...
A new REST API is proposed to modernize modernise the automated interfaces between offices and WIPO DAS:
- REST Web Services.
- , OpenID Connect and asymmetric encryption for unpublished document content to secure the exchange process and content
Info Please click here to download the specification in yaml
API Security
For advanced API Security, the FAPI (Financial grade API) – Part 2 standard adds an extra-layer on top of OAuth2.0 and OIDC.
...
| Note | ||
|---|---|---|
| ||
The other tls_client_auth and self_signed_tls_client_auth authentication methods defined in the FAPI part 2 standard leverages mutual TLS which necessitates tailored backend servers infrastructure. They are not proposed for DAS API authentication due the non-negligible additional costs and complexity that they will generate . |
The following controls must be enforced to guaranty the same level of security than the TDA VPN connection
...