Architecture

Sedex provides its existing authorization information through an authorization web service. This allows authorized third-party providers, especially those who make their web services accessible through the sedex Webservice Proxy, to utilize the certificate-based sedex authorization infrastructure.

The service allows authorization based on the following query parameters:

• sedex Message Type: Each sedex message has a specific message type. Users must have the appropriate rights on the sedex platform to send or receive messages of a particular type. For example, messages for the "UPI Query Interface" have the message type 85.
• Identifier of the physical sedex Sender (for possible identifier see Using External Authorization Services)
• sedex ID of the logical sedex Sender (optional)
• Identifier of the sedex Receiver (for possible identifier see Using External Authorization Services)

The identifiers for senders and receivers can be:

• sedex ID: Each sedex participant has a specially defined sedex ID used for addressing. An example of such a sedex ID is "3-207-1".
• sedex Certificate: The sedex Webservice Proxy adds the valid X.509 certificate of the sedex participant to a secure web service call (via HTTPS). This certificate can be used by the web service provider to identify a client.

Schematic Overview