generated from SafdarJamal/vite-template-react
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathopenapi.yaml
More file actions
1114 lines (1078 loc) · 32.9 KB
/
openapi.yaml
File metadata and controls
1114 lines (1078 loc) · 32.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
openapi: 3.0.3
info:
title: Cardless ID API
description: |
A decentralized identity verification and credential issuance system built on Algorand blockchain.
This API provides endpoints for:
- Identity verification workflows
- W3C Verifiable Credential issuance
- Age verification challenges via QR codes
- Website integration for verifiers
For detailed integration guides, see the project documentation.
version: 1.0.0
contact:
name: Cardless ID
url: https://cardlessid.org
servers:
- url: http://localhost:5173
description: Development server
- url: https://cardlessid.org
description: Production server
tags:
- name: Verification
description: Identity verification workflow endpoints
- name: Credentials
description: W3C Verifiable Credential management
- name: Age Verification
description: QR code-based age verification challenges
- name: Wallet
description: Wallet status and credential checks
- name: Integrator
description: Third-party website integration endpoints
- name: Webhooks
description: Webhook endpoints for verification providers
components:
securitySchemes:
BearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
description: API key for integrator endpoints
schemas:
Error:
type: object
properties:
error:
type: string
description: Error message
code:
type: string
description: Error code
VerificationSession:
type: object
properties:
sessionId:
type: string
format: uuid
description: Unique session identifier
provider:
type: string
enum: [cardlessid, idenfy, stripe_identity, persona, mock, custom]
description: Verification provider used
status:
type: string
enum: [pending, approved, rejected, expired]
description: Current verification status
createdAt:
type: integer
description: Unix timestamp when session was created
expiresAt:
type: integer
description: Unix timestamp when session expires
walletAddress:
type: string
description: Algorand wallet address being verified
nullable: true
credentialIssued:
type: boolean
description: Whether a credential has been issued for this session
nullable: true
assetId:
type: string
description: Asset ID of the minted NFT credential (populated after credential issuance)
nullable: true
assetTransferred:
type: boolean
description: Whether the NFT has been transferred to the wallet (prevents replay attacks)
nullable: true
transferredAt:
type: integer
description: Unix timestamp when NFT was transferred
nullable: true
verifiedData:
type: object
description: Verified identity data (only populated after approval)
nullable: true
properties:
firstName:
type: string
middleName:
type: string
nullable: true
lastName:
type: string
birthDate:
type: string
format: date
governmentId:
type: string
idType:
type: string
state:
type: string
expirationDate:
type: string
format: date
nullable: true
VerificationStatus:
type: object
properties:
status:
type: string
enum: [pending, approved, rejected]
data:
type: object
nullable: true
Credential:
type: object
properties:
'@context':
type: array
items:
type: string
type:
type: array
items:
type: string
issuer:
type: string
credentialSubject:
type: object
issuanceDate:
type: string
format: date-time
proof:
type: object
AgeVerificationChallenge:
type: object
properties:
sessionId:
type: string
format: uuid
qrCode:
type: string
description: Base64 encoded QR code image
expiresAt:
type: string
format: date-time
WalletStatus:
type: object
properties:
hasCredential:
type: boolean
isVerified:
type: boolean
paths:
# Verification Flow Endpoints
/api/verification/start:
post:
tags:
- Verification
summary: Start verification process
description: Initiates a new identity verification session
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- walletAddress
properties:
walletAddress:
type: string
description: Algorand wallet address
example: "MWCAXBUMUK3I2NTVEHDA6JVQ2W7IMKJUJSGEKQTRMFYYE3W6GJUSHUAGJM"
responses:
'200':
description: Session created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/VerificationSession'
'400':
description: Invalid request
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/api/verification/upload-id:
post:
tags:
- Verification
summary: Upload ID document
description: Upload front (and optionally back) image of government-issued ID
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- sessionId
- frontImage
properties:
sessionId:
type: string
format: uuid
frontImage:
type: string
format: byte
description: Base64 encoded front image of ID
backImage:
type: string
format: byte
nullable: true
description: Base64 encoded back image of ID
responses:
'200':
description: ID uploaded successfully
content:
application/json:
schema:
type: object
properties:
success:
type: boolean
extractedData:
type: object
nullable: true
'400':
description: Invalid request
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/api/verification/upload-selfie:
post:
tags:
- Verification
summary: Upload selfie for face matching
description: Upload selfie image for biometric verification against ID photo
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- sessionId
- selfieImage
properties:
sessionId:
type: string
format: uuid
selfieImage:
type: string
format: byte
description: Base64 encoded selfie image
responses:
'200':
description: Selfie uploaded successfully
content:
application/json:
schema:
type: object
properties:
success:
type: boolean
faceMatch:
type: object
nullable: true
properties:
confidence:
type: number
format: float
minimum: 0
maximum: 100
'400':
description: Invalid request
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/api/verification/status/{sessionId}:
get:
tags:
- Verification
summary: Check verification status
description: Get current status of a verification session
parameters:
- name: sessionId
in: path
required: true
schema:
type: string
format: uuid
responses:
'200':
description: Status retrieved successfully
content:
application/json:
schema:
$ref: '#/components/schemas/VerificationStatus'
'404':
description: Session not found
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/api/verification/session/{sessionId}:
get:
tags:
- Verification
summary: Get verification session details
description: Retrieve detailed information about a verification session
parameters:
- name: sessionId
in: path
required: true
schema:
type: string
format: uuid
responses:
'200':
description: Session details retrieved
content:
application/json:
schema:
type: object
'404':
description: Session not found
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
# Credential Endpoints
/api/credentials:
post:
tags:
- Credentials
summary: Create verifiable credential
description: |
Issue a W3C Verifiable Credential and mint NFT on Algorand blockchain.
**Security Flow**:
1. Validates verification session is approved
2. Mints NFT credential on blockchain
3. Stores assetId in session for transfer validation
4. Returns assetId to client
**Next Steps**:
After receiving the assetId, the client must:
1. Opt-in to the asset (Algorand requirement)
2. Call `/api/credentials/transfer` with sessionId to complete the transfer
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- verificationSessionId
- walletAddress
- firstName
- lastName
- birthDate
properties:
verificationSessionId:
type: string
format: uuid
description: Verification session ID from approved session
walletAddress:
type: string
description: Algorand wallet address to receive credential
firstName:
type: string
description: First name from verified identity
lastName:
type: string
description: Last name from verified identity
birthDate:
type: string
format: date
description: Birth date from verified identity
governmentId:
type: string
description: Government ID number
middleName:
type: string
nullable: true
idType:
type: string
description: Type of ID document
state:
type: string
description: State code (for US IDs)
expirationDate:
type: string
format: date
nullable: true
responses:
'200':
description: Credential created successfully
content:
application/json:
schema:
type: object
properties:
success:
type: boolean
credential:
$ref: '#/components/schemas/Credential'
personalData:
type: object
description: Personal data included in credential (not on blockchain)
nft:
type: object
properties:
assetId:
type: string
description: Algorand asset ID - save this for transfer call
requiresOptIn:
type: boolean
description: Whether client must opt-in before transfer
instructions:
type: object
properties:
step1:
type: string
example: "Client must opt-in to the asset"
step2:
type: string
example: "Call POST /api/credentials/transfer with sessionId, assetId and walletAddress"
step3:
type: string
example: "Asset will be transferred and frozen (non-transferable)"
blockchain:
type: object
properties:
transaction:
type: object
properties:
id:
type: string
description: Blockchain transaction ID
explorerUrl:
type: string
format: uri
description: Blockchain explorer URL
network:
type: string
enum: [testnet, mainnet]
'400':
description: Invalid request or session not valid for credential issuance
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
'404':
description: Verification session not found
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/api/credentials/schema:
get:
tags:
- Credentials
summary: Get credential schema
description: Retrieve W3C Verifiable Credential schema definition
responses:
'200':
description: Schema retrieved successfully
content:
application/json:
schema:
type: object
/api/credentials/transfer:
post:
tags:
- Credentials
summary: Transfer and freeze credential NFT
description: |
Transfer a minted credential NFT to the verified wallet and freeze it to make it non-transferable.
**SECURITY**: Requires session validation. Only the wallet address that was verified in the
original verification session can receive the credential. The sessionId, assetId, and
walletAddress must all match the verification session data.
**Prerequisites**:
1. Complete verification flow and receive approved status
2. Call `/api/credentials` to mint the NFT credential
3. Client wallet must opt-in to the asset
4. Call this endpoint to transfer and freeze the NFT
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- sessionId
- assetId
- walletAddress
properties:
sessionId:
type: string
format: uuid
description: Verification session ID (required for authorization)
example: "session_1234567890_abc123"
assetId:
type: integer
description: Algorand asset ID of the minted credential NFT
example: 123456789
walletAddress:
type: string
description: Algorand wallet address (must match verified session)
example: "MWCAXBUMUK3I2NTVEHDA6JVQ2W7IMKJUJSGEKQTRMFYYE3W6GJUSHUAGJM"
responses:
'200':
description: Transfer successful - NFT transferred and frozen
content:
application/json:
schema:
type: object
properties:
success:
type: boolean
example: true
assetId:
type: string
description: Asset ID of the transferred credential
walletAddress:
type: string
description: Wallet address that received the credential
transactions:
type: object
properties:
transfer:
type: object
properties:
id:
type: string
description: Transaction ID for the transfer
explorerUrl:
type: string
format: uri
description: Blockchain explorer URL for transfer transaction
freeze:
type: object
properties:
id:
type: string
description: Transaction ID for the freeze
explorerUrl:
type: string
format: uri
description: Blockchain explorer URL for freeze transaction
message:
type: string
example: "Credential NFT transferred and frozen (non-transferable)"
'400':
description: Invalid request - missing required fields
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
'403':
description: |
Forbidden - session validation failed. Possible reasons:
- Wallet address does not match session
- Asset ID does not match session
- Asset already transferred
- No credential issued for session
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
'404':
description: Session not found
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
'500':
description: Server error during transfer
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
# Age Verification Endpoints
/api/age-verify/create:
post:
tags:
- Age Verification
summary: Create age verification challenge
description: Generate a QR code challenge for age verification
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- minimumAge
properties:
minimumAge:
type: integer
minimum: 0
maximum: 150
example: 21
verifierName:
type: string
nullable: true
example: "Joe's Bar & Grill"
responses:
'200':
description: Challenge created successfully
content:
application/json:
schema:
$ref: '#/components/schemas/AgeVerificationChallenge'
'400':
description: Invalid request
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/api/age-verify/respond:
post:
tags:
- Age Verification
summary: Respond to age verification challenge
description: Submit response to an age verification challenge
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- sessionId
- walletAddress
- meetsAge
properties:
sessionId:
type: string
format: uuid
walletAddress:
type: string
description: Wallet address of the person being verified
meetsAge:
type: boolean
description: Whether the person meets the minimum age requirement
responses:
'200':
description: Response recorded successfully
content:
application/json:
schema:
type: object
properties:
success:
type: boolean
'400':
description: Invalid request
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/api/age-verify/session/{sessionId}:
get:
tags:
- Age Verification
summary: Check challenge status
description: Get current status of an age verification challenge
parameters:
- name: sessionId
in: path
required: true
schema:
type: string
format: uuid
responses:
'200':
description: Status retrieved successfully
content:
application/json:
schema:
type: object
properties:
status:
type: string
enum: [pending, approved, rejected]
meetsAge:
type: boolean
nullable: true
'404':
description: Session not found
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
# Wallet Endpoints
/api/wallet/status/{address}:
get:
tags:
- Wallet
summary: Check wallet status
description: Check if a wallet has a credential and verification status
parameters:
- name: address
in: path
required: true
schema:
type: string
description: Algorand wallet address
responses:
'200':
description: Status retrieved successfully
content:
application/json:
schema:
$ref: '#/components/schemas/WalletStatus'
'400':
description: Invalid wallet address
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
# Integrator API Endpoints
/api/integrator/challenge/create:
post:
tags:
- Integrator
summary: Create integrator challenge
description: Create an age verification challenge for third-party websites
security:
- BearerAuth: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- minimumAge
properties:
minimumAge:
type: integer
minimum: 0
maximum: 150
metadata:
type: object
nullable: true
description: Additional metadata for the challenge
responses:
'200':
description: Challenge created successfully
content:
application/json:
schema:
type: object
properties:
challengeId:
type: string
format: uuid
qrCodeUrl:
type: string
format: uri
'401':
description: Unauthorized
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
'400':
description: Invalid request
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/api/integrator/challenge/verify/{challengeId}:
get:
tags:
- Integrator
summary: Verify challenge
description: Check if a challenge has been successfully verified
security:
- BearerAuth: []
parameters:
- name: challengeId
in: path
required: true
schema:
type: string
format: uuid
responses:
'200':
description: Verification status retrieved
content:
application/json:
schema:
type: object
properties:
verified:
type: boolean
walletAddress:
type: string
nullable: true
timestamp:
type: string
format: date-time
nullable: true
'401':
description: Unauthorized
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
'404':
description: Challenge not found
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/api/integrator/challenge/details/{challengeId}:
get:
tags:
- Integrator
summary: Get challenge details
description: Retrieve detailed information about a challenge including responses
security:
- BearerAuth: []
parameters:
- name: challengeId
in: path
required: true
schema:
type: string
format: uuid
responses:
'200':
description: Challenge details retrieved
content:
application/json:
schema:
type: object
properties:
challenge:
type: object
responses:
type: array
items:
type: object
'401':
description: Unauthorized
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
'404':
description: Challenge not found
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/api/integrator/challenge/respond:
post:
tags:
- Integrator
summary: Respond to integrator challenge
description: Submit a response to an integrator challenge
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- challengeId
- walletAddress
- meetsAge
properties:
challengeId:
type: string
format: uuid
walletAddress:
type: string
meetsAge:
type: boolean
responses:
'200':
description: Response recorded
content:
application/json:
schema:
type: object
properties:
success:
type: boolean
'400':
description: Invalid request
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
# Webhook Endpoints
/api/verification/webhook:
post:
tags:
- Webhooks
summary: Verification provider webhook
description: Webhook endpoint for verification service providers to send updates
requestBody:
required: true
content:
application/json:
schema:
type: object
description: Provider-specific webhook payload
responses:
'200':
description: Webhook processed successfully
content:
application/json:
schema:
type: object
properties:
success:
type: boolean
'400':
description: Invalid webhook payload
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/api/verify-webhook:
post:
tags:
- Webhooks
summary: Generic verification webhook
description: Generic webhook endpoint for verification updates
requestBody:
required: true
content:
application/json:
schema:
type: object
responses:
'200':
description: Webhook processed
content:
application/json:
schema:
type: object
'400':
description: Invalid request
content:
application/json:
schema:
$ref: '#/components/schemas/Error'