This endpoint of Virgil Card Service creates a Virgil Card entity.
The Virgil Card has the following parameters:
This Parameter must contain a Base64-encoded public key value in DER or PEM format.
This parameter determines a Virgil Card's scope that can be either 'global' or 'application'. Application Virgil Cards are accessible only within the application they were created within. Global Virgil Cards are available in all the applications.
This parameter must be 'email' for a confirmed Virgil Card and can be any value for a segregated one.
Must be a valid email for a confirmed Virgil Card with an
identity_type of 'email' and can be any value for a segregated one.
This parameter is an associative array that contains application specific parameters. All keys must contain static characters and digits only. The length of keys and values must not exceed 256 characters. Please note that more than 16 data items cannot be persisted at a time.
This parameter is an associative array with predefined keys that contain information about the device on which the keypair was created. The keys are always
device and the values must not exceed 256 characters. Both keys are optional but at least one of them must be specified, if the info parameter is specified.
This parameter is mandatory to authorize the creation of a Virgil Card by the Virgil Card holder or by the authorized application. The signs parameter must always contain either the Virgil Card holder's signature, the application signature, or the Virgil Registration Authority Service signature (or both). The signed_digest is calculated as a 'BASE64_ENCODE(SIGN(FINGERPRINT, PRIVATE_KEY))'. The private key must belong to the Virgil Card holder, the Application, or the Virgil Registration Authority service. The signs parameter must always contain signature of the Virgil Registration Authority service to create a Virgil Card with
scope - 'global'.
This is a Base64-encoded string with a JSON representation of the Virgil Card data required for an operation '(contentSnapshot = BASE64(virgilCardJsonData))'. The content_snapshot will be persisted alongside the Virgil Card, and can't be changed during the Virgil Card's lifetime. It can be used by the Virgil Card's owner and the application service, to make sure the Virgil Card's data was not changed by a 3rd-party.
This parameter shows the time that the Virgil Card was created.
Virgil Card Version
Virgil Card ID
This relation entity describes a trusted, one-way relationship between the source Virgil Card specified in the URI, and the destination Virgil Card which the CSR is specified to, in the request body.
* — These parameters are mandatory
- In order to create a confirmed Virgil Card, it's necessary to delegate the card's creation to the Virgil RA service. The Virgil Card will be marked as confirmed as long as the Virgil Identity sign was passed.
- In order to create an unconfirmed, segregated Virgil Card, one must simply set the
scope request parameter to 'application' and pass a valid application sign item in the signs list;
Beware that to create a Global Virgil Card, it's mandatory to perform a call to the Virgil Registration Authority service instead of the Virgil Cards service.
The request that creates a Virgil Card contains two signed items:
- One for the application holder
- One for the application.
After the Virgil Card's endpoint invocation, the signs list is filled with an additional Virgil Cards service sign.
All Virgil Card data is passed in the
content_snapshot parameter, then the Virgil Cards service creates an additional sign item, with its own fingerprint used as a key to prove that it really created the Virgil Card.