Get Software Statement Assertion (SSA)

Owned by Space Sync for Confluence
Last updated: Dec 06, 2023
1 min read

CDS Reference

Get Software Statement Assertion (SSA)

Current Version

v3

Deprecated Versions

Retired Versions

v2 V1

Transport

MTLS

Authorisation

BEARER

Client

data recipient

Endpoint URL

https://secure.api.cdr.gov.au/cdr-register/v1/{industry}/data-recipients/brands/{dataRecipientBrandId}/software-products/{softwareProductId}/ssa

Implementation Guidance

  • A Software Statement Assertion contains metadata about a software product and is signed by the Register so that authenticity can be verified.

  • A Software Statement Assertion is required for Dynamic Client Registration (DCR). An SSA must be retrieved from the Register and included in Create (POST) and Update (PUT) registration operations.

  • A Software Statement Assertion can be retrieved once from the Register and used in multiple dynamic client registrations for as long as the SSA is still valid (lifetime is 10 minutes). A separate SSA does not need to be retrieved for each dynamic client registration.

  • Before calling the Get Software Statement Assertion (SSA) API, the Data Recipient Software Product must retrieve an access token from the Register's Token Endpoint.

  • The access token must be added to the Authorization header of the Get Software Statement Assertion (SSA) request as a Bearer token:

GET https://api.cdr.gov.au/cdr-register/v1/{industry}/data-recipients/brands/{dataRecipientBrandId}/software-products/{softwareProductId}/ssa Authorization: Bearer {access_token}