API Reference
API Reference
Section titled “API Reference”Every ProtocolSoup service publishes a versioned OpenAPI 3.1 contract. This tab renders those contracts as interactive reference pages where you can inspect parameters, schemas, and example payloads for each endpoint.
Endpoints
Section titled “Endpoints”All four ProtocolSoup API services are available in a single interactive reference with live request testing:
Interactive API Reference Browse all Gateway, Federation, SCIM, and VC endpoints in one view. Switch between services, inspect schemas, and send test requests directly from the docs.
The reference includes Gateway (health, discovery, sessions, Looking Glass), Federation (OAuth 2.0, OIDC, SAML, OID4VCI, OID4VP), SCIM (users, groups, bulk, schemas), and VC (credential issuance, presentations, verification).
Base URLs
Section titled “Base URLs”| Environment | URL |
|---|---|
| Production (gateway) | https://protocolsoup.com |
| Local full stack | http://localhost:8080 (gateway), http://localhost:3000 (UI) |
| Direct service | http://localhost:8080 per service (each binds to :8080 by default) |
Authentication
Section titled “Authentication”Most endpoints are unauthenticated for demo purposes. Exceptions:
- SCIM endpoints require a
Bearertoken via theAuthorizationheader. SetSCIM_API_TOKENon the SCIM service, then sendAuthorization: Bearer <your-token>with every request. - OIDC UserInfo requires a valid access token. Obtain one by running an OIDC Authorization Code flow, then send
Authorization: Bearer <access_token>toGET /oidc/userinfo. - OID4VCI credential and nonce endpoints require a bearer token from the OID4VCI token exchange. Call
POST /oid4vci/tokenfirst to get an access token, then use it onPOST /oid4vci/credentialandPOST /oid4vci/nonce.
Before You Start
Section titled “Before You Start”- Pick an integration pattern — gateway-first, direct, or hybrid.
- Open the Interactive Reference to browse and test endpoints.