swagger: '2.0' info: version: '1.4.0' title: Consumer Data Right (CDR) Register - Participant Discovery APIs schemes: - https basePath: /cdr-register/v1 paths: '/.well-known/openid-configuration': get: tags: - OpenID Connect summary: GetOpenIdProviderConfig operationId: GetOpenIdProviderConfig description: Endpoint used by participants to discover the CDR Register OpenID configuration and obtain information needed to interact with it, including its OAuth 2.0 endpoint locations. produces: - application/json responses: '200': description: The OpenID Provider Configuration Metadata values schema: $ref: '#/definitions/ResponseOpenIDProviderConfigMetadata' '/jwks': get: tags: - JWKS summary: GetJWKS operationId: GetJWKS description: JWKS endpoint containing the public keys used by the CDR Register to validate the signature of issued SSAs and authenticate outbound calls to participants in the CDR produces: - application/json responses: '200': description: A JSON object that represents a set of JWKs schema: $ref: '#/definitions/ResponseJWKS' '/{industry}/data-holders/brands': get: tags: - Data Holder Brands summary: GetDataHolderBrands operationId: GetDataHolderBrands description: Allows Data Recipients to discover data holder brands available in the CDR ecosystem x-version: "1" consumes: - application/json produces: - application/json parameters: - $ref: '#/parameters/Industry' - name: updated-since in: query description: query filter returns data holder brands updated since the specified date-time required: false type: string format: date-time - name: page in: query description: the page number to return required: false type: integer format: int32 - name: page-size in: query description: the number of records to return per page required: false type: integer format: int32 - $ref: '#/parameters/Authorization' - $ref: '#/parameters/XV' responses: '200': description: Success headers: x-v: type: string description: The [version](https://consumerdatastandardsaustralia.github.io/standards/#response-headers) of the API end point that the CDR Register has responded with. schema: $ref: '#/definitions/ResponseRegisterDataHolderBrandList' '400': description: Bad Request
Invalid industry path parameter schema: $ref: '#/definitions/ResponseErrorList' '401': description: Invalid Bearer Token '406': description: Invalid x-v header
Invalid Accept header x-scopes: - cdr-register:bank:read '/{industry}/data-recipients/brands/{dataRecipientBrandId}/software-products/{softwareProductId}/ssa': get: tags: - Software Statement Assertion summary: GetSoftwareStatementAssertion (SSA) operationId: GetSoftwareStatementAssertion description: Get a Software Statement Assertion (SSA) for a software product on the CDR Register to be used for Dynamic Client Registration with a Data Holder Brand x-version: "2" consumes: - application/json produces: - application/json parameters: - $ref: '#/parameters/Industry' - name: dataRecipientBrandId in: path description: Unique id for the Accredited Data Recipient Brand that the Software Product is associated with in the CDR Register. Refer to [Identifiers](https://cdr-register.github.io/register/#identifiers) for details required: true type: string - name: softwareProductId in: path description: Unique id for the Accredited Data Recipient Software Product in the CDR Register. Refer to [Identifiers](https://cdr-register.github.io/register/#identifiers) for details required: true type: string - $ref: '#/parameters/Authorization' - $ref: '#/parameters/XV' responses: '200': description: Success headers: x-v: type: string description: The [version](https://consumerdatastandardsaustralia.github.io/standards/#response-headers) of the API end point that the CDR Register has responded with. schema: type: string '400': description: Invalid industry path parameter
Invalid SoftwareProductId schema: $ref: '#/definitions/ResponseErrorList' '401': description: Invalid Bearer Token '403': description: Invalid BrandId schema: $ref: '#/definitions/ResponseErrorList' '406': description: Invalid x-v header
Invalid Accept header '422': description: SSA fields invalid or incomplete schema: $ref: '#/definitions/ResponseErrorList' x-scopes: - cdr-register:bank:read '/{industry}/data-recipients/brands/software-products/status': get: tags: - Software Products Status summary: GetSoftwareProductsStatus operationId: GetSoftwareProductsStatus description: Endpoint used by participants to discover the statuses for software products from the CDR Register x-version: "1" consumes: - application/json produces: - application/json parameters: - $ref: '#/parameters/Industry' - $ref: '#/parameters/XV' responses: '200': description: Success headers: x-v: type: string description: The [version](https://consumerdatastandardsaustralia.github.io/standards/#response-headers) of the API end point that the CDR Register has responded with. schema: $ref: '#/definitions/SoftwareProductsStatusList' '400': description: Bad Request
Invalid industry path parameter schema: $ref: '#/definitions/ResponseErrorList' '406': description: Invalid x-v header
Invalid Accept header '/{industry}/data-recipients/status': get: tags: - Data Recipients Status summary: GetDataRecipientsStatus operationId: GetDataRecipientsStatus description: Endpoint used by participants to discover the statuses for Data Recipients from the CDR Register x-version: "1" consumes: - application/json produces: - application/json parameters: - $ref: '#/parameters/Industry' - $ref: '#/parameters/XV' responses: '200': description: Success headers: x-v: type: string description: The [version](https://consumerdatastandardsaustralia.github.io/standards/#response-headers) of the API end point that the CDR Register has responded with. schema: $ref: '#/definitions/DataRecipientsStatusList' '400': description: Bad Request
Invalid industry path parameter schema: $ref: '#/definitions/ResponseErrorList' '406': description: Invalid x-v header
Invalid Accept header '/{industry}/data-recipients': get: tags: - Data Recipients summary: GetDataRecipients operationId: GetDataRecipients description: Endpoint used by participants to discover data recipients and associated brands and software products, available in the CDR ecosystem x-version: "2" consumes: - application/json produces: - application/json parameters: - $ref: '#/parameters/Industry' - $ref: '#/parameters/XV' responses: '200': description: Success headers: x-v: type: string description: The [version](https://consumerdatastandardsaustralia.github.io/standards/#response-headers) of the API end point that the CDR Register has responded with. schema: $ref: '#/definitions/ResponseRegisterDataRecipientList' '400': description: Bad Request
Invalid industry path parameter schema: $ref: '#/definitions/ResponseErrorList' '406': description: Invalid x-v header
Invalid Accept header parameters: Authorization: name: Authorization in: header required: true description: An Authorisation Token as per [RFC6750](https://tools.ietf.org/html/rfc6750) type: string XV: name: x-v in: header required: false description: The [version](https://consumerdatastandardsaustralia.github.io/standards/#response-headers) of the API end point requested by the client. Must be set to a positive integer. type: string Industry: name: industry in: path description: The industry the participant is retrieving data for (Banking, etc) required: true enum: - banking type: string definitions: ResponseOpenIDProviderConfigMetadata: description: Response containing the Open ID Provider Configuration Metadata required: - issuer - jwks_uri - token_endpoint - claims_supported - id_token_signing_alg_values_supported - subject_types_supported - code_challenge_methods_supported - scopes_supported - response_types_supported - grant_types_supported - token_endpoint_auth_methods_supported - tls_client_certificate_bound_access_tokens - request_object_signing_alg_values_supported type: object properties: issuer: type: string description: URL using the https scheme with no query or fragment component that the CDR Register asserts as its Issuer Identifier jwks_uri: type: string description: URL of the CDR Register's JSON Web Key Set [JWK] document. This contains the signing key(s) used to validate access tokens issued from the CDR Register. Note that this differs from the [JWKS endpoint](https://cdr-register.github.io/register/#getjwks) used to validate SSAs and CDR Register client authentication token_endpoint: type: string description: URL of the CDR Register's OAuth 2.0 Token Endpoint claims_supported: type: array items: type: string description: JSON array containing a list of the Claim Names of the Claims that the CDR Register supplies values for id_token_signing_alg_values_supported: type: array items: type: string description: JSON array containing a list of the JWS signing algorithms (alg values) supported by the CDR Register for the ID Token to encode the Claims in a JWT. Given the CDR Register does not issue ID tokens, this field can be safely ignored subject_types_supported: type: array items: type: string description: JSON array containing a list of the Subject Identifier types that the CDR Register supports. Given the CDR Register does not issue ID tokens, this field can be safely ignored code_challenge_methods_supported: type: array items: type: string description: JSON array containing a list of Proof Key for Code Exchange (PKCE) [RFC7636] code challenge methods supported by this authorization server. Given the CDR Register does not support PKCE, this field can be safely ignored scopes_supported: type: array items: type: string description: JSON array containing a list of the OAuth 2.0 [RFC6749] scope values that the CDR Register supports response_types_supported: type: array items: type: string description: JSON array containing a list of the OAuth 2.0 response_type values that the CDR Registrer supports grant_types_supported: type: array items: type: string description: JSON array containing a list of the OAuth 2.0 Grant Type values that the CDR Register supports token_endpoint_auth_methods_supported: type: array items: type: string description: JSON array containing a list of Client Authentication methods supported by this Token Endpoint tls_client_certificate_bound_access_tokens: type: boolean description: Boolean value indicating server support for mutual TLS client certificate bound access tokens request_object_signing_alg_values_supported: type: array items: type: string description: JSON array containing a list of the JWS signing algorithms (alg values) supported by the CDR Register for Request Objects. ResponseJWKS: description: Response containing the JSON Web Key Set required: - keys type: object properties: keys: type: array description: The value of the "keys" parameter is an array of JWK values items: $ref: '#/definitions/JWK' JWK: description: Object representing a JSON Web Key required: - alg - e - key_ops - kid - kty - n type: object properties: alg: type: string description: The "alg" (algorithm) parameter identifies the algorithm intended for use with the key e: type: string description: The "e" RSA public exponent parameter key_ops: type: array items: type: string description: The "key_ops" (key operations) parameter identifies the operation(s) for which the key is intended to be used kid: type: string description: The "kid" (key ID) parameter is partially used to match a specific key. Note the "kid" parameter is not guaranteed unique and additional parameters should be used to progressively to identify a key within a set kty: type: string description: The "kty" (key type) parameter identifies the cryptographic algorithm family used with the key n: type: string description: The "n" RSA public modulus parameter ResponseRegisterDataHolderBrandList: description: Response containing a list of CDR Register Data Holder Brand objects required: - data - links - meta type: object properties: data: description: Response data for the query uniqueItems: false type: array items: $ref: '#/definitions/RegisterDataHolderBrand' links: $ref: '#/definitions/LinksPaginated' meta: $ref: '#/definitions/MetaPaginated' RegisterDataHolderBrand: required: - dataHolderBrandId - brandName - industry - logoUri - legalEntity - status - endpointDetail - authDetails - lastUpdated type: object properties: dataHolderBrandId: description: Unique id of the Data Holder Brand issued by the CDR Register. Refer to [Identifiers](https://cdr-register.github.io/register/#identifiers) for details type: string brandName: description: The name of Data Holder Brand type: string industry: description: The industry the Data Holder brand belongs to (Banking, etc) enum: - banking type: string logoUri: description: Brand logo URI type: string x-cds-type: URIString legalEntity: $ref: '#/definitions/LegalEntityDetail' status: enum: - ACTIVE - INACTIVE - REMOVED type: string endpointDetail: $ref: '#/definitions/RegisterDataHolderBrandServiceEndpoint' authDetails: type: array uniqueItems: false items: $ref: '#/definitions/RegisterDataHolderAuth' lastUpdated: description: The date/time that the Data Holder Brand data was last updated in the Register type: string format: date-time x-cds-type: DateTimeString SoftwareProductsStatusList: required: - softwareProducts type: object properties: softwareProducts: uniqueItems: true type: array items: $ref: '#/definitions/SoftwareProductStatus' SoftwareProductStatus: required: - softwareProductId - softwareProductStatus type: object properties: softwareProductId: description: Unique id of the software product issued by the CDR Register. Refer to [Identifiers](https://cdr-register.github.io/register/#identifiers) for details type: string softwareProductStatus: description: Software product status in the CDR Register enum: - ACTIVE - INACTIVE - REMOVED type: string DataRecipientsStatusList: required: - dataRecipients type: object properties: dataRecipients: uniqueItems: true type: array items: $ref: '#/definitions/DataRecipientStatus' DataRecipientStatus: required: - dataRecipientId - dataRecipientStatus type: object properties: dataRecipientId: description: Unique id of the Data Recipient issued by the CDR Register. Refer to [Identifiers](https://cdr-register.github.io/register/#identifiers) for details type: string dataRecipientStatus: description: Data Recipient status in the CDR Register enum: - ACTIVE - SUSPENDED - REVOKED - SURRENDERED type: string ResponseRegisterDataRecipientList: description: Response containing a list of Data Recipients in the CDR Register required: - data - links - meta type: object properties: data: description: Response data for the query uniqueItems: false type: array items: $ref: '#/definitions/RegisterDataRecipient' RegisterDataRecipient: required: - legalEntityId - legalEntityName - accreditationNumber - industry - logoUri - status - lastUpdated type: object properties: legalEntityId: description: Unique id of the Data Recipient Legal Entity issued by the CDR Register. Refer to [Identifiers](https://cdr-register.github.io/register/#identifiers) for details type: string legalEntityName: description: Legal name of the Data Recipient type: string accreditationNumber: description: CDR Register issued human readable unique number given to Data Recipients upon accreditation type: string industry: enum: - banking type: string logoUri: description: Legal Entity logo URI type: string x-cds-type: URIString dataRecipientBrands: uniqueItems: true type: array items: $ref: '#/definitions/DataRecipientBrandMetaData' status: enum: - ACTIVE - SUSPENDED - REVOKED - SURRENDERED type: string lastUpdated: format: date-time description: The date/time that the Legal Entity was last updated in the CDR Register type: string x-cds-type: DateTimeString DataRecipientBrandMetaData: description: Metadata related to Data Recipient Brand required: - dataRecipientBrandId - brandName - logoUri - status type: object properties: dataRecipientBrandId: description: Unique id of the Data Recipient brand issued by the CDR Register. Refer to [Identifiers](https://cdr-register.github.io/register/#identifiers) for details type: string brandName: description: Data Recipient Brand name type: string logoUri: description: Data Recipient Brand logo URI type: string x-cds-type: URIString softwareProducts: uniqueItems: true type: array items: $ref: '#/definitions/SoftwareProductMetaData' status: enum: - ACTIVE - INACTIVE - REMOVED type: string SoftwareProductMetaData: description: Data Recipient Brand Software Products required: - softwareProductId - softwareProductName - logoUri - status type: object properties: softwareProductId: description: Unique id of the Data Recipient software product issued by the CDR Register. Refer to [Identifiers](https://cdr-register.github.io/register/#identifiers) for details type: string softwareProductName: description: Name of the software product type: string softwareProductDescription: description: Description of the software product type: string logoUri: description: Software product logo URI type: string x-cds-type: URIString status: enum: - ACTIVE - INACTIVE - REMOVED type: string LegalEntityDetail: description: The data that is common to all organisations, regardless of the type (e.g. company, trust, partnership, government) required: - legalEntityId - legalEntityName - logoUri type: object properties: legalEntityId: description: Unique id of the organisation issued by the CDR Register. Refer to [Identifiers](https://cdr-register.github.io/register/#identifiers) for details type: string legalEntityName: description: Unique legal name of the organisation type: string logoUri: description: Legal Entity logo URI type: string x-cds-type: URIString registrationNumber: description: Unique registration number (if the company is registered outside Australia) type: string registrationDate: format: date description: Date of registration (if the company is registered outside Australia) type: string x-cds-type: DateString registeredCountry: description: Country of registeration (if the company is registered outside Australia) type: string abn: description: Australian Business Number for the organisation type: string acn: description: Australian Company Number for the organisation type: string arbn: description: Australian Registered Body Number. ARBNs are issued to registrable Australian bodies and foreign companies type: string industryCode: description: Industry Code for the organisation. [ANZSIC (2006)](http://www.abs.gov.au/anzsic) type: string organisationType: description: Legal organisation type enum: - SOLE_TRADER - COMPANY - PARTNERSHIP - TRUST - GOVERNMENT_ENTITY - OTHER type: string RegisterDataHolderBrandServiceEndpoint: description: Endpoints related to Data Holder Brand services required: - version - publicBaseUri - resourceBaseUri - infosecBaseUri - websiteUri type: object properties: version: description: The major version of the high level standards. This is not the version of the endpoint or the payload being requested but the version of the overall standards being applied. This version number will be "v" followed by the major version of the standards as a positive integer (e.g. v1, v12 or v76) type: string publicBaseUri: description: Base URI for the Data Holder's Consumer Data Standard public endpoints type: string x-cds-type: URIString resourceBaseUri: description: Base URI for the Data Holder's Consumer Data Standard resource endpoints type: string x-cds-type: URIString infosecBaseUri: description: Base URI for the Data Holder's Consumer Data Standard information security endpoints type: string x-cds-type: URIString extensionBaseUri: description: Base URI for the Data Holder extension endpoints to the Consumer Data Standard (optional) type: string x-cds-type: URIString websiteUri: description: Publicly available website or web resource URI type: string x-cds-type: URIString RegisterDataHolderAuth: description: Provides details of authorisation endpoints for Data Holders type: object required: - registerUType - jwksEndpoint properties: registerUType: type: string description: The type of authentication and authorisation mechanism in use enum: - SIGNED-JWT jwksEndpoint: description: JWKS endpoint for private_key_jwt client authentication with Data Recipient type: string x-cds-type: URIString LinksPaginated: required: - self type: object properties: first: description: URI to the first page of this set. Mandatory if this response is not the first page type: string last: description: URI to the last page of this set. Mandatory if this response is not the last page type: string next: description: URI to the next page of this set. Mandatory if this response is not the last page type: string prev: description: URI to the previous page of this set. Mandatory if this response is not the first page type: string self: description: Fully qualified link to this API call type: string MetaPaginated: required: - totalPages - totalRecords type: object properties: totalPages: format: int32 description: The total number of pages in the full set type: integer totalRecords: format: int32 description: The total number of records in the full set type: integer ResponseErrorList: required: - errors type: object properties: errors: uniqueItems: false type: array items: $ref: '#/definitions/Error' Error: required: - code - title - detail type: object properties: code: description: Error code type: string title: description: Error title type: string detail: description: Error detail type: string meta: description: Optional additional data for specific error types type: object tags: []