TransNexus Secure Telephone Identity Call Placement Service (STI-CPS)

Health Check

Method: GET
URL: https://cps.transnexus.com/health

An HTTP 200 status code will be returned if the STI-CPS is healthy. An HTTP status code greater than 399 will be returned if the STI-CPS is not healthy.

Publish

Method: POST
URL: https://cps.transnexus.com/passports/SPC/DEST/ORIG

The request must include a bearer token in the "Authorization" header. The bearer token must be a JWT that is both fresh and signed by a valid, unrevoked STI certificate that chains up to an approved STI-CA root certificate. The JWT header must include an "alg" claim with the value "ES256". The JWT header must include an "x5u" claim indicating the Uniform Resource Identifier (URI) of the STI certificate that was used to sign the JWT. The JWT payload must include an "iat" claim indicating the timestamp of when the JWT was signed. The JWT payload must include an "exp" claim indicating the timestamp of when the PASSporT(s) should be deleted from the STI-CPS. The JWT payload must include an "aud" claim with the literal string "cps.transnexus.com" as the value. The JWT payload must include an "iss" claim with the Service Provider Code (SPC) of the service provider that signed the JWT as the value. The "iss" claim must match the SPC in the TNAuthList extension of the certificate that was used to sign the JWT. The JWT payload must include a "spc" claim with the SPC of the service provider that is making the request as the value. The "spc" claim must match the "SPC" parameter and the SPC in the TNAuthList extension of the certificate that was used to sign the JWT. The JWT payload must include an "action" claim with the literal string "publish" as the value. The JWT payload must include a "passports" claim where the value is the literal string "sha256-" concatenated with the base64 encoded SHA-256 digest of the canonicalized value of the "passports" key in the JSON object of the request body. The canonicalization procedures are described in JSON Canonicalization Scheme (JCS) [RFC 8785]. The JWT payload must include a "jti" claim with a unique version 4 Universally Unique IDentifier (UUID), as defined in A Universally Unique IDentifier (UUID) URN Namespace [RFC 4122], as the value. The JWT payload must include an "orig" claim with a "tn" value that matches the "ORIG" parameter. The JWT payload must include a "dest" claim with a "tn" value that matches the "DEST" parameter.

The request must have the "Content-Type" header set to "application/json".

The body of the request must be a JSON object. The JSON object must include the key "passports". The value of the key "passports" must be an array of strings where each string is a PASSporT.

An HTTP 201 status code will be returned if the PASSporT(s) were published. An HTTP status code greater than 399 will be returned if the PASSporT(s) were not published.

Retrieve

Method: GET
URL: https://cps.transnexus.com/passports/SPC/DEST/ORIG

The request must include a bearer token in the "Authorization" header. The bearer token must be a JWT that is both fresh and signed by a valid, unrevoked STI certificate that chains up to an approved STI-CA root certificate. The JWT header must include an "alg" claim with the value "ES256". The JWT header must include an "x5u" claim indicating the Uniform Resource Identifier (URI) of the STI certificate that was used to sign the JWT. The JWT payload must include an "iat" claim indicating the timestamp of when the JWT was signed. The JWT payload must include an "aud" claim with the literal string "cps.transnexus.com" as the value. The JWT payload must include an "iss" claim with the Service Provider Code (SPC) of the service provider that signed the JWT as the value. The "iss" claim must match the SPC in the TNAuthList extension of the certificate that was used to sign the JWT. The JWT payload must include a "spc" claim with the SPC of the service provider that the call was received from as the value. The "spc" claim must match the "SPC" parameter. The JWT payload must include an "action" claim with the literal string "retrieve" as the value. The JWT payload must include a "jti" claim with a unique version 4 Universally Unique IDentifier (UUID), as defined in A Universally Unique IDentifier (UUID) URN Namespace [RFC 4122], as the value. The JWT payload must include an "orig" claim with a "tn" value that matches the "ORIG" parameter. The JWT payload must include a "dest" claim with a "tn" value that matches the "DEST" parameter.

If one or more PASSporTs are available, then the HTTP status code will be 200, the response body will be a JSON object, and the "Content-Type" header will be set to "application/json". The JSON object will include the keys "token" and "passports". The value of the key "token" will be a string with the authentication JWT that was used for publishing the PASSPorTs as the value. The value of the key "passports" will be an array of strings where each string is a PASSporT. If no PASSporTs are available, then the HTTP status code will be 404.

Support

Error responses have a JSON body with a "message" field that provides specific information about why the request was rejected.

For assistance, please contact TransNexus support via https://tickets.transnexus.com.