NEW
Report & API Now Live! Data insights report and open data API endpoints live as of September 23, 2025

ToIP Trust Registry QueryProtocol version 2.0 Specification

type
Standard
Documentation

Description

Description
Source

The ToIP Trust Registry Query Protocol (TRQP) is a standardized protocol designed to enable interoperable querying of trust registries within digital identity ecosystems. This protocol provides a consistent way to access authoritative information about trust relationships and authorizations across different trust communities.

At its core, the TRQP enables participants to query whether specific entities hold particular authorizations within a defined governance framework. It acts as a bridge between governance frameworks and technical implementations, allowing systems to programmatically verify trust relationships.

Key features include:

  • Read-only query operations for checking entity status and authorizations
  • Support for discovering related trust registries
  • Configuration and metadata queries about supported capabilities
  • Registry-of-registries functionality to enable transitive trust
  • Standardized response formats and error handling

The protocol is intentionally simple to facilitate rapid integration while maintaining security and governance alignment. It focuses solely on retrieving information, with all create/update/delete operations handled by underlying systems of record.

Purpose and Scope:

  • Provides a standardized interface for querying trust registry information
  • Enables verification of entity authorizations within governance frameworks
  • Supports discovery of trust relationships between registries
  • Limited to read-only operations to maintain simplicity

Key Technical Specifications:

  • Uses REST/HTTP interface with OpenAPI specification
  • Requires HTTPS endpoints for all implementations
  • Supports point-in-time historical queries
  • Returns standardized status values and timestamps
  • Implements standardized error codes and handling

Implementation Requirements:

  • Must maintain service at specified HTTPS URI
  • Must support entity authorization status queries
  • Must return standardized response formats
  • Must include required timestamp values
  • Must implement specified error handling

Security Considerations:

  • All endpoints must use HTTPS
  • Implementations may restrict access through authentication
  • Response data must be cryptographically verifiable
  • Governance frameworks define access control policies

Interoperability Features:

  • Standardized query/response formats
  • Common status values and error codes
  • Support for multiple authorization types
  • Registry-of-registries capability
  • Service profile support for capability discovery

Current Adoption Status:

  • Specification is currently in implementers draft status
  • Open for community feedback through 2024-06-03
  • Multiple reference implementations in development
  • Growing adoption within ToIP Foundation community

Statistics

Projects Following
Source
0

Under Management at

Project
Website
Source

Projects Following or working on this Standard

If you are featured in the Web of Trust Map and wish to exercise your GDPR rights, including the right to be forgotten, visit the privacy policy page