Policy: Business Partner Groups

Business Partner Group policy

This documentation provides an overview of how to use the Management-API to manage and evaluate Business Partner Group policies. The Business Partner Group policy enables categorizing business partners into groups and defining access- and contract-policies based on their membership. For example, a company can restrict access to certain assets to members of specific groups like "group1" or "group2". This is useful for scenarios where assets or resources are only accessible to specific groups of business partners.

API Endpoints and Usage

Assigning a BPN to Groups

This endpoint assigns a specific BPN to one or more groups. The groups do not need to be created explicitly; they are defined dynamically upon assignment.

Request POST {{Management-API}}/business-partner-groups

Payload Example:

JSON

{
  "@context": {
    "tx": "https://w3id.org/tractusx/v0.0.1/ns/"
  },
  "@id": "BPNL000000000000",
  "tx:groups": [
    "group1",
    "group2"
  ]
}

Checking Group Membership of a BPN

This endpoint retrieves the groups a specific BPN is assigned to. Use this to verify that the assignment was successful.

Request GET {{Management-API}}/business-partner-groups/BPNL000000000000

Response Example:

JSON

{
  "@id": "BPNL000000000000",
  "tx:groups": [
    "group1",
    "group2"
  ]
}

Creating a Business Partner Group Policy

This endpoint defines a policy to evaluate whether a BPN belongs to one or more groups. The policy can later be used in a Contract Definition/Data Offer as an access- or contract-policy. The example below uses the isAnyOf operator to check if a BPN is part of "group1" or "group2".

RequestPOST {{Management-API}}/v3/policydefinitions

Payload Example:

JSON

{
    "@type": "https://w3id.org/edc/v0.0.1/ns/PolicyDefinitionDto",
    "@id": "bpn-group1-and-group2",
    "https://w3id.org/edc/v0.0.1/ns/policy": {
        "@context": "http://www.w3.org/ns/odrl.jsonld",
        "@type": "http://www.w3.org/ns/odrl/2/Set",
        "permission": [
            {
                "action": "USE",
                "http://www.w3.org/ns/odrl/2/constraint": [
                    {
                        "leftOperand": "https://w3id.org/tractusx/v0.0.1/ns/BusinessPartnerGroup",
                        "operator": "http://www.w3.org/ns/odrl/2/isAnyOf",
                        "rightOperand": "group1,group2"
                    }
                ]
            }
        ]
    }
}

The following ODRL operators are supported:

eq: Equal to a value
neq: Not equal to a value
isPartOf: Checks if a value is part of a group
isAllOf: Checks if all values match
isAnyOf: Checks if any value matches
isNoneOf: Ensures no value matches

Last updated 12 days ago

Was this helpful?

{ "@type": "https://w3id.org/edc/v0.0.1/ns/PolicyDefinitionDto", "@id": "bpn-group1-and-group2", "https://w3id.org/edc/v0.0.1/ns/policy": { "@context": "http://www.w3.org/ns/odrl.jsonld", "@type": "http://www.w3.org/ns/odrl/2/Set", "permission": [ { "action": "USE", "http://www.w3.org/ns/odrl/2/constraint": [ { "leftOperand": "https://w3id.org/tractusx/v0.0.1/ns/BusinessPartnerGroup", "operator": "http://www.w3.org/ns/odrl/2/isAnyOf", "rightOperand": "group1,group2" } ] } ] } }