About this document: Agenda and notes are kept in the same document, a separate copy of the document is maintained for each meeting. Please add agenda points before the meeting. Action items created in previous meeting and all other unresolved action items are kept in the document. Please tick off any completed items.

Meeting link: https://meet.google.com/rsf-cqaq-eyq at 07:45 UTC / 09:45 CET / 13:15 IST

Attendees

@Ain Aaviksoo (meeting facilitator)
@Benjamin Balder Bach (note keeper)
@Lal Chandran
@PSRAMKUMAR (out)
@Philippe Page
@George J Padayatti

Meeting Notes

Agenda	Presenter	Discussion

Agenda	Presenter	Discussion
Kanban board + Action points from last week	@Ain Aaviksoo	skipped
General update (5 min)	@Ain Aaviksoo	GovStack updates: A lot of intensive work is happening around updating the specifications across all building blocks. We need to differentiate between what changes should go in this week. We have been asked to notify testing and sandbox team about changes in API endpoints.
API endpoint proposals from iGrant (60 min)	@Lal Chandran	WG responds to proposals: Policy data is baked into the Agreement data. For iGrant’s Consent system, Policy endpoints need to be implemented in a way where they update Agreements. This might in some cases be by simply doing a no-op and returning success, for instance on a DELETE call to a Policy. DECISION URLs of Agreement endpoints change names from “agreement” to “data-agreement”. DECISION We’ll add “data attribute” endpoints, and the AgreementData model will change name to DataAttribute. We’ll have a discussion and decision about “webhooks” in a future meeting. DECISION: We’ll get rid of AgreementPurpose and related endpoints. Remove unused openapi tags See the Decisions below New Jira ticket https://govstack-global.atlassian.net/browse/CON-191
DDX Consent BB implementation open topics/questions:	skipped	Solution and adapter, are they separated? Are you aware of the bb-consent/examples/ structure? Are you aware of GovStack UX Guidelines that are published? What to do with APIs that aren't part of GovStack specs - expose them in the same structure? What do we need to accommodate in the Consent BB planning? What "best-practice" guidance is found for building solutions for GovStack? What sort of workflows are great, for instance for building consent. How will engagement with other BBs work? Will you be able to work on this aspect?
Consent delegation	skipped	https://govstack-global.atlassian.net/browse/CON-52 Where is the relationship between individuals stored? The application is aware of it? Another BB is aware of it? Auditing should be able to verify it
Review necessary Gherkin scenarios to implement	@Benjamin Balder Bach Skipped
Spec 2.0: Unfolding new roadmap items	Skipped
New issues	@sasi parked for future meeting	What do we expect other BBs that call Consent-BB to store? When do we like to use Consent-BB and when do we not expect this? (This should also be know to the auditor.) Discussion: How shall we address such matters, which do not fit into specification format?

New Action Items

Action Items from previous meetings

@Ain Aaviksoo (Deactivated) consider if the decision to have “external ID” and “external ID type” referencing Individuals is relevant for the Key Desicion Log (if it’s not already there)

@Philippe Page will finish the initial descriptions and commit himself to the ones he feels appropriate

@Benjamin Balder Bach Prepare fixtures review for Lal

Any action for roadmap item mentioned by Lal in last meeting? ”Onboarding” of data sources and consumers hasn’t been handled. We need a component that can be used by the data source to understand data consumer requests.

Decision

URLs of Agreement endpoints change names from “agreement” to “data-agreement”.
We’ll add “data attribute” endpoints, and the AgreementData model will change name to DataAttribute.
We’ll have a discussion and decision about “webhooks” in a future meeting.
We’ll get rid of AgreementPurpose and related endpoints.
We’ll introduce Data Agreement instead of Consent Agreement