This user guide is meant to explain to each testbed user what they should do with the testbed in order to assess the compatibility of their own developed component.
1. Download and Install the Testbed
Follow the instructions in the to install and configure the testbed as required. Utilize the preconfigured setup described as basis for this user guide.
2. Integrating your Connector into the Ecosystem
2.1. Generate a Certificate for your Connector
Generate a private-public key pair for your connector. Issue a certificate for the public key in this key pair signed by the private key of the utilized testbed CA:
./pki.py cert sign --key-file [path to public key file] --subCA [Sub CA name] --common-name [common name] --client
For the preconfigured setup, the name of the subCA is "ReferenceTestbedSubCA" and the respective files are found in .
Ensure that your connector always utilizes this IDS certificate to prove their identity with respect to the other components.
2.2. Configure your Connector
Configure your connector to use the common Root CA (cert). For the preconfigured setup, the file to be utilized is
Configure your connector to use the DAPS available under https://localhost:443 (endpoints: /token, /.well-known/jwks.json)
Provide a self-description for your connector
3. Interacting with the DAPS
3.1. Register your connector at the DAPS
Or use the manual steps described below:
Convert your connector certificate {common name}.crt from step 2.1 into the format required by the DAPS:
Add the certificate {common name}.cert to the DAPS/keys directory
3.2. Request your DAT
Use your connector to request a DAT from the DAPS
Validate that you received a valid DAT corresponding to the specification: https://github.com/International-Data-Spaces-Association/IDS-G/blob/main/Components/IdentityProvider/DAPS/README.md#dynamic-attribute-token-dat
4. Interacting with Connectors
4.1. Request Self-descriptions from Available Connectors
Connector A
Connector A is available at the following URL: https://localhost:8080
Request the Self-Description from Connector A using those of the following protocols you support:
Multipart: currently supported by connector A
IDSCP2: currently supported by connector A - still work in progress
IDS-REST: not yet supported by connector A
Validate that you receive the following self-description:
Connector A
Connector A offers an exemplary data artifact with weather warnings from the DWD. Obtain the resource catalog @id from the Self-Description requested in 4.1
Request the data sets from connector A using those of the following protocols you support:
Multipart: currently supported by connector A
IDSCP2: currently supported by connector A - still work in progress
IDS-REST: not yet supported by connector A
Follow the provided Postman collection Guide for Preparing and Validating the Preconfigured Setup/Validating Preconfigured Setup: Interaction between Connectors to validate that you are able to receive the data offered by the Dataspace Connector acting as providert:
5. Interacting with the MetaData Broker
5.1. Query the Self-description of the MetaData Broker
Request the self-description of the Broker.
The response body should give code 200 and should be comparable to the following:
5.3. Register your connector at the IDS MetaDataBroker with an exemplary data set
Register your connector at the MetaData Broker using those of the following protocols you support:
Multipart: currently supported by the MetaData Broker
IDSCP2: not yet supported by the MetaData Broker
IDS-REST: not yet supported by the MetaData Broker
Query the MetaData Broker for all available datasets using those of the following protocols you support:
Multipart: currently supported by the MetaData Broker
IDSCP2: not yet supported by the MetaData Broker
IDS-REST: not yet supported by the MetaData Broker
Validate that the received list of connectors represents the list retreived in 5.2, but extended for your own provided information.
In Addition: Execute Automated Test Suite
Register your connector following the instructions provided .
Add your client information identified by the unique identifier (client_id) in the DAPS/config/clients.yml file following the given examples in this file. The provided script can extract the unique identifier from the certificate to help the users who are not familiar with AKI/SKI extensions. This script adds the specified certificate to the DAPS's list of clients.
Connector B Connector B is currently not offering any data sets but only helping with validating the correct testbed setup as described in the .
Please execute the automated (interoperability) test suite provided at the Testsuite folder by .