{ "schema": "https://saferpage.de/schemas/operator-api-access.v1", "generated_at": "2026-06-08T23:30:56+00:00", "summary": "Betreiber-Zugriffsmodell fuer SaferPage-APIs und Exporte mit Rollen, Scopes, Zugriffsstufen, Key-Rotation, Rate-Limits, Audit-Logs und sicherem Secret-Umgang.", "metrics": { "tier_count": 4, "scope_count": 8, "export_catalog_count": 6, "check_count": 5, "passed_check_count": 0, "planned_check_count": 5 }, "access_tiers": [ { "id": "public", "label": "Public Read", "audience": "Besucher und Suchmaschinen", "auth": "keine", "rate_limit": "Caching/CDN, nur oeffentliche Reports", "allowed_scopes": [ "reports.public:read", "schemas:read", "badges.public:read" ] }, { "id": "operator_read", "label": "Operator Read", "audience": "Betreiber, Datenschutz, Audit", "auth": "API-Key oder OIDC", "rate_limit": "600 Requests/Stunde je Key", "allowed_scopes": [ "reports:read", "portfolio:read", "evidence:read", "exports:read" ] }, { "id": "operator_write", "label": "Operator Workflow", "audience": "Website-Betrieb und PrivacyOps", "auth": "API-Key mit HMAC oder OIDC", "rate_limit": "120 Schreibaktionen/Stunde je Key", "allowed_scopes": [ "tickets:write", "dispatch:write", "integrations:dry_run" ] }, { "id": "admin", "label": "Admin Setup", "audience": "Programm-Owner/IT", "auth": "OIDC + Admin-Rolle", "rate_limit": "manuell freizugeben", "allowed_scopes": [ "keys:rotate", "integrations:manage", "portfolio:manage" ] } ], "scopes": [ { "id": "reports.public:read", "purpose": "Kanonische Kurzreports und oeffentliche Trust-Links lesen.", "risk": "niedrig", "default_tier": "public" }, { "id": "schemas:read", "purpose": "Schema Registry und maschinenlesbare Vertragsformen lesen.", "risk": "niedrig", "default_tier": "public" }, { "id": "reports:read", "purpose": "Domainberichte, Scorecards und Modul-Exports lesen.", "risk": "mittel", "default_tier": "operator_read" }, { "id": "portfolio:read", "purpose": "Portfolio, Audit-Trail, Scanplan, Digest und Intake-Pakete lesen.", "risk": "mittel", "default_tier": "operator_read" }, { "id": "evidence:read", "purpose": "Nachweise, Hash-Manifest und Scanbelege lesen.", "risk": "hoch", "default_tier": "operator_read" }, { "id": "tickets:write", "purpose": "Remediation-Tickets in Zielsysteme uebergeben.", "risk": "hoch", "default_tier": "operator_write" }, { "id": "dispatch:write", "purpose": "Scan-Dispatches und Delivery-Jobs ausloesen.", "risk": "hoch", "default_tier": "operator_write" }, { "id": "keys:rotate", "purpose": "API-Key-Rotation und Sperrung verwalten.", "risk": "kritisch", "default_tier": "admin" } ], "export_catalog": [ { "id": "competitive_matrix", "label": "Feature-Matrix", "url": "https://saferpage.de/vergleich/features-json", "scope": "schemas:read" }, { "id": "portfolio_audit", "label": "Portfolio Audit Trail", "url": "https://saferpage.de/portfolio/audit-json", "scope": "portfolio:read" }, { "id": "portfolio_schedule", "label": "Portfolio Scanplan", "url": "https://saferpage.de/portfolio/schedule-json", "scope": "portfolio:read" }, { "id": "evidence_center", "label": "Nachweis-Center", "url": "https://saferpage.de/nachweise/anrufer.info/export", "scope": "evidence:read" }, { "id": "remediation_delivery", "label": "Remediation Delivery", "url": "https://saferpage.de/fix-guides/anrufer.info/tickets-delivery-json", "scope": "tickets:write" }, { "id": "integration_setup", "label": "Integrations-Setup", "url": "https://saferpage.de/integrationen/setup-json", "scope": "integrations:manage" } ], "key_lifecycle": { "prefix_format": "sp_live_<8 Zeichen Prefix>", "storage_policy": "Klartext-Key nur einmal beim Erstellen anzeigen; serverseitig nur Salt/Hash und Prefix speichern.", "rotation_days": 90, "emergency_revoke": "Key sofort sperren, aktive Sessions beenden, Integrations-Dry-Run erneut ausfuehren.", "least_privilege": "Keys nur fuer benoetigte Domain-Gruppe, Scopes und Zielsysteme ausstellen." }, "validation_checks": [ { "id": "key_storage", "label": "API-Keys nur gehasht speichern", "status": "planned", "owner": "IT/Security", "evidence": "Nur Key-Prefix und Hash im Admin-Kontext; kein Klartext im Export." }, { "id": "scope_enforcement", "label": "Scopes serverseitig erzwingen", "status": "planned", "owner": "Backend", "evidence": "Jeder Endpoint mappt auf mindestens einen Scope." }, { "id": "rotation", "label": "Rotation und Ablaufdatum", "status": "planned", "owner": "Programm-Owner", "evidence": "Maximale Key-Laufzeit 90 Tage, Notfall-Sperrung sofort." }, { "id": "audit_log", "label": "Access Audit Log", "status": "planned", "owner": "Compliance/IT", "evidence": "Key-Prefix, Scope, Endpoint, Statuscode, Zeitstempel und Request-ID protokollieren." }, { "id": "rate_limit", "label": "Rate-Limit je Key und Scope", "status": "planned", "owner": "Platform", "evidence": "Lesen, Schreiben und Admin getrennt limitieren." } ], "example_headers": { "Authorization": "Bearer sp_live_", "X-SaferPage-Key-Prefix": "sp_live_ab12cd34", "X-SaferPage-Request-Id": "req_", "X-SaferPage-Signature": "sha256=" }, "links": { "html": "https://saferpage.de/api-zugriff", "json": "https://saferpage.de/api-zugriff/export", "csv": "https://saferpage.de/api-zugriff/export-csv", "markdown": "https://saferpage.de/api-zugriff/runbook-md", "schemas": "https://saferpage.de/schemas", "integrations": "https://saferpage.de/integrationen", "comparison": "https://saferpage.de/vergleich" }, "disclaimer": "Dieses Paket beschreibt Zugriffsstufen und Sicherheitsanforderungen. Es erzeugt keine echten API-Keys und zeigt keine Secrets." }