openapi: 3.0.3 info: contact: email: contact@dsb.gov.au name: Data Standards Body url: https://dsb.gov.au/ description: Specifications for Register endpoints made available to participants. title: CDR Register API version: 1.34.1 servers: - description: Production TLS url: https://api.cdr.gov.au tags: - description: Register Operations endpoints name: Register Operations x-shortName: Operations - description: Register Data Holder discovery endpoints name: Register Data Holder discovery x-shortName: Data Holder discovery - description: Register Data Recipient discovery endpoints name: Register Data Recipient discovery x-shortName: Data Recipient discovery paths: /idp/.well-known/openid-configuration: get: description: |- Endpoint used by participants to discover the CDR Register OpenID configuration and obtain information needed to interact with it, including its OAuth 2.0 endpoint locations. This endpoint does not require [CORS](#cors). operationId: getRegisterOpenIdProviderConfig responses: "200": content: application/json: schema: $ref: '#/components/schemas/ResponseOpenIDProviderConfigMetadata' description: The OpenID Provider Configuration Metadata values summary: Get OpenId Provider Config tags: - Register Operations /cdr-register/v1/jwks: get: description: |- JWKS endpoint containing the public keys used by the CDR Register to validate the signature of issued SSAs and authenticate outbound calls to participants in the CDR. This endpoint does not require [CORS](#cors). operationId: getRegisterJwks responses: "200": content: application/json: schema: $ref: '#/components/schemas/ResponseJWKS' description: A JSON object that represents a set of JWKs summary: Get JWKS tags: - Register Operations /cdr-register/v1/{industry}/data-holders/brands: get: description: |- Allows Data Recipients to discover Data Holder Brands available in the CDR ecosystem. Obsolete versions: [v1](includes/obsolete/get-data-holder-brands-v1.html). operationId: getDataHolderBrands parameters: - description: The industry the participant is retrieving data for (Banking, etc.) explode: false in: path name: industry required: true schema: $ref: '#/components/schemas/IndustryEnum' style: simple - description: An Authorisation Token as per **[[RFC6750]](#nref-RFC6750)**. explode: false in: header name: Authorization required: true schema: type: string style: simple x-cds-type: ExternalRef - description: Version of the API endpoint requested by the client. Must be set to a positive integer. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If the value of [_x-min-v_](#request-headers) is equal to or higher than the value of [_x-v_](#request-headers) then the [_x-min-v_](#request-headers) header should be treated as absent. If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. See [HTTP Headers](#request-headers). explode: false in: header name: x-v required: true schema: type: string style: simple - description: Minimum version of the API endpoint requested by the client. Must be set to a positive integer if provided. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. explode: false in: header name: x-min-v required: false schema: type: string style: simple - description: Query filter returns results updated since the specified date-time. explode: true in: query name: updated-since required: false schema: type: string style: form x-cds-type: DateTimeString - description: Page of results to request (standard pagination). explode: true in: query name: page required: false schema: default: 1 type: integer style: form x-cds-type: PositiveInteger - description: Page size to request. Default is 25 (standard pagination). explode: true in: query name: page-size required: false schema: default: 25 type: integer style: form x-cds-type: PositiveInteger responses: "200": content: application/json: schema: $ref: '#/components/schemas/ResponseRegisterDataHolderBrandList' description: Successful response headers: x-v: $ref: '#/components/headers/XV' "400": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Missing Required Header / Invalid Version / Invalid Path Parameter "401": description: Invalid Bearer Token headers: WWW-Authenticate: description: The Response Header Field as per **[[RFC6750]](#nref-RFC6750)**. explode: false schema: type: string style: simple x-cds-type: ExternalRef "406": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Unsupported Version servers: - description: Production MTLS url: https://secure.api.cdr.gov.au summary: Get Data Holder Brands tags: - Register Data Holder discovery x-version: "2" x-scopes: - cdr-register:read /cdr-register/v1/{industry}/data-holders/brands/summary: get: description: Endpoint used by participants to discover public details of Data Holder Brands from the CDR Register. operationId: getDataHolderBrandsSummary parameters: - description: The industry the participant is retrieving data for (Banking, etc.) explode: false in: path name: industry required: true schema: $ref: '#/components/schemas/IndustryEnum' style: simple - description: Version of the API endpoint requested by the client. Must be set to a positive integer. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If the value of [_x-min-v_](#request-headers) is equal to or higher than the value of [_x-v_](#request-headers) then the [_x-min-v_](#request-headers) header should be treated as absent. If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. See [HTTP Headers](#request-headers). explode: false in: header name: x-v required: true schema: type: string style: simple - description: Minimum version of the API endpoint requested by the client. Must be set to a positive integer if provided. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. explode: false in: header name: x-min-v required: false schema: type: string style: simple - description: Makes the request method conditional on a recipient cache or origin server not having any current representation of the target resource with an entity-tag that does not match any of those listed in the field-value. explode: false in: header name: If-None-Match required: false schema: type: string style: simple x-cds-type: ASCIIString responses: "200": content: application/json: schema: $ref: '#/components/schemas/ResponseDataHoldersBrandSummaryList' description: Successful response headers: x-v: $ref: '#/components/headers/XV' Etag: $ref: '#/components/headers/Etag' "304": description: Not Modified - The current representation of the target resource matches with the entity-tag provided in the _If-None-Match_ request header headers: Etag: $ref: '#/components/headers/Etag' "400": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Missing Required Header / Invalid Version / Invalid Path Parameter "404": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Industry Not Found "406": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Unsupported Version summary: Get Data Holder Brands Summary tags: - Register Data Holder discovery x-version: "1" /cdr-register/v1/{industry}/data-recipients/brands/{dataRecipientBrandId}/software-products/{softwareProductId}/ssa: get: description: |- Get a Software Statement Assertion (SSA) for a software product on the CDR Register to be used for Dynamic Client Registration with a Data Holder Brand. Obsolete versions: [v1](includes/obsolete/get-software-statement-assertion-v1.html), [v2](includes/obsolete/get-software-statement-assertion-v2.html). operationId: getSoftwareStatementAssertion parameters: - description: The industry the participant is retrieving data for (Banking, etc.) explode: false in: path name: industry required: true schema: $ref: '#/components/schemas/IndustryEnum' style: simple - description: Version of the API endpoint requested by the client. Must be set to a positive integer. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If the value of [_x-min-v_](#request-headers) is equal to or higher than the value of [_x-v_](#request-headers) then the [_x-min-v_](#request-headers) header should be treated as absent. If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. See [HTTP Headers](#request-headers). explode: false in: header name: x-v required: true schema: type: string style: simple - description: Minimum version of the API endpoint requested by the client. Must be set to a positive integer if provided. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. explode: false in: header name: x-min-v required: false schema: type: string style: simple - description: Unique id for the Accredited Data Recipient Brand that the Software Product is associated with in the CDR Register. explode: false in: path name: dataRecipientBrandId required: true schema: type: string style: simple - description: Unique id for the Accredited Data Recipient Software Product in the CDR Register. explode: false in: path name: softwareProductId required: true schema: type: string style: simple - description: An Authorisation Token as per **[[RFC6750]](#nref-RFC6750)**. explode: false in: header name: Authorization required: true schema: type: string style: simple x-cds-type: ExternalRef responses: "200": content: application/json: schema: type: string description: Successful response headers: x-v: description: The [payload version](#response-headers) that the endpoint has responded with. explode: false schema: default: "1" type: string style: simple "400": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Missing Required Header / Invalid Version / Invalid Path Parameter "401": description: Invalid Bearer Token headers: WWW-Authenticate: description: The Response Header Field as per **[[RFC6750]](#nref-RFC6750)**. explode: false schema: type: string style: simple x-cds-type: ExternalRef "403": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Invalid BrandId "404": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Invalid Software Product "406": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Unsupported Version "422": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: SSA validation failed servers: - description: Production MTLS url: https://secure.api.cdr.gov.au summary: Get Software Statement Assertion (SSA) tags: - Register Operations x-version: "3" x-scopes: - cdr-register:read /cdr-register/v1/{industry}/data-holders/status: get: description: Endpoint used by participants to discover the statuses for Data Holders from the CDR Register. operationId: getDataHolderStatuses parameters: - description: The industry the participant is retrieving data for (Banking, etc.) explode: false in: path name: industry required: true schema: $ref: '#/components/schemas/IndustryEnum' style: simple - description: The version of the API endpoint requested by the client. Must be set to a positive integer. For backwards compatiblity defaults to `1` if absent. Note that once version 1 is decommissioned the header will be mandatory for a valid response to be obtained. explode: false in: header name: x-v required: false schema: default: "1" type: string style: simple - description: The [minimum version](#http-headers) of the API endpoint requested by the client. Must be set to a positive integer if provided. explode: false in: header name: x-min-v required: false schema: type: string style: simple - description: Makes the request method conditional on a recipient cache or origin server not having any current representation of the target resource with an entity-tag that does not match any of those listed in the field-value. explode: false in: header name: If-None-Match required: false schema: type: string style: simple x-cds-type: ASCIIString responses: "200": content: application/json: schema: $ref: '#/components/schemas/DataHoldersStatusList' description: Successful response headers: x-v: $ref: '#/components/headers/XV' Etag: $ref: '#/components/headers/Etag' "304": description: Not Modified - The current representation of the target resource matches with the entity-tag provided in the _If-None-Match_ request header headers: Etag: $ref: '#/components/headers/Etag' "400": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Missing Required Header / Invalid Version / Invalid Path Parameter "406": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Unsupported Version summary: Get Data Holder Statuses tags: - Register Data Holder discovery x-version: "1" /cdr-register/v1/{industry}/data-recipients/brands/software-products/status: get: description: |- Endpoint used by participants to discover the statuses for software products from the CDR Register. Obsolete versions: [v1](includes/obsolete/get-software-product-statuses-v1.html). operationId: getSoftwareProductsStatuses parameters: - description: The industry the participant is retrieving data for (Banking, etc.) explode: false in: path name: industry required: true schema: $ref: '#/components/schemas/IndustryEnum' style: simple - description: Version of the API endpoint requested by the client. Must be set to a positive integer. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If the value of [_x-min-v_](#request-headers) is equal to or higher than the value of [_x-v_](#request-headers) then the [_x-min-v_](#request-headers) header should be treated as absent. If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. See [HTTP Headers](#request-headers). explode: false in: header name: x-v required: true schema: type: string style: simple - description: Minimum version of the API endpoint requested by the client. Must be set to a positive integer if provided. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. explode: false in: header name: x-min-v required: false schema: type: string style: simple - description: Makes the request method conditional on a recipient cache or origin server not having any current representation of the target resource with an entity-tag that does not match any of those listed in the field-value. explode: false in: header name: If-None-Match required: false schema: type: string style: simple x-cds-type: ASCIIString responses: "200": content: application/json: schema: $ref: '#/components/schemas/SoftwareProductsStatusList' description: Successful response headers: x-v: $ref: '#/components/headers/XV' Etag: $ref: '#/components/headers/Etag' "304": description: Not Modified - The current representation of the target resource matches with the entity-tag provided in the _If-None-Match_ request header headers: Etag: $ref: '#/components/headers/Etag' "400": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Missing Required Header / Invalid Version / Invalid Path Parameter "406": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Unsupported Version summary: Get Software Products Statuses tags: - Register Data Recipient discovery x-version: "2" /cdr-register/v1/{industry}/data-recipients/status: get: description: |- Endpoint used by participants to discover the statuses for Data Recipients from the CDR Register. Obsolete versions: [v1](includes/obsolete/get-data-recipient-statuses-v1.html). operationId: getDataRecipientsStatuses parameters: - description: The industry the participant is retrieving data for (Banking, etc.) explode: false in: path name: industry required: true schema: $ref: '#/components/schemas/IndustryEnum' style: simple - description: Version of the API endpoint requested by the client. Must be set to a positive integer. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If the value of [_x-min-v_](#request-headers) is equal to or higher than the value of [_x-v_](#request-headers) then the [_x-min-v_](#request-headers) header should be treated as absent. If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. See [HTTP Headers](#request-headers). explode: false in: header name: x-v required: true schema: type: string style: simple - description: Minimum version of the API endpoint requested by the client. Must be set to a positive integer if provided. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. explode: false in: header name: x-min-v required: false schema: type: string style: simple - description: Makes the request method conditional on a recipient cache or origin server not having any current representation of the target resource with an entity-tag that does not match any of those listed in the field-value. explode: false in: header name: If-None-Match required: false schema: type: string style: simple x-cds-type: ASCIIString responses: "200": content: application/json: schema: $ref: '#/components/schemas/DataRecipientsStatusList' description: Successful response headers: x-v: $ref: '#/components/headers/XV' Etag: $ref: '#/components/headers/Etag' "304": description: Not Modified - The current representation of the target resource matches with the entity-tag provided in the _If-None-Match_ request header headers: Etag: $ref: '#/components/headers/Etag' "400": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Missing Required Header / Invalid Version / Invalid Path Parameter "406": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Unsupported Version summary: Get Data Recipients Statuses tags: - Register Data Recipient discovery x-version: "2" /cdr-register/v1/{industry}/data-recipients: get: description: |- Endpoint used by participants to discover data recipients and associated brands and software products, available in the CDR ecosystem. Obsolete versions: [v2](includes/obsolete/get-data-recipients-v2.html). operationId: getDataRecipients parameters: - description: The industry the participant is retrieving data for (Banking, etc.) explode: false in: path name: industry required: true schema: $ref: '#/components/schemas/IndustryEnum' style: simple - description: Version of the API endpoint requested by the client. Must be set to a positive integer. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If the value of [_x-min-v_](#request-headers) is equal to or higher than the value of [_x-v_](#request-headers) then the [_x-min-v_](#request-headers) header should be treated as absent. If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. See [HTTP Headers](#request-headers). explode: false in: header name: x-v required: true schema: type: string style: simple - description: Minimum version of the API endpoint requested by the client. Must be set to a positive integer if provided. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. explode: false in: header name: x-min-v required: false schema: type: string style: simple - description: Makes the request method conditional on a recipient cache or origin server not having any current representation of the target resource with an entity-tag that does not match any of those listed in the field-value. explode: false in: header name: If-None-Match required: false schema: type: string style: simple x-cds-type: ASCIIString responses: "200": content: application/json: schema: $ref: '#/components/schemas/ResponseRegisterDataRecipientList' description: Successful response headers: x-v: $ref: '#/components/headers/XV' Etag: $ref: '#/components/headers/Etag' "304": description: Not Modified - The current representation of the target resource matches with the entity-tag provided in the _If-None-Match_ request header headers: Etag: $ref: '#/components/headers/Etag' "400": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Missing Required Header / Invalid Version / Invalid Path Parameter "406": content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Unsupported Version summary: Get Data Recipients tags: - Register Data Recipient discovery x-version: "3" components: headers: XV: description: The [payload version](#response-headers) that the endpoint has responded with. explode: false required: true schema: type: string style: simple Etag: description: Entity tag that uniquely represents the requested resource. explode: false schema: type: string style: simple x-cds-type: ASCIIString parameters: HeaderAuthorization: description: An Authorisation Token as per **[[RFC6750]](#nref-RFC6750)**. explode: false in: header name: Authorization required: true schema: type: string style: simple x-cds-type: ExternalRef HeaderXV: description: Version of the API endpoint requested by the client. Must be set to a positive integer. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If the value of [_x-min-v_](#request-headers) is equal to or higher than the value of [_x-v_](#request-headers) then the [_x-min-v_](#request-headers) header should be treated as absent. If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. See [HTTP Headers](#request-headers). explode: false in: header name: x-v required: true schema: type: string style: simple HeaderXMinV: description: Minimum version of the API endpoint requested by the client. Must be set to a positive integer if provided. The endpoint should respond with the highest supported version between [_x-min-v_](#request-headers) and [_x-v_](#request-headers). If all versions requested are not supported then the endpoint **MUST** respond with a `406 Not Acceptable`. explode: false in: header name: x-min-v required: false schema: type: string style: simple PathIndustry: description: The industry the participant is retrieving data for (Banking, etc.) explode: false in: path name: industry required: true schema: $ref: '#/components/schemas/IndustryEnum' style: simple HeaderIfNoneMatch: description: Makes the request method conditional on a recipient cache or origin server not having any current representation of the target resource with an entity-tag that does not match any of those listed in the field-value. explode: false in: header name: If-None-Match required: false schema: type: string style: simple x-cds-type: ASCIIString QueryUpdatedSince: description: Query filter returns results updated since the specified date-time. explode: true in: query name: updated-since required: false schema: type: string style: form x-cds-type: DateTimeString QueryPage: description: Page of results to request (standard pagination). explode: true in: query name: page required: false schema: default: 1 type: integer style: form x-cds-type: PositiveInteger QueryPageSize: description: Page size to request. Default is 25 (standard pagination). explode: true in: query name: page-size required: false schema: default: 25 type: integer style: form x-cds-type: PositiveInteger responses: GetRegisterOpenIdProviderConfig200: content: application/json: schema: $ref: '#/components/schemas/ResponseOpenIDProviderConfigMetadata' description: The OpenID Provider Configuration Metadata values GetRegisterJwks200: content: application/json: schema: $ref: '#/components/schemas/ResponseJWKS' description: A JSON object that represents a set of JWKs GetDataHolderBrands200: content: application/json: schema: $ref: '#/components/schemas/ResponseRegisterDataHolderBrandList' description: Successful response headers: x-v: $ref: '#/components/headers/XV' GetDataHolderBrandsSummary200: content: application/json: schema: $ref: '#/components/schemas/ResponseDataHoldersBrandSummaryList' description: Successful response headers: x-v: $ref: '#/components/headers/XV' Etag: $ref: '#/components/headers/Etag' GetDataHolderBrandsSummary404: content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Industry Not Found GetSoftwareStatementAssertion200: content: application/json: schema: type: string description: Successful response headers: x-v: description: The [payload version](#response-headers) that the endpoint has responded with. explode: false schema: default: "1" type: string style: simple GetDataHolderStatuses200: content: application/json: schema: $ref: '#/components/schemas/DataHoldersStatusList' description: Successful response headers: x-v: $ref: '#/components/headers/XV' Etag: $ref: '#/components/headers/Etag' GetSoftwareProductsStatuses200: content: application/json: schema: $ref: '#/components/schemas/SoftwareProductsStatusList' description: Successful response headers: x-v: $ref: '#/components/headers/XV' Etag: $ref: '#/components/headers/Etag' GetDataRecipientsStatuses200: content: application/json: schema: $ref: '#/components/schemas/DataRecipientsStatusList' description: Successful response headers: x-v: $ref: '#/components/headers/XV' Etag: $ref: '#/components/headers/Etag' GetDataRecipients200: content: application/json: schema: $ref: '#/components/schemas/ResponseRegisterDataRecipientList' description: Successful response headers: x-v: $ref: '#/components/headers/XV' Etag: $ref: '#/components/headers/Etag' RegisterGeneric304: description: Not Modified - The current representation of the target resource matches with the entity-tag provided in the _If-None-Match_ request header headers: Etag: $ref: '#/components/headers/Etag' RegisterGeneric400: content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Missing Required Header / Invalid Version / Invalid Path Parameter RegisterGeneric401: description: Invalid Bearer Token headers: WWW-Authenticate: description: The Response Header Field as per **[[RFC6750]](#nref-RFC6750)**. explode: false schema: type: string style: simple x-cds-type: ExternalRef RegisterGeneric406: content: application/json: schema: $ref: '#/components/schemas/ResponseErrorListV2' description: Unsupported Version schemas: ResponseOpenIDProviderConfigMetadata: description: Response containing the Open ID Provider Configuration Metadata. example: response_types_supported: - response_types_supported - response_types_supported grant_types_supported: - grant_types_supported - grant_types_supported scopes_supported: - scopes_supported - scopes_supported issuer: issuer token_endpoint_auth_signing_alg_values_supported: - token_endpoint_auth_signing_alg_values_supported - token_endpoint_auth_signing_alg_values_supported claims_supported: - claims_supported - claims_supported code_challenge_methods_supported: - code_challenge_methods_supported - code_challenge_methods_supported jwks_uri: jwks_uri subject_types_supported: - subject_types_supported - subject_types_supported id_token_signing_alg_values_supported: - id_token_signing_alg_values_supported - id_token_signing_alg_values_supported token_endpoint_auth_methods_supported: - token_endpoint_auth_methods_supported - token_endpoint_auth_methods_supported tls_client_certificate_bound_access_tokens: true token_endpoint: token_endpoint properties: issuer: description: URL using the https scheme with no query or fragment component that the CDR Register asserts as its Issuer Identifier. type: string x-cds-type: URIString jwks_uri: description: URL of the CDR Register's JSON Web Key Set **[[JWK]](#nref-JWK)** document. This contains the signing key(s) used to validate access tokens issued from the CDR Register. Note that this differs from the JWKS endpoint used to validate SSAs and CDR Register client authentication. type: string x-cds-type: URIString token_endpoint: description: URL of the CDR Register's OAuth 2.0 Token Endpoint. type: string x-cds-type: URIString claims_supported: description: JSON array containing a list of the Claim Names of the Claims that the CDR Register supplies values for. items: type: string type: array id_token_signing_alg_values_supported: description: JSON array containing a list of the JWS signing algorithms (alg values) supported by the CDR Register for the ID Token to encode the Claims in a JWT. Given the CDR Register does not issue ID tokens, this field can be safely ignored. items: type: string type: array subject_types_supported: description: JSON array containing a list of the Subject Identifier types that the CDR Register supports. Given the CDR Register does not issue ID tokens, this field can be safely ignored. items: type: string type: array code_challenge_methods_supported: description: JSON array containing a list of Proof Key for Code Exchange (PKCE) **[[RFC7636]](#nref-RFC7636)** code challenge methods supported by this authorization server. Given the CDR Register does not support PKCE, this field can be safely ignored. items: type: string type: array scopes_supported: description: JSON array containing a list of the OAuth 2.0 **[[RFC6749]](#nref-RFC6749)** scope values that the CDR Register supports. items: type: string type: array response_types_supported: description: JSON array containing a list of the OAuth 2.0 _response_type_ values that the CDR Register supports. items: type: string type: array grant_types_supported: description: JSON array containing a list of the OAuth 2.0 Grant Type values that the CDR Register supports. items: type: string type: array token_endpoint_auth_methods_supported: description: JSON array containing a list of Client Authentication methods supported by this Token Endpoint. items: type: string type: array tls_client_certificate_bound_access_tokens: description: Boolean value indicating server support for mutual TLS client certificate bound access tokens. type: boolean token_endpoint_auth_signing_alg_values_supported: description: JSON array containing a list of the JWS signing algorithms (_alg_ values) supported by the token endpoint for the signature on the JWT **[[JWT]](#nref-JWT)** used to authenticate the client at the token endpoint for the `private_key_jwt` authentication method. items: type: string type: array required: - claims_supported - code_challenge_methods_supported - grant_types_supported - id_token_signing_alg_values_supported - issuer - jwks_uri - response_types_supported - scopes_supported - subject_types_supported - tls_client_certificate_bound_access_tokens - token_endpoint - token_endpoint_auth_methods_supported - token_endpoint_auth_signing_alg_values_supported type: object ResponseJWKS: description: Response containing the JSON Web Key Set. example: keys: - kty: kty e: e kid: kid key_ops: - key_ops - key_ops alg: alg n: "n" - kty: kty e: e kid: kid key_ops: - key_ops - key_ops alg: alg n: "n" properties: keys: description: The value of the _keys_ parameter is an array of JWK values. items: $ref: '#/components/schemas/JWK' type: array required: - keys type: object JWK: description: Object representing a JSON Web Key. example: kty: kty e: e kid: kid key_ops: - key_ops - key_ops alg: alg n: "n" properties: alg: description: The _alg_ (algorithm) parameter identifies the algorithm intended for use with the key. type: string x-cds-type: ExternalRef e: description: The _e_ RSA public exponent parameter. type: string x-cds-type: ExternalRef key_ops: description: The _key_ops_ (key operations) parameter identifies the operation(s) for which the key is intended to be used. items: type: string x-cds-type: ExternalRef type: array kid: description: The _kid_ (key ID) parameter is partially used to match a specific key. Note the _kid_ parameter is not guaranteed to be unique and additional parameters should be used to progressively identify a key within a set. type: string x-cds-type: ExternalRef kty: description: The _kty_ (key type) parameter identifies the cryptographic algorithm family used with the key. type: string x-cds-type: ExternalRef n: description: The _n_ RSA public modulus parameter. type: string x-cds-type: ExternalRef required: - alg - e - key_ops - kid - kty - "n" type: object ResponseRegisterDataHolderBrandList: description: Response containing a list of CDR Register Data Holder Brand objects. example: data: - lastUpdated: lastUpdated brandName: brandName industries: - null - null dataHolderBrandId: dataHolderBrandId endpointDetail: websiteUri: websiteUri publicBaseUri: publicBaseUri infosecBaseUri: infosecBaseUri extensionBaseUri: extensionBaseUri resourceBaseUri: resourceBaseUri version: version logoUri: logoUri authDetails: - registerUType: SIGNED-JWT jwksEndpoint: jwksEndpoint - registerUType: SIGNED-JWT jwksEndpoint: jwksEndpoint legalEntity: arbn: arbn anzsicDivision: anzsicDivision legalEntityId: legalEntityId registrationNumber: registrationNumber registrationDate: registrationDate legalEntityName: legalEntityName logoUri: logoUri registeredCountry: registeredCountry abn: abn acn: acn organisationType: SOLE_TRADER status: ACTIVE status: ACTIVE - lastUpdated: lastUpdated brandName: brandName industries: - null - null dataHolderBrandId: dataHolderBrandId endpointDetail: websiteUri: websiteUri publicBaseUri: publicBaseUri infosecBaseUri: infosecBaseUri extensionBaseUri: extensionBaseUri resourceBaseUri: resourceBaseUri version: version logoUri: logoUri authDetails: - registerUType: SIGNED-JWT jwksEndpoint: jwksEndpoint - registerUType: SIGNED-JWT jwksEndpoint: jwksEndpoint legalEntity: arbn: arbn anzsicDivision: anzsicDivision legalEntityId: legalEntityId registrationNumber: registrationNumber registrationDate: registrationDate legalEntityName: legalEntityName logoUri: logoUri registeredCountry: registeredCountry abn: abn acn: acn organisationType: SOLE_TRADER status: ACTIVE status: ACTIVE meta: totalRecords: 6 totalPages: 0 links: next: next last: last prev: prev self: self first: first properties: data: description: Response data for the query. items: $ref: '#/components/schemas/RegisterDataHolderBrand' type: array uniqueItems: true links: $ref: '#/components/schemas/LinksPaginated' meta: $ref: '#/components/schemas/MetaPaginated' required: - data - links - meta type: object RegisterDataHolderBrand: example: lastUpdated: lastUpdated brandName: brandName industries: - null - null dataHolderBrandId: dataHolderBrandId endpointDetail: websiteUri: websiteUri publicBaseUri: publicBaseUri infosecBaseUri: infosecBaseUri extensionBaseUri: extensionBaseUri resourceBaseUri: resourceBaseUri version: version logoUri: logoUri authDetails: - registerUType: SIGNED-JWT jwksEndpoint: jwksEndpoint - registerUType: SIGNED-JWT jwksEndpoint: jwksEndpoint legalEntity: arbn: arbn anzsicDivision: anzsicDivision legalEntityId: legalEntityId registrationNumber: registrationNumber registrationDate: registrationDate legalEntityName: legalEntityName logoUri: logoUri registeredCountry: registeredCountry abn: abn acn: acn organisationType: SOLE_TRADER status: ACTIVE status: ACTIVE properties: dataHolderBrandId: description: Unique id of the Data Holder Brand issued by the CDR Register. maxLength: 36 type: string brandName: description: The name of Data Holder Brand. maxLength: 200 type: string industries: description: The industries the Data Holder Brand belongs to. items: $ref: '#/components/schemas/IndustriesEnum' type: array uniqueItems: true logoUri: description: Brand logo URI. maxLength: 1000 type: string x-cds-type: URIString legalEntity: $ref: '#/components/schemas/LegalEntityDetail' status: enum: - ACTIVE - INACTIVE - REMOVED type: string endpointDetail: $ref: '#/components/schemas/RegisterDataHolderBrandServiceEndpoint' authDetails: items: $ref: '#/components/schemas/RegisterDataHolderAuth' type: array uniqueItems: true lastUpdated: description: The date/time that the Data Holder Brand data was last updated in the Register. type: string x-cds-type: DateTimeString required: - authDetails - brandName - dataHolderBrandId - endpointDetail - industries - lastUpdated - legalEntity - logoUri - status type: object ResponseDataHoldersBrandSummaryList: example: data: - arbn: arbn lastUpdated: lastUpdated brandName: brandName publicBaseUri: publicBaseUri industries: - null - null dataHolderBrandId: dataHolderBrandId logoUri: logoUri abn: abn interimId: interimId acn: acn - arbn: arbn lastUpdated: lastUpdated brandName: brandName publicBaseUri: publicBaseUri industries: - null - null dataHolderBrandId: dataHolderBrandId logoUri: logoUri abn: abn interimId: interimId acn: acn meta: '{}' links: self: self properties: data: description: Response data for the query. items: $ref: '#/components/schemas/DataHolderBrandSummary' type: array uniqueItems: true links: $ref: '#/components/schemas/Links' meta: type: object required: - data - links - meta type: object DataHolderBrandSummary: example: arbn: arbn lastUpdated: lastUpdated brandName: brandName publicBaseUri: publicBaseUri industries: - null - null dataHolderBrandId: dataHolderBrandId logoUri: logoUri abn: abn interimId: interimId acn: acn properties: dataHolderBrandId: description: Unique id of the Data Holder Brand issued by the CDR Register. maxLength: 36 type: string x-conditional: true interimId: description: Interim id of the Data Holder Brand issued by the CDR Register. This is to be used to uniquely identify the record when _dataHolderBrandId_ is not populated and is not to be reused. maxLength: 36 type: string x-conditional: true brandName: description: The name of Data Holder Brand. maxLength: 200 type: string publicBaseUri: description: Base URI for the Data Holder's Consumer Data Standard public endpoints. maxLength: 1000 type: string x-cds-type: URIString logoUri: description: Brand logo URI. maxLength: 1000 type: string x-cds-type: URIString industries: description: The industries the Data Holder Brand belongs to. items: $ref: '#/components/schemas/IndustriesEnum' type: array uniqueItems: true lastUpdated: description: The date/time that the Data Holder Brand data was last updated in the Register. type: string x-cds-type: DateTimeString abn: description: Australian Business Number for the organisation. maxLength: 11 type: string acn: description: Australian Company Number for the organisation. maxLength: 9 type: string arbn: description: Australian Registered Body Number. ARBNs are issued to registrable Australian bodies and foreign companies. maxLength: 9 type: string required: - brandName - industries - lastUpdated - logoUri - publicBaseUri type: object IndustryEnum: enum: - banking - energy - telco - all type: string IndustriesEnum: enum: - banking - energy - telco type: string DataHoldersStatusList: example: data: - legalEntityId: legalEntityId status: ACTIVE - legalEntityId: legalEntityId status: ACTIVE meta: '{}' links: self: self properties: data: description: Response data for the query. items: $ref: '#/components/schemas/DataHolderStatus' type: array uniqueItems: true links: $ref: '#/components/schemas/Links' meta: type: object required: - data - links - meta type: object DataHolderStatus: example: legalEntityId: legalEntityId status: ACTIVE properties: legalEntityId: description: Unique id of the Data Holder Legal Entity issued by the CDR Register. maxLength: 36 type: string status: description: Data Holder status in the CDR Register. enum: - ACTIVE - REMOVED type: string required: - legalEntityId - status type: object SoftwareProductsStatusList: example: data: - softwareProductId: softwareProductId status: ACTIVE - softwareProductId: softwareProductId status: ACTIVE meta: '{}' links: self: self properties: data: description: Response data for the query. items: $ref: '#/components/schemas/SoftwareProductStatus' type: array uniqueItems: true links: $ref: '#/components/schemas/Links' meta: type: object required: - data - links - meta type: object SoftwareProductStatus: example: softwareProductId: softwareProductId status: ACTIVE properties: softwareProductId: description: Unique id of the software product issued by the CDR Register. maxLength: 36 type: string status: description: Software product status in the CDR Register. enum: - ACTIVE - INACTIVE - REMOVED type: string required: - softwareProductId - status type: object DataRecipientsStatusList: example: data: - legalEntityId: legalEntityId status: ACTIVE - legalEntityId: legalEntityId status: ACTIVE meta: '{}' links: self: self properties: data: description: Response data for the query. items: $ref: '#/components/schemas/DataRecipientStatus' type: array uniqueItems: true links: $ref: '#/components/schemas/Links' meta: type: object required: - data - links - meta type: object DataRecipientStatus: example: legalEntityId: legalEntityId status: ACTIVE properties: legalEntityId: description: Unique id of the Data Recipient Legal Entity issued by the CDR Register. maxLength: 36 type: string status: description: Data Recipient status in the CDR Register. enum: - ACTIVE - SUSPENDED - REVOKED - SURRENDERED type: string required: - legalEntityId - status type: object ResponseRegisterDataRecipientList: description: Response containing a list of Data Recipients in the CDR Register. example: data: - accreditationLevel: UNRESTRICTED lastUpdated: lastUpdated dataRecipientBrands: - brandName: brandName softwareProducts: - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE dataRecipientBrandId: dataRecipientBrandId logoUri: logoUri status: ACTIVE - brandName: brandName softwareProducts: - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE dataRecipientBrandId: dataRecipientBrandId logoUri: logoUri status: ACTIVE legalEntityId: legalEntityId legalEntityName: legalEntityName logoUri: logoUri accreditationNumber: accreditationNumber status: ACTIVE - accreditationLevel: UNRESTRICTED lastUpdated: lastUpdated dataRecipientBrands: - brandName: brandName softwareProducts: - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE dataRecipientBrandId: dataRecipientBrandId logoUri: logoUri status: ACTIVE - brandName: brandName softwareProducts: - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE dataRecipientBrandId: dataRecipientBrandId logoUri: logoUri status: ACTIVE legalEntityId: legalEntityId legalEntityName: legalEntityName logoUri: logoUri accreditationNumber: accreditationNumber status: ACTIVE meta: '{}' links: self: self properties: data: description: Response data for the query. items: $ref: '#/components/schemas/RegisterDataRecipient' type: array uniqueItems: true links: $ref: '#/components/schemas/Links' meta: type: object required: - data - links - meta type: object RegisterDataRecipient: example: accreditationLevel: UNRESTRICTED lastUpdated: lastUpdated dataRecipientBrands: - brandName: brandName softwareProducts: - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE dataRecipientBrandId: dataRecipientBrandId logoUri: logoUri status: ACTIVE - brandName: brandName softwareProducts: - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE dataRecipientBrandId: dataRecipientBrandId logoUri: logoUri status: ACTIVE legalEntityId: legalEntityId legalEntityName: legalEntityName logoUri: logoUri accreditationNumber: accreditationNumber status: ACTIVE properties: legalEntityId: description: Unique id of the Data Recipient Legal Entity issued by the CDR Register. maxLength: 36 type: string legalEntityName: description: Legal name of the Data Recipient. maxLength: 200 type: string accreditationNumber: description: CDR Register issued human readable unique number given to Data Recipients upon accreditation. maxLength: 100 type: string accreditationLevel: description: Accreditation level of the Data Recipient in the CDR Register. enum: - UNRESTRICTED - SPONSORED type: string logoUri: description: Legal Entity logo URI. maxLength: 1000 type: string x-cds-type: URIString dataRecipientBrands: items: $ref: '#/components/schemas/DataRecipientBrandMetaData' type: array uniqueItems: true status: description: Data Recipient status in the CDR Register. enum: - ACTIVE - SUSPENDED - REVOKED - SURRENDERED type: string lastUpdated: description: The date/time that the Legal Entity was last updated in the CDR Register. type: string x-cds-type: DateTimeString required: - accreditationLevel - accreditationNumber - lastUpdated - legalEntityId - legalEntityName - logoUri - status type: object DataRecipientBrandMetaData: description: Metadata related to Data Recipient Brand. example: brandName: brandName softwareProducts: - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE - softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE dataRecipientBrandId: dataRecipientBrandId logoUri: logoUri status: ACTIVE properties: dataRecipientBrandId: description: Unique id of the Data Recipient brand issued by the CDR Register. maxLength: 36 type: string brandName: description: Data Recipient Brand name. maxLength: 200 type: string logoUri: description: Data Recipient Brand logo URI. maxLength: 1000 type: string x-cds-type: URIString softwareProducts: items: $ref: '#/components/schemas/SoftwareProductMetaData' type: array uniqueItems: true status: description: Data Recipient Brand status in the CDR Register. enum: - ACTIVE - INACTIVE - REMOVED type: string required: - brandName - dataRecipientBrandId - logoUri - status type: object SoftwareProductMetaData: description: Data Recipient Brand Software Products. example: softwareProductId: softwareProductId softwareProductName: softwareProductName logoUri: logoUri softwareProductDescription: softwareProductDescription status: ACTIVE properties: softwareProductId: description: Unique id of the Data Recipient software product issued by the CDR Register. maxLength: 36 type: string softwareProductName: description: Name of the software product. maxLength: 200 type: string softwareProductDescription: description: Description of the software product. maxLength: 4000 type: string logoUri: description: Software product logo URI. maxLength: 1000 type: string x-cds-type: URIString status: description: Software Product status in the CDR Register. enum: - ACTIVE - INACTIVE - REMOVED type: string required: - logoUri - softwareProductDescription - softwareProductId - softwareProductName - status type: object LegalEntityDetail: description: The data that is common to all organisations, regardless of the type (e.g., company, trust, partnership, government). example: arbn: arbn anzsicDivision: anzsicDivision legalEntityId: legalEntityId registrationNumber: registrationNumber registrationDate: registrationDate legalEntityName: legalEntityName logoUri: logoUri registeredCountry: registeredCountry abn: abn acn: acn organisationType: SOLE_TRADER status: ACTIVE properties: legalEntityId: description: Unique id of the organisation issued by the CDR Register. maxLength: 36 type: string legalEntityName: description: Unique legal name of the organisation. maxLength: 36 type: string logoUri: description: Legal Entity logo URI. maxLength: 1000 type: string x-cds-type: URIString registrationNumber: description: Unique registration number (if the company is registered outside Australia). type: string registrationDate: description: Date of registration (if the company is registered outside Australia). type: string x-cds-type: DateString registeredCountry: description: Country of registration (if the company is registered outside Australia). maxLength: 100 type: string abn: description: Australian Business Number for the organisation. maxLength: 11 type: string acn: description: Australian Company Number for the organisation. maxLength: 9 type: string arbn: description: Australian Registered Body Number. ARBNs are issued to registrable Australian bodies and foreign companies. maxLength: 9 type: string anzsicDivision: description: ANZSIC division of the organisation. **[[ANZSIC-2006]](#iref-ANZSIC-2006)**. maxLength: 100 type: string x-cds-type: ExternalRef organisationType: description: Legal organisation type. enum: - SOLE_TRADER - COMPANY - PARTNERSHIP - TRUST - GOVERNMENT_ENTITY - OTHER type: string status: enum: - ACTIVE - REMOVED type: string required: - legalEntityId - legalEntityName - logoUri - status type: object RegisterDataHolderBrandServiceEndpoint: description: Endpoints related to Data Holder Brand services. example: websiteUri: websiteUri publicBaseUri: publicBaseUri infosecBaseUri: infosecBaseUri extensionBaseUri: extensionBaseUri resourceBaseUri: resourceBaseUri version: version properties: version: description: The major version of the high level standards. This is not the version of the endpoint or the payload being requested but the version of the overall standards being applied. This version number will be "`v`" followed by the major version of the standards as a positive integer (e.g., `v1`, `v12` or `v76`). type: string publicBaseUri: description: Base URI for the Data Holder's Consumer Data Standard public endpoints. maxLength: 1000 type: string x-cds-type: URIString resourceBaseUri: description: Base URI for the Data Holder's Consumer Data Standard resource endpoints. maxLength: 1000 type: string x-cds-type: URIString infosecBaseUri: description: Base URI for the Data Holder's Consumer Data Standard information security endpoints. maxLength: 1000 type: string x-cds-type: URIString extensionBaseUri: description: Base URI for the Data Holder extension endpoints to the Consumer Data Standard (optional). maxLength: 1000 type: string x-cds-type: URIString websiteUri: description: Publicly available website or web resource URI. maxLength: 1000 type: string x-cds-type: URIString required: - infosecBaseUri - publicBaseUri - resourceBaseUri - version - websiteUri type: object RegisterDataHolderAuth: description: Defines the mechanism used and associated endpoints for Data Holder to Data Recipient authentication. example: registerUType: SIGNED-JWT jwksEndpoint: jwksEndpoint properties: registerUType: description: The type of authentication and authorisation mechanism in use. enum: - SIGNED-JWT type: string jwksEndpoint: description: JWKS endpoint used for authentication by the Data Holder with the Data Recipient. maxLength: 1000 type: string x-cds-type: URIString required: - jwksEndpoint - registerUType type: object LinksPaginated: example: next: next last: last prev: prev self: self first: first properties: first: description: URI to the first page of this set. Mandatory if this response is not the first page. type: string x-cds-type: URIString last: description: URI to the last page of this set. Mandatory if this response is not the last page. type: string x-cds-type: URIString next: description: URI to the next page of this set. Mandatory if this response is not the last page. type: string x-cds-type: URIString prev: description: URI to the previous page of this set. Mandatory if this response is not the first page. type: string x-cds-type: URIString self: description: Fully qualified link to this API call. type: string x-cds-type: URIString required: - self type: object MetaPaginated: example: totalRecords: 6 totalPages: 0 properties: totalPages: description: The total number of pages in the full set. type: integer x-cds-type: NaturalNumber totalRecords: description: The total number of records in the full set. type: integer x-cds-type: NaturalNumber required: - totalPages - totalRecords type: object Links: example: self: self properties: self: description: Fully qualified link to this API call. type: string x-cds-type: URIString required: - self type: object Meta: type: object ResponseErrorListV2: properties: errors: description: List of errors. items: $ref: '#/components/schemas/ErrorV2' type: array required: - errors type: object ErrorV2: properties: code: description: The code of the error encountered. Where the error is specific to the respondent, an application-specific error code, expressed as a string value. If the error is application-specific, the URN code that the specific error extends must be provided in the _meta_ object. Otherwise, the value is the error code URN. type: string title: description: A short, human-readable summary of the problem that **MUST NOT** change from occurrence to occurrence of the problem represented by the error code. type: string detail: description: A human-readable explanation specific to this occurrence of the problem. type: string meta: $ref: '#/components/schemas/ErrorV2_meta' required: - code - detail - title type: object x-conditional: - meta ErrorV2_meta: description: Additional data for customised error codes. properties: urn: description: The CDR error code URN which the application-specific error code extends. Mandatory if the error _code_ is an application-specific error rather than a standardised error code. type: string type: object x-conditional: - urn