Frdlweb API Specification

Go back Parent node: technical-specifications (

Technical information

Dot notation:
ASN.1 notation: { iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) frdlweb(37553) weid(8) companies(1) webfan-de(8) technical-specifications(1) frdlweb-api(13878) }
OID-IRI notation: /ISO/Identified-Organization/6/1/4/1/Frdlweb/weid/1/8/1/13878
WEID notation: weid:1-8-1-API-6


This specification defines the "Frdlweb API Specification".

Please note that this draft is a work in progress and will be updated or changed in the future.


An "Frdlweb API" implements a specific subset of API specifications, provides the "Frdlweb API Workflow" and the "Frdlweb API Metadata".

Example Implementation


Frdlweb API Workflow

An Frdlweb API implements

  1. One or more API-discover document as META-Information
  2. An OAuth2 Authorization Server
  3. One or more JSON-RPC Version 2.0 Servers

Flow 1) The consumer may use the access_token provided by the Oauth2 Authorization Server to do an authorized request on behalf of the End-User to one of the associated JSON-RPC Servers.

The Cliet Request SHOULD specifify the access_token as "Bearer" Token in the "Authorization"-Header and the "X-Authorization"-Header of the request.

Flow 2) The consumer may use the access_token to request a protected resource which hands auth an time-limited username and password to the client to access the RPC Server methods using Digest-Auth.

If the JSON-RPC Request is a batch-request, the server MUST validate the token and its scope on each requested API method, meaning the scope/token cannot issue a complete request but a single RPC method.

The OAuth Server Origin and the JSON-RPC Server Origin must not be the same. In that case the servers may use the OAuth 2.0 Introspection Protocol to validate a token, as the RPC method requests a protected resource, but this is out of the scope of this specification.


Frdlweb API Metadata

An Frdlweb API Server MUST provide metadata documents, at least one root metadata document.

The metadata MUST refer to at least

  1. An OAuth 2.0 Authorization Server Metadata Document as specified in the OAuth Discovery Specifiaction.
  2. References to one or more JSON-RPC 2.0 Servers, provideing Metadata Documents via a public method as specified in the OpenRPC Specification.

Registration Authority

FRDL/Webfan Registration Authority
Till Wehowski
Webfan Homepagesystem
Wattenscheider Straße 59
44793 Bochum

Phone: +492347921596
Mobile: +491744440298

Subsequent objects


ID RA Comment Created Updated
31765 FRDL/Webfan Registration Authority 2020-06-10 2020-06-11

Alternative Identifiers

Name based version 3 / MD5 UUID with namespace UUID_NAMEBASED_NS_OID guid:898433a8-b5a8-3429-a9c0-111e1d4039c7
Name based version 5 / SHA1 UUID with namespace UUID_NAMEBASED_NS_OID guid:2e262c31-89fb-5bf0-9981-65cee7b4b563
WEID-Notation weid:1-8-1-API-6


Share Static link to this page

Deutsch English (USA)
oidplus:system | System
oid: | oid: (WEID)
     oid: | -- technical-specifications
          oid: | -- Frdlweb API Specification
               oid: | -- OID Look-Up
oid: | Object Identifier (OID)
host: | Hostname (Domain)
webfandns: | Managed Hostname (Managed Domain)
java: | Java Package Names
ipv4: | IPv4 Network Blocks
ipv6: | IPv6 Network Blocks
guid: | Globally Unique Identifier (GUID)
doi: | Digital Object Identifier (DOI)
other: | Other objects
oidplus:login | Login
oidplus:whois | Web WHOIS
com.frdlweb.freeweid | Register a free WEID
oidplus:com.viathinksoft.freeoid | Register a free OID
oidplus:search | Search
oidplus:resources | Documents and Resources
oidplus:contact | Contact administrator