Overview
NRDEX is designed to expose governed machine-to-machine services between approved institutions. Providers publish services and consumers call them through approved exchange pathways.
Service design expectations
- Define each service around a clear institutional business purpose
- Publish stable request and response contracts
- Use versioned endpoints or versioned service identifiers
- Document error responses and retry guidance
- Avoid exposing internal implementation details
Integration model
- A provider defines a service and approval scope.
- The service is registered in the exchange environment.
- A consumer is authorized for the service.
- Traffic flows through the approved secure exchange path.
Recommended documentation fields
- Service name
- Service owner
- Consumer eligibility
- Request schema
- Response schema
- Validation rules
- Error codes
- Rate or throughput constraints
- Support contact
Example request contract
{
"request_id": "req-2026-0001",
"subject_nid": "1990123456789",
"purpose_code": "identity_verification"
}
Example response contract
{
"request_id": "req-2026-0001",
"status": "verified",
"matched": true,
"timestamp": "2026-05-16T10:00:00Z"
}
Publishing rules and guidelines
No production service should be expublishing guidelinesposed through NRDEX unless its owning institution has approved the service definition, legal basis, and access conditions.
OpenAPI v3
For API services, use OpenAPI v3 to document the service contract.