Trust Registry
Description
The Trust Registry is an API that can be used for the management of Trust Records and provides us with a standard approach to applying trust and governance to an ecosystem. A trust registry is a list of authorised issuers and verifiers in the ecosystem and the types of credentials and passes they are authorised to issue and verify.
The API is built against the TrustOverIP specification, it follows typical CRUD operations for adding trust records to an underlying database.
Specification
The exact specification for the Trust Registry API can be found on the Swagger document generated for the application: https://trustregistryprod.azurewebsites.net/swagger/index.html
Trust Records
Trust records are the entity objects that are stored within the database containing information that can be used by a consuming service to determine the trust of a credential.
Within the database these trust records are stored with a combined unique key of "Identifier", "CredentialType" and "GovernanceFrameworkURI" for any specific "EntityType".
Trust Record properties
| Field | Example Values | Description |
|---|---|---|
| EntityType | 'issuer', 'verifier', 'trustregistry' | Specifies the type of entity the record is referring to. Must be one of "issuer," "verifier," or "trustRegistry" (Trust registry entity types refer to trust records that have a trust relationship with another Trust Registry). |
| Identifier | Uri | The URI-based identifier of a DID or X.509 Issuer. Allows reserved characters per RFC3986. Do not escape the URI. |
| CredentialType | string | Custom value for the trust record. |
| GovernanceFrameworkURI | Uri | The URI that points to the Ecosystem Governance Framework. Allows reserved characters per RFC3986. Do not escape the URI. |
| StatusDetail | string | Description of the status adding some optional detail to the value. |
| Status | 'current', 'expired', 'revoked', 'terminated' | The status of trust record. Can be a set of predetermined enum values. |
| DidDocument | Uri | Provides a URI that resolves to the DID Document for the Identifier. |
| ValidFromDT | DateTime | Indicates that the Identifier status applies at the indicated time. A time in the past indicates when the last status change was recorded in the Trust Registry.Must be in RFC3339 format |
| ValidUntilDT | DateTime | Indicates the Issuers validity ends/ended at this date and time. A time in the past indicates when the last status change was recorded in the Trust Registry.Must be in RFC3339 format |
Example trust record
{
"identifier": "did:example:123",
"entityType": "issuer",
"credentialType": "TestCred",
"governanceFrameworkURI": "did:example:456",
"didDocument": "<URI to DIDDoc>",
"status": "current",
"statusDetail": "<Additional details on the status>",
"validFromDT": "2024-11-13T17:22:05.911Z",
"validUntilDT": "<Date-time one month from 'validFrom' date>"
}