nutshell
2020/06/16

iSHARE: joining and onboarding in a nutshell

The iSHARE Data Sharing Scheme is an authentication/authorization protocol that enables everyone in the Dutch logistics sector to share data in a simple and controlled way. However, to build trust in the ecosystem, all parties need to be held to the same standards. Read on to learn more about the relevant requirements, role types and procedures.

Within iSHARE, there are different types of roles: identity providers (those who provide identities) and authorization registries (parties that store, query, and administer delegations regarding different types of data objects and attributes). You can apply to join iSHARE in two ways: as an adhering party or a certified party. Certified parties can fulfil the role of identity providers and authorization registries. Adhering parties are iSHARE’s users. While both types of parties go through roughly the same process to join, requirements change depending on the role.

Process and requirements

To join, all parties go through the following process:

  1. Build software that is compliant

iSHARE uses a number of public APIs to facilitate data exchange. To join iSHARE, you must develop tooling to support these endpoints, as they allow you to exchange information securely with the Scheme Owner (Visma Connect), certified parties, and adhering parties. An open specification for developers can be found on dev.ishareworks.org. You can also find reference implementations on Github.

Based on our experience we recommend contacting an implementation partner that may provide some guidance on the requirements and help you through the implementation itself. A list of implementation partners can be found here. Please note that the Scheme Owner does not provide implementation support.

2. Validate your software’s compliance with our Conformance Test Tool (CTT)

Once you have developed your software, you must prove that it conforms to the specification using our CTT. The conformance test’s requirements will differ depending on the role you want to fulfil, but all parties need to support the endpoints detailed on dev.ishareworks.org. To get access to the CCT, contact tooling@ishareworks.org. Test certificates are issued at this stage. Once you pass the CCT, you need to provide a valid certificate.

  1. Get your certificate

Parties that join iSHARE need to have a PKI-O server certificate or an eIDAS certificate. We have selected these types of certificates because they give the best guarantee that anyone wielding the certificate is who they say they are. Both certificates require physical forms of authentication.

  1. Sign the documentation

Once we have confirmed that your software complies with the CTT and you have provided a valid PKI-O or eIDAS certificate, you will need to sign the legal documentation. The contract is the core of iSHARE and will require the close involvement of your legal team. Once your organisation signs and the contract is co-signed by the iSHARE foundation, Visma Connect will add you to the participants list and you will be able to go live.

For general information, visit ishareworks.org. For development details, please refer to dev.ishareworks.org