Tags: ndidplatform/api
Tags
v8.0.1 (October 3, 2024) _Compatible with: [`smart-contract`](https://github.com/ndidplatform/smart-contract) v9.x.x_ BUG FIXES: - Fix backward compatibility with old data structure (data saved by previous version) when getting request data from AS.
v8.0.0 (August 1, 2024) _Compatible with: [`smart-contract`](https://github.com/ndidplatform/smart-contract) v9.x.x_ BREAKING CHANGES: - API version 6.0 - Change request body JSON schema of POST `/node/update`. - Remove `node_key` - Remove `node_key_type` - Remove `node_sign_method` - Remove `node_master_key` - Remove `node_master_key_type` - Remove `node_master_sign_method` - Add `signing_public_key` - Add `signing_key_algorithm` - Add `signing_algorithm` - Add `signing_master_public_key` - Add `signing_master_key_algorithm` - Add `signing_master_algorithm` - Add `encryption_public_key` - Add `encryption_key_algorithm` - Add `encryption_algorithm` - Change response body JSON schema of GET `/utility/nodes/:node_id` - Remove `public_key` - Remove `master_public_key` - Remove `proxy.public_key` - Remove `proxy.master_public_key` - Add `signing_public_key` - Add `signing_master_public_key` - Add `encryption_public_key` - Add `proxy.signing_public_key` - Add `proxy.signing_master_public_key` - Add `proxy.encryption_public_key` - Remove query string parameter `on_the_fly_support` from GET `/utility/idp` - Add query string parameter `supported_feature_list` (list of strings separated by `,`) to GET `/utility/idp` - Change response body JSON schema of GET `/utility/idp`. - Remove `on_the_fly_support` (boolean) property. - Add `supported_feature_list` (array of strings) property. - Remove query string parameter `on_the_fly_support` from GET `/utility/idp/:namespace/:identifier` - Add query string parameter `supported_feature_list` (list of strings separated by `,`) to GET `/utility/idp/:namespace/:identifier` - Change response body JSON schema of GET `/utility/idp/:namespace/:identifier`. - Remove `on_the_fly_support` (boolean) property. - Add `supported_feature_list` (array of strings) property. - Change response body JSON schema of GET `/utility/nodes/:node_id`. - Remove `on_the_fly_support` (boolean) property. - Add `supported_feature_list` (array of strings) property. - Change body JSON schema of sign and sign with master key external crypto service (KMS) callback API. - Change property name `hash_method` to `hash_algorithm`. - Change property name `key_type` to `key_algorithm`. - Remove `sign_method` property. - Add `signing_algorithm` property. - Add `key_version` (number) property. - Change body JSON schema of decrypt external crypto service (KMS) callback API. - Change property name `key_type` to `key_algorithm`. - Add `encryption_algorithm` property. - Add `key_version` (number) property. - Change response body JSON schema of GET `/rp/request_data/:request_id` - Change property name `signature_sign_method` to `signature_signing_algorithm` - Add `signature_signing_key_version` - NDID only APIs - Change request body JSON schema of POST `/ndid/init_ndid`. - Remove `node_key` - Remove `node_key_type` - Remove `node_master_key` - Remove `node_master_key_type` - Add `signing_public_key` - Add `signing_key_algorithm` - Add `signing_algorithm` - Add `signing_master_public_key` - Add `signing_master_key_algorithm` - Add `signing_master_algorithm` - Add `encryption_public_key` - Add `encryption_key_algorithm` - Add `encryption_algorithm` - Change request body JSON schema of POST `/ndid/register_node`. - Remove `node_key` - Remove `node_key_type` - Remove `node_sign_method` - Remove `node_master_key` - Remove `node_master_key_type` - Remove `node_master_sign_method` - Add `signing_public_key` - Add `signing_key_algorithm` - Add `signing_algorithm` - Add `signing_master_public_key` - Add `signing_master_key_algorithm` - Add `signing_master_algorithm` - Add `encryption_public_key` - Add `encryption_key_algorithm` - Add `encryption_algorithm` - Remove `on_the_fly_support` property for registering node (POST `/ndid/register_node`) and updating node (POST `/ndid/update_node`). - Add `supported_feature_list` property for registering node (POST `/ndid/register_node`) and updating node (POST `/ndid/update_node`). FEATURES: - Separate node key usage types (signing and encryption). - API version older than 6.0 uses node signing key as node encryption key. - Support new key algorithms for node signing public key and node signing master public key. - EC - curve: secp256r1/prime256v1 - curve: secp384r1 - Ed25519 - Support new signing algorithms for node key and node master key. - `RSASSA_PKCS1_V1_5_SHA_384`: RSA PKCS #1 v1.5 SHA-384 - `RSASSA_PKCS1_V1_5_SHA_512`: RSA PKCS #1 v1.5 SHA-512 - `RSASSA_PSS_SHA_256`: RSA PSS SHA-256 - `RSASSA_PSS_SHA_384`: RSA PSS SHA-384 - `RSASSA_PSS_SHA_512`: RSA PSS SHA-512 - `ECDSA_SHA_256` (EC key curve: secp256r1/prime256v1) - `ECDSA_SHA_384` (EC key curve: secp384r1) - `Ed25519` - Support new encryption algorithms for node key supported. - `RSAES_OAEP_SHA_1` - `RSAES_OAEP_SHA_256` - API version 6.0 - Validate identifier with namespace `citizen_id` as Thai citizen ID (by validating check digit/checksum). Can be disabled by setting environment variable `VALIDATE_IDENTIFIER` to `false`. - On create request (mode 1 and mode 2,3 when `bypass_identity_check` is set to `true`) - On create identity - On add identity - New API: GET `/utility/nodes/:node_id/public_keys`: Get node public key list (including previous key versions). - New API: GET `/utility/node_supported_features`: Get valid node supported feature list. - New API: GET `/utility/supported_ial`: Get valid/supported IAL list. - New API: GET `/utility/supported_aal`: Get valid/supported AAL list. - New API: GET `/utility/accessors/:accessor_id`: Get accessor key details. - NDID only APIs - New API: POST `/ndid/add_allowed_node_supported_feature`: Add allowed node supported feature - New API: POST `/ndid/remove_allowed_node_supported_feature`: Remove allowed node supported feature - New API: POST `/ndid/set_supported_ial_list`: Set supported IAL list - New API: POST `/ndid/set_supported_aal_list`: Set supported AAL list - API version 5.3 - New API: GET `/utility/supported_ial`: Get valid/supported IAL list. - New API: GET `/utility/supported_aal`: Get valid/supported AAL list. - Add environment variables. - `SIGNING_PRIVATE_KEY_PATH`: Path to node's private key for signing [Default: use pre-generated development key in development mode] - `SIGNING_PRIVATE_KEY_PASSPHRASE`: Passphrase for node's private key for signing - `SIGNING_MASTER_PRIVATE_KEY_PATH`: Path to node's master private key for signing [Default: use pre-generated development key in development mode] - `SIGNING_MASTER_PRIVATE_KEY_PASSPHRASE`: Passphrase for node's master private key for signing - `ENCRYPTION_PRIVATE_KEY_PATH`: Path to node's private key for encryption [Default: use pre-generated development key in development mode] - `ENCRYPTION_PRIVATE_KEY_PASSPHRASE`: Passphrase for node's private key for encryption - `NODE_BEHIND_PROXY_SIGNING_PRIVATE_KEY_DIRECTORY_PATH`: Directory path for nodes behind proxy private keys and passphrases for signing [Default: use pre-generated development key in development mode] - `NODE_BEHIND_PROXY_SIGNING_MASTER_PRIVATE_KEY_DIRECTORY_PATH`: Directory path for nodes behind proxy master private keys and passphrases for signing [Default: use pre-generated development key in development mode] - `NODE_BEHIND_PROXY_ENCRYPTION_PRIVATE_KEY_DIRECTORY_PATH`: Directory path for nodes behind proxy private keys and passphrases for encryption [Default: use pre-generated development key in development mode] - `PRIVATE_KEY_PATH`, `PRIVATE_KEY_PASSPHRASE`, `MASTER_PRIVATE_KEY_PATH`, `MASTER_PRIVATE_KEY_PASSPHRASE`, `NODE_BEHIND_PROXY_PRIVATE_KEY_DIRECTORY_PATH`, and `NODE_BEHIND_PROXY_MASTER_PRIVATE_KEY_DIRECTORY_PATH` are still usable but considered deprecated. - Add new environment variable options - `EXTERNAL_CRYPTO_SERVICE_CALLBACK_API_VERSION`: Callback API version for external crypto service (KMS). If not set, it will be the same as `CALLBACK_API_VERSION`. - `VALIDATE_IDENTIFIER`: Validate identifier on creating identity, adding identity, and creating request on API v6 and later. Defaults to `true`. - Support simple API authentication. - Using API key set in HTTP header `X-API-Key` - Default config is NOT using API key auth. (Config can be set with environment variable `USE_API_KEY` and `API_KEY_HASH`.) IMPROVEMENTS: - Update dependencies. - [Docker] Change Node.js version used in images to 20. BUG FIXES: - Fix telemetry incorrectly enabled on node with NDID role. (Node with `NDID_NODE` environment variable set to `true`.) - Fix error in master-worker mode when master receives error from worker processing MQ message. OTHERS: - Compatibility with validations on CheckTx when making transactions to Tendermint/ABCI app. - Change telemetry events timer trigger behavior to wait for response from telemetry server before starting the next interval / try sending again.
v7.1.0 (August 18, 2022) _Compatible with: [`smart-contract`](https://github.com/ndidplatform/smart-contract) v8.x.x_ FEATURES: - Support dcontract request type. - Integrity check on IdP side. If fail, the platform automatically responses with error code `31000`. (Config can be set with environment variable `DCONTRACT_VALIDATE`.) OTHERS: - Increase minimum Node.js version requirement to 15.
v6.0.0 (May 13, 2022) _Compatible with: [`smart-contract`](https://github.com/ndidplatform/smart-contract) v7.x.x_ FEATURES: - Identity modification notification (mode 2) can be suppressed. Suppressed notification from (actor) node IDs can only be set by regulator (NDID). - API version 5.2 - Allow `min_as` to be `0` in data request list on create request (API: POST `/rp/requests/:namespace/:identifier`). All requested ASs are able to response to a data request. - Add query string parameter `service_id` to GET `/utility/service_price_min_effective_datetime_delay`. Calling the API without `service_id` will return a global / fallback value. - Add `request_type` to create request (API: POST `/rp/requests/:namespace/:identifier`) parameter. - New API: GET `/utility/request_types`: Get valid request type list. - Change response body JSON schema of GET `/utility/requests/:request_id`. - Add `request_type` (string) property. - Change body JSON schema of request status update callback API (type: `request_status`) on RP, IdP, and AS. - Add `request_type` (string) property. - Add possible value `partial_completed` to `status` for cases where there is a service in data request with `0` min AS and at least one success data response(s) (AS signed response and RP has set data received) in any service. - Change body JSON schema of incoming request callback API (type: `incoming_request`) on IdP. - Add `request_type` (string) property. - Change body JSON schema of data request callback API (type: `data_request`) on AS. - Add `request_type` (string) property. - New API: GET `/utility/suppressed_identity_modification_notification_node_ids`: Get suppressed identity modification notification node ID list. - New API: GET `/utility/suppressed_identity_modification_notification_node_ids/:node_id`: Check identity modification notification suppressed status by node ID. - NDID only APIs - Add parameter `service_id` to POST `/ndid/set_service_price_min_effective_datetime_delay` to set service price minimum effective datetime delay by service ID. Calling the API without `service_id` will set a global / fallback value. - New API: POST `/ndid/add_request_type`: Add request type - New API: POST `/ndid/remove_request_type`: Remove request type - New API: POST `/ndid/add_suppressed_identity_modification_notification_node`: Add suppressed identity modification notification node (ID) - New API: POST `/ndid/remove_suppressed_identity_modification_notification_node`: Remove suppressed identity modification notification node (ID) IMPROVEMENTS: - Support Node.js 16. - Support Tendermint 0.35. - Block result spec change. - Update dependencies. - Remove duplicate data when setting expected Tx metadata. - Optimize raw MQ message write to redis. (Don't serialize JSON when setting raw message received from MQ to redis, set it as binary (Buffer) instead.) - Reduce data from AS write to redis on RP side. - [Docker] Change Node.js version used in images from 12 to 16. OTHERS: - Identity modification notification callback will not be sent if the modification action is done by node ID listed in suppressed identity modification node list.
v5.1.0 (December 2, 2021) _Compatible with: [`smart-contract`](https://github.com/ndidplatform/smart-contract) v6.x.x_ BUG FIXES: - Fix message queue send success trigger when send retry timed out. OTHERS: - Move effective datetime check from ABCI app to API when AS sets service price since there’s an issue with block time drift to the future. - Check effective datetime delay when AS sets service price (by comparing with current time on local machine).
v5.0.0 (July 27, 2021) _Compatible with: [`smart-contract`](https://github.com/ndidplatform/smart-contract) v6.x.x_ BREAKING CHANGES: - Change request message salt derivation. Now includes identity (namespace and identifier). - AS response data compression - Compression algorithm: gzip - Maximum uncompressed data size is 20 MB. - Maximum compressed data (or data to be sent to other nodes) size is 3MB. - Sender side compresses AS resposne data only when size is at least configured size. (Config can be set with environment variable `AS_DATA_COMPRESS_MIN_LENGTH`.) - Move AS response data data URL parsing from MQ message serialization to app layer. - MQ message compression - Compression algorithm: gzip - Default config is no compression (Config can be set with environment variable `COMPRESS_MQ_MESSAGE`.) - Sender side compresses MQ message only when size is at least configured size. (Config can be set with environment variable `MQ_MESSAGE_COMPRESS_MIN_LENGTH`.) - Receiver side accepts compressed MQ message that uncompressed size is not larger than 25MB - Change MQ message data format - Add `message_compression_algorithm`. - `AsDataResponseMqMessage` message type - Remove `data_data_url_prefix`. - Remove `data_bytes`. - Add `packed_data_metadata`. - Add `packed_data_bytes`. - API version 5.1 - NDID only APIs - `on_the_fly_support` (boolean) is a required property for registering node (POST `/ndid/register_node`) and updating node (POST `/ndid/update_node`). FEATURES: - API version 5.1 - New API: POST `/as/service_price/:service_id`: Set AS service price/fee. - New API: GET `/utility/as/price/:service_id`: Get AS service price/fee list (including history sorted by latest first). - New API: GET `/utility/service_price_ceiling`: Get service price ceiling (set by NDID). - Change response body JSON schema of GET `/utility/nodes/:node_id`. - Add `on_the_fly_support` (boolean) property (only when `node_id` is IdP node). - Add query string parameter `on_the_fly_support` to GET `/utility/idp` - Change response body JSON schema of GET `/utility/idp`. - Add `on_the_fly_support` (boolean) property. - Add `lial` and `laal` properties to POST `/identity`. - Add query string parameter `on_the_fly_support` to GET `/utility/idp/:namespace/:identifier` - Change response body JSON schema of GET `/utility/idp/:namespace/:identifier`. - Add `on_the_fly_support` (boolean) property. - Add `lial` and `laal` (boolean) properties. - New API: GET `/identity/:namespace/:identifier/lial`: Get identity's LIAL. - New API: POST `/identity/:namespace/:identifier/lial`: Set identity's LIAL. - New API: GET `/identity/:namespace/:identifier/laal`: Get identity's LAAL. - New API: POST `/identity/:namespace/:identifier/laal`: Set identity's LAAL. - New API: POST `/rp/messages`: Save message to blockchain. - New API: GET `/utility/messages/:message_id`: Get saved message and its metadata/info from blockchain. - NDID only APIs - New API: POST `/ndid/set_service_price_ceiling`: Set service price ceiling - New API: POST `/ndid/set_service_price_min_effective_datetime_delay`: Set service price minimum effective datetime delay (compared to latest block's time) SECURITY FIXES: - Include identity (namespace and identifier) to request message salt derivation to be able to verify the identity of IdP response signature later (if there's a dispute) for mode 1 requests. This change prevents IdPs from spoofing AS.
v4.3.2 (July 27, 2021) _Compatible with: [`smart-contract`](https://github.com/ndidplatform/smart-contract) v5.x.x_ BUG FIXES: - Fix retry transact data on redis doesn't get removed after successful retry. - Fix retry transact after process restart. OTHERS: - [Main] Add environment variable option alias `TELEMETRY_DB_HOST` for `TELEMETRY_DB_IP` to match with telemetry client module.
PreviousNext