DCL API #123
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
| @@ -0,0 +1,170 @@ | ||||||
| --- | ||||||
| label: API Reference | ||||||
| order: 100 | ||||||
| --- | ||||||
|
|
||||||
| This document provides a high-level mapping of the REST API endpoints and corresponding Web UI locations for the key schemas defined in the Matter Distributed Compliance Ledger (DCL) specification. | ||||||
|
|
||||||
| All REST API queries are based on the root URL: `https://on.dcl.csa-iot.org` | ||||||
|
|
||||||
| Refer to the [Official REST API Documentation](https://zigbee-alliance.github.io/distributed-compliance-ledger/) for detailed response structures. | ||||||
|
|
||||||
| --- | ||||||
|
|
||||||
| ## Vendor Schema | ||||||
| **Description:** Contains details about the companies registered on the ledger, including their Vendor ID (VID), legal name, and landing page URLs. | ||||||
|
|
||||||
| ### REST API | ||||||
| * **Query All Vendors:** `/dcl/vendorinfo/vendors` | ||||||
| * **Returns:** A list of vendor records. | ||||||
| * **Pagination:** **Required**. | ||||||
|
|
||||||
| * **Query by VID:** `/dcl/vendorinfo/vendors/{vid}` | ||||||
| * **Returns:** Details for a specific vendor. | ||||||
|
|
||||||
| ### Web Interface | ||||||
| * **Location:** https://webui.dcl.csa-iot.org/vendors | ||||||
|
|
||||||
| --- | ||||||
|
|
||||||
| ## Product Attestation Authority and Intermediate Certificate Schema | ||||||
| **Description:** The root of trust for Matter device attestation. Contains the approved root certificates (PAA). | ||||||
|
|
||||||
| ### REST API | ||||||
| * **Query All Root Certificates:** `/dcl/pki/root-certificates` | ||||||
| * **Returns:** The list of all approved PAA certificates + Alliance CD signing certificates. Returns Subject and SubjectKeyID only, certificates need to be queried individually. | ||||||
| * **Pagination:** Not explicitly paginated in current responses (returns full list), but client should be robust to future pagination. | ||||||
|
|
||||||
| * **Query by Subject & SubjectKeyID:** `/dcl/pki/certificates/{subject}/{subjectKeyId}` | ||||||
| * **Returns:** A specific certificate. | ||||||
| * **Pagination:** Not applicable. | ||||||
| * NOTE - subject needs to be percent formatted, which is a transformation of the data returned from the base root-certificates request. | ||||||
|
|
||||||
| ### Web Interface | ||||||
| * **Location:** https://webui.dcl.csa-iot.org/pki/root-certificates | ||||||
|
|
||||||
|
|
||||||
| --- | ||||||
|
|
||||||
| ## Operational Trust Anchors Schema | ||||||
| **Description:** Provides the list of Operational Root CA Certificates (RCAC) and Operational Intermediate CA Certificates (ICAC). | ||||||
|
There was a problem hiding this comment. Looks like exact endpoints are not mentioned here:
Contributor
Author
There was a problem hiding this comment. See comment below - it's not clear to me how these relate to the spec schema and they're currently unpopulated. I'm going to leave this as a follow up for the DCL team because I genuinely don't understand the division of mapping here. This should be written by someone who can properly explain it. There was a problem hiding this comment. All the endpoints I mentioned are for the schema https://github.com/CHIP-Specifications/connectedhomeip-spec/blob/master/src/service_device_management/DistributedComplianceLedger.adoc#5-operational-trust-anchors-schema.
As part of the current task to review changes between DCL implementation and the spec, we are going to clarify the details and either fix the difference between the spec and the code, or provided better mapping/clarifications.
Contributor
Author
There was a problem hiding this comment. OK, until that point, I would hesitate to document this endpoint as implementing the spec schema. If the DCL team wants to come back later update this section, that should be done after the cleanup.
Contributor
Author
There was a problem hiding this comment. I would prefer to leave this to the DCL team to update once those fixes are made. |
||||||
|
|
||||||
|
There was a problem hiding this comment. Rest endpoint for this is Returns the list of all RCAC and ICAC certificates and associated Vendor ID Pagination is required To query by Vendor id the following endpoint Returns the list of RCAC and ICAC certificates and associated Vendor ID Pagination is not applicable
Contributor
Author
There was a problem hiding this comment. The JSON ref for that doesn't match the spec description. It lists and is missing the IsVidVerificationSigner. The name matches, but this doesn't seem like an implementation of that spec schema. |
||||||
|
|
||||||
| ### Web Interface | ||||||
| * **Location:** https://webui.dcl.csa-iot.org/pki (Select **NOC Certificates** tab) | ||||||
|
|
||||||
| --- | ||||||
|
|
||||||
| ## DeviceModel Schema | ||||||
| **Description:** Defines the base product models associated with a vendor. This includes immutable hardware details and shared product metadata. | ||||||
|
|
||||||
| ### REST API | ||||||
| * **Query All Models:** `/dcl/model/models` | ||||||
| * **Returns:** A global list of all device models. | ||||||
| * **Pagination:** **Required**. | ||||||
|
|
||||||
| * **Query by VID:** `/dcl/model/models/{vid}` | ||||||
| * **Returns:** All models associated with a specific Vendor ID. | ||||||
|
cecille marked this conversation as resolved.
Outdated
|
||||||
| * **Pagination:** **Required**. | ||||||
|
There was a problem hiding this comment.
Suggested change
Contributor
Author
There was a problem hiding this comment. Oh, is there actually not pagination there? There are definitely vendors with more than 100 models. How do those work? There was a problem hiding this comment. Currently that endpoint does not return models but vendor products(which contains info about name, partNumber and pid). I hope in the upcoming release that should be changed to return all models associated with Vendor ID
Contributor
Author
There was a problem hiding this comment. I think we're just using different words since the spec and the implementation wording is different. This endpoint returns information about vendor products. There are some vendors that have > 100 products. So are they all returned or are the results truncated? There was a problem hiding this comment. Yes, it returns all vendor products at once
Contributor
Author
There was a problem hiding this comment. I don't understand the differentiation between models and products here. Can you explain the difference? The endpoint name is models, but that seems to be a reference to the various PIDs. These terms seen interchangeable. |
||||||
| * NOTE - `vid` (Vendor ID) is a decimal value | ||||||
|
|
||||||
| * **Query by VID & PID:** `/dcl/model/models/{vid}/{pid}` | ||||||
| * **Returns:** Details for a specific product. | ||||||
|
There was a problem hiding this comment. Maybe
Suggested change
Contributor
Author
There was a problem hiding this comment. what is a device mode here? That seems like a DCL term. There was a problem hiding this comment. I believe Device Model is a term from the spec, and the name of the Schema: https://github.com/CHIP-Specifications/connectedhomeip-spec/blob/master/src/service_device_management/DistributedComplianceLedger.adoc#6-devicemodel-schema
Contributor
Author
There was a problem hiding this comment. yes, and those relate "A unique combination of the VendorID and ProductID is used to identify a DeviceModel." So product and device model seem interchangeable in this context. Why is product incorrect here? |
||||||
| * **Pagination:** Not applicable. | ||||||
| * NOTE - `vid` (Vendor ID) and `pid` (Product ID) are decimal values | ||||||
|
|
||||||
|
|
||||||
| ### Web Interface | ||||||
| * **Location:** https://webui.dcl.csa-iot.org/models | ||||||
|
|
||||||
| --- | ||||||
|
|
||||||
| ## DeviceSoftwareVersionModel Schema | ||||||
| **Description:** Detailed information about specific software versions for a device model (release notes, OTA URLs). | ||||||
|
|
||||||
| ### REST API | ||||||
| * **Query by VID & PID:** `/dcl/model/versions/{vid}/{pid}` | ||||||
| * **Returns:** A list of all software versions for a specific device model. | ||||||
| * **Pagination:** Not applicable (returns complete list in one object). | ||||||
| * NOTE: Querying by VID alone (`/dcl/model/versions/{vid}`) is NOT supported (Returns 501). | ||||||
|
cecille marked this conversation as resolved.
|
||||||
|
|
||||||
| * **Query by VID, PID & Software Version:** `/dcl/model/versions/{vid}/{pid}/{softwareVersion}` | ||||||
| * **Returns:** The full details for a specific software version. | ||||||
| * **Pagination:** Not applicable. | ||||||
| * NOTE - `vid` (Vendor ID), `pid` (Product ID) and `softwareVersion` are decimal values | ||||||
|
|
||||||
| ### Web Interface | ||||||
| * **Location:** Accessed via the **Models** view details page. | ||||||
|
|
||||||
| --- | ||||||
|
|
||||||
| ## DeviceSoftwareCompliance Schema | ||||||
| **Description:** Tracks the certification status of a specific software version ("Certified", "Provisional", "Revoked"). | ||||||
|
|
||||||
| ### REST API | ||||||
| * **Query All Compliance Records:** `/dcl/compliance/compliance-info` | ||||||
| * **Returns:** A list of all compliance records. | ||||||
| * **Pagination:** **Required**. | ||||||
|
|
||||||
| * **Query by Specific Version:** `/dcl/compliance/compliance-info/{vid}/{pid}/{softwareVersion}/{certificationType}` | ||||||
| * **Returns:** The compliance status for a specific software version. | ||||||
| * **Pagination:** Not applicable. | ||||||
| * NOTE - Intermediate queries by VID or VID/PID are NOT supported (Returns 501). | ||||||
|
cecille marked this conversation as resolved.
|
||||||
| * NOTE - `vid` (Vendor ID), `pid` (Product ID) and `softwareVersion` are decimal values | ||||||
| * NOTE - certification type is "matter" (`/dcl/compliance/compliance-info/{vid}/{pid}/{softwareVersion}/matter`) | ||||||
|
|
||||||
| ### Web Interface | ||||||
| * **Location:** Accessed via the **Models** view details page. | ||||||
|
|
||||||
|
There was a problem hiding this comment. There is also a way to return a list of Compliance records by cDCertificateId: |
||||||
| --- | ||||||
|
|
||||||
| ## Device Attestation PKI Revocation Distribution Points Schema | ||||||
| **Description:** Provides the URLs where Certificate Revocation Lists (CRLs) can be downloaded for PAAs and PAIs. | ||||||
|
|
||||||
| ### REST API | ||||||
| Refer to the [Official REST API Documentation](https://zigbee-alliance.github.io/distributed-compliance-ledger/) for detailed response structures. | ||||||
|
|
||||||
| * **Query All Revocation Points:** `/dcl/pki/revocation-points` | ||||||
| * **Returns:** A list of all registered CRL distribution points. | ||||||
| * **Pagination:** **Required**. | ||||||
|
|
||||||
| * **Query by Issuer Subject Key ID:** `/dcl/pki/revocation-points/{issuerSubjectKeyID}` | ||||||
| * **Returns:** The distribution point details for a specific Issuer (PAA/PAI). | ||||||
|
|
||||||
| ### Web Interface | ||||||
| * **Location:** https://webui.dcl.csa-iot.org/pki/revocation-points | ||||||
|
|
||||||
| --- | ||||||
|
|
||||||
| ## Additional Schemas & Indices | ||||||
|
|
||||||
|
There was a problem hiding this comment. We may also mention |
||||||
| This section describes other schemas and indices available in the DCL. Refer to the [Official REST API Documentation](https://zigbee-alliance.github.io/distributed-compliance-ledger/) for full details on endpoints and structures. | ||||||
|
|
||||||
| ### CertifiedModel Index | ||||||
| **Description:** A simplified index or "view" that allows for quick verification of certification status without retrieving the full compliance record. | ||||||
|
|
||||||
| #### REST API | ||||||
| * **Query All Certified Models:** `/dcl/compliance/certified-models` | ||||||
| * **Returns:** A list of all models that currently hold a valid certification. | ||||||
| * **Pagination:** **Required**. | ||||||
|
|
||||||
| * **Query by VID, PID & Software Version:** `/dcl/compliance/certified-models/{vid}/{pid}/{softwareVersion}/{certificationType}` | ||||||
| * **Returns:** A boolean-like record indicating if the specific version is certified. | ||||||
|
cecille marked this conversation as resolved.
Outdated
|
||||||
|
|
||||||
|
There was a problem hiding this comment. We may also mention revoked models:
Contributor
Author
There was a problem hiding this comment. Right now there are no revoked models, and I'm not sure exactly what the corresponds to in the spec. I'd rather leave that as a follow up until a person from the DCL team can come and explain how that actually relates to the spec and what's intended to be in there. There was a problem hiding this comment. It's perhaps one of the DCL feature which is not mentioned explicitly in the spec. Will be updated as part of the current Spec Compliance task.
Contributor
Author
There was a problem hiding this comment. OK, let's leave this as is, and it can be added to this documentation once the spec work is done. |
||||||
| #### Web Interface | ||||||
| * **Location:** https://webui.dcl.csa-iot.org/compliance | ||||||
|
|
||||||
| ### Auth Endpoint | ||||||
| **Description:** Manages DCL accounts, roles (Vendor, Trustee, NodeAdmin), and permissions. | ||||||
| * **Key Endpoint:** `/dcl/auth/accounts` | ||||||
| * **Web Interface:**https://webui.dcl.csa-iot.org/accounts | ||||||
|
|
||||||
| ### DclUpgrade Schema | ||||||
| **Description:** Manages the proposal and approval process for software upgrades to the DCL network itself. | ||||||
| * **Key Endpoint:** `/dcl/dclupgrade/proposed-upgrades` | ||||||
| * **Web Interface:**https://webui.dcl.csa-iot.org/upgrades | ||||||
|
|
||||||
| ### Validator Schema | ||||||
| **Description:** Contains information about the Validator Nodes that maintain the DCL network consensus. | ||||||
| * **Key Endpoint:** `/dcl/validator/nodes` | ||||||
| * **Web Interface:**https://webui.dcl.csa-iot.org/validators | ||||||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We may also mention