Documentation
Start typing to search…

Environments & Network access

Environments & Network Access

MiTrust provides secure data sharing through two distinct environments designed to support your development lifecycle and production needs. This guide covers environment specifications, network requirements, and firewall configuration.

Quick Start

Development & Testing

Use the Sandbox environment for integration testing and partner development without affecting live data.

Production Ready

Deploy to Production when you're ready to handle real user data sharing workflows.

Environment Overview

Sandbox Environment (SBX)

Base URL: https://sbx-app.m-itrust.com

Sandbox Details
  • Purpose: Integration testing and development
  • Data: Test data sources ("Hardcoded") and real data sources
  • Support: Full API functionality mirroring production
  • Uptime: Best effort

Production Environment (PROD)

Base URL: https://app.m-itrust.com

Production Details
  • Purpose: Live user data sharing
  • Data: Real data sources
  • Support: 99+% uptime SLA

Network Architecture

Most MiTrust operations happen in the user's browser through secure HTTPS redirections. This means your servers don't need to handle most of the traffic - it flows directly between users and MiTrust.

Browser-Based Flows ✅

  • User authentication
  • Consent management
  • Data review and selection UI
  • OAuth redirections

No server networking required

Server-to-Server Calls 🔧

  • Token exchange
  • Data retrieval
  • Consent decryption
  • Headless operations

Outbound HTTPS access needed

Network Requirements

Firewall Configuration

Required Outbound Access

Your servers need outbound HTTPS access (port 443) to MiTrust domains for these operations:

API OperationMethodEndpoint PatternPurpose
OAuth Token ExchangePOST/oauth/tokenConvert authorization codes to access tokens
User Data RetrievalGET/user_data/v1/userinfoFetch consented user information
Consent DecryptionPOST/service_provider/v1/userconsentDecrypt and verify user consent
Headless OperationsMultiple/v2/sp/headless/*Automated data updates and sync

Example whitelist entries:

https://app.sandbox.m-itrust.com:443
https://app.m-itrust.com:443

What You DON'T Need

Inbound Access

No inbound firewall rules required. MiTrust never initiates connections to your servers.

Special Ports

Only standard HTTPS (443). No custom ports or protocols needed.

VPN/Tunnels

Direct internet access is sufficient. No VPN or tunnel setup required.


Updated 19 days ago