IDUnion Trust List API (0.0.1)

Returns the operational health status of the Trust List API service. Useful for monitoring, load balancer checks, and readiness probes.

Creates a new Trust List owned by the authenticated user. A Trust List groups organizations (Trust List Records) of a specific role type (e.g. Wallet Provider, PID Provider). It requires a governance wallet for VC interactions and a verifier to validate onboarding credentials presented by joining organizations.

Returns a publicly accessible directory of all Trust Lists. No authentication is required. An optional search query parameter filters results by name or description. Used by clients to display a browseable catalog of available trust ecosystems.

Returns publicly accessible metadata for a specific Trust List. No authentication is required. Returns the same fields as the directory listing but for a single Trust List, excluding sensitive fields such as the verifier ID.

Returns all Trust Lists owned by the authenticated user. Unlike the public directory, this response includes the full Trust List representation with the verifier ID. Used to populate the authenticated user's management dashboard.

Returns the full representation of a specific Trust List for the authenticated owner, including the verifier ID not exposed in the public directory endpoints.

Updates the metadata of an existing Trust List. Only the Trust List owner can perform this operation. Fields provided in the payload will overwrite current values.

Permanently deletes the specified Trust List and all its associated records. Only the Trust List owner can perform this operation.

Searches for Trust List Records across all Trust Lists by organization name. No authentication is required. Used by public-facing directory or search features to find entities registered under a given organization name.

Returns all Trust List Records belonging to a specific Trust List. Each record represents an organization with its DID, status (onboarded, trusted, revoked, or expired), accreditations, and onboarding credentials. Used to display the list of entities participating in a trust ecosystem.

Directly creates a new Trust List Record in the specified Trust List, bypassing the credential-based onboarding flow. The public key material must be provided either as a did:key or a Certificate Signing Request (CSR) in PEM format. When a CSR is provided, the API issues an x509 certificate and registers it in the ETSI TS 119-612 trust list XML. Returns the generated DID and, if a CSR was provided, the issued certificate.

Adds a new verification method to the DID Document of the specified Trust List Record. The verification method includes cryptographic key material (e.g. Ed25519, RSA, or ES256K) and is registered under the assertionMethod, authentication, and capabilityInvocation relationships in the DID Document.

Updates an existing verification method on the DID Document of a Trust List Record. Primarily used to revoke a verification method by setting the revoked timestamp, which marks the key as no longer valid and transitions the Trust List Record status to revoked. The Trust List Record's status in the ETSI trust list XML is updated accordingly.

Returns a suggested DID for a new Trust List Record within the specified Trust List. The suggested DID is derived from the Trust List's DID base and can be used to pre-fill the DID field when creating a new record.

Returns the Trust List in either ETSI TS 119-612 or ETSI TS 119-602 XML format, Depending on the trust list type. The XML document includes Trust List Records with their DID-based cryptographic material and accreditation information, suitable for consumption by wallet verifiers and trust framework participants.

Retrieves the Verifiable Presentation (VP) stored for a specific Trust List Record. The VP is encoded as a JWT and represents the credential presented during the onboarding process, proving the entity's eligibility to join the Trust List. Used to audit or display the onboarding evidence for a given record.

Returns a specific Trust List Record including organization details, DID, current status (onboarded, trusted, revoked, or expired), accreditations, and onboarding credentials. No authentication is required; used to display public entity detail pages.

Permanently removes a specific Trust List Record from the Trust List. Only the Trust List owner can perform this operation. The associated DID Document and all related data will be deleted.

Returns the full chain of Trust List Records from the root trust anchor down to the specified record. Each element in the array represents one step in the chain of trust, showing which entities issued or accredited the next. Used to visualize and verify the complete trust path for a given organization.

Returns the W3C DID Document for the specified Trust List Record. The document contains the entity's DID, cryptographic verification methods, and service endpoints. This endpoint follows the did:web resolution convention and is used by DID resolvers to look up the entity's public key material and service information.

Initiates the credential-based onboarding process for an organization joining the specified Trust List. Returns a verifier URL to redirect the holder to, where they must present an onboarding Verifiable Credential (VC) proving their eligibility. After presenting the credential, the status can be polled via GET /onboarding/{verifier_state}. On successful verification, a Trust List Record is automatically created for the organization.

Polls the status of an ongoing onboarding process using the verifier state token returned by POST /{tl_id}/onboarding. Returns the current status (in_progress, completed, or error) along with the assigned DID once onboarding is complete. Clients should poll this endpoint periodically until a terminal status is reached.