Trading Partners API
The Partners API manages trading partner configurations including AS2 identifiers, endpoint URLs, security preferences, and certificate associations. Partners can exist at two levels: tenant-specific partners and account-level master partners that are inherited by tenants.
Table of Contents
Partner Types
Tenant Partners
Standard partners created and managed at the tenant level:
- Scope: Limited to specific tenant
- Management: Created via
/v1/partners endpoints - Use Case: Tenant-specific trading relationships
- Isolation: Not shared with other tenants
Master Partners (Inherited)
Account-level partners that are automatically inherited by tenants:
- Scope: Shared across all account tenants
- Management: Created via
/v1/accounts/{account}/partners endpoints (see Master Partners API) - Use Case: Common trading partners used by multiple tenants
- Inheritance: Automatically available to all tenants with optional overrides
Partner Resolution Priority
When a tenant accesses partners, the system returns both types with clear identification:
- Tenant-specific partners (created directly for the tenant)
- Inherited master partners (shared from account level)
- Override capability (tenant settings can override master partner configurations)
List Partners
Retrieve paginated list of trading partners with optional filtering.
GET /v1/partners
Query Parameters
| Parameter | Type | Default | Constraints | Description |
|---|
search | string | null | 1-255 characters | Search partner names or AS2 IDs |
active | boolean | null | true/false | Filter by active status |
type | enum | null | tenant, inherited, all | Filter by partner type |
page | integer | 1 | Minimum 1 | Page number |
per_page | integer | 20 | 1-100 | Items per page |
Note: This endpoint returns both tenant-specific partners and inherited master partners. Use the type parameter to filter results.
Response Schema
Partner Object Fields
| Field | Type | Nullable | Description |
|---|
id | string | No | Partner identifier |
name | string | No | Human-readable partner name |
as2_id | string | No | AS2 identifier |
url | string | No | Partner AS2 endpoint URL |
active | boolean | No | Partner active status |
type | enum | No | Partner type (tenant, inherited) |
master_partner_id | string | Yes | Master partner ID (if inherited) |
has_overrides | boolean | No | Whether tenant has custom overrides |
sign | boolean | No | Digital signing enabled |
encrypt | boolean | No | Message encryption enabled |
compress | boolean | No | Message compression enabled |
mdn_mode | enum | No | MDN delivery mode |
sign_algorithm | string | Yes | Digital signing algorithm |
encrypt_algorithm | string | Yes | Encryption algorithm |
created_at | datetime | No | Creation timestamp |
updated_at | datetime | No | Last update timestamp |
Success Response (200 OK)
{
"data": [
{
"id": "prt_000001",
"name": "McKesson Corporation",
"as2_id": "MCKESSON",
"url": "https://as2.mckesson.com/receive",
"active": true,
"type": "inherited",
"master_partner_id": "prt_master_001",
"has_overrides": false,
"sign": true,
"encrypt": true,
"compress": false,
"mdn_mode": "async",
"sign_algorithm": "SHA256withRSA",
"encrypt_algorithm": "AES256_CBC",
"created_at": "2024-01-01T10:00:00.000000Z",
"updated_at": "2024-01-15T14:30:00.000000Z"
},
{
"id": "prt_000002",
"name": "Regional Supplier",
"as2_id": "REGIONAL-SUPPLIER",
"url": "https://regional.supplier.com/as2",
"active": true,
"type": "tenant",
"master_partner_id": null,
"has_overrides": false,
"sign": true,
"encrypt": false,
"compress": true,
"mdn_mode": "sync",
"sign_algorithm": "SHA256withRSA",
"encrypt_algorithm": null,
"created_at": "2024-01-10T15:20:00.000000Z",
"updated_at": "2024-01-12T09:45:00.000000Z"
}
],
"pagination": {
"current_page": 1,
"last_page": 2,
"per_page": 20,
"total": 25,
"from": 1,
"to": 20
}
}
Create Partner
Create a new tenant-specific trading partner configuration.
POST /v1/partners
Note: This creates a tenant-specific partner. To create master partners shared across tenants, use the Master Partners API endpoints at /v1/accounts/{account}/partners.
Request Parameters
Required Parameters
| Parameter | Type | Constraints | Description |
|---|
name | string | 1-255 characters | Human-readable partner name |
as2_id | string | 1-50 characters, no spaces | Unique AS2 identifier |
url | string | Valid HTTPS URL | Partner AS2 endpoint |
Optional Parameters
| Parameter | Type | Default | Constraints | Description |
|---|
sign | boolean | false | - | Enable digital signing |
encrypt | boolean | false | - | Enable message encryption |
compress | boolean | false | - | Enable message compression |
mdn_mode | enum | async | sync, async, none | MDN delivery mode |
sign_algorithm | enum | null | Valid signing algorithm | Digital signing algorithm |
encrypt_algorithm | enum | null | Valid encryption algorithm | Encryption algorithm |
Algorithm Options
Signing Algorithms
| Algorithm | Key Requirements | Security Level | Compatibility |
|---|
SHA1withRSA | 1024+ bit RSA | Low | Legacy systems |
SHA256withRSA | 2048+ bit RSA | Standard | Recommended |
SHA384withRSA | 2048+ bit RSA | Enhanced | High security |
SHA512withRSA | 2048+ bit RSA | High | Maximum security |
Encryption Algorithms
| Algorithm | Key Size | Security Level | Performance |
|---|
3DES | 168-bit | Low | Fast |
AES128_CBC | 128-bit | Standard | Fast |
AES192_CBC | 192-bit | Enhanced | Medium |
AES256_CBC | 256-bit | High | Medium |
Request Example
{
"name": "Acme Corporation",
"as2_id": "ACME-CORP-AS2",
"url": "https://acme.example.com/as2",
"sign": true,
"encrypt": true,
"compress": false,
"mdn_mode": "async",
"sign_algorithm": "SHA256withRSA",
"encrypt_algorithm": "AES256_CBC"
}
Response
Success Response (201 Created)
{
"message": "Partner created successfully",
"data": {
"id": "prt_000002",
"name": "Acme Corporation",
"as2_id": "ACME-CORP-AS2",
"url": "https://acme.example.com/as2",
"active": true,
"sign": true,
"encrypt": true,
"compress": false,
"mdn_mode": "async",
"sign_algorithm": "SHA256withRSA",
"encrypt_algorithm": "AES256_CBC",
"created_at": "2024-01-15T10:30:00.000000Z",
"updated_at": "2024-01-15T10:30:00.000000Z"
}
}
Get Partner Details
Retrieve detailed information about a specific partner including certificates and statistics.
GET /v1/partners/{partner_id}
Path Parameters
| Parameter | Type | Required | Description |
|---|
partner_id | string | Yes | Partner identifier |
Response
Extended Partner Object
Includes additional fields not present in list responses:
| Field | Type | Description |
|---|
certificates | array | Associated certificates |
message_stats | object | Message statistics |
last_message_at | datetime | Last message timestamp |
connection_status | object | Connection health information |
{
"data": {
"id": "prt_000001",
"name": "Acme Corporation",
"as2_id": "ACME-CORP-AS2",
"url": "https://acme.example.com/as2",
"active": true,
"sign": true,
"encrypt": true,
"compress": false,
"mdn_mode": "async",
"sign_algorithm": "SHA256withRSA",
"encrypt_algorithm": "AES256_CBC",
"certificates": [
{
"id": "cert_000001",
"name": "Acme Corp Encryption Certificate",
"type": "partner",
"usage": "encryption",
"subject": "CN=Acme Corp AS2, O=Acme Corporation, C=US",
"active": true,
"expires_at": "2025-01-01T00:00:00.000000Z",
"created_at": "2024-01-01T10:00:00.000000Z"
}
],
"message_stats": {
"total_sent": 1250,
"total_received": 890,
"success_rate": 99.2,
"last_message_at": "2024-01-15T10:00:00.000000Z"
},
"connection_status": {
"last_test": "2024-01-15T09:00:00.000000Z",
"last_test_result": "success",
"response_time_ms": 245
},
"created_at": "2024-01-01T10:00:00.000000Z",
"updated_at": "2024-01-15T14:30:00.000000Z"
}
}
Update Partner
Modify existing partner configuration.
PATCH /v1/partners/{partner_id}
Path Parameters
| Parameter | Type | Required | Description |
|---|
partner_id | string | Yes | Partner identifier |
Request Parameters
All parameters are optional. Only provided fields will be updated.
| Parameter | Type | Constraints | Description |
|---|
name | string | 1-255 characters | Partner name |
url | string | Valid HTTPS URL | AS2 endpoint URL |
sign | boolean | - | Digital signing preference |
encrypt | boolean | - | Encryption preference |
compress | boolean | - | Compression preference |
mdn_mode | enum | sync, async, none | MDN delivery mode |
sign_algorithm | enum | Valid algorithm | Signing algorithm |
encrypt_algorithm | enum | Valid algorithm | Encryption algorithm |
Response
Returns updated partner object with same schema as create response.
Delete Partner
Permanently remove a trading partner and all associated data.
DELETE /v1/partners/{partner_id}
Path Parameters
| Parameter | Type | Required | Description |
|---|
partner_id | string | Yes | Partner identifier |
Response
Success Response (200 OK)
{
"message": "Partner deleted successfully",
"data": {
"id": "prt_000001",
"deleted_at": "2024-01-15T10:30:00.000000Z"
}
}
Deletion Impact
| Resource | Action |
|---|
| Partner record | Permanently deleted |
| Partner certificates | Moved to inactive status |
| Message history | Retained for audit purposes |
| Active messages | Processing continues |
| Future messages | Rejected with PARTNER_NOT_FOUND error |
Test Partner Connection
Validate partner configuration and test connectivity.
POST /v1/partners/{partner_id}/test
Request Parameters
| Parameter | Type | Required | Default | Description |
|---|
test_type | enum | Yes | - | Type of test to perform |
Test Types
| Type | Description | Validation |
|---|
ping | Basic connectivity test | DNS resolution, TCP connection, SSL handshake |
mdn | MDN response test | MDN endpoint validation and response |
full | Complete AS2 handshake | Full AS2 protocol validation |
Response
Success Response (200 OK)
{
"success": true,
"message": "Partner connection test successful",
"data": {
"test_type": "full",
"partner": {
"id": "prt_000001",
"name": "Acme Corporation",
"as2_id": "ACME-CORP-AS2",
"url": "https://acme.example.com/as2"
},
"results": {
"connectivity": "success",
"ssl_validation": "success",
"certificate_validation": "success",
"as2_protocol": "success",
"response_time_ms": 245
},
"timeline": [
{
"step": "DNS resolution",
"status": "success",
"duration_ms": 12,
"details": "Resolved acme.example.com to 203.0.113.10"
},
{
"step": "TCP connection",
"status": "success",
"duration_ms": 89,
"details": "Connected to 203.0.113.10:443"
},
{
"step": "SSL handshake",
"status": "success",
"duration_ms": 144,
"details": "TLS 1.3 connection established"
}
],
"tested_at": "2024-01-15T10:30:00.000000Z"
}
}
Master Partner Inheritance
Understanding Partner Inheritance
When tenants access partners via /v1/partners, they receive:
- Tenant-specific partners - Partners created directly for the tenant
- Inherited master partners - Account-level partners automatically shared
Inherited Partner Behavior
Automatic Inheritance
- All master partners are automatically visible to tenants
- No explicit inheritance step required
- Master partner changes propagate to all tenants immediately
Configuration Override
Tenants can override master partner settings for their specific needs:
PATCH /v1/partners/{inherited_partner_id}
Request Example:
{
"url": "https://tenant-specific.endpoint.com/as2",
"mdn_mode": "sync"
}
Response:
{
"message": "Partner configuration overridden successfully",
"data": {
"id": "prt_000001",
"name": "McKesson Corporation",
"type": "inherited",
"master_partner_id": "prt_master_001",
"has_overrides": true,
"url": "https://tenant-specific.endpoint.com/as2",
"mdn_mode": "sync",
"override_settings": {
"url": "https://tenant-specific.endpoint.com/as2",
"mdn_mode": "sync"
}
}
}
Override Management
View Override Settings:
GET /v1/partners/{inherited_partner_id}/overrides
Reset to Master Configuration:
DELETE /v1/partners/{inherited_partner_id}/overrides
Master vs Tenant Partner Comparison
| Feature | Master Partners | Tenant Partners |
|---|
| Scope | Account-wide | Tenant-specific |
| Sharing | Inherited by all tenants | Isolated to tenant |
| Management | Account admins | Tenant users |
| Certificates | Shared certificates | Tenant certificates |
| Overrides | Tenant can customize | N/A |
| Cost Efficiency | High (shared costs) | Standard |
Best Practices
- Use Master Partners for Common Relationships
- Partners used by multiple tenants
- Standard industry partners (McKesson, Cardinal Health, etc.)
- Corporate trading partners
- Use Tenant Partners for Specialized Relationships
- Tenant-specific suppliers
- Regional partners
- Testing/development partners
- Override Strategically
- Only override when necessary
- Document override reasons
- Review overrides periodically
Partner Certificate Management
List Partner Certificates
GET /v1/partners/{partner_id}/certificates
Upload Partner Certificate
POST /v1/partners/{partner_id}/certificates
| Parameter | Type | Required | Description |
|---|
name | string | Yes | Certificate name |
usage | enum | Yes | encryption, signing, both |
certificate | file | Yes | PEM-formatted certificate file |
Certificate Usage Types
| Usage | Purpose | Key Type | Description |
|---|
encryption | Encrypt outbound messages | Public key | Partner's public key for encryption |
signing | Verify inbound signatures | Public key | Partner's public key for verification |
both | Encryption and signing | Public key | Single certificate for both operations |
Partner Configuration Schema
Complete Configuration Object
{
"id": "prt_000001",
"name": "Acme Corporation",
"as2_id": "ACME-CORP-AS2",
"url": "https://acme.example.com/as2",
"active": true,
"security": {
"sign": true,
"encrypt": true,
"compress": false,
"sign_algorithm": "SHA256withRSA",
"encrypt_algorithm": "AES256_CBC"
},
"mdn": {
"mode": "async",
"url": "https://acme.example.com/as2/mdn",
"signed": true,
"algorithm": "SHA256withRSA"
},
"connection": {
"timeout_seconds": 60,
"retry_attempts": 3,
"retry_interval_seconds": 300
},
"certificates": [
{
"id": "cert_000001",
"usage": "encryption",
"active": true,
"expires_at": "2025-01-01T00:00:00.000000Z"
}
],
"statistics": {
"messages_sent": 1250,
"messages_received": 890,
"success_rate": 99.2,
"last_activity": "2024-01-15T10:00:00.000000Z"
},
"created_at": "2024-01-01T10:00:00.000000Z",
"updated_at": "2024-01-15T14:30:00.000000Z"
}
Validation Rules
AS2 ID Requirements
| Rule | Specification |
|---|
| Length | 1-50 characters |
| Characters | Alphanumeric, hyphens, underscores only |
| Case | Case-sensitive |
| Uniqueness | Must be unique within tenant |
| Format | No spaces or special characters |
Valid AS2 ID Examples
ACME-CORP-AS2SUPPLIER_001PARTNER-PROD-01
Invalid AS2 ID Examples
ACME CORP (contains space)PARTNER@PROD (contains special character)partner-001 (if case-sensitive partner expects uppercase)
URL Requirements
| Rule | Specification |
|---|
| Protocol | HTTPS only |
| Format | Valid URL format |
| Accessibility | Must be publicly accessible |
| Port | Standard HTTPS port (443) or custom |
| Path | Must accept POST requests |
Error Codes
Partner-Specific Errors
| Error Code | HTTP Status | Description | Resolution |
|---|
PARTNER_NOT_FOUND | 404 | Partner does not exist | Verify partner ID |
DUPLICATE_AS2_ID | 422 | AS2 ID already exists | Use unique AS2 ID |
INVALID_AS2_ID_FORMAT | 422 | AS2 ID contains invalid characters | Use alphanumeric and hyphens only |
INVALID_ENDPOINT_URL | 422 | Partner URL is not valid HTTPS | Provide valid HTTPS URL |
PARTNER_LIMIT_EXCEEDED | 402 | Partner limit for plan exceeded | Upgrade plan or remove unused partners |
UNSUPPORTED_ALGORITHM | 422 | Algorithm not supported | Use supported algorithm |
CERTIFICATE_REQUIRED | 400 | Certificate required for operation | Upload required certificate |
Partner Validation Error Example
{
"message": "Validation failed",
"errors": {
"as2_id": [
"The AS2 ID field is required",
"The AS2 ID must not contain spaces"
],
"url": [
"The URL must be a valid HTTPS endpoint"
],
"encrypt_algorithm": [
"The selected encryption algorithm is invalid"
]
}
}
Partner Testing
Connection Test Results
Test Result Schema
| Field | Type | Description |
|---|
success | boolean | Overall test success |
test_type | enum | Type of test performed |
results | object | Detailed test results |
timeline | array | Step-by-step test execution |
duration_ms | integer | Total test duration |
tested_at | datetime | Test execution timestamp |
Timeline Step Schema
| Field | Type | Description |
|---|
step | string | Test step name |
status | enum | success, warning, failure |
duration_ms | integer | Step execution time |
details | string | Step details or error message |
Test Failure Response
{
"success": false,
"message": "Partner connection test failed",
"data": {
"test_type": "ping",
"partner": {
"id": "prt_000001",
"as2_id": "ACME-CORP-AS2"
},
"results": {
"connectivity": "failed",
"error": "Connection timeout"
},
"timeline": [
{
"step": "DNS resolution",
"status": "success",
"duration_ms": 15,
"details": "Resolved to 203.0.113.10"
},
{
"step": "TCP connection",
"status": "failure",
"duration_ms": 60000,
"details": "Connection timeout after 60 seconds"
}
],
"duration_ms": 60015,
"tested_at": "2024-01-15T10:30:00.000000Z"
}
}
Usage Limits
Partner Limits by Plan
| Plan | Maximum Partners | Certificate Storage | Testing Frequency |
|---|
| Free | 5 | 10 certificates | 10 tests/hour |
| Starter | 10 | 25 certificates | 50 tests/hour |
| Professional | Unlimited | 100 certificates | 200 tests/hour |
| Enterprise | Unlimited | Unlimited | Unlimited |
Partner Limit Error
{
"message": "Partner limit exceeded for current plan",
"error": {
"type": "billing_error",
"code": "PARTNER_LIMIT_EXCEEDED",
"details": {
"current_partners": 6,
"plan_limit": 5,
"plan": "free",
"upgrade_url": "https://as2aas.com/dashboard/billing"
}
}
}
Integration Examples
Partner Management with Inheritance
// Get all partners (tenant + inherited)
async function getAllPartners(tenantId) {
const partners = await as2.partners.list();
const result = {
tenant_partners: partners.data.filter(p => p.type === 'tenant'),
inherited_partners: partners.data.filter(p => p.type === 'inherited'),
total: partners.data.length
};
return result;
}
// Create tenant-specific partner
async function createTenantPartner(partnerData) {
const partner = await as2.partners.create({
name: partnerData.name,
as2_id: partnerData.as2_id,
url: partnerData.endpoint,
sign: true,
encrypt: true,
sign_algorithm: 'SHA256withRSA',
encrypt_algorithm: 'AES256_CBC'
});
// Upload tenant-specific certificates
if (partnerData.encryptionCertificate) {
await as2.partners.uploadCertificate(partner.id, {
name: `${partner.name} Encryption`,
usage: 'encryption',
certificate: partnerData.encryptionCertificate
});
}
return partner;
}
// Override master partner configuration
async function overrideMasterPartner(partnerId, overrides) {
const updatedPartner = await as2.partners.update(partnerId, overrides);
console.log(`Master partner ${partnerId} overridden for tenant`);
console.log('Overrides:', updatedPartner.data.override_settings);
return updatedPartner;
}
Bulk Partner Operations
// Bulk partner management
async function bulkUpdatePartners(updates) {
const results = [];
for (const update of updates) {
try {
const result = await updatePartner(update.partner_id, update.changes);
results.push({ success: true, partner_id: update.partner_id, data: result });
} catch (error) {
results.push({
success: false,
partner_id: update.partner_id,
error: error.message
});
}
}
return results;
}