...
curl -s: fetches the JWT,-ssilences progress.cut -d '.' -f2: extracts the payload from the JWT (middle part).tr '_-' '/+': translates Base64URL alphabet into standard Base64.base64 -d: decodes the payload.jq .: pretty-prints the JSON.
Nodes
The following base nodes are operated by the federation operator and form the core of the Swefed OIDF Sandbox. These nodes provide the trust anchor, resolution services, and supporting infrastructure.
Additional nodes such as OpenID Providers (OPs), Relying Parties (RPs), and further intermediates are contributed and managed by Sandbox participants.
Trust Anchor
- URL:
https://trust-anchor.oidf.swefed.se - Role: Root of trust. Publishes federation policies and signing keys.
- Provides federation endpoints:
fetch,list,resolve.
...
- All nodes expose their Entity Configuration at
/.well-known/openid-federation. - Trust chains must always be validated against the Trust Anchor.
- JWT signatures must be verified with the published keys from trusted entities.
- Trust Marks must be validated against with the Trust Mark Issuer’s published metadatakeys, provided the issuer’s trust chain resolves to the Trust Anchor.
Entity Integration
This section explains how to connect an entity to the Swefed Sandbox Trust Infrastructure. It covers metadata exposure, configuration of trust anchors, authority hints, and trust marks.
...