Operate your own Solid infrastructure
Do you want to be a full-fledged Solid pod provider like use.id? Look no further! Plans start from EUR 800,00 per month for an end-to-end solution and can be customised based on your needs.
The steps below outline how you should configure your infrastructure once you have created several tenants together with your Digita account manager.
Part 1: Configure tenants
Step 2: Configure your DNS settings
Configure the following settings for your domain:
@ CNAME useid-sandbox-uss-webid.com
idp CNAME useid-sandbox-uss-iam.com
storage CNAME useid-sandbox-uss-storage.com
Example: My Move
- Custom domain: my-move.app
- User WebIDs:
https://my-move.app/<username>
- Identity Provider:
https://idp.my-move.app/
- User Data Storage:
https://storage.my-move.app/
Configuring your DNS settings in advance makes sure you can get started with use.id as soon as possible.
Step 3: Plan an onboarding session
Contact your Digita account manager for a quick introduction to our services.
Part 2: Getting an identity token to authenticate yourself to the different services
To manage your different services, you will need an identity token. This is done via the OAuth2.0 client credentials flow.
POST /oauth/token HTTP/1.1
Host: idp.sandbox-use.id
Content-Type: application/x-www-form-urlencoded
dpop: eyJhbGciOiJFUzI1NiIsImp3ayI6eyJhbGciOiJFUzI1NiIsImNydiI6IlAtMjU2Iiwia3R5IjoiRUMiLCJ4IjoiTm1WNDZQQ3NKd0E5cXB1bjF5S29yTHR6MWh2TjJTZko3eHRTYlJOUlAwdyIsInkiOiIzTDI3TjRONFd3LVBBaVd6VXZqWjZRcW96b2RSRGxSYkREREFTbTVwZ1dvIn0sInR5cCI6ImRwb3Arand0In0.eyJhdGgiOm51bGwsImh0bSI6IlBPU1QiLCJodHUiOiJodHRwczovL2lkcC5zYW5kYm94LXVzZS5pZC9vYXV0aC90b2tlbiIsImlhdCI6MTcwOTI5OTM0OSwianRpIjoiZWNkNGQ1ZDQtZmI4NC00ZDE3LTg1ZTgtNDcwNjdiMTJjZTU4In0.xHH1LLJpFnXIyeo0i3HTrVGP6bTt2YhSHYYPrDXW1QPSZ0QkWdozpVrRG5IwCHjXBIJjVxFAOSQ79FRHnjSJOg
X-Correlation-ID: 5ca14abc-fa1f-485c-8606-602b43845a38
Content-Length: 161
grant_type=client_credentials
&client_id=https%3A%2F%2Fwebid.sandbox-my-move.app%2F
&client_secret=Cma...VTq
HTTP/1.1 200 OK
Date: Fri, 01 Mar 2024 13:22:30 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-request-id: d34e5bf1-df31-468e-9957-814b82aafc0d
x-correlation-id: 5ca14abc-fa1f-485c-8606-602b43845a38
{
"id_token":"eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ3NGMxZGZlLTFhNDEtNGEyMC1hNDJkLWZmYzBmMmJkZGE5OCIsInR5cCI6Imp3dCJ9.eyJzdWIiOiJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwic3ViX3dlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsIndlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsImF1ZCI6WyJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwic29saWQiXSwic2NvcGUiOiJyZWdpOnVzZWlkOmFsbCBjb2duaTp1c2VpZDphbGwiLCJpc3MiOiJodHRwczovL2lkcC5zYW5kYm94LXVzZS5pZC8iLCJhenAiOiJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwiYXpwX3dlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsImlhdCI6MTcwOTI5OTM1MCwiZXhwIjoxNzA5MzAyOTUwLCJjbmYiOnsiamt0IjoiYnRJRWUzbUZuakRFbzZVWnF4WHhEeFJQeFN1akhlaVRCNXlTbmwxWlRPbyJ9fQ.qHNZYv_sgkS2FSJ5mAmlhztEQiG9YE57RqZZKE8pIFBUxM8SPENq3WPEyha4hemaapsz-4aFLnaXEXU3qChCrg",
"token_type":"DPoP",
"expires_in":3600
}
The returned identity token is used in later steps for authentication and authorization.
Part 3: Creating a new user
Creating a user that has all functionalities supported by the server, a user needs to be created in 3 different services.
Part 3.1: Creating a user on your webid service (Regi)
This example contains a couple triples that are commonly used in webid profile documents.
PUT /account-5ca14abc/profile HTTP/1.1
Host: sandbox-use.id
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ3NGMxZGZlLTFhNDEtNGEyMC1hNDJkLWZmYzBmMmJkZGE5OCIsInR5cCI6Imp3dCJ9.eyJzdWIiOiJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwic3ViX3dlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsIndlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsImF1ZCI6WyJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwic29saWQiXSwic2NvcGUiOiJyZWdpOnVzZWlkOmFsbCBjb2duaTp1c2VpZDphbGwiLCJpc3MiOiJodHRwczovL2lkcC5zYW5kYm94LXVzZS5pZC8iLCJhenAiOiJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwiYXpwX3dlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsImlhdCI6MTcwOTI5OTM1MCwiZXhwIjoxNzA5MzAyOTUwLCJjbmYiOnsiamt0IjoiYnRJRWUzbUZuakRFbzZVWnF4WHhEeFJQeFN1akhlaVRCNXlTbmwxWlRPbyJ9fQ.qHNZYv_sgkS2FSJ5mAmlhztEQiG9YE57RqZZKE8pIFBUxM8SPENq3WPEyha4hemaapsz-4aFLnaXEXU3qChCrg
X-Correlation-ID: 5ca14abc-fa1f-485c-8606-602b43845a38
Content-Length: 979
{
"public": "
<https://sandbox-use.id/account-5ca14abc> <http://www.w3.org/ns/solid/terms#primary-resource-storage> <https://storage.sandbox-use.id/> .\n
<https://sandbox-use.id/account-5ca14abc> <http://www.w3.org/ns/solid/terms#primary-auth-provider> <https://idp.sandbox-use.id/> .\n
<https://sandbox-use.id/account-5ca14abc> <http://www.w3.org/ns/solid/terms#oidcIssuer> <https://idp.sandbox-use.id/> .\n
<https://sandbox-use.id/account-5ca14abc> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <http://www.w3.org/ns/solid/interop#Agent> .\n
<https://sandbox-use.id/account-5ca14abc/profile> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <http://xmlns.com/foaf/0.1/PersonalProfileDocument> .\n
<https://sandbox-use.id/account-5ca14abc/profile> <http://xmlns.com/foaf/0.1/maker> <https://sandbox-use.id/account-5ca14abc> .\n
<https://sandbox-use.id/account-5ca14abc/profile> <http://xmlns.com/foaf/0.1/primaryTopic> <https://sandbox-use.id/account-5ca14abc> .\n
",
"private": ""
}
HTTP/1.1 200 OK
Date: Fri, 01 Mar 2024 13:22:30 GMT
Content-Length: 0
Connection: keep-alive
vary: accept, authorization, origin
x-correlation-id: 5ca14abc-fa1f-485c-8606-602b43845a38
x-request-id: ae3faf1b-7549-46cd-b182-7022681532ef
A new webid is now successfully created.
3.2: Creating a user on your identity provider service (Cogni)
This request will create a user on your IDP service so the user or authorized app can login.
PUT /users/https%3A%2F%2Fsandbox-use.id%2Faccount-5ca14abc HTTP/1.1
Host: idp.sandbox-use.id
Authorization: Bearer eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ3NGMxZGZlLTFhNDEtNGEyMC1hNDJkLWZmYzBmMmJkZGE5OCIsInR5cCI6Imp3dCJ9.eyJzdWIiOiJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwic3ViX3dlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsIndlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsImF1ZCI6WyJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwic29saWQiXSwic2NvcGUiOiJyZWdpOnVzZWlkOmFsbCBjb2duaTp1c2VpZDphbGwiLCJpc3MiOiJodHRwczovL2lkcC5zYW5kYm94LXVzZS5pZC8iLCJhenAiOiJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwiYXpwX3dlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsImlhdCI6MTcwOTI5OTM1MCwiZXhwIjoxNzA5MzAyOTUwLCJjbmYiOnsiamt0IjoiYnRJRWUzbUZuakRFbzZVWnF4WHhEeFJQeFN1akhlaVRCNXlTbmwxWlRPbyJ9fQ.qHNZYv_sgkS2FSJ5mAmlhztEQiG9YE57RqZZKE8pIFBUxM8SPENq3WPEyha4hemaapsz-4aFLnaXEXU3qChCrg
Slug: account-5ca14abc
Content-Type: application/json
X-Correlation-ID: 5ca14abc-fa1f-485c-8606-602b43845a38
Content-Length: 54
{"email_address": "[email protected]"}
HTTP/1.1 200 OK
Date: Fri, 01 Mar 2024 13:22:30 GMT
Content-Length: 0
Connection: keep-alive
x-request-id: adc93374-0492-48c6-8a5e-36c85747b272
x-correlation-id: 5ca14abc-fa1f-485c-8606-602b43845a38
3.3: Creating a user on your storage service (Distri)
Creating a user on this service will allow you to store data and manage access to that data for that user.
PUT /subjects/https%3A%2F%2Fsandbox-use.id%2Faccount-5ca14abc HTTP/1.1
Host: storage.sandbox-use.id
Authorization: DPoP eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ3NGMxZGZlLTFhNDEtNGEyMC1hNDJkLWZmYzBmMmJkZGE5OCIsInR5cCI6Imp3dCJ9.eyJzdWIiOiJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwic3ViX3dlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsIndlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsImF1ZCI6WyJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwic29saWQiXSwic2NvcGUiOiJyZWdpOnVzZWlkOmFsbCBjb2duaTp1c2VpZDphbGwiLCJpc3MiOiJodHRwczovL2lkcC5zYW5kYm94LXVzZS5pZC8iLCJhenAiOiJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwiYXpwX3dlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsImlhdCI6MTcwOTI5OTM1MCwiZXhwIjoxNzA5MzAyOTUwLCJjbmYiOnsiamt0IjoiYnRJRWUzbUZuakRFbzZVWnF4WHhEeFJQeFN1akhlaVRCNXlTbmwxWlRPbyJ9fQ.qHNZYv_sgkS2FSJ5mAmlhztEQiG9YE57RqZZKE8pIFBUxM8SPENq3WPEyha4hemaapsz-4aFLnaXEXU3qChCrg
dpop: eyJhbGciOiJFUzI1NiIsImp3ayI6eyJhbGciOiJFUzI1NiIsImNydiI6IlAtMjU2Iiwia3R5IjoiRUMiLCJ4IjoiTm1WNDZQQ3NKd0E5cXB1bjF5S29yTHR6MWh2TjJTZko3eHRTYlJOUlAwdyIsInkiOiIzTDI3TjRONFd3LVBBaVd6VXZqWjZRcW96b2RSRGxSYkREREFTbTVwZ1dvIn0sInR5cCI6ImRwb3Arand0In0.eyJhdGgiOiJ2d1d6bnN1SGROZ1hPb3A3S2kyWWRqUmk0VmJzMzNQOGxIaEZ0SU5iNzVnIiwiaHRtIjoiUFVUIiwiaHR1IjoiaHR0cHM6Ly9zdG9yYWdlLnNhbmRib3gtdXNlLmlkL3N1YmplY3RzL2h0dHBzJTNBJTJGJTJGc2FuZGJveC11c2UuaWQlMkZhY2NvdW50LTVjYTE0YWJjIiwiaWF0IjoxNzA5Mjk5MzUwLCJqdGkiOiIyZWY5NzdlMy03NzdiLTQyODctOWM5YS1kZTk3MmE3Y2IxNWEifQ.IcuBe9UzJcWXGReDQinTzOy2lBbT0uXSFlo6tAWWSu0n7hYVbfqd1K4bjbNXMW_gSY5Iea10_tquCYvmH5zbcg
X-Correlation-ID: 5ca14abc-fa1f-485c-8606-602b43845a38
Content-Length: 0
HTTP/1.1 200 OK
Date: Fri, 01 Mar 2024 13:22:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: adc93374-0492-48c6-8a5e-36c85747b272
x-correlation-id: 5ca14abc-fa1f-485c-8606-602b43845a38
Part 4: Creating custom data types for you and your users
Before you can store data in the storage service (Distri), you will need to add your own data types to it. This prevents users or authorized app from storing just any type of data.
PUT /types/https%3A%2F%2Fuse.id%2Ftypes%2FMyCustomType HTTP/1.1
Host: storage.sandbox-use.id
Authorization: DPoP eyJhbGciOiJFUzI1NiIsImtpZCI6ImQ3NGMxZGZlLTFhNDEtNGEyMC1hNDJkLWZmYzBmMmJkZGE5OCIsInR5cCI6Imp3dCJ9.eyJzdWIiOiJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwic3ViX3dlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsIndlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsImF1ZCI6WyJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwic29saWQiXSwic2NvcGUiOiJyZWdpOnVzZWlkOmFsbCBjb2duaTp1c2VpZDphbGwiLCJpc3MiOiJodHRwczovL2lkcC5zYW5kYm94LXVzZS5pZC8iLCJhenAiOiJodHRwczovL3dlYmlkLnNhbmRib3gtbXktbW92ZS5hcHAvIiwiYXpwX3dlYmlkIjoiaHR0cHM6Ly93ZWJpZC5zYW5kYm94LW15LW1vdmUuYXBwLyIsImlhdCI6MTcwOTI5OTM1MCwiZXhwIjoxNzA5MzAyOTUwLCJjbmYiOnsiamt0IjoiYnRJRWUzbUZuakRFbzZVWnF4WHhEeFJQeFN1akhlaVRCNXlTbmwxWlRPbyJ9fQ.qHNZYv_sgkS2FSJ5mAmlhztEQiG9YE57RqZZKE8pIFBUxM8SPENq3WPEyha4hemaapsz-4aFLnaXEXU3qChCrg
dpop: eyJhbGciOiJFUzI1NiIsImp3ayI6eyJhbGciOiJFUzI1NiIsImNydiI6IlAtMjU2Iiwia3R5IjoiRUMiLCJ4IjoiTm1WNDZQQ3NKd0E5cXB1bjF5S29yTHR6MWh2TjJTZko3eHRTYlJOUlAwdyIsInkiOiIzTDI3TjRONFd3LVBBaVd6VXZqWjZRcW96b2RSRGxSYkREREFTbTVwZ1dvIn0sInR5cCI6ImRwb3Arand0In0.eyJhdGgiOiJ2d1d6bnN1SGROZ1hPb3A3S2kyWWRqUmk0VmJzMzNQOGxIaEZ0SU5iNzVnIiwiaHRtIjoiUFVUIiwiaHR1IjoiaHR0cHM6Ly9zdG9yYWdlLnNhbmRib3gtdXNlLmlkL3R5cGVzL2h0dHBzJTNBJTJGJTJGdXNlLmlkJTJGdHlwZXMlMkZNeUN1c3RvbVR5cGUiLCJpYXQiOjE3MDkyOTkzNTEsImp0aSI6IjcwYTRjMjE1LWE5MTktNDM1Mi1iNTYxLTUyMWYyMTk4N2YwMSJ9.FrmLVqv7m37yR6g4SBmWFdGnXCcyvd0Cla_wOXuhANOOEa3yfZWq9-Nw3zRdkeuOsdTWObnqXHFeabZGUzpXEg
X-Correlation-ID: 5ca14abc-fa1f-485c-8606-602b43845a38
Content-Length: 0
HTTP/1.1 200 OK
Date: Fri, 01 Mar 2024 13:22:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: use.id
x-request-id: b04725a0-b8ff-416e-912a-cfaf9571ccdf
x-correlation-id: 5ca14abc-fa1f-485c-8606-602b43845a38
Updated 5 months ago