Create a SIOP Session

POST /authorisation/v4/siop-sessions

Sessions Token endpoint as the callback for DID SIOP Response.

Request

application/x-www-form-urlencoded

Body

required

The request body must contain an ID Token (parameter name: id_token). The VP token is deprecated.

The ID Token should be a JWT. Its header must contain the signer's kid (e.g. "kid": "did:ebsi:zbM8cCuoBMFNLeQyLiVFyxw#keys-1"). The ID Token payload must contain the following fields:

aud: the URL of the /siop-sessions endpoint, e.g. "https://api-pilot.ebsi.eu/authorisation/v2/siop-sessions"
sub: the subject
sub_jwk: the JWK used to sign the JWT
nonce: a random UUID
claims:
- encryption_key: public key used to encrypt the response
responseMode: should be "form_post",
iss: should be "https://self-issued.me/v2",
_vp_token: only if the request also contains a VP token.
- presentation_submission: a VP submission object (https://identity.foundation/presentation-exchange/spec/v2.0.0/#presentation-submission).

id_token stringrequired

JWS compact serialised ID Token

vp_token string

A Verifiable Presentation JWT. Only for onboarding.

Responses

Success

application/json

Schema
Example (from schema)
Encrypted access token

Schema

ake1_enc_payload string

Encrypted payload with user's public key

ake1_jws_detached string

Detached JWS of AKE1 Signing Payload

ake1_sig_payload object

ake1_enc_payload string

Encrypted payload with user's public key

ake1_nonce string

Nonce used during the authentication process

did string

API DID

iat number

Issued at

exp number

Expires

iss string

Issuer (Authorisation API)

kid string

API KID

{
  "ake1_enc_payload": "ce527bf1e06bd6241625d54e76bdb5ac029c455f97324ed20a5038724966ba5d9befd49195b4841b513c7f23e785c99f87bad2e255cbceb1152cef05b15137a1411520d8d578961f16d6c59ec042889e45cb4d3965d9d859dac8f217b3b3776ad342a605f2bb985d820ad8b0f6cb2c7c40da4d1ebd3efb5a3d57507e0479801c088e68b277fac799f852c1053a1dacc7cdb921cff2006eaf1b3fa3a5b64de91e991390b7317814625f490a1354dc2b69498b2bfad7caf0e819ebd93cccb2ef26e399d996ab19910605d798dacf9f78489dd7bac8613b5da28314e1153d929a9059decedce00eeb2848ee95f14e523f9f12372e71b9db4ebe702ce508d2dbc1e5cbdafcd5a15afe397fb35f9a45424c6aac43380b054185cbac4f498a5db4dcf517cf8bc760354c26e2e1af37dbdf06f888e5d424a66ab9546475b187787b557d197af20c7ac1e0639acf0304f051194da4be7c8badb0747b3e669ffd7ffe5a2c9c2060f338d8e4eb3010e10e6a67a1c8fe21d48ee7bc5d540497071f80dd36e58d309e868837c193dd5646b33baa61c3c190d5ce44d08bc6820d240e14edd12af9ae8242e5a7186c1697426d14e97101313331cb1d803030cd2d6d2799852bda0dbc80b3c927efffc19d170327ac11c5d645b83c38fdcfb9ac779d9eac795d8eb671fe0ade56cdcb020261e1bf6d2e1d2fdfc1f954959c2d5516adf3f2abcee298c92b5451e3dee89d1903b8390fe9a426278ec879a59e682eabf8b8f3ad4482de9c636a41e506c82d7d0be1a92d926ba7fb05779f2612a86f8b47e10477b1d6080044d1f983cf3cb81e35af5b3ea4205e1d25ce0b6d20755442904d670380082203e25d4326df0ab47ee8bb404f98d5184a3949e043a0656e856f78f442fb33a2ec63c7347520c796fb721bfc0c6106c0db9e0580ba17aa3f96abf1a4744256635803f90bcfce185ddba20a8635a1c59f68760220ddaf296ac3a582ea953f928290c50f186ea8909a9a94a82b6b1c8204f243a4ed4cef5fd672959cec8359a57ac08c4b41ccb515b963f675af7cf4a9bef97f13942a63678680fb8f9e2de766f3c578d6f5913d7e71aafbd5ebc965b90ce4c3dc4a7bc2af74754c3e7c05fc3fbd1851ee5caa4723fe7bf5a9cd804a979bbd341836bcb3e82ad164748cb46f5d9fd4b599d27a307962eea6465eb91a6155",
  "ake1_jws_detached": "eyJhbGciOiJFUzI1NksiLCJ0eXAiOiJKV1QiLCJraWQiOiJodHRwczovL2FwaS1waWxvdC5lYnNpLmV1L3RydXN0ZWQtYXBwcy1yZWdpc3RyeS92My9hcHBzL2F1dGhvcmlzYXRpb24tYXBpX3BpbG90LXRlbXAtMDEifQ..bJ5gwcsgYcRTpMAJYpkUPGSYA962eioQ94Yju7buVGneuCCmelxWH-ZhKxMf7RolebgdVrrnNIIhdTZLJ8NpMw",
  "ake1_sig_payload": {
    "ake1_enc_payload": "ce527bf1e06bd6241625d54e76bdb5ac029c455f97324ed20a5038724966ba5d9befd49195b4841b513c7f23e785c99f87bad2e255cbceb1152cef05b15137a1411520d8d578961f16d6c59ec042889e45cb4d3965d9d859dac8f217b3b3776ad342a605f2bb985d820ad8b0f6cb2c7c40da4d1ebd3efb5a3d57507e0479801c088e68b277fac799f852c1053a1dacc7cdb921cff2006eaf1b3fa3a5b64de91e991390b7317814625f490a1354dc2b69498b2bfad7caf0e819ebd93cccb2ef26e399d996ab19910605d798dacf9f78489dd7bac8613b5da28314e1153d929a9059decedce00eeb2848ee95f14e523f9f12372e71b9db4ebe702ce508d2dbc1e5cbdafcd5a15afe397fb35f9a45424c6aac43380b054185cbac4f498a5db4dcf517cf8bc760354c26e2e1af37dbdf06f888e5d424a66ab9546475b187787b557d197af20c7ac1e0639acf0304f051194da4be7c8badb0747b3e669ffd7ffe5a2c9c2060f338d8e4eb3010e10e6a67a1c8fe21d48ee7bc5d540497071f80dd36e58d309e868837c193dd5646b33baa61c3c190d5ce44d08bc6820d240e14edd12af9ae8242e5a7186c1697426d14e97101313331cb1d803030cd2d6d2799852bda0dbc80b3c927efffc19d170327ac11c5d645b83c38fdcfb9ac779d9eac795d8eb671fe0ade56cdcb020261e1bf6d2e1d2fdfc1f954959c2d5516adf3f2abcee298c92b5451e3dee89d1903b8390fe9a426278ec879a59e682eabf8b8f3ad4482de9c636a41e506c82d7d0be1a92d926ba7fb05779f2612a86f8b47e10477b1d6080044d1f983cf3cb81e35af5b3ea4205e1d25ce0b6d20755442904d670380082203e25d4326df0ab47ee8bb404f98d5184a3949e043a0656e856f78f442fb33a2ec63c7347520c796fb721bfc0c6106c0db9e0580ba17aa3f96abf1a4744256635803f90bcfce185ddba20a8635a1c59f68760220ddaf296ac3a582ea953f928290c50f186ea8909a9a94a82b6b1c8204f243a4ed4cef5fd672959cec8359a57ac08c4b41ccb515b963f675af7cf4a9bef97f13942a63678680fb8f9e2de766f3c578d6f5913d7e71aafbd5ebc965b90ce4c3dc4a7bc2af74754c3e7c05fc3fbd1851ee5caa4723fe7bf5a9cd804a979bbd341836bcb3e82ad164748cb46f5d9fd4b599d27a307962eea6465eb91a6155",
    "ake1_nonce": "53a6e914-ef94-412b-b226-82da24be3dd9",
    "did": "did:ebsi:zbM8cCuoBMFNLeQyLiVFyxw",
    "iat": 1627652364,
    "exp": 1627653264,
    "iss": "authorisation-api_pilot-temp-01"
  },
  "kid": "https://api-pilot.ebsi.eu/trusted-apps-registry/v3/apps/authorisation-api_pilot-temp-01"
}

{
  "ake1_enc_payload": "ce527bf1e06bd6241625d54e76bdb5ac029c455f97324ed20a5038724966ba5d9befd49195b4841b513c7f23e785c99f87bad2e255cbceb1152cef05b15137a1411520d8d578961f16d6c59ec042889e45cb4d3965d9d859dac8f217b3b3776ad342a605f2bb985d820ad8b0f6cb2c7c40da4d1ebd3efb5a3d57507e0479801c088e68b277fac799f852c1053a1dacc7cdb921cff2006eaf1b3fa3a5b64de91e991390b7317814625f490a1354dc2b69498b2bfad7caf0e819ebd93cccb2ef26e399d996ab19910605d798dacf9f78489dd7bac8613b5da28314e1153d929a9059decedce00eeb2848ee95f14e523f9f12372e71b9db4ebe702ce508d2dbc1e5cbdafcd5a15afe397fb35f9a45424c6aac43380b054185cbac4f498a5db4dcf517cf8bc760354c26e2e1af37dbdf06f888e5d424a66ab9546475b187787b557d197af20c7ac1e0639acf0304f051194da4be7c8badb0747b3e669ffd7ffe5a2c9c2060f338d8e4eb3010e10e6a67a1c8fe21d48ee7bc5d540497071f80dd36e58d309e868837c193dd5646b33baa61c3c190d5ce44d08bc6820d240e14edd12af9ae8242e5a7186c1697426d14e97101313331cb1d803030cd2d6d2799852bda0dbc80b3c927efffc19d170327ac11c5d645b83c38fdcfb9ac779d9eac795d8eb671fe0ade56cdcb020261e1bf6d2e1d2fdfc1f954959c2d5516adf3f2abcee298c92b5451e3dee89d1903b8390fe9a426278ec879a59e682eabf8b8f3ad4482de9c636a41e506c82d7d0be1a92d926ba7fb05779f2612a86f8b47e10477b1d6080044d1f983cf3cb81e35af5b3ea4205e1d25ce0b6d20755442904d670380082203e25d4326df0ab47ee8bb404f98d5184a3949e043a0656e856f78f442fb33a2ec63c7347520c796fb721bfc0c6106c0db9e0580ba17aa3f96abf1a4744256635803f90bcfce185ddba20a8635a1c59f68760220ddaf296ac3a582ea953f928290c50f186ea8909a9a94a82b6b1c8204f243a4ed4cef5fd672959cec8359a57ac08c4b41ccb515b963f675af7cf4a9bef97f13942a63678680fb8f9e2de766f3c578d6f5913d7e71aafbd5ebc965b90ce4c3dc4a7bc2af74754c3e7c05fc3fbd1851ee5caa4723fe7bf5a9cd804a979bbd341836bcb3e82ad164748cb46f5d9fd4b599d27a307962eea6465eb91a6155",
  "ake1_sig_payload": {
    "iat": 1672841881,
    "exp": 1672842781,
    "ake1_nonce": "53a6e914-ef94-412b-b226-82da24be3dd9",
    "ake1_enc_payload": "ce527bf1e06bd6241625d54e76bdb5ac029c455f97324ed20a5038724966ba5d9befd49195b4841b513c7f23e785c99f87bad2e255cbceb1152cef05b15137a1411520d8d578961f16d6c59ec042889e45cb4d3965d9d859dac8f217b3b3776ad342a605f2bb985d820ad8b0f6cb2c7c40da4d1ebd3efb5a3d57507e0479801c088e68b277fac799f852c1053a1dacc7cdb921cff2006eaf1b3fa3a5b64de91e991390b7317814625f490a1354dc2b69498b2bfad7caf0e819ebd93cccb2ef26e399d996ab19910605d798dacf9f78489dd7bac8613b5da28314e1153d929a9059decedce00eeb2848ee95f14e523f9f12372e71b9db4ebe702ce508d2dbc1e5cbdafcd5a15afe397fb35f9a45424c6aac43380b054185cbac4f498a5db4dcf517cf8bc760354c26e2e1af37dbdf06f888e5d424a66ab9546475b187787b557d197af20c7ac1e0639acf0304f051194da4be7c8badb0747b3e669ffd7ffe5a2c9c2060f338d8e4eb3010e10e6a67a1c8fe21d48ee7bc5d540497071f80dd36e58d309e868837c193dd5646b33baa61c3c190d5ce44d08bc6820d240e14edd12af9ae8242e5a7186c1697426d14e97101313331cb1d803030cd2d6d2799852bda0dbc80b3c927efffc19d170327ac11c5d645b83c38fdcfb9ac779d9eac795d8eb671fe0ade56cdcb020261e1bf6d2e1d2fdfc1f954959c2d5516adf3f2abcee298c92b5451e3dee89d1903b8390fe9a426278ec879a59e682eabf8b8f3ad4482de9c636a41e506c82d7d0be1a92d926ba7fb05779f2612a86f8b47e10477b1d6080044d1f983cf3cb81e35af5b3ea4205e1d25ce0b6d20755442904d670380082203e25d4326df0ab47ee8bb404f98d5184a3949e043a0656e856f78f442fb33a2ec63c7347520c796fb721bfc0c6106c0db9e0580ba17aa3f96abf1a4744256635803f90bcfce185ddba20a8635a1c59f68760220ddaf296ac3a582ea953f928290c50f186ea8909a9a94a82b6b1c8204f243a4ed4cef5fd672959cec8359a57ac08c4b41ccb515b963f675af7cf4a9bef97f13942a63678680fb8f9e2de766f3c578d6f5913d7e71aafbd5ebc965b90ce4c3dc4a7bc2af74754c3e7c05fc3fbd1851ee5caa4723fe7bf5a9cd804a979bbd341836bcb3e82ad164748cb46f5d9fd4b599d27a307962eea6465eb91a6155",
    "did": "did:ebsi:zbM8cCuoBMFNLeQyLiVFyxw",
    "iss": "authorisation-api_pilot-temp-01"
  },
  "ake1_jws_detached": "eyJhbGciOiJFUzI1NksiLCJ0eXAiOiJKV1QiLCJraWQiOiJodHRwczovL2FwaS1waWxvdC5lYnNpLmV1L3RydXN0ZWQtYXBwcy1yZWdpc3RyeS92My9hcHBzL2F1dGhvcmlzYXRpb24tYXBpX3BpbG90LXRlbXAtMDEifQ..bJ5gwcsgYcRTpMAJYpkUPGSYA962eioQ94Yju7buVGneuCCmelxWH-ZhKxMf7RolebgdVrrnNIIhdTZLJ8NpMw",
  "kid": "https://api-pilot.ebsi.eu/trusted-apps-registry/v3/apps/authorisation-api_pilot-temp-01"
}

Bad Request

application/problem+json

Schema
Example (from schema)
Bad Request
Token Expired
Issuer Not Found

Schema

type uri

Default value: about:blank

An absolute URI that identifies the problem type. When dereferenced, it SHOULD provide human-readable documentation for the problem type.

title string

A short summary of the problem type.

status int32

Possible values: >= 400 and <= 600

The HTTP status code generated by the origin server for this occurrence of the problem.

detail string

A human readable explanation specific to this occurrence of the problem.

instance uri

An absolute URI that identifies the specific occurrence of the problem. It may or may not yield further information if dereferenced.

{
  "type": "about:blank",
  "title": "Internal Server Error",
  "status": 500,
  "detail": "Connection timeout",
  "instance": "string"
}

{
  "title": "Bad Request",
  "status": 400,
  "detail": "Bad request."
}

{
  "title": "Token Expired",
  "status": 400,
  "detail": "The token has expired."
}

{
  "title": "Issuer Not Found",
  "status": 400,
  "detail": "Issuer not found in the trusted apps registry."
}

Internal Error

application/problem+json

Schema
Example (from schema)
Internal Server Error

Schema

type uri

Default value: about:blank

An absolute URI that identifies the problem type. When dereferenced, it SHOULD provide human-readable documentation for the problem type.

title string

A short summary of the problem type.

status int32

Possible values: >= 400 and <= 600

The HTTP status code generated by the origin server for this occurrence of the problem.

detail string

A human readable explanation specific to this occurrence of the problem.

instance uri

An absolute URI that identifies the specific occurrence of the problem. It may or may not yield further information if dereferenced.

{
  "type": "about:blank",
  "title": "Internal Server Error",
  "status": 500,
  "detail": "Connection timeout",
  "instance": "string"
}

{
  "title": "Internal Server Error",
  "status": 500,
  "detail": "The server encountered an internal error and was unable to process your request."
}

/authorisation/v4/siop-sessions

Request​

Body

Responses​

Request

Responses