Wallet Service

Added in version 2.3.

Developer Preview

The ESS Wallet Service endpoints are available as part of a Developer Preview program to allow early access to these features. Please be aware that these APIs may change.

The Wallet Service provides a set of endpoints to support the creation of a Data Wallet application that connects to a Solid Pod. With the Wallet Service:

An application can incorporate Wallet capabilities for managing resources in the Wallet (e.g. Read , Write , Delete ).
An application can incorporate Access Requests and Access Grants for managing access to data stored in the Wallet.
An application can add the ability to download data from an external reference for storage in the Wallet.

ESS Wallet Service Endpoints

ESS Wallet Service endpoints run at:

https://datawallet.{ESS Domain}

The ESS Wallet Service consists of the following endpoints:

Wallet Endpoint

Create, Read, Update and Delete Wallet resources.

HTTP Method

Endpoint

Description

GET

/wallet

List all resources in the Wallet.

PUT

/wallet

Create or update a resource in the Wallet.

GET

/wallet/{identifier}

Get the content of a resource in the Wallet.

DELETE

/wallet/{identifier}

Delete a resource from the Wallet.

Inbox Endpoint

Manage Access Requests in the Wallet inbox.

HTTP Method

Endpoint

Description

GET

/inbox

List all Access Requests in the inbox.

GET

/inbox/{uuid}

Fetch the content of a specific Access Request from the inbox.

DELETE

/inbox/{uuid}

Delete an Access Request from the inbox.

GET

/inbox/{uuid}/verify

Verify an Access Request in the inbox.

PUT

/inbox/{uuid}/grantAccess

Grant access to a resource based on a specific Access Request in the inbox.

PUT

/inbox/{uuid}/denyAccess

Deny access to a resource based on a specific Access Request in the inbox.

Access Grant Endpoint

Manage Access Grants in a user’s Wallet.

HTTP Method

Endpoint

Description

GET

/accessgrants

List all Access Grants managed by the user’s Wallet.

GET

/accessgrants/{uuid}

Fetch an Access Grant managed by the user’s Wallet.

DELETE

/accessgrants/{uuid}

Delete an Access Grant managed by the user’s Wallet.

PUT

/accessgrants/{uuid}/revoke

Revoke and delete an Access Grant managed by the user’s Wallet.

PUT

/accessgrants/revoke

Revoke and delete multiple Access Grants managed by the user’s Wallet.

Initialize a Solid Pod for use with the Wallet.

HTTP Method

Endpoint

Description

POST

/signup

Initialize a user’s Pod for use with the Wallet.

Access Prompt Endpoint

Initiate and validate Access Request flows with third-party applications.

HTTP Method

Endpoint

Description

POST

/accessprompt

Endpoint subject to change. Send a prompt to a third party, initiating an Access Request flow.

GET

/accessprompt/resource

Endpoint subject to change. Validate an Access Request and search the Wallet for data of the requested type.

Facilitate login flows for applications.

HTTP Method

Endpoint

Description

GET

/login/userInfo

Experimental. Provide user properties to a client application.

Endpoint Access Control

The ESS Wallet Service endpoints listed above require the caller to be authenticated. The endpoints support the use of HTTP-only, secure session cookies.

Wallet Service Configuration

As part of the installation process, Inrupt provides base Kustomize overlays and associated files that require deployment-specific configuration inputs.

The following configuration options are available for the service and may be set as part of updating the inputs for your deployment. The Inrupt-provided base Kustomize overlays may be using updated configuration values that differ from the default values.

Required

SPRING_APPLICATION_HTTP_BASE_URL

Default : https://datawallet.<ESS Domain>

Specifies the root URL of the wallet service.

SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_WALLET_APP_CLIENT_ID

Default : https://datawallet.<ESS Domain>/app/id

Specifies the URL of the ClientID document for the wallet service.

Optional

Multiple third-party clients can be configured using indexed properties. The indexed property values must be consecutive non-negative integers starting at 0. For example:

WALLET_APP_THIRD_PARTY_CLIENTS_0_CLIENT=ffc36f46-45cf-4dbd-853e-7cdc5587e206
WALLET_APP_THIRD_PARTY_CLIENTS_0_NAME=DataWallet Companion App
WALLET_APP_THIRD_PARTY_CLIENTS_1_CLIENT=8257876e-ec3f-4b4c-8dda-8a00142351eb
WALLET_APP_THIRD_PARTY_CLIENTS_1_NAME=Third-party Wallet Application

WALLET_APP_THIRD_PARTY_CLIENTS_{index}_CLIENT

A unique identifier for a third-party client. For example, ffc36f46-45cf-4dbd-853e-7cdc5587e206 .

WALLET_APP_THIRD_PARTY_CLIENTS_{index}_NAME

A name for a third-party companion application. For example, “DataWallet Companion App”

PreviousUMA Service NextWallet Endpoint

Last updated 8 days ago

ESS Wallet Service Endpoints

Wallet Endpoint

Inbox Endpoint

Access Grant Endpoint

Signup Endpoint

Access Prompt Endpoint

Login Endpoint

Endpoint Access Control

Wallet Service Configuration

Required

SPRING_APPLICATION_HTTP_BASE_URL

SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_WALLET_APP_CLIENT_ID

Optional

WALLET_APP_THIRD_PARTY_CLIENTS_{index}_CLIENT

WALLET_APP_THIRD_PARTY_CLIENTS_{index}_NAME