Know instantly when anything changes in your ecosystem
Real-time ecosystem event notifications — certificate revocations, metadata updates, conformance changes, lifecycle transitions. As your ecosystem grows, shared signals keep every participant informed automatically.
Real-time signals across the trust network
When something changes in the federation — a certificate rotates, a participant's status changes, a new entity joins, or a conformance test fails — every affected participant needs to know. Raidiam Connect acts as the federation event plane.
All participants notified in real-time
Federation Event Types
Certificate Rotation
Automatic notification when certificates are renewed, rotated, or approaching expiry
Participant Status Change
Alerts when a participant joins, leaves, or changes conformance status
Metadata Updates
Real-time propagation when authorisation server or API metadata changes
Policy Changes
Notifications when federation policies are updated or new rules take effect
Security Events
Immediate broadcast of security incidents, revocations, or trust boundary changes
Conformance Results
Automated notifications when conformance tests pass, fail, or require re-certification
Onboarding Events
Signals when new organisations, applications, or services complete onboarding
Trust Chain Updates
Notifications when trust anchors, intermediate authorities, or trust marks change
Lifecycle Transitions
Alerts for entity lifecycle changes: active, suspended, deprecated, decommissioned
In a bilateral world, if a certificate is revoked, every connected party must be individually notified — if they're notified at all. In a federation, one event from the controller reaches every affected participant instantly. This is the difference between managing 500 individual relationships and operating one trust network.
Built on Shared Signals and Events (SSE) framework and webhook infrastructure. Compatible with CAEP, RISC, and SET token standards.
Powered by Raidiam Connect
How Shared Signals works under the hood
Standards Foundation
SSE (Shared Signals and Events)
The IETF framework for transmitting security events between cooperating systems. Raidiam implements SSE as the transport layer for all ecosystem signals.
SET (Security Event Token)
Each signal is a signed JWT following the SET specification (RFC 8417). Signed by the federation controller’s key pair. Verifiable by any participant using published JWKS.
CAEP / RISC
Continuous Access Evaluation Protocol for session and access changes. Risk Incident Sharing and Coordination for security events. Both supported for interoperability with enterprise security stacks.
Delivery Architecture
At-least-once delivery
Every signal is delivered at least once to every subscribed participant. Retry with exponential backoff for failed deliveries. Dead-letter queue for persistently unreachable endpoints. Signal receipt acknowledgement required.
Webhook delivery
Signals are pushed to participant-registered HTTPS endpoints via signed webhooks. Each webhook includes the SET token in the request body. The receiving endpoint validates the signature against the federation controller’s published JWKS.
Event bus integration
For enterprise consumers, signals can be forwarded to Apache Kafka, Azure Event Grid, AWS EventBridge, or any webhook-compatible event bus. Configure your event infrastructure as the webhook endpoint.
Example Signal Payload
{
"iss": "https://federation.example.com",
"iat": 1711900800,
"jti": "sig_abc123",
"events": {
"urn:raidiam:signal:certificate-revoked": {
"subject": {
"format": "org_id",
"org_id": "org_7f3a2b"
},
"certificate_id": "cert_x509_4e2f",
"reason": "key_compromise",
"revoked_at": "2026-03-30T14:30:00Z"
}
}
}A certificate revocation signal. Signed as a JWT using the federation controller's private key. Participants validate the signature against the published JWKS endpoint.
Signal Types
Certificate revoked
Key compromise, expiry, administrative
All participants using that certificate are notified
Metadata updated
Participant changes API endpoints, keys, or capabilities
Dependent participants refresh cached metadata
Conformance status changed
Participant passes or fails re-certification
Ecosystem operator and dependent participants notified
Participant lifecycle
New registration, suspension, or deactivation
Federation-wide visibility update
Policy changed
Trust anchor or domain authority updates policy
All affected entities re-evaluate compliance
Security incident
Anomalous activity detected
Operator and affected participants alerted
Subscription & Filtering
Participants subscribe to signals during registration. Subscriptions can be filtered by:
- Signal type (e.g., only certificate events)
- Organisation scope (e.g., only events affecting direct counterparties)
- Domain (e.g., only open banking domain signals)
Subscription management is available via API. Changes take effect immediately.
Where will your ecosystem take you?
Whether you're a regulator building a national digital economy, an enterprise platformising across brands and clouds, or a bank that wants to stop rebuilding trust for every new use case — there's a next step.
See It in Action
See how one investment in Raidiam Connect covers your first use case — and the next hundred
Request a Briefing
For regulators and central banks — how to build the foundations for an expandable digital economy
See the Proof
Brazil started with 2 data-sharing scopes. Today it has hundreds — all on the same infrastructure
Not sure where to start? Build the business case → · See if this is right for you → · Developer Portal & API docs → · Security & Trust Center →