Conversation
An API proposal for the registration phase of the Verified Caller API
alpaycetin74
requested review from
DanXu-ChinaTelecom,
Jason-ZTE and
stroncoso-quobis
as code owners
🦙 MegaLinter status: ✅ SUCCESS
See detailed report in MegaLinter reports MegaLinter is graciously provided by |
Fixing linter problems
|
thanks @alpaycetin74 ,very interesting with full operations to manage registration REST entity record. But I've just one first comment. From what I've designed in CAMARA API projects, CAMARA and GSMA prefer verb instead of entity (registration in our case). I know that OAS3 recommend such syntax. |
|
@alpaycetin74, according to commonalities examples, my comment was wrong. sorry. |
Fix linter errors
Fixing Linting errors
Fixing linting errors
Fix linter issues
|
|
@alpaycetin74, in my opinion campaign is not a resource in our case only a strong name/description unlike to a client resource which must exist in the information system. That's why I proposed a name and not a id. |
|
Hello @GillesInnov35, I didn't receive a notice of the meeting, can you post me a link to the meeting? |
|
hello @DENGYONG18 , there's no notification. You can refer to the LFX Meeting agenda |
|
Thanks @GillesInnov35 !I'm sorry for missing the discussion at previous meeting, and I have read your minutes in Issue #24 and got a rough idea of what was discussed. I'll join you all in tomorrow meeting. |
|
@alpaycetin74, may I ask you some questions regarding your yaml proposal to clearly understand what you mean. |
|
Hello @GillesInnov35 , The device parameter is typical in CAMARA to uniquely identify a device by one of the four parameters, or combinations of them Hope this helps. |
|
We also checked with Eric Murray and he thinks we can simply use phoneNumber and phoneNumberAlternate parameters in the request body. No need to reuse the device parameter. That's simpler for us. I will update the spec as such. @GillesInnov35 |
…ice with phoneNumber & phoneNumberAlternate
|
I have updated the spec with the discussed changes.
I am also happy to rename the campaign parameter to campaignName, just wanted to ask beforehand if a single registration could be associated with multiple campaigns at the same time? In that case we could make it an array of strings. |
|
hello, we have a request from our legal entity recommending that reseller/aggregator should never know b-number regarding GDPR. As the caller doesn't know which is the operator for b-number to directly call it, it would mean b-number should be hashed. |
|
Hello @GillesInnov35 , “Reseller/aggregator should never know b-number regarding GDPR” refers to the brand registration process or the pre-authorization process? |
|
hello @DENGYONG18 , it concerns pre-announce |
This looks too complicated. It requires a key exchange between the API client and the service provider (not the integrator in between) so that API client can encrypt the B-number and service provider can decrypt it. |
|
thanks @alpaycetin74 . This string recommendation from our legal entity won't have any impact on the API specifications /pre-announce. But it may push reseller to expose a Telco-finder API to allow API consumer to find b-number's operator. |
DO_NOT_VERIFY removed from VerifyCallerAction enum range, because verifyCallerAction is an optional parameter and its absence means the client does not want verification. There is no need to have 2 different ways to express the same request.
This is a good point, but practically speaking, is not the MNOs that expose the B-number to the reseller. Usually the Company consumes an API to the reseller (where can provide the B-number) and then the reseller would use that information to find the telco owner. In theory if the Company does not want to share B-number data, they can consume the API to the Telco platform directly assuming they also have access to a Telco Finder API. |
|
Hello @alpaycetin74 ,I think this YAML file is pretty good overall. But the file should be rename like "Verified Caller- Registration" at this phase, right? Additionally, I realized that the Introduction Part was incomplete, could you complete it at your convenience? :) |
Hello, I will complete the missing parts. Since we are in the release candidate phase, these are not urgent at the moment. Thank you. |
|
Hello @stroncoso-quobis , could you review this PR so that we can proceed to the release candidate preparation ? Thank you. |
Rename clientId to customerId to avoid confusion with the client_id in authorization flows
stroncoso-quobis
left a comment
stroncoso-quobis
left a comment
There was a problem hiding this comment.
LGTM!
Nice work, now approved, I will add this reference to the UML in progress at #34
Best regards,
- Aligned parameters due camaraproject#40 merge - Reviewed aggregator role on preannounce - Updated params due camaraproject#46 proposition - General visual and response updated
5 participants
An API proposal for the registration phase of the Verified Caller API
What type of PR is this?
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #24
Special notes for reviewers:
Changelog input
release-note
Additional documentation