ISO15118 Authorization¶

Description.

Authorization sent from iso15118 to ocpp, typically in the form of a MAC address.

Iso15118AuthorizationRequest¶

Topic: iso15118/ocpp. Used by 15118 to request authorization through OCPP.
type	object
properties
id	type	string
	format	uuid
name	const	iso15118_authorization
type	const	request
data	type	object
	properties
	evse_id	type	string
	token_type	enum	e_maid, mac_address
	id_token	type	string
	allOf	if	properties
			token_type	const	e_maid
		then	properties
			token_data	properties
				certificate_chain	type	string
				iso15118_hash_data	type	array
					items	type	object
						properties
						hash_algorithm	enum	SHA256, SHA384, SHA512
						issuer_name_hash	type	string
						issuer_key_hash	type	string
						serial_number	type	string
						responder_url	type	string
					minItems	1

Example for the AutoCharge implementation, using a MAC address:

{
    "id": "57828133-8cfe-477d-b829-0b60aff90c2a",
    "name": "iso15118_authorization",
    "type": "request",
    "data": {
        "evse_id": "DE*SEV*E123456789",
        "id_token": "FF44556670AA",
        "token_type": "mac_address" # e_maid
        }
}

Example for Plug And Charge, using the e_maid:

{
    "id": "194e76cb-215d-440f-91d8-75e986c2aaaf",
    "name": "iso15118_authorization",
    "type": "request",
    "data": {
        "evse_id": "DE*SEV*E123456789",
        "id_token": "DEABCC123ABC56",
        "token_type": "e_maid",
        # this field is only required for the e_maid token type
        "token_data": {
            # this certificate chain is in PEM encoded format
            # it is optional, and only needs to be sent if
            # the charging station cannot validate the contract certificate
            # because it does not have the associated root certificate.
            "certificate_chain": "—–BEGIN CERTIFICATE—–MIIDdTCCAl...",
            "iso15118_hash_data": [
                {
                    "hash_algorithm": "SHA256", # SHA256, SHA384, SHA512
                    "issuer_name_hash": "65df03257007316adf168dee995b98d582f871395b5d167754df7e8525efde2a",
                    "issuer_key_hash": "d503a88e816fbff921dc104bf711d31f2288b40cc19d01ac8c787dd829e8a2db",
                    "serial_number": "12345",
                    "responder_url": "https://ocsp.responder.com"
                },
                {
                    "hash_algorithm": "SHA256", # SHA256, SHA384, SHA512
                    "issuer_name_hash": "3gdf8je9007316adf168dee995b98d582fd871395b5d167754df7e8525efde2a",
                    "issuer_key_hash": "asdfv34asvv34dxv4g921dc104bf711d31f2288b40cc19d01ac8c787dd829e8a",
                    "serial_number": "54321",
                    "responder_url": "https://ocsp.responder.com"
                }
            ]
        }
    }
}

token_data fields.

certificate_chain: Optional. The X.509 certificated presented by EV and encoded in PEM format.

hash_algorithm: Required. Used algorithms for the hashes provided.

issuer_name_hash: Required. Hashed value of the Issuer DN (Distinguished Name).

issuer_key_hash: Required. Hashed value of the issuers public key.

serial_number: Required. The serial number of the certificate.

responder_url: Required. This contains the responder URL (Case insensitive).

Iso15118AuthorizationResponse¶

Topic: ocpp/iso15118. Used by OCPP to respond to a 15118 authorization request.
type	object
properties
id	type	string
	format	uuid
name	const	iso15118_authorization
type	const	response
data	type	object
	properties
	status	enum	accepted, rejected, ongoing
	certificate_status	enum	OK, CertificateExpired, CertificateExpiresSoon, CertificateNotAllowedAtThisEVSE, CertificateNotYetValid, CertificateRevoked, CertificateValidationError, EMSPUnknown, GeneralPnCAuthorizationError, ContractCancelled

Example:

{
    "id": "57828133-8cfe-477d-b829-0b60aff90c2a",
    "name": "iso15118_authorization",
    "type": "response",
    "data": {"status": "accepted", # accepted, rejected, ongoing
             "certificate_status": "OK"} # CertificateExpired, CertificateRevoked, CertificateNotYetValid ...
}

Authorization triggered by ISO15118.

This kind of authorization happens when ISO15118 is in use.

First 15118 (-2/-20) sends an Authorization Request to the iso15118/ocpp topic

The OCPP instance answers back, with a positive or negative status response.

The OCPP instance must send a notification (update) MQTT message to the CS with the result of the Authorization request, using the topic ocpp/cs. See external_authorization_status.

The above steps are needed, so the charger OEM is notified if the authorization was successful or not, so that the charging station can close it’s contactors (or not) and inform the EV driver about the authorization status through the HMI.

Authorization not triggered by ISO15118, but by an external source.

This kind of authorization happens if ISO15118 is not the initiator of the authorization (e.g. an RFID has been swiped by the user), but ISO15118 needs to know what the status of the authorization is.

In this case, the id_type should be “external” and the id tag should NOT be included. If the authorization hasn’t been completed yet, the response will contain a status of “ongoing”.