Software Statement Assertion
Generate Software Statement Assertions (SSAs) enabling organisation to register a client application at the Data Provider's Authorisation Server using OAuth Dynamic Client Registration (DCR).
The Software Statement Assertion (SSA) is a foundational element for application onboarding for Ecosystems that rely on Dynamic Client Registration. An SSA, essentially a signed JSON Web Token (JWT) issued by a Trust Framework, encapsulates information pertinent to an application's identity and operational metadata as defined within the Trust Framework.
This set of information is critical for an application's initial step in the Data Consumption Journey, enabling it through the process of Dynamic Client Registration (DCR) as specified in RFC7592. The assertion functions as a source for details necessary for the server to verify the application's identity and to understand the scope of access granted to the application within the Data Sharing Ecosystem it participates in.
An SSA contains a set of claims signed by a Trust Framework authority. These claims include, but are not limited to, the following:
- Roles: The roles assigned to the application within the ecosystem.
- Redirect URIs: The URIs to which the application can redirect users after authentication.
- Scopes: The permissions granted to the application for accessing resources.
- Organization Details: Information about the organization managing the application, including its name, address, and registration number.
- Software Statement Metadata: Details about the Application (Software Statement), such as name, logos, policy documents, and portal URIs.
Validation of an SSA is critical to ensure its integrity and the trustworthiness of the information it contains. This process involves verifying the signature of the SSA using a public key available at a well-known URL, structured as follows:
For the Raidiam Sandbox Environment that would be