What is AS4 in EDI?
AS4 (Applicability Statement 4) is a modern secure
web services-based communication protocol used for B2B data exchange,
especially in EDI (Electronic Data Interchange). It is a successor to
AS2, offering enhanced security, reliability, and flexibility using SOAP
and web services standards.
Key Components of AS4 Architecture
|
Component |
Description |
|
SOAP Envelope |
AS4 uses SOAP 1.2 for message
structure. |
|
ebMS Header |
Metadata such as sender, receiver,
message ID, and action. |
|
Payload |
Can be any type (XML, EDIFACT, X12,
etc.). |
|
WS-Security |
Ensures message encryption, signature,
and integrity. |
|
Reliability |
Built-in retry, duplicate detection,
and delivery tracking. |
|
P-Mode |
Configuration setting that governs how
messages are exchanged between partners (like service agreements). |
Where is AS4 Used?
- Peppol
Network (EU e-Invoicing and procurement)
- Government
projects
- Logistics
and healthcare sectors
- Large
enterprises and ERP integrations
Advantages over AS2
|
AS2 |
AS4 |
|
S/MIME-based |
SOAP/WS-based |
|
No message pulling |
Supports pull & push |
|
Less standard metadata |
Richer metadata and payload formats |
|
Limited error handling |
Enhanced error, retry, and security mechanisms |
AS4 Message Exchange Patterns
- Push
Model
- Sender
initiates the message transfer.
- Most
common model (similar to AS2).
- Pull
Model
- Receiver
retrieves messages from the sender’s AS4 endpoint.
- Useful
when recipient has limited inbound connectivity.
- One-Way
/ Two-Way Messaging
- AS4
supports both one-way messaging (send only or receive only) and two-way
messaging (request-response type).
Message Flow (Push Model)
Step-by-step:
- Sender
ERP sends EDI 810 (Invoice) to AS4 Gateway.
- AS4
wraps the message in a SOAP envelope.
- Message
is signed and encrypted.
- Sent
over HTTPS to receiver.
- Receiver
processes and sends back acknowledgment (SOAP Receipt).
AS4 uses WS-Security standards for:
- Authentication (via certificates)
- Confidentiality (via encryption)
- Integrity (via digital signatures)
- Non-repudiation (auditable message logs)
Certificates (X.509) are used to sign and encrypt the message or its parts.
No comments:
Post a Comment