Frdlweb API Specification

Go back Parent node: technical-specifications (

Technical information

Dot notation:
ASN.1 notation: { iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) frdlweb(37553) weid(8) companies(1) webfan-de(8) technical-specifications(1) frdlweb-api(13878) }
OID-IRI notation: /ISO/Identified-Organization/6/1/4/1/Frdlweb/weid/1/8/1/13878
WEID notation: weid:1-8-1-API-6
DER encoding: 06:0E:2B:06:01:04:01:82:A5:31:08:01:08:01:EC:36


This specification defines the "Frdlweb API Specification".

Please note that this draft is a work in progress and will be updated or changed in the future.


An "Frdlweb API" implements a specific subset of API specifications, provides the "Frdlweb API Workflow" and the "Frdlweb API Metadata".

Example Implementation


Frdlweb API Workflow

An Frdlweb API implements

  1. One or more API-discover document as META-Information
  2. An OAuth2 Authorization Server
  3. One or more JSON-RPC Version 2.0 Servers

Flow 1) The consumer may use the access_token provided by the Oauth2 Authorization Server to do an authorized request on behalf of the End-User to one of the associated JSON-RPC Servers.

The Cliet Request SHOULD specifify the access_token as "Bearer" Token in the "Authorization"-Header and the "X-Authorization"-Header of the request.

Flow 2) The consumer may use the access_token to request a protected resource which hands auth an time-limited username and password to the client to access the RPC Server methods using Digest-Auth.

If the JSON-RPC Request is a batch-request, the server MUST validate the token and its scope on each requested API method, meaning the scope/token cannot issue a complete request but a single RPC method.

The OAuth Server Origin and the JSON-RPC Server Origin must not be the same. In that case the servers may use the OAuth 2.0 Introspection Protocol to validate a token, as the RPC method requests a protected resource, but this is out of the scope of this specification.


Frdlweb API Metadata

An Frdlweb API Server MUST provide metadata documents, at least one root metadata document.

The metadata MUST refer to at least

  1. An OAuth 2.0 Authorization Server Metadata Document as specified in the OAuth Discovery Specifiaction.
  2. References to one or more JSON-RPC 2.0 Servers, provideing Metadata Documents via a public method as specified in the OpenRPC Specification.

Registration Authority

FRDL/Webfan Registration Authority
Till Wehowski
Webfan Homepagesystem
Wattenscheider Straße 59
44793 Bochum

Phone: +492347921596
Mobile: +491744440298

Subordinate objects

ID Base36 ASN.1 IDs (comma sep.) IRI IDs (comma sep.) RA Comment Created Updated
31765 OID oid-lookup FRDL/Webfan Registration Authority 2020-06-10 2020-06-11

Alternative Identifiers

Name based version 3 / MD5 UUID with namespace UUID_NAMEBASED_NS_OID: guid:898433a8-b5a8-3429-a9c0-111e1d4039c7
Name based version 5 / SHA1 UUID with namespace UUID_NAMEBASED_NS_OID: guid:2e262c31-89fb-5bf0-9981-65cee7b4b563


Share Static link to this page

Deutsch English (USA)
oidplus:login_webfan | Login using Webfan
oidplus:weid_info | WEID Documentation
oidplus:webfan_goto_webfan_home | Webfan Objects
oidplus:resources$Tools/Whois.html | Whois Lookup
oidplus:system | System
oid: | Object Identifier (OID)
     oid: | -- technical-specifications
          oid: | -- Frdlweb API Specification
               oid: | -- OID Look-Up
guid: | Globally Unique Identifier (GUID)
other: | Other objects
php: | PHP classes
circuit: | Circuit Definition
uri: | URI objects
web+fan: | web+fan:// [#@resources]
oidplus:login | Login
oidplus:whois | OID-IP / WHOIS
com.frdlweb.freeweid | Register a free WEID as OID Arc
oidplus:com.viathinksoft.freeoid | Register a free OID
oidplus:search | Search
oidplus:resources | Documents and Resources
oidplus:contact | Contact administrator