Wallet Service#

Added in version 2.3.

Developer Preview

The ESS Wallet Service endpoints are available as part of a Developer Preview program to allow early access to these features. Please be aware that these APIs may change.

The Wallet Service provides a set of endpoints to support the creation of a Data Wallet application that connects to a Solid Pod. With the Wallet Service:

  • An application can incorporate Wallet capabilities for managing resources in the Wallet (e.g. Read, Write, Delete).

  • An application can incorporate Access Requests and Access Grants for managing access to data stored in the Wallet.

  • An application can add the ability to download data from an external reference for storage in the Wallet.

ESS Wallet Service Endpoints#

ESS Wallet Service endpoints run at:

https://datawallet.{ESS Domain}

The ESS Wallet Service consists of the following endpoints:

Wallet Endpoint#

Create, Read, Update and Delete Wallet resources.

HTTP Method

Endpoint

Description

GET

/wallet

List all resources in the Wallet.

PUT

/wallet

Create or update a resource in the Wallet.

GET

/wallet/{identifier}

Get the content of a resource in the Wallet.

DELETE

/wallet/{identifier}

Delete a resource from the Wallet.

Inbox Endpoint#

Manage Access Requests in the Wallet inbox.

HTTP Method

Endpoint

Description

GET

/inbox

List all Access Requests in the inbox.

GET

/inbox/{uuid}

Fetch the content of a specific Access Request from the inbox.

DELETE

/inbox/{uuid}

Delete an Access Request from the inbox.

GET

/inbox/{uuid}/verify

Verify an Access Request in the inbox.

PUT

/inbox/{uuid}/grantAccess

Grant access to a resource based on a specific Access Request in the inbox.

PUT

/inbox/{uuid}/denyAccess

Deny access to a resource based on a specific Access Request in the inbox.

Access Grant Endpoint#

Manage Access Grants in a user’s Wallet.

HTTP Method

Endpoint

Description

GET

/accessgrants

List all Access Grants managed by the user’s Wallet.

GET

/accessgrants/{uuid}

Fetch an Access Grant managed by the user’s Wallet.

DELETE

/accessgrants/{uuid}

Delete an Access Grant managed by the user’s Wallet.

PUT

/accessgrants/{uuid}/revoke

Revoke and delete an Access Grant managed by the user’s Wallet.

PUT

/accessgrants/revoke

Revoke and delete multiple Access Grants managed by the user’s Wallet.

Signup Endpoint#

Initialize a Solid Pod for use with the Wallet.

HTTP Method

Endpoint

Description

POST

/signup

Initialize a user’s Pod for use with the Wallet.

Access Prompt Endpoint#

Initiate and validate Access Request flows with third-party applications.

HTTP Method

Endpoint

Description

POST

/accessprompt

Endpoint subject to change. Send a prompt to a third party, initiating an Access Request flow.

GET

/accessprompt/resource

Endpoint subject to change. Validate an Access Request and search the Wallet for data of the requested type.

Login Endpoint#

Facilitate login flows for applications.

HTTP Method

Endpoint

Description

GET

/login/userInfo

Experimental. Provide user properties to a client application.

Endpoint Access Control#

The ESS Wallet Service endpoints listed above require the caller to be authenticated. The endpoints support the use of HTTP-only, secure session cookies.

Wallet Service Configuration#

As part of the installation process, Inrupt provides base Kustomize overlays and associated files that require deployment-specific configuration inputs.

The following configuration options are available for the service and may be set as part of updating the inputs for your deployment. The Inrupt-provided base Kustomize overlays may be using updated configuration values that differ from the default values.

Required#

SPRING_APPLICATION_HTTP_BASE_URL#

Default: https://datawallet.<ESS Domain>

Specifies the root URL of the wallet service.

SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_WALLET_APP_CLIENT_ID#

Default: https://datawallet.<ESS Domain>/app/id

Specifies the URL of the ClientID document for the wallet service.

Optional#

Multiple third-party clients can be configured using indexed properties. The indexed property values must be consecutive non-negative integers starting at 0. For example:

WALLET_APP_THIRD_PARTY_CLIENTS_0_CLIENT=ffc36f46-45cf-4dbd-853e-7cdc5587e206
WALLET_APP_THIRD_PARTY_CLIENTS_0_NAME=DataWallet Companion App

WALLET_APP_THIRD_PARTY_CLIENTS_1_CLIENT=8257876e-ec3f-4b4c-8dda-8a00142351eb
WALLET_APP_THIRD_PARTY_CLIENTS_1_NAME=Third-party Wallet Application
WALLET_APP_THIRD_PARTY_CLIENTS_{index}_CLIENT#

A unique identifier for a third-party client. For example, ffc36f46-45cf-4dbd-853e-7cdc5587e206.

WALLET_APP_THIRD_PARTY_CLIENTS_{index}_NAME#

A name for a third-party companion application. For example, “DataWallet Companion App”

On this page