Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Updates to ID API based on tech review

Description

See details at this page:

Structural problems:

  • Gitbook

    • some endpoints lack parameters or examples of request’s/response’s bodies

  • Github

    • structural errors when the yaml file is opened in Swagger

 

Discrepancies and missing info:

  • all error messages should be shown as separete error codes, not come in a 200 response in an error parameter

  • some endpoints use snake case and some camel case even for the same parameters (ex clientId vs client_id) - it should be standardized across the whole BB

 

API problems:

  • POST /client-mgmt/oidc-client

    • no parameters/ headers?

    • error comes in 200 response - it should come as a separate error code

  • PUT /client-mgmt/oidc-client/{client_id}

    • why PUT and not PATCH?

    • no headers?

    • error comes in 200 response - it should come as a separate error code

  • GET /authorize

    • no example of 200 nor schema in Gitbook

    • no error examples

  • POST /oauth/token

    • no headers/parameters?

  • GET /oidc/userinfo

    • no example of a request

    • no parameters/headers?

    • no schema for error case

  • GET /.well-known/jwks.json

    • no headers/parameters?

    • no error case

    • endpoint description says it should return jkws format, but content-type of the response is set to json

  • GET /.well-known/openid-configuration

    • no headers/parameters?

    • no error case

  • POST /linked-authorization/link-code

    • error comes in 200 response - it should come as a separate error code

  • POST /linked-authorization/link-status

    • error comes in 200 response - it should come as a separate error code

  • POST /linked-authorization/link-auth-code

    • error comes in 200 response - it should come as a separate error code

  • POST /linked-authorization/link-transaction

    • no headers/parameters?

    • error comes in 200 response - it should come as a separate error code

  • POST /linked-authorization/authenticate

    • no headers/parameters?

    • error comes in 200 response - it should come as a separate error code

  • POST /linked-authorization/consent

    • no headers/parameters?

    • error comes in 200 response - it should come as a separate error code

  • POST /wallet-binding

    • no headers/parameters?

    • error comes in 200 response - it should come as a separate error code

 

Final conclusions:

  • Good readability - only one file in Github

  • Preparing parameters descriptions would be helpful - either in repository or in schemas in Gitbook

Attachments

1

Activity

Show:

Jaume DUBOISNovember 8, 2023 at 10:28 AM

Those APIs are inherited from Open ID Connect, we need to keep on that standard and won’t change them.

Steve ConradOctober 3, 2023 at 2:31 PM

, please let or myself know if you have questions on the above. Thanks.

Unresolved
Pinned fields
Click on the next to a field label to start pinning.

Details

Assignee

Reporter

Priority

Parent

Checklist

Created October 3, 2023 at 2:28 PM
Updated November 8, 2023 at 10:28 AM