A Solid token granted to the authorisation agent of the data subject. More specifically, the data subject's WebID contains a triple referencing the URI of his/her authorisation agent. This URI must be in either the sub or azp claim of the token.

The DPoP proof of this token.

If provided, this string will be set as the value of the X-Request-ID response header.

If provided, this string will be set as the value of the X-Correlation-ID response header.

A comma separated list of URIs that identify the legal bases for which data is being read. For example https://w3id.org/dpv#PublicInterest.

A URL that leads to an image of how the current authorisation screen looks like.

If provided, this value will be used in the response to enable cross origin resource sharing.