Inrupt WebsiteSupport Center

Discovery

ESS uses /.well-known URIs to provide metadata about its services.

Note RFC 8615 (Well-Known Uniform Resource Identifiers (URIs) RFC specification) is currently in proposal state.

  • Features based on draft/proposed specifications are subject to change and/or removal.

  • The properties found in ESS services’ metadata may use custom properties (i.e., not defined in the Solid Vocabularies ) and are also subject to change and/or removal.

/.well-known URIs

/.well-known/openid-configuration

ESS provides Solid OIDC Broker Service metadata at the following /.well-known/openid-configuration URI:

https://openid.<ESS DOMAIN>/.well-known/openid-configuration

The endpoint returns the current deployment’s Solid OIDC Broker Service metadata.

/.well-known/solid

Subject to Change This endpoint is subject to change and may be replaced in the future.

ESS provides Pod Storage Service (and related) metadata at the following .well-known/solid URI:

https://storage.{ESS Domain}/.well-known/solid

Its Response.body returns Resource Description Framework (RDF) statements. Depending on your configuration, the response can include information about:

Disambiguation

The list displays the value of Pod Storage Service‘s INRUPT_AUTHORIZATION_CLIENT_ID_ALLOW_LIST configuration value, which is for discoverability purposes only.

The actual configuration that determines which applications can access the ACR is the Authorization Service‘s INRUPT_AUTHORIZATION_CLIENT_ID_ALLOW_LIST.

As such, if the two lists are not in sync, the returned list from Pod Storage Service may not accurately reflect the trusted apps.

  • Maximum number of Pods allowed per Agent.

  • Notification Gateway endpoint.

  • Provision service endpoint.

  • QPF service endpoint.

@prefix solid: <http://www.w3.org/ns/solid/terms#> .
[ a                          solid:DiscoveryDocument ;
  <http://www.w3.org/ns/auth/acl#trustedApp>
          <https://podbrowser.inrupt.com/api/app> ;
  solid:maxPodsPerOwner      10 ;
  solid:notificationGateway  <https://notification.{ESS DOMAIN}.com/> ;
  solid:provision            <https://provision.{ESS DOMAIN}.com/>;
  solid:qpf                  <https://fragments.{ESS DOMAIN}.com/
] .

/.well-known/uma2-configuration

ESS provides UMA service metadata resource at the following /.well-known/uma2-configuration URI:

https://uma.<ESS DOMAIN>/.well-known/uma2-configuration

The endpoint returns the current deployment’s UMA service configuration:

{
  "dpop_signing_alg_values_supported": [
    "ES256",
    "RS256"
  ],
  "grant_types_supported": [
    "urn:ietf:params:oauth:grant-type:uma-ticket"
  ],
  "issuer": "https://uma.<ESS DOMAIN>",
  "jwks_uri": "https://uma.<ESS DOMAIN>/jwks",
  "token_endpoint": "https://uma.<ESS DOMAIN>/token",
  "uma_profiles_supported": [
    "https://www.w3.org/TR/vc-data-model/#json-ld",
    "http://openid.net/specs/openid-connect-core-1_0.html#IDToken"
  ],
  "verifiable_credential_issuer": "https://vc.<ESS DOMAIN>"
}

/.well-known/vc-configuration

Subject to Change This endpoint is subject to change and may be replaced in the future.

ESS provides a Access Grant Service metadata resource at the following /.well-known/vc-configuration URI:

https://vc.<ESS Domain>/.well-known/vc-configuration

The endpoint returns a JSON-LD document that includes the locations for the Access Grant Service endpoints:

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://vc.<ESS Domain>/credentials/v1"
  ],
  "derivationService": "https://vc.<ESS Domain>/derive",
  "issuerService": "https://vc.<ESS Domain>/issue",
  "queryService": "https://vc.<ESS Domain>/query",
  "statusService": "https://vc.<ESS Domain>/status",
  "supportedSignatureTypes": [
    "Ed25519Signature2020"
  ],
  "verifierService": "https://vc.<ESS Domain>/verify"
}
PreviousAppendixNextService Configurations Summary

Last updated