Skip to content
Registry StackDocsLatest

API reference

View as Markdown

This reference covers the route-to-client-method matrix, the source adapter sidecar API, and the stable problem-code registry. For the complete OpenAPI specification, fetch GET /openapi.json from any running Notary, or read the Registry Notary API reference.

The Problem code registry section is a curated, stable subset for policy mapping; it does not list every code the server can emit. Match an unrecognized code value on its category prefix. The server emits categories beyond those tabled here, such as credential.* (issuance and holder-proof errors) and evaluation.* (lookup and binding errors).

This matrix maps each server route to the client methods that call it, per runtime. “not exposed” means the runtime does not surface a public helper for that route.

RouteRustPythonNode
GET /healthzhealthnot exposednot exposed
GET /readyreadynot exposednot exposed
GET /docsnot exposednot exposednot exposed
GET /docs/scalar.jsnot exposednot exposednot exposed
GET /admin/v1/capabilitiesnot exposednot exposednot exposed
GET /admin/v1/posturenot exposednot exposednot exposed
POST /admin/v1/reloadadmin_reloadnot exposednot exposed
GET /openapi.jsonopenapi_jsonnot exposednot exposed
GET /.well-known/evidence-serviceservice_documentservice_documentserviceDocument
GET /.well-known/evidence/jwks.jsonissuer_jwks, refresh_jwks, raw_issuer_jwksissuer_jwks, refresh_jwks, raw_issuer_jwksissuerJwks, refreshJwks, rawIssuerJwks
local SD-JWT VC verificationverify_sd_jwt_vc, verify_credential_response, verify_oid4vci_credential with verifiernot exposednot exposed
GET /metricsmetricsnot exposednot exposed
GET /v1/claimslist_claimslist_claimslistClaims
GET /v1/claims/{id}get_claimget_claimgetClaim
GET /v1/formatslist_formatsnot exposednot exposed
POST /v1/evaluationsevaluate, evaluate_requestevaluate, evaluate_request, aevaluate, aevaluate_requestevaluate, evaluateRequest
POST /v1/batch-evaluationsbatch_evaluate_requestbatch_evaluate_request, abatch_evaluate_requestbatchEvaluate, batchEvaluateRequest
POST /v1/evaluations/{evaluation_id}/renderrender_requestrender_request, arender_requestrenderRequest
POST /v1/credentialsissue_credential_requestissue_credential_request, aissue_credential_requestissueCredentialRequest
GET /v1/credentials/{id}/statuscredential_statuscredential_statuscredentialStatus
POST /admin/v1/credentials/{id}/statusupdate_credential_statusnot exposednot exposed
GET /.well-known/openid-credential-issueroid4vci_issuer_metadataoid4vci_issuer_metadataoid4vciIssuerMetadata
GET /.well-known/vct/{*vct_path}not exposednot exposednot exposed
GET /credentials/{vct_path}not exposednot exposednot exposed
GET /oid4vci/credential-offeroid4vci_credential_offeroid4vci_credential_offeroid4vciCredentialOffer
GET /oid4vci/offer/startnot exposednot exposednot exposed
GET /oid4vci/offer/callbacknot exposednot exposednot exposed
POST /oid4vci/tokennot exposednot exposednot exposed
POST /oid4vci/nonceoid4vci_nonceoid4vci_nonceoid4vciNonce
POST /oid4vci/credentialoid4vci_credentialoid4vci_credentialoid4vciCredential
POST /federation/v1/evaluationsfederation_evaluate_jwsfederation_evaluate_jwsfederationEvaluateJws

Registry Notary does not expose admin config verify, dry-run, or apply routes. Signed config bundles are local directories verified with the node CLI config verify-bundle and activated by placing the bundle on the node and restarting the service.

/.well-known/evidence-service is discovery metadata, but it is protected discovery metadata. Callers must send the configured API key, bearer token, or OIDC credential. The unauthenticated well-known exceptions are the public issuer JWKS, OID4VCI issuer metadata, and SD-JWT VC type-metadata routes documented in the security allowlist.

GET /v1/claims and GET /v1/claims/{claim_id} may include target_inputs when a claim has configured target matching. This block is request-contract metadata for clients that build evaluation forms. It is separate from the Core Criterion and Core Evidence Vocabulary (CCCEV) and the EU Once-Only Technical System (OOTS): those describe evidence semantics and interoperability context, while target_inputs describes the target-side request paths a Notary evaluation can accept.

Each entry contains a matching method label, optional policy id, target type, confidence label, and OR-of-AND input groups. A client should collect one full group and submit only those target paths. For example, one group may contain target.identifiers.national_id, while another may contain target.attributes.given_name, target.attributes.family_name, and target.attributes.birthdate.

The block is intentionally minimized. It can expose target-side paths and friendly labels, but it does not expose connector names, connection ids, dataset/entity names, source field names, or raw source binding configuration.

This section documents the private sidecar API that Registry Notary calls when a source binding uses the source-adapter connector value connector: source_adapter_sidecar. It is not a caller-facing Registry Notary route. The sidecar can run the built-in http_json, http_flow, and fhir engines, or another governed adapter implementation. It must run on localhost or a private pod network and must not be publicly exposed.

Single reads use the Registry Data API-shaped source route:

GET /v1/datasets/{dataset}/entities/{entity}/records?{lookup_field}={lookup_value}&fields=a,b&limit=2
Authorization: Bearer <notary-to-sidecar-token>
Data-Purpose: <purpose>

Sidecar batch matching uses this stable route and an explicit POST body. It is semantically equivalent to running the same source binding as single reads for each request item.

POST /v1/datasets/{dataset}/entities/{entity}/records:batchMatch
Authorization: Bearer <notary-to-sidecar-token>
Data-Purpose: <purpose>
Content-Type: application/json

Request body:

{
"fields": ["national_id", "birth_date"],
"query_signature": [
{ "field": "given_name", "op": "eq" },
{ "field": "family_name", "op": "eq" },
{ "field": "birthdate", "op": "eq" }
],
"items": [
{ "id": "0", "values": ["Amina", "Diallo", "1990-01-01"] }
]
}

Successful response body:

{
"items": [
{
"id": "0",
"data": [
{
"national_id": "12345",
"birth_date": "1990-01-01"
}
]
}
]
}

Contract rules:

  • Authorization, Data-Purpose, fields, query_signature, and items are required.
  • The v1 query_signature supports op: eq only.
  • Every item in a batch uses the same ordered query_signature; each items[].values array must have the same length as that signature.
  • The request does not include full Notary target, requester, relationship, assurance, claim config, disclosure config, or unrelated request attributes.
  • Response item ids must correspond exactly to request item ids.
  • A duplicate response item id rejects the whole sidecar response as invalid output.
  • A missing response item maps to source.unavailable for that item.
  • data: [] maps to source not found, data: [record] maps to a successful source match, and data with two records maps to source ambiguous.
  • If the worker returns more than two records for an item, the sidecar normalizes the result to two records before returning it to Notary, preserving the same cardinality rule used for single reads.
  • Returned records are projected to the requested fields; extra worker output fields are not returned to Notary.
  • Documented per-item sidecar error codes are source.target_auth and source.target_rate_limit. The sidecar’s classifier also accepts the unprefixed target_auth/target_rate_limit forms from custom worker code and treats them the same as their source.-prefixed counterparts. Unknown per-item error codes map to source unavailable.
  • Adapter execution failures, invalid output, oversized output, worker crashes, and timeouts are not retried for the same batch request.

The sidecar rejects missing or malformed bearer tokens with 401 and a WWW-Authenticate: Bearer header, rejected tokens with 403, missing Data-Purpose with 400, unknown source routes with 404, unsupported query operations with 400, sidecar capacity saturation with 503 plus Retry-After, timeout with 504, and invalid adapter execution/output with 502.

These application problem code values are part of the stable client contract for policy mapping. Map on code, not on prose. Safe fields for logs are status, code, title, retryable, and request_id.

CodeCategory
request.invalidRequest
purpose.not_allowedPurpose
profile.unsupportedProfile
evidence.not_availableEvidence
requester.reauthentication_requiredRequester
requester.matching_policy_rejectedRequester
requester.not_foundRequester
requester.match_ambiguousRequester
requester.identifier_missingRequester
requester.attributes_insufficientRequester
target.not_foundTarget
target.match_ambiguousTarget
target.identifier_missingTarget
target.match_low_confidenceTarget
target.attributes_insufficientTarget
target.not_in_valid_stateTarget
target.matching_policy_rejectedTarget
relationship.not_establishedRelationship
relationship.match_ambiguousRelationship
relationship.attributes_insufficientRelationship
relationship.policy_rejectedRelationship
relationship.purpose_not_allowedRelationship
source.unavailableSource
claim.not_foundClaim
claim.version_not_foundClaim
claim.format_not_supportedClaim
auth.purpose_requiredAuth
auth.missing_credentialAuth
self_attestation.deniedSelf-attestation
idempotency.conflictIdempotency
batch.too_largeBatch
jwks.unavailableVerifier
key.missingVerifier
key.unknownVerifier
algorithm.disallowedVerifier
algorithm.key_mismatchVerifier
header.typ_mismatchVerifier
header.untrusted_key_referenceVerifier
signature.invalidVerifier
claim.issuer_mismatchVerifier
claim.vct_mismatchVerifier
claim.time_invalidVerifier
disclosure.digest_mismatchVerifier
holder_binding.requiredVerifier
holder_binding.invalidVerifier
holder_binding.kid_mismatchVerifier
holder_binding.proof_invalidVerifier

Profiles may collapse granular matching outcomes to public evidence.not_available when revealing cardinality, state, or relationship policy would create an oracle. Operators can still inspect the granular audit code in the server audit trail.

These codes report how a request resolved to a source record. The model behind them, including the cardinality rule and the collapse behavior, is described in identity and record matching.

CodeWhen it is returned
target.not_foundThe source returned no record for the target
target.match_ambiguousThe source returned more than one record
target.identifier_missingA required target identifier was not supplied
target.attributes_insufficientThe target attributes did not satisfy the binding’s required input set
target.matching_policy_rejectedThe request shape is outside the binding’s matching policy
target.match_low_confidenceThe source reported a match it considers too weak
target.not_in_valid_stateThe matched target is in a state the source rejects

The requester codes (requester.not_found, requester.match_ambiguous, requester.identifier_missing, requester.attributes_insufficient, requester.matching_policy_rejected, requester.reauthentication_required) and the relationship codes (relationship.not_established, relationship.match_ambiguous, relationship.attributes_insufficient, relationship.policy_rejected, relationship.purpose_not_allowed) report the same outcomes for the requester and relationship contexts. relationship.purpose_not_allowed means the relationship type is valid but not for the declared purpose. A successful match returns target_ref and matching metadata instead of a problem code.

matching.confidence is a policy-asserted label configured for the source binding and matching method. It is returned verbatim for successful matches against that binding, so it does not measure the quality of an individual match. Additional fields may appear alongside it; its meaning will not change.

Self-attestation policy denials return the public problem code self_attestation.denied. The audit trail and internal denial context preserve the granular reason so operators can distinguish policy failures without giving callers an identifier oracle.

Direct self-attestation reasons include self_attestation.disabled, self_attestation.operation_denied, self_attestation.claim_denied, self_attestation.disclosure_denied, self_attestation.format_denied, self_attestation.profile_denied, self_attestation.subject_claim_missing, self_attestation.subject_mismatch, self_attestation.rate_limited, self_attestation.invalid_token, self_attestation.assurance_denied, and self_attestation.batch_denied.

Delegated self-attestation reasons include delegated.relationship_unproven, delegated.relationship_not_allowed, delegated.claim_denied, delegated.subject_not_permitted, and delegated.proof_denied.