1 User web services specification
2 ===============================
4 Source: Provozní řád ISDS, version 2010-11-28, Pages 15–16
5 Source: Webové služby rozhraní ISDS pro manipulaci s datovými zprávami,
6 version 2.31 (2012-09-20)
7 Source: Webové služby ISDS pro vyhledávání datových schránek,
8 version 2.26 (2012-03-15)
11 These services are intended for working with messages inside a box by
14 SOAP web services defined in: dm_operations.wsdl, dm_info.wsdl, db_search.wsdl
15 (Appendix 2 of Provozní řád ISDS)
17 Data types: dmBaseTypes.xsd (Appendix 1)
19 Documentation: DataMessage_ws.pdf, DBSearch_ws.pdf (Appendix 2)
21 List of SOAP requests follows. Those marked with asterisk DOES NOT MARK
22 incoming messages as delivered. Those marked with plus has access to envelopes
30 Constraints: Client must be authenticated in Access Manager
33 Create and send a message
34 CreateMultipleMessage (*)
35 Create and send a message to multiple recipients
37 Download incoming message
39 Download incoming message with digital signature of ministry of interiors
40 SignedSentMessageDownload
41 Download outgoing message with digital signature of ministry of interiors
42 AuthenticateMessage (*+)
43 Submit local message copy to ISDS to confirm message authenticity
45 Void operation used to log in and to keep connection alive
52 Constraints: Client must be authenticated in Access Manager
55 Verify local copy of message with remote original stored in ISDS
56 MessageEnvelopeDownload (+)
57 Download envelope of incoming message
58 MarkMessageAsDownloaded (*)
61 Mark commercial message as accepted by recipient
63 Remove message from long term storage
65 Download info-sheet about message post and delivery
66 GetSignedDeliveryInfo (+)
67 Download info-sheet about message post and delivery with signature of
69 GetListOfRecievedMessages
70 Download list of incoming messages
72 Download list of outgoing messages
74 Get details about sender
75 GetMessageStateChanges
76 Download list of outgoing messages that changed state
85 Find boxes conforming to search criteria
87 Return state of given box
91 Get rules for sending commercial messages from given box
97 Create and send a message.
99 Envelope of outgoing message must contain dbIDRecipient and dmAnnotation.
100 Other elements are optional (dmRecipientOrgUnit, dmRecipientOrgUnitNum,
101 dmSenderOrgUnit, dmSenderOrgUnitNum, dmToHands, dmPersonalDelivery,
102 dmAllowSubstDelivery, dmRecipientRefNumber, dmRecipientIdent,
103 dmSenderRefNumber, dmSenderIdent, dmLegalTitleLaw, dmLegalTitleYear,
104 dmLegalTitleSect, dmLegalTitlePar, dmLegalTitlePoint, dmOVM, dmPublishOwnID).
106 Outgoing message envelope can specify dmType to declare subtype of commercial
107 message. If dmType is `I', then dmSenderRefNumber must be defined. If dmType
108 is `O', then dmRecipientRefNumber must be defined.
110 Constraints: Sender must have PRIVIL_CREATE_DM permission.
111 Constraints: Exactly one document in message must be main type.
112 Constraints: Total size of all documents must not be bigger than 10 MB.
114 Identifier of just sent message assigned by system is returned.
117 0000 Message sent successfully
118 Non-normative error codes:
119 1214 Document description is not a file name with acceptable file name
121 1214 Document description extension does not match document content
122 1214 Provided MIME type does not match document
123 2010 First document structure invalid
124 2032 Message does not carry any document
125 9005 Message not valid (probably)
127 In case of positive virus detection (processed after sending), infected
128 document is removed, message state is set to value 3 (from point of view of
129 recipient) and sender get new message originated by server.
132 CreateMultipleMessage (*)
133 =====================
135 Create and send a message to multiple recipients.
137 Input composes of nonempty list of recipients (maximal count is 50),
138 one envelope (different from envelope for CreateMessage, misses elements from
139 dmRecipient) and list of documents to send to all of them to each recipient.
141 Only dbIDRecipient and dmToHands are mandatory. Other dmRecipient children are
145 CreateMultipleMessage
148 | | + dbIDRecipient – recipient box ID
149 | | + dmRecipientOrgUnit
150 | | + dmRecipientOrgUnitNum
151 | | + dmToHands – can be empty, but must not missing
155 | + <other elements, usually empty>: dmSenderOrgUnit, dmSenderOrgUnitNum,
156 | | dmAnnotation, dmRecipientRefNumber, dmSenderRefNumber,
157 | | dmRecipientIdent, dmSenderIdent, dmLegalTitleLaw,
158 | | dmLegalTitleYear, dmLegalTitleSect, dmLegalTitlePar,
159 | | dmLegalTitlePoint, dmPersonalDelivery, dmAllowSubstDelivery
161 | + dmPublishOwnID – optional
164 It's not possible to send commercial message to multiple recipients. Though the
165 dmEnvelope has @dmType attribute, so it should be possible to send a commercial
166 message to one recient using CreateMultipleMessage service.
168 ISDS outputs list of assigned message IDs (each copy gets independent ID),
169 list of sent status for each message ID and one cumulative status of
170 whole CreateMultipleMessage operation.
172 If operation fails before replicating messages for each recipient
173 (i.e. sending), global error code will be non-zero. If operation fails on some
174 message copies (i.e. while sending) special global error code 0004 will be
175 returned and erroneous recipients can be gather by recipient specific error
176 code (failed ones will have non-zero code). If all messages are sent
177 successfully, global error code will be 0000.
180 CreateMultipleMessageResponse
183 | | + dmID – assigned message ID, optional, missing if error occurred
184 | | + dmStatus – message local error code and textual description
187 + dmStatus – global error code and textual description
190 0000 Messages sent successfully
191 0004 Some message failed while sending
197 Retrieve incoming message identified by message ID.
199 This service can return message without digital time-stamp (more precisely
200 with empty dmQTimesamp element, see schema).
202 Commercial message has set dmReturnedMessage/@dmType="K".
205 0000 Message sent successfully
206 Non-normative error codes:
207 1219 Message with ID does not exist in ISDS in current box.
210 SignedMessageDownload
211 =====================
213 Download incoming message with digital signature of ministry of interiors
214 identified by message ID.
216 Return PKCS#7 structure containing data as defined in MessageDownload and
217 digital signature of the message by ministry.
219 The data are XML document with mangled ISDS name space:
220 http://isds.czechpoint.cz/v20/ vs. http://isds.czechpoint.cz/v20/message:
222 <q:MessageDownloadResponse
223 xmlns:q="http://isds.czechpoint.cz/v20/message">
224 <q:dmReturnedMessage>
225 <p:dmDm xmlns:p="http://isds.czechpoint.cz/v20">
226 <p:dmID>151916</p:dmID>
229 <q:dmHash algorithm="SHA-1">...</q:dmHash>
231 <q:dmAttachmentSize>260</q:dmAttachmentSize>
232 </q:dmReturnedMessage>
233 </q:MessageDownloadResponse>
236 SignedSentMessageDownload
237 =========================
239 Download outgoing message with digital signature of ministry of interiors
242 Return PKCS#7 structure containing data as defined in MessageDownload and
243 digital signature of the message by ministry.
245 The data are XML document with mangled ISDS name space:
246 http://isds.czechpoint.cz/v20/ vs. http://isds.czechpoint.cz/v20/SentMessage:
248 <q:MessageDownloadResponse
249 xmlns:q="http://isds.czechpoint.cz/v20/SentMessage">
250 <q:dmReturnedMessage>
251 <p:dmDm xmlns:p="http://isds.czechpoint.cz/v20">
252 <p:dmID>151916</p:dmID>
255 <q:dmHash algorithm="SHA-1">...</q:dmHash>
257 <q:dmAttachmentSize>260</q:dmAttachmentSize>
258 </q:dmReturnedMessage>
259 </q:MessageDownloadResponse>
262 GetListOfRecievedMessages
263 =========================
265 Download list of incoming messages matching search criteria.
267 See GetListOfSentMessages for more details.
270 GetListOfSentMessages
271 =====================
273 Download list of outgoing messages matching search criteria.
275 Criteria are: delivery time not before, not after, organisation unit number of
276 sender, message status filter, offset of first message in a list and limit on
277 number of messages to get.
279 Message status filter is union of distinct message states expressed as
280 exponents of 2. Effectively it's a polynom \sum_{x \in message_statux} 2^x.
281 Special value -1 means all messages. Meaning for value 1 or 0 is undefined.
283 Messages are sorted in order of delivery time. Message type is stored in
286 Offset starts on 1. Limit defaults to 1000.
288 Non-normative error codes:
289 2017 Syntax error in date-time
295 Get information about sender as un user of given message.
297 Input is mandatory message identifier. Output is optional userType and
300 userType (unknown and undefined for older messages) is type of user who has
301 sent the message. Be ware there is special additional type `VIRTUAL'. Be ware
302 the userType is a string unconstrained by XML schema:
305 --------------------------------------------------------------------------
306 PRIMARY_USER The sender was a owner of the box
307 ENTRUSTED_USER The sender was an entrusted user associated to the box
308 ADMINISTRATOR The sender was administrator assiciated to the box
309 OFFICIAL The sender was ISDS (for system messages)
310 VIRTUAL The sender was an application authenticated by `system'
313 Non-normative: New user types OFFICIAL_CERT and LIQUIDATOR are not listed in
314 official documentation for this service. However LIQUIDATOR is said to be
315 equivalent to PRIMARY_USER and PRIMARY_USER can send messages, thus I conclude
316 these two now user types can occur in output of this service.
318 authorName is a name of user logged into senders box (not a login name) if
319 sender allowed to reveal his name explicitely.
322 GetMessageStateChanges
323 ======================
325 Download list of outgoing messages that changed state in given time range.
327 If a message changed state multiple times, it is listed more times. Only
328 changes from state 2 to 4, from 4 to {5, 6, 8} are reported. Only recent
329 changes (not older than 15 days currently) are reported.
331 This service is designed for polling state changes of sent messages.
333 Input are start (dmFromTime element) and end (dmToTime element) ISO times.
334 Empty dmFromTime meands since last 15 days, empty dmToTime means till now.
336 Non-normative: Server does not report changes recent more than one hour.
338 Output is list of records with message state changes. The order of records is
342 GetMessageStateChangesResponse
343 + dmRecords – optional, possibly empty element
344 | + dmRecord – one state change
345 | | + dmId – identifier of message that changed state
346 | | + dmEventTime – ISO time of state change
347 | | + dmMessageStatus – new message state in numeric notation
350 + dmStatus – global error code and textual description
353 AuthenticateMessage (*+)
356 Allows to verify message authenticity by providing copy to ISDS.
358 Only signed message encapsuleted into CMS structure with digital signature can
359 be verified by this service. Client pass the raw message in Base64 encoding to
360 ISDS, system performs checks and return boolean value: true if message has
361 not been modified and has been delivered through ISDS, false if message
362 has is unkown to ISDS. In both cases 0000 error code will be returned.
364 If message cannot be processed (e.g. broken CMS or XML syntax) or message
365 contains has been signed by non-ISDS certificate or other error, non-zero
366 error code will be returned.
372 Retrieve message hash (dmHash element) for given message from ISDS.
374 Works for not yet deleted messages only.
376 Only SHA-1 algorithm is in use currently. SHA-2 family is expected after
379 Hash input is isds:dmDM subtree processed as raw bit stream without XML
380 canonicalization. Authoritative isds:dmDM element can be get via
381 MessageDownload service. God bless ISDS developers to not change XML
384 Non-normative error codes:
385 1219 Message with ID does not exist in ISDS.
388 MessageEnvelopeDownload (+)
389 =======================
391 Download envelope of incoming message. That is message without documents.
392 Message type is stored in dmReturnedMessageEnvelope/@dmType.
394 Returned hash and time-stamp are computed from whole message. You must get
395 complete message including documents to be able to verify them.
398 MarkMessageAsDownloaded (*)
399 =======================
401 Change status of a message identified by its ID as read.
403 That means next GetListOfRecievedMessages service can exclude such message if
404 only unread messages requested.
410 Mark commercial message as accepted by recipient.
412 XXX: This service has been removed from ISDS because commercial messages get
413 accepted by logging-in (since 2011-11).
415 Changes message state from delivered (4) to accepted (6). Applicable only to
416 commercial messages. Messages from public offices (municipalities, government
417 etc.) are accepted automatically by log-in on interactive web portal or by
418 triggering most of SOAP operations.
420 Must be called before downloading (signed or unsigned) incoming message
421 [Signed]MessageDownload.
427 Delete a message from long term storage (know as data safe formerly).
429 Input is message ID in `dmID' element and boolean in `dmIncoming' element
430 (true for incoming message, false for outgoing mesage).
432 Output is standard `dmStatus' subtree.
434 Only message in long term storage can be removed on user request through
435 this service. Other message cannot be removed on request, they get removed
436 automatically after 90-days period.
439 1211 The message belongs to other (= not currently logged-in user) box
440 1218 Insufficient permissions (PRIVIL_ERASE_VAULT) to remove the message
441 1219 The message is not in long term storage or is not incoming or
442 outgoing as requested.
448 Download info-sheet about incoming or outgoing message post and delivery or
449 deliver impossibility. The message is specified by message ID.
451 It returns complete message envelope, hash, time-stamp. Delivery time and
452 acceptance time only if message has been delivered to recipient box or
453 accepted by recipient. Precise status of message is returned too.
455 In addition, non-empty list of events is attached. Each event compounds of
456 ISO time and text description. The text description has well-known prefix to
457 distinguish the event meaning. Following prefixes are defined:
460 -----------------------------------------------------
461 EV0: Message enterend into ISDS
462 EV1: Message has been accepted by recipient action
463 EV2: Message has been delivered to box and is considered as accepted by
464 no-user-action time out (through fiction)
465 EV3: Recipient box has been made inaccessible retrospectively
466 (even after successful delivery or acceptance,
467 this event is retroactive). In this case special system-generated
468 message is sent to sender in addition.
469 EV4: Commercial message has been accepted by recipient confirmation
470 EV5: Message has been delivered into recipent box
471 EV11: Primary user has logged into his box
472 EV12: Entrusted user havin permission to read this message has logged in
473 EV13: Application (not a human) has logged into box using `system'
477 GetSignedDeliveryInfo (+)
478 =====================
480 Download info-sheet about incoming or outgoing message post and delivery or
481 deliver impossibility as signed PKCS#7 structure. See GetDeliveryInfo for
482 details about returned data.
484 The PKCS#7 structure carries digital signature made by ministry of interiors.
486 There is mangled namespace again: http://isds.czechpoint.cz/v20/ vs.
487 http://isds.czechpoint.cz/v20/delivery:
489 <q:GetDeliveryInfoResponse xmlns:q="http://isds.czechpoint.cz/v20/delivery">
491 <p:dmDm xmlns:p="http://isds.czechpoint.cz/v20">
492 <p:dmID>170272</p:dmID>
495 <q:dmHash algorithm="SHA-1">...</q:dmHash>
497 </q:dmEvents>...</q:dmEvents>
499 </q:GetDeliveryInfoResponse>
505 Find boxes conforming to search criteria or exact ID and return corresponding
506 (possibly truncated) list of boxes.
508 Returned boxes exist, but it does not mean they can receive messages. Use
509 CheckDataBox to figure out.
511 There are three different search cases distinguished in this order:
513 – If dbID is filled in request, it will search for exact box only, other
514 criteria will be ignored.
516 – If identifier and registryCode are filled, it will search for exact
517 box only, other criteria will be ignored.
519 – Otherwise search against other criteria.
521 Returns list of boxes (possibly empty).
523 List can be truncated or search request refused because of not enough
524 specific criteria to protect user privacy. There are following constrains
525 differentiated by box type now:
527 Gross Box type Constraints (required search criteria)
528 ------------------------------------------------------
529 FO pnLastName or pnLastNameAtBirth
530 PFO ic or pnLastName or pnLastNameAtBirth
531 PO ic or prefix (at least 3 characters) of firmName
532 OVM ic or prefix of firmName
534 String search criteria are matched case insensitive (except dbID). Strings are
535 compared to prefix. Except firmName, adCity, adStreet and biCity that are
536 matched as substrings.
538 Search results depends or logged-in user type. Users of boxes with open
539 addressing can search other open-addressing boxes, otherwise only OVM type
540 boxes can be searched. Search based on exact box identifier finder unlimited.
543 0002 No box suits to search request (by other criteria)
544 0003 To much boxes suit to search request (by other criteria),
545 response truncated. Returned list of boxes is still valid.
546 5001 No such box exists (by box ID or registry identifier)
547 Non-normative error codes:
548 1101 Box type (dbType) must be specified
549 2017 Syntax error in date (biDate)
555 Return state of one box identified by dbID.
557 State of the box is stored in dbStatus element. Only state 1 means box is
558 capable of receiving messages.
561 5001 Box does not exist
563 2011 Box ID malformed
569 Get comma-separete list of all boxes of given type.
571 Input is type of boxes of interrest (dblType element):
573 Value Description File name Permission
574 -------------------------------------------------------------------------------
575 ALL All types of boxes actdsYYYYMMDD.csv OVM or OVM_REQ user
576 authenticated by commercial
577 certificate or user with
578 PRIVIL_BILLING permission
579 UPG Effectively OVM boxes effovmYYYYMMDD.csv Anybody
580 OVM OVM gross type boxes ovmYYYYMMDD.csv PRIVIL_BILLING only
581 OPN Boxes that allow to opendsYYYYMMDD.csv PRIVIL_BILLING only
585 Output is Base64-encoded ZIP file containing a file with name from the table.
586 The Base64 string is stored in dblData element. The name of the file embeds
587 date of list creation (Y is year digit, M is month, D is day).
589 The file is created once per a day and its format is following comma-separate
593 ----------------------
606 adNumberInMunicipality
612 The inner file is encoded in UTF-8. First line of the file is a header. Each
613 next line is a box. If a value is undefined, it will be empty. Values in
614 a line are separated by a comma (`,'). If a value contains comma or quotation
615 (`"'), the value will be enclosed into quotes (`"'). If value contains quotes,
616 they will be escaped by a quotes (e.g. `"lazy, ""fox""' means `lazy, "fox"').
619 1004 Operation not permitted
625 Return posibilities of sending commerical messages. Only if one of the
626 possibility is the payer is the recipient (PDZType is `O'), then calling this
627 service will cause marking messages as delivered.
629 Input is `PDZSender' element with a box ID as the only text node child.
631 Ouput is orderer list of rules for sending commercial messages wrapped in
632 dbPDZRecords element. The list can be empty what means no permission is
633 available. Each list item is a subtree:
636 + PDZType – rule type; see below for known values
637 + PDZRecip – only this recipient box ID is possible. Empty value means no
638 | restriction on the recipient.
639 + PDZPayer – the message is payed by this box ID owner
640 + PDZExpire – expiration time of this rule. Empty value means no
642 + PDZCnt – number of remaining commecrial messages that can be sent based
643 | on thid rule. Empty value means no limit.
644 + ODZIdent – identifier referring to message enabling sending pre-paid
645 answer. Must be added as dmRecipientRefNumber into sent message.
647 Non-normative: An example in the specification shows `xsi:nil=“true“' text
648 node instead of empty element. I think this bug in the specificiation.
651 -------------------------------------------------------------------------------
652 D Externally subsidized (undocumented)
653 E Another pre-paid type not yet specified and in use
654 G PDZPayer owner pays for all commercial messages
655 K Commercial message paid by sender based on an agreement with the
657 O Answer on a commercial message is pre-paid by PDZPayer. ODZIdent
658 value must be added into an outgoing message to bind the message to
659 the payer and requesting message.
660 Z Limitedly subsidized (undocumented)
662 XXX: Documentation shows `xsi:nil="true"' text node under PDZRecip element
663 instead of no element.