5.1.1.1
Data sharing: Data sharing request - Request data transfer
Test: Coverage test: assess that the API is available and test that a data sharing request is properly covered:
- Initiate a data sharing
- Retrieve data sharing information and status
- Receive data sharing request outcome condition
- Retrieve data sharing information of past data sharing actions.
The system ranks higher if the API is secured and implements common methods, like REST.
The description of Test 5.1.1.1 was extracted from this page in the GitHub repository.
This file was last modified at 2026-06-24 15:37:50 UTC.
Information
-
Phase 1
-
Minimal? Yes
-
Related KPIs:
- Functional suitability: [Functional completeness] The system provides a documented, programmatic interface (API) to initiate and manage a data transfer.
-
Evaluation Criteria:
| Requirement | Measured KPI (0-4) |
|---|---|
| Initiate a data sharing | - |
| Retrieve data sharing information and status | - |
| Receive data sharing request outcome condition | - |
| Retrieve data sharing information of past data sharing actions. | - |
Overall Score = (Score_Initiate + Score_Retrieve_Status + Score_Request_Outcome + Score_Past_Actions) / 4
Results
- Fiware
- protoEMDS Final Stack (EDC-based)
- EDC+VC
The results for Test 5.1.1.1 for Fiware were extracted from this page in the GitHub repository.
This file was last modified at 2026-06-24 15:37:50 UTC.
Environment
This functionality has been tested in the IONOS Deployment
Tested quality metric and method
The Fiware connector is a connector that only exists on the data provider side. It is based on APISIX and therefore it supports a lot of different protocols for data exchange. Therefore, the ways to initiate a data transfer, or simply said, the ways for downloading a resource, can differ. The steps to initiate a data transfer for an HTTP resource that can be retrieved with a HTTP GET request have been tested.
These steps include:
- Getting the token endpoint for retrieving an access token to download the data
- Using the token endpoint to get the access token
- Using the access token to download the data
The quality metric for this test is based on the criteria outlined in iso27001_kpis_subkpis.xlsx. In Phase 1, the focus is on the Functional Suitability metric. For detailed information, please refer to the Comparative criteria (checklists, ...) section in the test description.
Expected output
Since there is no Fiware Connector on the consumer side, there will be no components on the data consumer side that support the:
- initiation of a data transfer
- logging of a data transfer
- retrrieval of data transfers logs
Results
Assessment
The following steps from above have been done:
- Getting the token endpoint for retrieving an access token to download the data
curl --location --request GET 'http://data-service.fiwareconnector.de/.well-known/openid-configuration'
- Using the token endpoint to get the access token (the vp_token value has been removed for readability)
curl --location --request POST 'http://verifier.fiwareconnector.de/services/data-service/token' \
--header 'Accept: */*' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=vp_token' \
--data-urlencode 'vp_token=...' \
--data-urlencode 'scope=default'
- Using the access token to download the data (the actual bearer token value has been removed for readability)
curl --location --request GET 'http://data-service.fiwareconnector.de/ngsi-ld/v1/entities/urn:ngsi-ld:EnergyReport:fms-1' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer ...'
The logs can be consulted to:
- Retrieve data sharing information and status
- Receive data sharing request outcome condition
- Retrieve data sharing information of past data sharing actions.
Kubernetes provides APIs to access these logs.
These logs could also be added/crawled into a system that provides an API to download or query the logs. Like e.g. Grafana Loki or a solution based on ElasticSearch. The current setup does not contain such a log store.
Nginx Logs
185.56.150.174 - - [14/Aug/2024:10:49:25 +0000] "GET /v4/issuers/did:key:REDACTED HTTP/1.1" 200 83 "-" "Go-http-client/1.1" 170 0.015 [trust-anc ││ 185.56.150.174 - - [14/Aug/2024:10:49:25 +0000] "POST /services/data-service/token HTTP/1.1" 200 1259 "-" "PostmanRuntime/7.29.2" 2842 0.380
VCVerifier Logs
{"level":"debug","msg":"\u0026{POST /services/data-service/token HTTP/1.1 1 1 map[Accept:[*/*] Accept-Encoding:[gzip, deflate, br] Content-Length:[2533] Content-Type:[application/x-www- │
│ {"level":"warning","msg":"Got token ZXlKaGJHY2lPaUpGVXpJMU5pSXNJQ0owZVhBaU9pSktWMVFpTENBaWEybGtJam9pWkdsa09tdGxlVHA2Ukc1aFpXSkZWM0EyVjJkUlJXZE5lV3RyUTFSM1NHcDZZa1YyYlZGNmRFTkRiMmxSTlZBM │
│ {"level":"debug","msg":"Found service for data-service","time":"2024-08-14T10:51:39Z"} │
│ {"level":"debug","msg":"Get issuers list for data-service - default - NaturalPersonCredential.","time":"2024-08-14T10:51:39Z"} │
│ {"level":"debug","msg":"Found trusted issuers for [http://tir-ta.fiwareconnector.de] for data-service - NaturalPersonCredential","time":"2024-08-14T10:51:39Z"} │
│ {"level":"debug","msg":"Get participants list for data-service - default - NaturalPersonCredential.","time":"2024-08-14T10:51:39Z"} │
│ {"level":"debug","msg":"Found trusted participants [http://tir-ta.fiwareconnector.de] for data-service - NaturalPersonCredential","time":"2024-08-14T10:51:39Z"} │
│ {"level":"debug","msg":"Verify trusted participant for \"eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkaWQ6a2V5OnpEbmFlaHlEc203cmtidDN0MXdxWVptN3ZBeWFFdDgzRVp0blNGMzV0cFh1R05nUXUi │
│ {"level":"info","msg":"Participants are: map[NaturalPersonCredential:[http://tir-ta.fiwareconnector.de]]","time":"2024-08-14T10:51:39Z"} │
│ {"level":"info","msg":"First Value is [http://tir-ta.fiwareconnector.de]","time":"2024-08-14T10:51:39Z"} │
│ {"level":"debug","msg":"Check if a participant did:key:REDACTED is trusted through http://tir-ta.fiwareconnector.de.","time":"2024-08-14T10:51:39Z"} │
│ {"level":"debug","msg":"Get issuer http://tir-ta.fiwareconnector.de/v4/issuers/did:key:REDACTED.","time":"2024-08-14T10:51:39Z"} │
│ {"level":"debug","msg":"Issuer did:key:REDACTED response from http://tir-ta.fiwareconnector.de is 200","time":"2024-08-14T10:51:39Z"} │
│ {"level":"debug","msg":"Issuer did:key:REDACTED is a trusted participant via http://tir-ta.fiwareconnector.de.","time":"2024-08-14T10:51:39Z"} │
│ {"level":"debug","msg":"Validate trusted issuer for \"eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkaWQ6a2V5OnpEbmFlaHlEc203cmtidDN0MXdxWVptN3ZBeWFFdDgzRVp0blNGMzV0cFh1R05nUXUifQ. │
│ {"level":"debug","msg":"Get issuer http://tir-ta.fiwareconnector.de/v4/issuers/did:key:REDACTED.","time":"2024-08-14T10:51:39Z"} │
│ {"level":"debug","msg":"Got issuer {\"did\":\"did:key:REDACTED\",\"attributes\":[]}.","time":"2024-08-14T10:51:39Z"} │
│ {"level":"debug","msg":"No forbidden claim found for subject {}. Checked config was {\"validFor\":{\"from\":\"\",\"to\":\"\"},\"credentialsType\":\"\",\"claims\":null}.","time":"2024-08 │
│ {"level":"debug","msg":"Credential \"eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkaWQ6a2V5OnpEbmFlaHlEc203cmtidDN0MXdxWVptN3ZBeWFFdDgzRVp0blNGMzV0cFh1R05nUXUifQ.eyJuYmYiOjE3MjM2M │
│ {"level":"info","msg":"Generated and signed token: {Bearer 1800 eyJhbGciOiJSUzI1NiIsImtpZCI6Ik1pdWlSS1VrU3VVcTc2QzVXQTZNTTdITDN6WWl4b04zeEZSOXNTcHljenciLCJ0eXAiOiJKV1QifQ.eyJhdWQiOlsiZG │
│ {"level":"info","msg":"Request [POST]/services/data-service/token took 304788595 ms - Result: 200","time":"2024-08-14T10:51:39Z"}
Logs of Open Policy Agent (in this case, access has been denied)
{"client_addr":"127.0.0.1:53420","level":"info","msg":"Received request.","req_body":"{\"input\":{\"var\":{\"remote_port\":\"44784\",\"timestamp\":1723633160,\"server_port\":\"9080\",\"
{"client_addr":"127.0.0.1:53420","level":"info","msg":"Sent response.","req_id":8,"req_method":"POST","req_path":"/v1/data/policy/main","resp_body":"{\"result\":{\"allow\":false}}
Measured results
Initiation of data sharing works. The logging features can only be used to a limited extend as they are currently lacking vital information like, who tried to access or why was access denied.
| Requirement | Measured KPI |
|---|---|
| Initiate a data sharing | 4 |
| Retrieve data sharing information and status | 1 |
| Receive data sharing request outcome condition | 1 |
| Retrieve data sharing information of past data sharing actions. | 1 |
| Result | 1.75 |
Functional Suitability Quality Metric Score: 1.75
Notes
The results for Test 5.1.1.1 for protoEMDS Final Stack (EDC-based) were extracted from this page in the GitHub repository.
This file was last modified at 2026-06-24 15:37:50 UTC.
Environment
This section identifies the technical context in which the protoEMDS Final Stack assessment is performed.
| Field | Value |
|---|---|
| Assessment context | Integration phase assessment of the EMDS final technical infrastructure |
| Result perspective | protoemds_final_stack |
| Stack under assessment | protoEMDS Final Stack (EDC-based) |
| KPI1 area | Data sharing request |
| Existing test ID | 5.1.1.1 |
| Level | UC + Technical |
| ISO/IEC 25010 mapping | Functional suitability, Reliability, Security |
| Owner (tentative) | Casper (imec) |
| Reviewer | Wilhelm |
| Deployment model assessed | TBD |
| Target environment | TBD |
| EDC version / release | TBD |
| Connector deployment reference | TBD |
| Assessment evidence | TBD |
The assessment should be completed using the deployment model for which evidence is realistically available. It is not mandatory to execute the same test in both CaaS and on-premise environments.
If only one deployment model is assessed, the other one should be marked as Not assessed.
Tested quality metric and method
This result reuses the existing stack-agnostic test definition in test.md and adds an protoEMDS Final Stack integration-assessment perspective.
It does not replace the historical stack-specific result files, such as result_edc_vc.md or result_fiware.md.
The quality metric, expected output and comparative criteria remain those defined by the original test. This result file should only capture the evidence and assessment outcome for the selected protoEMDS Final Stack deployment.
Test-specific assessment scope
Coverage test: assess that the API is available and test that a data sharing request is properly covered:
- Initiate a data sharing
- Retrieve data sharing information and status
- Receive data sharing request outcome condition
- Retrieve data sharing information of past data sharing actions.
The system ranks higher if the API is secured and implements common methods, like REST.
Expected Output
The test aims to provide a comprehensive evaluation of the following aspects:
- Assess the Availability of the API: Ensure that the API is accessible and functional.
- Test Data Sharing Requests: Verify that data sharing requests are correctly processed, covering these steps:
- Initiating a data sharing request.
- Retrieving information and status of the data sharing request.
- Receiving the outcome of the data sharing request, including conditions.
- Accessing information on past data sharing activities. The system will score higher if the API is secured and utilizes standard methods, such as REST.
Results
Assessment
Pending.
The assessment should be completed once consolidated technical evidence is available for the protoEMDS Final Stack deployment.
The result should clearly indicate which deployment model was assessed. It is acceptable to assess only one deployment model if evidence for the other deployment model is not available.
Deployment model assessed
| Deployment model | Status | Evidence | Consolidated assessment |
|---|---|---|---|
| CaaS / IONOS-managed deployment | TBD | TBD | Complete this row only if evidence is collected from the IONOS-managed deployment. Otherwise mark as Not assessed. |
| On-premise deployment | TBD | TBD | Complete this row only if evidence is collected from an on-premise or locally managed deployment. Otherwise mark as Not assessed. |
Measured results
| Requirement | Measured KPI |
|---|---|
| Initiate a data sharing | TBD |
| Retrieve data sharing information and status | TBD |
| Receive data sharing request outcome condition | TBD |
| Retrieve data sharing information of past data sharing actions. | TBD |
Overall Calculation: TBD Functional Suitability Quality Metric Score: TBD
Notes
This result introduces an protoEMDS Final Stack perspective for the existing test 5.1.1.1 under the KPI1 area Data sharing request.
This result should not be interpreted as part of the original Phase 1 / Phase 2 stack-comparison campaign. It is intended as an integration phase assessment of the current EMDS final technical infrastructure.
The assessment should be completed using consolidated technical evidence, such as endpoint responses, logs, screenshots, Postman/curl executions, GitHub issues, pull requests, repository references, deployment status or confirmation from the relevant component owner.
This result file was generated from the local test.md and, where available, the local result_edc_vc.md structure. EDC+VC-specific evidence, values and scores were intentionally not reused.
The results for Test 5.1.1.1 for EDC+VC were extracted from this page in the GitHub repository.
This file was last modified at 2026-06-24 15:37:50 UTC.
Environment
- The test utilizes the EDC MVD commit 8da0c4e.
- EDC version 0.8.2-SNAPSHOT
- The test is executed in an Ubuntu environment using IntelliJ.
Tested quality metric and method
The quality metric for this test is based on the criteria outlined in iso27001_kpis_subkpis.xlsx. In Phase 1, the focus is on the Functional Suitability metric. For detailed information, please refer to the Comparative criteria (checklists, ...) section in the test description.
Expected Output
The test aims to provide a comprehensive evaluation of the following aspects:
- Assess the Availability of the API: Ensure that the API is accessible and functional.
- Test Data Sharing Requests: Verify that data sharing requests are correctly processed, covering these steps:
- Initiating a data sharing request.
- Retrieving information and status of the data sharing request.
- Receiving the outcome of the data sharing request, including conditions.
- Accessing information on past data sharing activities. The system will score higher if the API is secured and utilizes standard methods, such as REST.
Results
Assessment
EDC version 0.8.2-SNAPSHOT offers the following management API endpoints for managing data transfer processes:
- POST
/v3/transferprocesses: Initiates a data transfer with specified parameters. - POST
/v3/transferprocesses/request: Returns all transfer processes that match a given query. - GET
/v3/transferprocesses/{id}: Retrieves a transfer process using the specified ID. - POST
/v3/transferprocesses/{id}/deprovision: Requests the deprovisioning of resources related to a transfer process. - POST
/v3/transferprocesses/{id}/resume: Requests the resumption of a suspended transfer process. - GET
/v3/transferprocesses/{id}/state: Retrieves the state of a transfer process using the specified ID. - POST
/v3/transferprocesses/{id}/suspend: Requests the suspension of a transfer process. - POST
/v3/transferprocesses/{id}/terminate: Requests the termination of a transfer process.
These endpoints, included in the EDC MVD commit 8da0c4e, are secured using the EDC implementation of Token-Based Authentication Service. This service secures connector APIs and is configured with the key EDC_API_AUTH_KEY. EDC also provides an AuthenticationService to integrate authentication protection into the APIs. Additionally, out-of-the-box extensions for authentication are available from EDC here.
Measured results
As demonstrated above, all the following aspects of the transfer API coverage are fulfilled:
| Requirement | Measured KPI |
|---|---|
| Initiate a data sharing | 4 |
| Retrieve data sharing information and status | 3 |
| Receive data sharing request outcome condition | 3 |
| Retrieve data sharing information of past data sharing actions. | 3 |
Overall Calculation: (4+3+3+3)/4 = 3.25 Functional Suitability Quality Metric Score: 3.25
Notes
EDC is a pluggable ecosystem primarily targeting Java/Kotlin developers. Some extensions are available on the market for plug-and-play, but for certain specific use cases, developers need to create their own extensions.