message": "some text", "resolution": "some text", "technical": "some text" } } } } }, "description": "Internal error with service, with minimal\ninformation available" }, "503": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/health-model" }, "examples": { "ealth503error": { "value": { "status": "FAIL", "version": "some text", "notes": [ "some text", "some text" ], "output": "some text", "description": "some text", "checks": { }, "release_id": "some text", "service_id": "some text", "links": [ { "href": "some text", "rel": "some text", "operation": "GET", "caption": "some text", "media_type": "some text" }, { "href": "some text", "rel": "some text", "operation": "DELETE", "caption": "some text", "media_type": "some text" } ] } } } } }, "description": "The service is unavailable" } }, "security": [ { "OAuth": [ ] } ], "operationId": "gethealth", "summary": "Retrieve the health of the service", "description": "Gets the health of the service" } }, "/entitlements/type_a": { "summary": "Methods to fetch entitlements using TypeA interface", "get": { "tags": [ "Proposed" ], "parameters": [ { "name": "organisation", "description": "The organisation and digital identity combination for \nwhich this request is being made for entitlements", "schema": { "type": "string" }, "in": "query" }, { "name": "application_id", "description": "Application identifier", "schema": { "type": "string" }, "in": "query" } ], "responses": { "200": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/entitlements_model_typeA" }, "examples": { "get_basic_typeA": { "value": [ { "digitalId": "br", "applicationId": "jxk", "organisation": "qub", "identitySchema": "8", "menuFunctions": { "allowed": [ "9e", "" ] } } ] } } } }, "description": "Entitled list of menu functions for digital identity and organisation is returned" }, "400": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" } } }, "description": "Request is not valid." }, "401": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" } } }, "description": "Unauthorised request" }, "500": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" }, "examples": { "health500error": { "value": { "status": "some text", "message": "some text", "resolution": "some text", "technical": "some text" } } } } }, "description": "Internal error with service, with minimal\ninformation available" }, "503": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" }, "examples": { "ealth503error": { "value": { "status": "FAIL", "version": "some text", "notes": [ "some text", "some text" ], "output": "some text", "description": "some text", "checks": { }, "release_id": "some text", "service_id": "some text", "links": [ { "href": "some text", "rel": "some text", "operation": "GET", "caption": "some text", "media_type": "some text" }, { "href": "some text", "rel": "some text", "operation": "DELETE", "caption": "some text", "media_type": "some text" } ] } } } } }, "description": "The service is unavailable" } }, "security": [ { } ], "operationId": "get_typea_entitlements", "summary": "Fetch entitlements of model type A and using the query parameters" }, "post": { "requestBody": { "description": "The POST request body contains the identity details\nand the list of menus that are associated\nwith the menu navigation data. The service\nhas a choice on the data to use for the \nentitlement decision.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/entitlement_request" }, "examples": { "ent_request_01": { "value": [ { "digitalId": "jwj7", "organisation": "w", "identitySchema": "", "applicationId": "", "menuFunctions": [ "48", "3" ] } ] } } } }, "required": true }, "tags": [ "Proposed" ], "responses": { "200": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/entitlements_model_typeA" }, "examples": { "basic_typeA_entitlement": { "value": [ { "digitalId": "", "applicationId": "yd8", "organisation": "t", "identitySchema": "gp9vj", "menuFunctions": { "allowed": [ "b7enhlk", "jl" ] } } ] } } } }, "description": "Entitled list of menu functions for digital identity and organisation is returned" }, "400": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" } } }, "description": "Request is not valid." }, "401": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" } } }, "description": "Unauthorised request" }, "500": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" }, "examples": { "health500error": { "value": { "status": "some text", "message": "some text", "resolution": "some text", "technical": "some text" } } } } }, "description": "Internal error with service, with minimal\ninformation available" }, "503": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" }, "examples": { "ealth503error": { "value": { "status": "FAIL", "version": "some text", "notes": [ "some text", "some text" ], "output": "some text", "description": "some text", "checks": { }, "release_id": "some text", "service_id": "some text", "links": [ { "href": "some text", "rel": "some text", "operation": "GET", "caption": "some text", "media_type": "some text" }, { "href": "some text", "rel": "some text", "operation": "DELETE", "caption": "some text", "media_type": "some text" } ] } } } } }, "description": "The service is unavailable" } }, "security": [ { "OAuth": [ ] } ], "operationId": "post_typea_entitlements", "summary": "Fetch the Type A entitlements using POST as source of query parameters" }, "parameters": [ { "name": "X-Dymu.digitalid", "description": "The digital identity\n\nThe digital identity can also be supplied in the bearer token.", "schema": { "type": "string" }, "in": "header" }, { "name": "X-Dymu.identityschema", "description": "The identity schema of the digital identity", "schema": { "type": "string" }, "in": "header" } ] }, "/entitlements/type_b": { "summary": "Methods to fetch entitlements using TypeB interface", "get": { "tags": [ "Proposed" ], "parameters": [ { "name": "organisation", "description": "The organisation and digital identity combination for \nwhich this request is being made for entitlements", "schema": { "type": "string" }, "in": "query" }, { "name": "application_id", "description": "The application identifier", "schema": { "type": "string" }, "in": "query" } ], "responses": { "200": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/entitlements_model_typeB" }, "examples": { "get_basic_typeA": { "value": "\n {\n \"digitalId\": \"\",\n \"applicationId\": \"j54\",\n \"organisation\": \"\",\n \"identitySchema\": \"a28\",\n \"menuFunctions\": {\n \"allowed\": [\n {\n \"id\": \"sq6rwv94rdsjyvp9ujs67ytnh87nof4kps6hmk4ak\",\n \"label\": \"lk308ckof\"\n },\n {\n \"id\": \"oz2\",\n \"label\": \"hyu0jzrkpguxog\"\n }\n ]\n }\n }\n" } } } }, "description": "Entitled list of menu functions for digital identity and organisation is returned" }, "400": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" } } }, "description": "Request is not valid." }, "401": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" } } }, "description": "Unauthorised request" }, "500": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" }, "examples": { "health500error": { "value": { "status": "some text", "message": "some text", "resolution": "some text", "technical": "some text" } } } } }, "description": "Internal error with service, with minimal\ninformation available" }, "503": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" }, "examples": { "ealth503error": { "value": { "status": "FAIL", "version": "some text", "notes": [ "some text", "some text" ], "output": "some text", "description": "some text", "checks": { }, "release_id": "some text", "service_id": "some text", "links": [ { "href": "some text", "rel": "some text", "operation": "GET", "caption": "some text", "media_type": "some text" }, { "href": "some text", "rel": "some text", "operation": "DELETE", "caption": "some text", "media_type": "some text" } ] } } } } }, "description": "The service is unavailable" } }, "security": [ { } ], "operationId": "get_typeb_entitlements", "summary": "Fetch entitlements of model type B and using the query parameters" }, "post": { "requestBody": { "description": "The POST request body contains the identity details\nand the list of menus that are associated\nwith the menu navigation data. The service\nhas a choice on the data to use for the \nentitlement decision.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/entitlement_request" }, "examples": { "ent_request_01": { "value": [ { "digitalId": "", "organisation": "lqbw3", "identitySchema": "3", "applicationId": "f", "menuFunctions": [ "ja", "cg" ] } ] } } } }, "required": true }, "tags": [ "Proposed" ], "responses": { "200": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/entitlements_model_typeB" }, "examples": { "basic_typeA_entitlement": { "value": "\n {\n \"digitalId\": \"\",\n \"applicationId\": \"a\",\n \"organisation\": \"3\",\n \"identitySchema\": \"\",\n \"menuFunctions\": {\n \"allowed\": [\n {\n \"id\": \"pbgo0vfzelb9j9na4ejl\",\n \"label\": \"0oi3w0uxje4zamn3ussa7c9kuww76pjppnw3h7fk8btr7wt7d\"\n },\n {\n \"id\": \"cl\",\n \"label\": \"yqkkx3s3n0ug420gx1wjfgfzwwgorpbnlfjszr\"\n }\n ]\n }\n }\n" } } } }, "description": "Entitled list of menu functions for digital identity and organisation is returned" }, "400": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" } } }, "description": "Request is not valid." }, "401": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" } } }, "description": "Unauthorised request" }, "500": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" }, "examples": { "health500error": { "value": { "status": "some text", "message": "some text", "resolution": "some text", "technical": "some text" } } } } }, "description": "Internal error with service, with minimal\ninformation available" }, "503": { "content": { "application/json": { "schema": { "$ref": "#/components/schemas/error-model" }, "examples": { "ealth503error": { "value": { "status": "FAIL", "version": "some text", "notes": [ "some text", "some text" ], "output": "some text", "description": "some text", "checks": { }, "release_id": "some text", "service_id": "some text", "links": [ { "href": "some text", "rel": "some text", "operation": "GET", "caption": "some text", "media_type": "some text" }, { "href": "some text", "rel": "some text", "operation": "DELETE", "caption": "some text", "media_type": "some text" } ] } } } } }, "description": "The service is unavailable" } }, "security": [ { "OAuth": [ ] } ], "operationId": "post_typeb_entitlements", "summary": "Fetch the Type A entitlements using POST as source of query parameters" }, "parameters": [ { "name": "X-Dymu.digitalid", "description": "The digital identity\n\nThe digital identity can also be supplied in the bearer token.", "schema": { "type": "string" }, "in": "header" }, { "name": "X-Dymu.identityschema", "description": "The identity schema of the digital identity", "schema": { "type": "string" }, "in": "header" } ] } }, "components": { "schemas": { "error-model": { "description": "A common error payload returned \nwhen the response code is not 2xx", "type": "object", "properties": { "status": { "description": "Status identifier that can be used to identify the\ncause of the error.\n\nIt s not the HTTP status code (eg 4xx ot 5xx)", "type": "string" }, "message": { "description": "Error description, that shuld be less technical \nand more user orientated where possible", "type": "string" }, "resolution": { "description": "Information on how the error or issue may\nbe resolved.", "type": "string" }, "technical": { "description": "Technical information for the error.\n\nThis must not contain sensitive information", "type": "string" } } }, "links-model": { "title": "Root Type for links-model", "description": "Hypermedia links see https://restfulapi.net/hateoas/ \n", "required": [ "rel", "href" ], "type": "object", "properties": { "href": { "type": "string" }, "rel": { "description": "The relationships for the resource as hypermedia link.\n\nThe common values are:\n\n* self : this resource. Normally used in lists,\n* first : the first resource in a list, \n* last : the last resource in a list, \n* next : the next resource or page in a list, \n* prev : the previous resource or page in a list\n* parent: the parent resource for the item\n* parent+collection: the list of children of the parent resource\n* collection: list of children of the resource\n* buy: link to purchase the investment\n* sell: link to sell the invetsment, assuming the investor has holdings\n* quote: link to quote for the asset\n* icon : URL to the icon for the resource\n* video : URL to a video\n* external : URL to external content\n* content : inline (HTML or markdonw) content related to the resource\n* price : link to resource (product) unit price\n* price+collection : link to list of historical unit prices\n \nThe \"rel\" value is also dependent on context. There is no prices or ability to buy/sell marketplace itself and therefore these resources will not provide a \"buy\" link for instance.\n\nA buy/sell link are expected to be POST requests and therefore the \"operation\" will need to be considered. If perdforming a \"POST\" then the caller will need to know the JSON model for the POST, if the media type is \"application/json\" as an example.", "type": "string" }, "operation": { "description": "The operation that the service resource accepts.\n\nCommonly this will be a GET or POST", "enum": [ "GET", "POST", "DELETE", "PUT", "PATCH", "HEAD" ], "type": "string" }, "caption": { "description": "A caption that can be displaye dfor the link", "type": "string" }, "mediaType": { "description": "The type of resource media type that the link refers to.\n\nExamples are:\n\n* application/json\n* text/html", "type": "string" } }, "example": { "href": "", "rel": "", "operation": "PUT", "caption": "", "mediaType": "l" } }, "function-detailstypeB-model": { "title": "Root Type for function_details", "description": "Function details", "required": [ "label", "id" ], "type": "object", "properties": { "id": { "description": "Function unique identifier\n\nThe string value is matched with the functionId in the menu tree.", "maxLength": 50, "minLength": 2, "type": "string" }, "label": { "description": "A menu label for the function.\n\nThe label may or may not be used in the menu. The rules are in the menu\nrendering not in this service.\n\nThis is a convenience value that helps identify the functon and could be\nused by other consumers.", "maxLength": 50, "minLength": 5, "type": "string" } }, "example": { "id": "func10001", "label": "menu label" } }, "functions-typeA-model": { "description": "Allowed functions", "required": [ "allowed" ], "type": "object", "properties": { "allowed": { "description": "List of functions that the digital identity is entitled to access\n\nThe string values are matched with the functionId in the menu tree.", "uniqueItems": true, "type": "array", "items": { "type": "string" } } }, "example": { "allowed": [ "xewrfw", "lreew8" ] } }, "functions-typeB-model": { "description": "Allowed functions", "required": [ "allowed" ], "type": "object", "properties": { "allowed": { "description": "List of functions that the digital identity is entitled to access", "type": "array", "items": { "$ref": "#/components/schemas/function-detailstypeB-model" } } }, "example": { "allowed": [ { "id": "s9ij9wq2vp05juotc", "label": "lksgje8rsluwu1zzugzj1xh7imuhepqw" }, { "id": "l69ghpt4t2kha54wam6o2fuvoh8di", "label": "csht1rk6x13gyi762d8q3a308fc" } ] } }, "entitlements_model_typeA": { "description": "An entitlement record for the digital identity \nand associated organisation", "required": [ "digitalId", "menuFunctions", "organisation", "identitySchema" ], "type": "object", "properties": { "digitalId": { "description": "The username or nameplate for the app user\n\nThis is the name of the user logged into the application, \ni.e. their digital identity on the app", "type": "string" }, "applicationId": { "description": "Application identifier\n\nDifferent menus can exist for different applications.", "type": "string" }, "organisation": { "description": "The organisation linked the digital identity", "type": "string" }, "identitySchema": { "description": "The related schema for the digital identity", "type": "string" }, "menuFunctions": { "$ref": "#/components/schemas/functions-typeA-model", "description": "The list of menu functions that the digital identity\nhas access.\n\nCurrently there is only an allowed segment supported\nbut in future this can be extended to a deny list\nor more complex rules" } }, "example": { "digitalId": "X20504", "applicationId": "DigitalSupport01", "organisation": "Acme", "identitySchema": "passkey", "menuFunctions": { "allowed": [ "mi0001", "mi0099" ] } } }, "entitlements_model_typeB": { "description": "An entitlement record for the digital identity \nand associated organisation", "required": [ "digitalId", "menuFunctions", "organisation", "identitySchema" ], "type": "object", "properties": { "digitalId": { "description": "The username or nameplate for the app user\n\nThis is the name of the user logged into the application, \ni.e. their digital identity on the app", "type": "string" }, "applicationId": { "description": "Application identifier\n\nDifferent menus can exist for different applications.", "type": "string" }, "organisation": { "description": "The organisation linked the digital identity", "type": "string" }, "identitySchema": { "description": "The related schema for the digital identity", "type": "string" }, "menuFunctions": { "$ref": "#/components/schemas/functions-typeB-model", "description": "The list of menu functions that the digital identity\nhas access.\n\nCurrently there is only an allowed segment supported\nbut in future this can be extended to a deny list\nor more complex rules" } }, "example": { "digitalId": "X20504", "applicationId": "DigitalSupport01", "organisation": "Acme", "identitySchema": "passkey", "menuFunctions": { "allowed": [ { "id": "mi002", "label": "label 4" }, { "id": "mi006", "label": "my favourites" } ] } } }, "health-model": { "title": "Root Type for health-model", "description": "The response object from a \"health\" request.\n\nThe response may be full. partial, minimal or missing \nif the statsu is not \"200\"", "required": [ "status", "checks", "links" ], "type": "object", "properties": { "status": { "description": " Indicates whether the service status is acceptable\r\n or not\r\n \r\n indicates whether the service status is acceptable\r\n or not. API publishers SHOULD use following values for the field:\r\n\r\n* \"pass\": healthy (acceptable aliases: \"ok\" to support Node's\r\n Terminus and \"up\" for Java's SpringBoot),\r\n\r\n* \"fail\": unhealthy (acceptable aliases: \"error\" to support Node's\r\n Terminus and \"down\" for Java's SpringBoot), and\r\n\r\n* \"warn\": healthy, with some concerns.\r\n\r\n The value of the status field is case-insensitive and is tightly\r\n related with the HTTP response code returned by the health endpoint.\r\n For \"pass\" status, HTTP response code in the 2xx-3xx range MUST be\r\n used. For \"fail\" status, HTTP response code in the 4xx-5xx range\r\n MUST be used. In case of the \"warn\" status, endpoints MUST return\r\n HTTP status in the 2xx-3xx range, and additional information SHOULD\r\n be provided, utilizing optional fields of the response.\r\n\r\n A health endpoint is only meaningful in the context of the component\r\n it indicates the health of. It has no other meaning or purpose. As\r\n such, its health is a conduit to the health of the component.\r\n Clients SHOULD assume that the HTTP response code returned by the\r\n health endpoint is applicable to the entire component (e.g. a larger\r\n API or a microservice). This is compatible with the behavior that\r\n current infrastructural tooling expects: load-balancers, service\r\n discoveries and others, utilizing health-checks.", "enum": [ "PASS", "WARN", "FAIL" ], "type": "string" }, "version": { "description": "Public version of the service", "type": "string" }, "notes": { "description": "Array of notes relevant to current state of health", "type": "array", "items": { "type": "string" } }, "output": { "description": "Raw error output, in case of \"fail\" or \"warn\"\r\nstates. This field SHOULD be omitted for \"pass\" state.", "type": "string" }, "description": { "description": "A human-friendly description of the\r\nservice.\r\n", "type": "string" }, "checks": { "description": " The \"checks\" object MAY have a number of unique keys, one for each\r\n logical downstream dependency or sub-component. Since each sub-\r\n component may be backed by several nodes with varying health\r\n statuses, these keys point to arrays of objects. In case of a\r\n single-node sub-component (or if presence of nodes is not relevant),\r\n a single-element array SHOULD be used as the value, for consistency.\r\n\r\n The key identifying an element in the object SHOULD be a unique\r\n string within the details section. It MAY have two parts:\r\n \"{componentName}:{measurementName}\", in which case the meaning of the\r\n parts SHOULD be as follows:\r\n\r\n * componentName: (optional) human-readable name for the component.\r\n MUST not contain a colon, in the name, since colon is used as a\r\n separator.\r\n\r\n * measurementName: (optional) name of the measurement type (a data\r\n point type) that the status is reported for. MUST not contain a\r\n colon, in the name, since colon is used as a separator. The\r\n observation's name can be one of:\r\n\r\n - A pre-defined value from this spec. Pre-defined values\r\n include:\r\n\r\n o utilization\r\n\r\n o responseTime\r\n\r\n o connections\r\n\r\n o uptime\r\n\r\n - A common and standard term from a well-known source such as\r\n schema.org, IANA or microformats.\r\n\r\n - A URI that indicates extra semantics and processing rules that\r\n MAY be provided by a resource at the other end of the URI.\r\n URIs do not have to be dereferenceable, however. They are just\r\n a namespace, and the meaning of a namespace CAN be provided by\r\n any convenient means (e.g. publishing an RFC, Open API Spec\r\n document or a nicely printed book).\r\n\r\n On the value side of the equation, each \"component details\" object in\r\n the array SHOULD have at least one key.", "additionalProperties": { "type": "array", "items": { "$ref": "#/components/schemas/healthCheck-model" } } }, "releaseId": { "description": "In well-designed APIs, backwards-compatible\r\nchanges in the service should not update a version number. APIs\r\nusually change their version number as infrequently as possible, to\r\npreserve stable interface. However, implementation of an API may\r\nchange much more frequently, which leads to the importance of having\r\nseparate \"release number\" or \"releaseId\" that is different from the\r\npublic version of the API.", "type": "string" }, "serviceId": { "description": "A unique identifier (UUID) for the service", "type": "string" }, "links": { "description": "Links to additional information or actions for the resource", "type": "array", "items": { "$ref": "#/components/schemas/links-model" } } }, "example": { "status": "PASS", "version": "2", "notes": [ "6", "yb" ], "output": "", "description": "", "checks": { }, "releaseId": "xv", "serviceId": "bb", "links": [ { "href": "", "rel": "8f", "operation": "PUT", "caption": "", "media_type": "r" }, { "href": "2dy", "rel": "4wq2rld", "operation": "PUT", "caption": "8a", "media_type": "" } ] } }, "healthCheck-model": { "title": "Root Type for healthcheck-model", "description": "", "type": "object", "properties": { "status": { "type": "string" }, "output": { "type": "string" }, "affected_end_points": { "type": "array", "items": { "type": "string" } }, "componentId": { "type": "string" }, "componentType": { "type": "string" }, "observedUnit": { "type": "string" }, "observedValue": { "format": "float", "type": "number" }, "asAt": { "format": "date-time", "description": "\nThe value is in ISO 8601 format\n\nhttps://www.iso.org/iso-8601-date-and-time-format.html", "type": "string" } }, "example": { "status": "v1p", "output": "5f4l9g8", "affected_end_points": [ "t22i", "" ], "componentId": "", "componentType": "37yy", "observedUnit": "t1a", "observedValue": 73.05, "asAt": "2018-02-10T09:30Z" } }, "entitlement_request": { "title": "Root Type for entitlement_request", "description": "Request used for the POST service \nthat will return the entitled menu functions.", "type": "object", "properties": { "digitalId": { "description": "The username or nameplate for the app user.\n\nThis data is mandatory if not supplied in the header.", "type": "string" }, "organisation": { "description": "The organisation that the digital_id is linked to.", "type": "string" }, "identitySchema": { "description": "The identity scheme that the digital_id represents\n\nThis data is mandatory if digitak Id is supplied as attribute.", "type": "string" }, "applicationId": { "description": "Application identifier", "type": "string" }, "menuFunctions": { "description": "The list of menu functions are linked to\nthe application. This list is noy filtered\nand is a list of total menu functions\nregistered within the menu data storage.\n\nThis data is optional and the service may\nchoose at its own discretion and policy whether \nto use the data or not in building the \nlist of entitled (allowed) menu functions.", "uniqueItems": true, "type": "array", "items": { "type": "string" } } }, "example": { "digitalId": "q", "organisation": "hrw", "identitySchema": "gi", "applicationId": "" } } }, "securitySchemes": { "OAuth": { "flows": { }, "type": "oauth2" } } }, "security": [ { "OAuth": [ ] } ], "tags": [ { "name": "Draft", "description": "A service definition in the early stages of design" }, { "name": "Proposed", "description": "A service definition that has been drafted and\nis being discussed." }, { "name": "Published", "description": "A service definition that has been accepted\nand is being used in production or ready\nfor production use." } ] }