Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleUsing the EDI4STEEL supplied API

EDI4STEEL simplifies the use of an access point by providing an API for the participants. This API will:

  • Handle the access point communication

  • Generate the corresponding DeliveryMessage content

  • Handle the hashing of the payload

  • Handle encrypting of the hash with the domains private key

  • Provide payload storage and generate URL’s for those payloads that are required by the access point

What are the advantages of using this service?

It won’t be necessary to understand eDelivery/AS4 messages nor it’s infrastructure. This lowers implementation costs and provides tools for message security, like hashing and encrypting.

The communication flow between the sender and receiver is shown in the following flowchart.

Image RemovedImage Added

To use the API, please contact EDI4STEEL. Provide the following information:

  • Your company name

  • Your GLN

  • Whether you want to use encryption or not.

After that you can implement the API. More documentation on the calls can be found here.

Expand
titleUsing the EDI4STEEL supplied SaaS accesspoint

EDI4STEEL maintains an access point that is used by the previous discussed API. This accesspoint will also allow direct communication/implementation.

Using the accesspoint directly means:

  • increasing the speed of messages

  • having full control of message handling.

On the other hand

  • you need some basic knowledge of eDelivery/AS4

  • you handle encryption/hashing yourself

  • you handle future changes made to the accesspoint

  • you have to have an online storage location for the payloads.

The communication flow between the sender and the receiver is shown in the following flowchart.

Image RemovedImage Added

 How to talk to SAAS accesspoint directly?

  1. Upload per communication the XML payload to a publicly accessible location. The receiving accespoint then downloads the XML payload like a user downloads a file with an internet browser with the https method GET on a url. An example of the payload is found here.

  2. Optional: Create an SHA256 hash of the complete XML payload. Currently edi4steel only uses SHA265.

  3. Optional: Enable the receiver to check if it was you who actually send the payload and not a third (malicious) party. To do this, you encrypt the generated hash with a private key that belongs to a publicly accessible domain. This is generated with a RSA algorithm. Set this encrypted hash in “Hash” value of the delivermessage.
    Since you are the sender, this has to be the certificate of your publicly accessible domain you have the private key of.
    More on this topic here.

  4. Generate per communication a SubmitMessage. Here is an example.

  5. Create a HTTPS POST call to https://ap-saas.edi4steel.eu/msh/submit with content type application/octet-stream that has the SubmitMessage as body. Code would look similar to the following code:

    Code Block
    languagec#
    private void SendXMLMessageToAccesspoint(string xml)
    {
      byte[] xmlAsBytes = Encoding.UTF8.GetBytes(xml);
      
      string msh = "https://ap-saas.edi4steel.eu/msh/submit";
      var request = WebRequest.Create(msh) as HttpWebRequest;
      request.Method = "POST";
      request.ContentType = "application/octet-stream";
      request.ContentLength = xmlAsBytes.Length;
      
      var requestStream = request.GetRequestStream();
      requestStream.Write(xmlAsBytes, 0, xmlAsBytes.Length);
      requestStream.Close();
    }

 To use the API, please contact EDI4STEEL. Provide the following information:

  • Your company name

  • Your GLN

  • What kind of message you send

  • Whether you want to use encryption or not

AP SaaS

The AP SaaS (Software As A Service) is ment for participant that do not use Staalweb. Staalweb is a product used by customers from INAD.

...