Discovery#
ESS uses /.well-known
URIs to provide metadata about its services.
Note
RFC 8615 (Well-Known Uniform Resource Identifiers (URIs) RFC specification) is currently in proposal state.
Features based on draft/proposed specifications are subject to change and/or removal.
The properties found in ESS services’ metadata may use custom properties (i.e., not defined in the Solid Vocabularies) and are also subject to change and/or removal.
/.well-known
URIs#
/.well-known/openid-configuration
#
ESS provides Solid OIDC Broker Service metadata at the following
/.well-known/openid-configuration
URI:
https://openid.<ESS DOMAIN>/.well-known/openid-configuration
The endpoint returns the current deployment’s Solid OIDC Broker Service metadata.
/.well-known/solid
#
Subject to Change
This endpoint is subject to change and may be replaced in the future.
ESS provides Pod Storage Service (and related) metadata at the
following .well-known/solid
URI:
https://storage.{ESS Domain}/.well-known/solid
Its Response.body returns Resource Description Framework (RDF) statements. Depending on your configuration, the response can include information about:
List of application(s) that can perform read and write operations the Access Control Resources with the following caveat:
Disambiguation
The list displays the value of Pod Storage Service‘s
INRUPT_AUTHORIZATION_CLIENT_ID_ALLOW_LIST
configuration value, which is for discoverability purposes only.The actual configuration that determines which applications can access the ACR is the Authorization Service‘s
INRUPT_AUTHORIZATION_CLIENT_ID_ALLOW_LIST
.As such, if the two lists are not in sync, the returned list from Pod Storage Service may not accurately reflect the trusted apps.
Maximum number of Pods allowed per Agent.
Notification Gateway endpoint.
Provision service endpoint.
QPF service endpoint.
@prefix solid: <http://www.w3.org/ns/solid/terms#> .
[ a solid:DiscoveryDocument ;
<http://www.w3.org/ns/auth/acl#trustedApp>
<https://podbrowser.inrupt.com/api/app> ;
solid:maxPodsPerOwner 10 ;
solid:notificationGateway <https://notification.{ESS DOMAIN}.com/> ;
solid:provision <https://provision.{ESS DOMAIN}.com/>;
solid:qpf <https://fragments.{ESS DOMAIN}.com/
] .
/.well-known/uma2-configuration
#
ESS provides UMA service metadata resource at the following
/.well-known/uma2-configuration
URI:
https://uma.<ESS DOMAIN>/.well-known/uma2-configuration
The endpoint returns the current deployment’s UMA service configuration:
{
"dpop_signing_alg_values_supported": [
"ES256",
"RS256"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket"
],
"issuer": "https://uma.<ESS DOMAIN>",
"jwks_uri": "https://uma.<ESS DOMAIN>/jwks",
"token_endpoint": "https://uma.<ESS DOMAIN>/token",
"uma_profiles_supported": [
"https://www.w3.org/TR/vc-data-model/#json-ld",
"http://openid.net/specs/openid-connect-core-1_0.html#IDToken"
],
"verifiable_credential_issuer": "https://vc.<ESS DOMAIN>"
}
/.well-known/vc-configuration
#
Subject to Change
This endpoint is subject to change and may be replaced in the future.
ESS provides a Access Grant Service metadata resource at the following
/.well-known/vc-configuration
URI:
https://vc.<ESS Domain>/.well-known/vc-configuration
The endpoint returns a JSON-LD document that includes the locations for the Access Grant Service endpoints:
{
"@context": [
"https://www.w3.org/2018/credentials/v1",
"https://vc.<ESS Domain>/credentials/v1"
],
"derivationService": "https://vc.<ESS Domain>/derive",
"issuerService": "https://vc.<ESS Domain>/issue",
"queryService": "https://vc.<ESS Domain>/query",
"statusService": "https://vc.<ESS Domain>/status",
"supportedSignatureTypes": [
"Ed25519Signature2020"
],
"verifierService": "https://vc.<ESS Domain>/verify"
}