JSON API - Party Allocation Authorization

Darko · February 17, 2021, 1:39pm

Hi all,

Looking at the documentation of the party management section of the JSON-API, a few questions came up that I would like to clarify.

Assuming that the ledger has authentication enabled (i.e. JWT tokens are verified for each request) are the following statements correct?

To successfully allocate a new party through the JSON API, the JWT used for that request would need to have the admin claim set to true. (This is effectively verified by the ledger, not the JSON API)
If so, is this all that would be required.
Is the assumption correct that if the value of the admin field defaults to false if it is not set.

If authentication is not enabled on the ledger,
a. An admin: true field is not required on the JWT when allocating a new party.
b. actAs / readAs claims would still be required in order for the JSON-API to deduce who is the actor.

Thanks for the confirmations/corrections.

Best,
Darko

cocreature · February 17, 2021, 1:55pm

All sounds correct to me. I think it’s also worth pointing out that the first 3 points all apply to the underlying ledger as well. The JSON API simply inherits those properties by passing the token along.

Topic		Replies	Views
Claims in JWT for multi-party submission using JSON API Questions daml , json-api	7	470	April 14, 2021
Clarification on DAML keywords, JSON API and Ledger API Questions daml , json-api , ledger-api	1	159	November 21, 2022
Daml ledger allocate-parties Questions daml	7	785	June 11, 2022
What is a "known" party in the context of the HTTP JSON API "fetch all known parties" endpoint? Questions	2	439	November 3, 2020
DAML Hub json api: party allocation unsupported for now Questions damlhub , ledger-api	3	357	December 21, 2021

JSON API - Party Allocation Authorization

Related Topics