Skip to end of banner
Go to start of banner

Get Software Statement Assertion (SSA)

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

CDS Reference

Get Software Statement Assertion (SSA)

Current Version

V3

Deprecated Versions

V2 V1

Transport

MTLS

Authorisation

BEARER

Client

DATA RECIPIENT

Endpoint URL

https://secure.api.cdr.gov.au/cdr-register/v1/{industry}/data-recipients/brands/{dataRecipientBrandId}/software-products/{softwareProductId}/ssa

Implementation Guidance

  • A Software Statement Assertion contains metadata about a software product and is signed by the Register so that authenticity can be verified.

  • A Software Statement Assertion is required for Dynamic Client Registration (DCR). An SSA must be retrieved from the Register and included in Create (POST) and Update (PUT) registration operations.

  • A Software Statement Assertion can be retrieved once from the Register and used in multiple dynamic client registrations for as long as the SSA is still valid (lifetime is 10 minutes). A separate SSA does not need to be retrieved for each dynamic client registration.

  • Before calling the Get Software Statement Assertion (SSA) API, the Data Recipient Software Product must retrieve an access token from the Register's Token Endpoint.

  • The access token must be added to the Authorization header of the Get Software Statement Assertion (SSA) request as a Bearer token:

GET https://api.cdr.gov.au/cdr-register/v1/{industry}/data-recipients/brands/{dataRecipientBrandId}/software-products/{softwareProductId}/ssa
Authorization: Bearer {access_token}

  • No labels