Notification Gateway Service#

New in version 1.1.

ESS provides a Notification Gateway service for discovering the protocol-specific endpoints.

Notification Gateway Service Endpoint#

ESS Notification Gateway Service has the following endpoint:

https://notification.<ESS Domain>/

Clients can POST the following JSON document to the ESS Notification Gateway to determine the WebSocket Notification Service endpoint; no authentication is required:

{ "protocols": ["ws"] }

The response JSON contains the WebSocket endpoint that clients can access for login; for example:

{ "endpoint": "https://websocket.<ESS Domain>/", "features": [], "protocol": "ws" }

Notification Gateway Service is based on the Solid Notifications Protocol 1.

Configuration#

As part of the installation process, Inrupt provides base Kustomize overlays and associated files that require deployment-specific configuration inputs.

The following configuration options are available for the service and may be set as part of updating the inputs for your deployment. The Inrupt-provided base Kustomize overlays may be using updated configuration values that differ from the default values.

Required#

INRUPT_NOTIFICATION_WS_ENDPOINT#

The URL of the WebSocket service; e.g., https://websocket.{ESS Domain}/.

Kafka Configuration#

KAFKA_BOOTSTRAP_SERVERS#

Default: localhost:9092

Comma-delimited list of Kafka broker servers for use by ESS services, including this service.

Setting KAFKA_BOOTSTRAP_SERVERS configures ESS to use the same Kafka instance(s) for all its Kafka message channels (e.g., solidresource and auditv1out message channels). This service uses the auditv1out message channel.

Note

Inrupt-provided overlays default to using KAFKA_BOOTSTRAP_SERVERS.

To use a different Kafka instance for the auditv1out channel, use MP_MESSAGING_OUTGOING_AUDITV1OUT_BOOTSTRAP_SERVERS instead.

See also ESS’ Kafka Configuration.

MP_MESSAGING_OUTGOING_AUDITV1OUT_BOOTSTRAP_SERVERS#

Default: localhost:9092

Comma-delimited list of Kafka broker servers used for the outgoing audit v1 messages.

These messages are sent over the auditv1out message channel.

Note

To configure ESS to use the same Kafka instances for all its Kafka message channels, use KAFKA_BOOTSTRAP_SERVERS option instead. Inrupt-provided overlays default to using KAFKA_BOOTSTRAP_SERVERS.

INRUPT_KAFKA_AUDITV1EVENTSENCRYPTED_CIPHER_PASSWORD#

The strong cipher key to use when running auditing with encrypted messages.

Optional#

INRUPT_JWT_ISSUER_ALLOW_LIST#

A comma-separated list of trusted Solid-OIDC issuers (i.e., identity providers).

See also INRUPT_JWT_ISSUER_DENY_LIST.

INRUPT_JWT_ISSUER_DENY_LIST#

A comma-separated list of disallowed Solid-OIDC issuers.

1

The Solid Notifications Protocol is in Draft status. Features based on draft specifications are subject to change.