Replace 403 INVALID_TOKEN_CONTEXT with 422 UNNECESSARY_IDENTIFIER

[fernandopradocabrillo]

What type of PR is this?

Feature / API spec update

What this PR does

This PR replaces the 403 INVALID_TOKEN_CONTEXT error with the 422 UNNECESSARY_IDENTIFIER error in the KYC Match API, aligning with the CAMARA Commonalities guidelines for APIs where the scope does NOT allow explicit confirmation as to whether the supplied identity matches that bound to the Three-Legged Access Token.

Changes

info.description updates:

• Updated the "Identifying the phoneNumber from the access token" section: when a three-legged access token is used, the optional phoneNumber MUST NOT be provided (previously it stated it "needs to match with the one associated with the access token").
• Updated the "Error handling" section: replaced the INVALID_TOKEN_CONTEXT error documentation with the UNNECESSARY_IDENTIFIER error case, which is returned when the subject can already be identified from the access token and the optional phoneNumber is also included in the request.

components.responses updates:

• Removed INVALID_TOKEN_CONTEXT from the Generic403 response enum and its example.
• Added UNNECESSARY_IDENTIFIER to the Generic422 response enum.
• Added the GENERIC_422_UNNECESSARY_IDENTIFIER example.

References

• CAMARA API Design Guide - Section 3.1
• CAMARA API Design Guide - Appendix A

[fernandopradocabrillo]

I created this PR automatically when applied the changes in local. We can keep it as "WIP" until we decide how to proceed

[GillesInnov35]

I think also we should be now aligned with Commonalities rules and specifications

[ToshiWakayama-KDDI]

Thanks, @fernandopradocabrillo , but I have just made a comment in issue #50, so please look at it.

Thanks,
Toshi