> ## Documentation Index > Fetch the complete documentation index at: https://docs.dfns.co/llms.txt > Use this file to discover all available pages before exploring further. # Create Canton Validator > Link a Canton Validator to your organization. This is required in order to create wallets or interact with the Canton network. The `Shared` option allows you to use a shared validator hosted by Dfns and get started in seconds, while the `Custom` option allows you to connect your own validator and ledger nodes using OAuth2 authentication. Read details about the process [here](https://docs.dfns.co/networks/canton-validators). ## OpenAPI ````yaml /openapi.yaml post /networks/{network}/validators openapi: 3.1.0 info: version: 1.807.0 title: Dfns servers: - url: https://api.dfns.io description: Default - Europe - url: https://api.uae.dfns.io description: UAE - url: https://api.dfns.ninja description: Staging security: [] paths: /networks/{network}/validators: post: tags: - Networks summary: Create Canton Validator description: >- Link a Canton Validator to your organization. This is required in order to create wallets or interact with the Canton network. The `Shared` option allows you to use a shared validator hosted by Dfns and get started in seconds, while the `Custom` option allows you to connect your own validator and ledger nodes using OAuth2 authentication. Read details about the process [here](https://docs.dfns.co/networks/canton-validators). parameters: - schema: type: string enum: - canton - canton-devnet - canton-testnet required: true name: network in: path requestBody: content: application/json: schema: oneOf: - type: object properties: name: type: string minLength: 1 maxLength: 50 description: Nickname for this validator. kind: type: string enum: - Shared required: - kind description: >- Use Dfns' shared validator to create your Canton Wallets. See [here](https://docs.dfns.co/networks/canton-validators#option-1-use-dfns-shared-validator) title: Dfns Shared validator - type: object properties: name: type: string minLength: 1 maxLength: 50 description: Nickname for this validator. kind: type: string enum: - Custom validator: type: object properties: url: type: string format: uri description: >- URL to reach the API at this address. The calls will be originating from our IP addresses (see [Dfns Environments](https://docs.dfns.co/api-reference/environments)) oauth2: type: object properties: domain: type: string format: uri description: >- your OAuth2 tenant domain. Provided by your auth provider. tokenPath: type: string description: >- token endpoint from your authorization provider. We will call this endpoint on your tenant domain (i.e.: `/`) audience: type: string description: >- the audience your configured on your auth provider. It is suggested to start with `https://canton.network.global`. clientId: type: string description: >- The client id from your auth provider for this application. clientSecret: type: string description: >- The client secret from your auth provider for this application. required: - domain - audience - clientId - clientSecret description: >- How Dfns will authenticate into your validator/ledger. You should have setup authentication already (see details [here](https://docs.dev.sync.global/validator_operator/validator_helm.html#helm-validator-auth)), you can reuse the same Application details. See examples in this endpoint payload examples above. required: - url - oauth2 description: >- Configuration to reach your validator Signing API. We will call the validator External Signing API at the url (and using the credentials) defined below ; for instance `$URL/api/validator/v0/admin/external-party/topology/generate`. See the underlying calls details [here](https://docs.dev.sync.global/app_dev/validator_api/index.html#validator-api-external-signing). ledger: type: object properties: url: type: string format: uri description: >- URL to reach the API at this address. The calls will be originating from our IP addresses (see [Dfns Environments](https://docs.dfns.co/api-reference/environments)) oauth2: type: object properties: domain: type: string format: uri description: >- your OAuth2 tenant domain. Provided by your auth provider. tokenPath: type: string description: >- token endpoint from your authorization provider. We will call this endpoint on your tenant domain (i.e.: `/`) audience: type: string description: >- the audience your configured on your auth provider. It is suggested to start with `https://canton.network.global`. clientId: type: string description: >- The client id from your auth provider for this application. clientSecret: type: string description: >- The client secret from your auth provider for this application. required: - domain - audience - clientId - clientSecret description: >- How Dfns will authenticate into your validator/ledger. You should have setup authentication already (see details [here](https://docs.dev.sync.global/validator_operator/validator_helm.html#helm-validator-auth)), you can reuse the same Application details. See examples in this endpoint payload examples above. required: - url - oauth2 description: >- Configuration to reach your validator Ledger JSON API. We will call endpoints such as `/v2/state/ledger-end`, `/v2/state/active-contracts`, `/v2/parties/participant-id`, `/v2/interactive-submission/prepare`, `/v2/interactive-submission/execute`, `/v2/commands/completions`. See the underlying details [here](https://docs.dev.sync.global/app_dev/ledger_api/index.html). required: - kind - validator - ledger description: >- Connect your own validator. See [here](https://docs.dfns.co/networks/canton-validators#option-2-connect-your-own-validator-byov) for more info. title: Your own custom validator examples: Shared Validator: value: kind: Shared name: My shared validator Custom Validator | Auth0: value: kind: Custom name: My validator with auth0 credentials validator: url: https://validator.testnet.mydomain.com/ oauth2: domain: https://xxxxxx.us.auth0.com clientId: xxxxxx clientSecret: xxxxxxx audience: https://canton.network.global ledger: url: https://ledger.testnet.mydomain.com/ oauth2: domain: https://xxxxxx.us.auth0.com clientId: xxxxxx clientSecret: xxxxxxx audience: https://canton.network.global Custom Validator | Okta: value: kind: Custom name: My validator with auth0 credentials validator: url: https://validator.testnet.mydomain.com/ oauth2: domain: https://xxxxxx.okta.com tokenPath: oauth2/xxxxxx/v1/token clientId: xxxxxx clientSecret: xxxxxxx audience: https://validator.testnet.mydomain.com/ ledger: url: https://ledger.testnet.mydomain.com/ oauth2: domain: https://xxxxxx.okta.com tokenPath: oauth2/xxxxxx/v1/token clientId: xxxxxx clientSecret: xxxxxxx audience: https://ledger.testnet.mydomain.com/ Custom Validator | Keycloak: value: kind: Custom name: My validator with auth0 credentials validator: url: https://validator.testnet.mydomain.com/ oauth2: domain: https://my-own-server.running-keycloak.com tokenPath: /auth/realms/xxxxx/protocol/openid-connect/token clientId: xxxxxx clientSecret: xxxxxxx audience: https://validator.testnet.mydomain.com/ ledger: url: https://ledger.testnet.mydomain.com/ oauth2: domain: https://my-own-server.running-keycloak.com tokenPath: /auth/realms/xxxxx/protocol/openid-connect/token clientId: xxxxxx clientSecret: xxxxxxx audience: https://ledger.testnet.mydomain.com/ responses: '200': description: Success content: application/json: schema: $ref: '#/components/schemas/CantonValidator' security: - authenticationToken: [] userActionSignature: [] components: schemas: CantonValidator: type: object properties: id: type: string minLength: 1 maxLength: 64 pattern: ^cv-[a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{14,16}$ example: cv-7jeof-m584r-p35ucm37ko3cqgts orgId: type: string minLength: 1 maxLength: 64 pattern: ^or-[a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{14,16}$ description: Organization id. example: or-30tnh-itmjs-s235s5ontr3r23h2 network: type: string enum: - Canton - CantonDevnet - CantonTestnet name: type: string kind: type: string enum: - Shared - Custom dateCreated: type: string partyHint: type: string required: - id - orgId - network - kind - dateCreated - partyHint securitySchemes: authenticationToken: type: http scheme: bearer bearerFormat: JWT description: >- **Bearer Token:** Used to authenticate API requests. More details how to generate the token: [Authentication flows](https://docs.dfns.co/api-reference/auth/login-flows) userActionSignature: type: apiKey in: header name: X-DFNS-USERACTION description: >- **User Action Signature:** Used to sign the change-inducing API requests. More details how to generate the token: [User Action Signing flows](https://docs.dfns.co/api-reference/auth/signing-flows) ````