Skip to main content
Version: Next

APIs

Procivis One exposes four APIs covering different layers of the platform.

APIPurposeLicense
CoreCredentials, schemas, certificates, keys, DIDs, trust infrastructure, and SSI protocol endpointsOpen source
Enterprise BackendManagement layer for operators; wraps Core for the Desk web application and provides simplified IAM integrationEnterprise
Wallet-Relying Party RegistryTrust registry infrastructure for EUDI-compliant relying party registration, certificate issuance, and lifecycle managementEnterprise
OpenID BridgeEnables any OIDC relying party to accept digital credentials for authentication without changing their auth infrastructureEnterprise

The Enterprise Backend, OpenID Bridge, and WRPR are all built on top of Core.

OpenAPI specifications: Core · Enterprise Backend · WRPR · OpenID Bridge

Authentication

All Procivis One components share the same authentication modes: no authentication, static token, or STS. STS mode is recommended for production deployments. For a full explanation of authentication modes, token structures, and integration patterns, see Authentication and authorization.

Common patterns

Errors

HTTP status code responses follow the standard pattern:

  • 2xx: Successful responses
  • 4xx: Client error responses
  • 5xx: Server error responses

Most error responses include additional detail for troubleshooting.

Pagination

When retrieving lists of resources, use the page and pageSize query parameters to control results.

  • page: the page to return; the first page is 0
  • pageSize: number of items per page; defaults to 30 for the Enterprise Backend API; must be specified for the Core API

Paginated responses include totalItems and totalPages fields.

Sorting

Pass sort and sortDirection query parameters to sort lists.

  • sort: the response field to sort by; supported values are listed per endpoint
  • sortDirection: ASC or DESC

Default ordering is createdDate DESC. If sort is specified without sortDirection, direction defaults to ASC.

Filtering

List endpoints support filtering by query parameter. The following capabilities are available across resources, though not every resource supports every filter.

By name

name filters items whose names start with the provided string (case-insensitive). For credentials and proof requests, which have no name, it filters by the associated schema name instead.

Add exact[]=name to switch from prefix matching to exact matching (still case-insensitive).

The /credential and /history endpoints support searchText combined with searchType[] to search within specific fields. Unlike name, searchText matches anywhere within the field, not just at the start.

By date range

All list endpoints support createdDateAfter, createdDateBefore, lastModifiedAfter, and lastModifiedBefore using RFC 3339 timestamps.

Credentials additionally support issuanceDateAfter, issuanceDateBefore, revocationDateAfter, and revocationDateBefore.

Proof requests additionally support requestedDateAfter, requestedDateBefore, completedDateAfter, and completedDateBefore.

By state

Use states[] to filter by lifecycle state. Available states vary by resource type. See the relevant workflow guides for state reference: Issuing · Verifying · Holding

By role

Use roles[] to filter by the system's role in creating the resource. For example, filter credentials by HOLDER to return only credentials the system holds as a wallet, or VERIFIER to return only proof requests the system initiated.

By ID

Use ids[] to retrieve specific items by UUID in a single request.

By format, type, and key properties

Credential schemas support formats[]. Identifiers support types[], didMethods[]. Keys support keyTypes[]. Identifiers also support keyAlgorithms[] and keyStorages[].

Remote vs. local

Use isRemote=false to return only entities your system created and controls. Use isRemote=true to return entities from external parties your system has interacted with.

  • Proof requests: filter by proofSchemaIds[]
  • Trust entities: filter by trustAnchorId
  • Trust anchors: filter by isPublisher

Access and licensing

Core is open source → Procivis One Core on GitHub

Enterprise Backend, WRPR, and OpenID Bridge require an enterprise license → Contact sales