Skip to content

Commit c62e8cb

Browse files
authored
Switch to Backbone API v2 (#381)
* feat: recommend to use Backbone v7 * feat: remove approvedAt and approvedByDevice properties of IdentityDeletionProcess * feat: rename status "Approved" of IdentityDeletionProcess to "Active" * chore: run Excel script for updating use case metadata
1 parent b7bc69d commit c62e8cb

7 files changed

+35
-30
lines changed

_docs_integrate/data-model-overview.md

Lines changed: 11 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -217,19 +217,17 @@ If you want to [delete your Identity]({% link _docs_integrate/delete-identities.
217217
Up until then, the data about the deletion process is stored in an object called IdentityDeletionProcess.
218218
It is possible to [cancel an IdentityDeletionProcess]({% link _docs_use-cases/use-case-transport-cancel-identitydeletionprocess.md %}) that hasn't reached the end of its grace period, yet.
219219
Since cancelled IdentityDeletionProcesses are stored, you can reach a situation in which there are multiple IdentityDeletionProcesses associated with the same Identity.
220-
Note, however, that at all times there can only be at most one **active IdentityDeletionProcess**, i.e. with `"Approved"` as `status`, per Identity.
221-
222-
| Name | Type | Description | Remarks |
223-
| ----------------- | ----------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
224-
| id | `string` | {% include descr_id class="IdentityDeletionProcess" prefix="IDP" %} | |
225-
| status | `"Approved"` \| `"Cancelled"` | The status of the IdentityDeletionProcess. <br>{::nomarkdown}<ul><li>Approved: the IdentityDeletionProcess was <a href="{% link _docs_use-cases/use-case-transport-initiate-identitydeletionprocess.md %}">initiated directly by the Identity itself</a> and is active. Unless it is cancelled, the Identity will be deleted by the end of the grace period.</li><li>Cancelled: the IdentityDeletionProcess was cancelled and is no longer active.</li></ul>{:/} | |
226-
| createdAt | `string` \| `undefined` | {% include descr_createdAt class="IdentityDeletionProcess" %} | |
227-
| createdByDevice | `string` \| `undefined` | {% include descr_createdByDevice class="IdentityDeletionProcess" %} | |
228-
| approvedAt | `string` \| `undefined` | A timestamp that describes when the IdentityDeletionProcess was approved. | |
229-
| approvedByDevice | `string` \| `undefined` | The ID of the Device that approved the IdentityDeletionProcess. | |
230-
| gracePeriodEndsAt | `string` \| `undefined` | A timestamp that describes when the Identity will be permanently deleted. Up until this moment, it is possible to cancel the IdentityDeletionProcess. | |
231-
| cancelledAt | `string` \| `undefined` | A timestamp that describes when the IdentityDeletionProcess was cancelled. | |
232-
| cancelledByDevice | `string` \| `undefined` | The ID of the Device that cancelled the IdentityDeletionProcess. | |
220+
Note, however, that at all times there can only be at most one **active IdentityDeletionProcess**, i.e. with `"Active"` as `status`, per Identity.
221+
222+
| Name | Type | Description | Remarks |
223+
| ----------------- | --------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
224+
| id | `string` | {% include descr_id class="IdentityDeletionProcess" prefix="IDP" %} | |
225+
| status | `"Active"` \| `"Cancelled"` | The status of the IdentityDeletionProcess. <br>{::nomarkdown}<ul><li>Active: the IdentityDeletionProcess was <a href="{% link _docs_use-cases/use-case-transport-initiate-identitydeletionprocess.md %}">initiated directly by the Identity itself</a> and is active. Unless it is cancelled, the Identity will be deleted by the end of the grace period.</li><li>Cancelled: the IdentityDeletionProcess was cancelled and is no longer active.</li></ul>{:/} | |
226+
| createdAt | `string` \| `undefined` | {% include descr_createdAt class="IdentityDeletionProcess" %} | |
227+
| createdByDevice | `string` \| `undefined` | {% include descr_createdByDevice class="IdentityDeletionProcess" %} | |
228+
| gracePeriodEndsAt | `string` \| `undefined` | A timestamp that describes when the Identity will be permanently deleted. Up until this moment, it is possible to cancel the IdentityDeletionProcess. | |
229+
| cancelledAt | `string` \| `undefined` | A timestamp that describes when the IdentityDeletionProcess was cancelled. | |
230+
| cancelledByDevice | `string` \| `undefined` | The ID of the Device that cancelled the IdentityDeletionProcess. | |
233231

234232
# Local Types
235233

_docs_integrate/delete-identities.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -36,8 +36,8 @@ However, Integrators of Connectors can still delete their Identity by using [Con
3636
## IdentityDeletionProcesses
3737

3838
From a technical perspective, the process of Identity deletion is described by a data object of type [IdentityDeletionProcess]({% link _docs_integrate/data-model-overview.md %}#identitydeletionprocess). It can be uniquely identified by its `id`.
39-
An IdentityDeletionProcess can have `"Approved"` or `"Cancelled"` as its `status`.
40-
If an IdentityDeletionProcess has `"Approved"` as `status`, it is also referred to as an **active IdentityDeletionProcess**.
39+
An IdentityDeletionProcess can have `"Active"` or `"Cancelled"` as its `status`.
40+
If an IdentityDeletionProcess has `"Active"` as `status`, it is also referred to as an **active IdentityDeletionProcess**.
4141
There can be at most one active IdentityDeletionProcess per Identity.
4242
There are three [use cases]({% link _docs_integrate/use-cases.md %}) for getting one or more already existing [IdentityDeletionProcesses]({% link _docs_integrate/data-model-overview.md %}#identitydeletionprocess):
4343

@@ -55,11 +55,11 @@ Whenever a new [IdentityDeletionProcess]({% link _docs_integrate/data-model-over
5555
### Self-Initiated Identity Deletion
5656

5757
An Identity can actively trigger its own process of deletion by executing the [Initiate IdentityDeletionProcess]({% link _docs_use-cases/use-case-transport-initiate-identitydeletionprocess.md %}) use case.
58-
Successful execution leads to the creation of an [IdentityDeletionProcess]({% link _docs_integrate/data-model-overview.md %}#identitydeletionprocess) with `"Approved"` as `status`.
58+
Successful execution leads to the creation of an [IdentityDeletionProcess]({% link _docs_integrate/data-model-overview.md %}#identitydeletionprocess) with `"Active"` as `status`.
5959
The Identity is immediately in deletion and will be irreversibly deleted from the Backbone once the end of the associated grace period of the IdentityDeletionProcess specified within its `gracePeriodEndsAt` property has been reached.
6060
Within the grace period, the [Cancel IdentityDeletionProcess]({% link _docs_use-cases/use-case-transport-cancel-identitydeletionprocess.md %}) use case can be applied by the Identity if it no longer wants to be deleted.
6161
In this case, the `status` of the IdentityDeletionProcess changes to `"Cancelled"`.
62-
Trying to cancel an IdentityDeletionProcess that does not have `"Approved"` as `status` causes an error with `error.runtime.identityDeletionProcess.noApprovedIdentityDeletionProcess` as [error code]({% link _docs_integrate/error-codes.md %}) to be thrown.
62+
Trying to cancel an IdentityDeletionProcess that does not have `"Active"` as `status` causes an error with `error.runtime.identityDeletionProcess.noApprovedIdentityDeletionProcess` as [error code]({% link _docs_integrate/error-codes.md %}) to be thrown.
6363
Furthermore, please note that the use of the [Initiate IdentityDeletionProcess]({% link _docs_use-cases/use-case-transport-initiate-identitydeletionprocess.md %}) use case is not permitted if there is already an active IdentityDeletionProcess.
6464
The corresponding [error code]({% link _docs_integrate/error-codes.md %}) is given by `error.runtime.identityDeletionProcess.activeIdentityDeletionProcessAlreadyExists`.
6565

_docs_integrate/migration-from-v6-to-v7.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,11 @@ The step-by-step instructions can be consulted to start the migration to version
4141
- The `database.dbNamePrefix` field of the [database configuration]({% link _docs_operate/configuration.md %}#database) was removed. Before, it defaulted to `acc-`. If a database called `acc-connector` is to be accessed, the value of the `database.dbName` field must be set to `acc-connector` instead of `connector` only.
4242
- To support additional authentication methods beyond API key authentication, the `apiKey` field was replaced by the `authentication.apiKey.keys.<key-id>.key` parameter of the [authentication configuration]({% link _docs_operate/configuration.md %}#authentication). The `authentication.apiKey.keys.<key-id>.scopes` field provides a convenient way to configure the permissions that apply when the API key identified by `<key-id>` is used.
4343
- Additionally, the support for the `API_KEY` [environment variable]({% link _docs_operate/configuration.md %}#environment-variables) has been removed, that could be used to define an API key using a short environment variable. As an alternative, the `authentication.apiKey.keys.<key-id>.key` configuration property can be set using an environment variable.
44+
- It must be ensured that a [Backbone](https://github.com/nmshd/backbone/tags) is used which is compatible with version 7 of the Connector.
45+
Even though a Backbone of version 6 can still be used, it is recommended to update to version 7 of the Backbone due to the new features and bug fixes provided.
46+
Appropriate Backbone credentials can be specified in the fields `transportLibrary.baseUrl`, `transportLibrary.platformClientId` and `transportLibrary.platformClientSecret` of the [Backbone configuration]({% link _docs_operate/configuration.md %}#transportlibrary).
47+
The URL `<baseUrl of Backbone>/api/v2/version` can be accessed to validate the version of the Backbone.
48+
Please note that version 7 of the Backbone only supports version 2 of its API and no longer version 1.
4449

4550
### Removed and Changed Data Structures
4651

@@ -60,6 +65,8 @@ The step-by-step instructions can be consulted to start the migration to version
6065
The property `reference` was introduced to group the property `truncated` with the additional property `url`, improving structure and better organizing related data.
6166
- The `title` property of the [File]({% link _docs_integrate/data-model-overview.md %}#file) became optional and should no longer be relied upon to be set.
6267
- The `ownershipToken` property of the [TransferFileOwnershipRequestItem]({% link _docs_integrate/data-model-overview.md %}#transferfileownershiprequestitem) became mandatory. This ensures that the ownership of the original File on the Backbone is transferred instead of applying a copy-based workaround. If the ownership of a [File]({% link _docs_integrate/data-model-overview.md %}#file) ought to be transferred, that doesn't have an `ownershipToken` yet, it will need to be [regenerated]({% link _docs_use-cases/use-case-transport-regenerate-file-ownership-token.md %}).
68+
- The properties `approvedAt` and `approvedByDevice` of the [IdentityDeletionProcess]({% link _docs_integrate/data-model-overview.md %}#identitydeletionprocess) have been removed.
69+
Furthermore, renaming `"Approved"` to `"Active"` resulted in a change of an IdentityDeletionProcess `status`.
6370
- All data structures around the Attribute listener feature, including the LocalAttributeListener, the RegisterAttributeListenerRequestItem, and the RegisterAttributeListenerAcceptResponseItem, were removed.
6471

6572
### Changed Behavior of Known Features

_docs_operate/backbone-security-considerations.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -91,8 +91,8 @@ There is no authorization set up. So if you have the API-Key, you can access all
9191

9292
The Consumer API supports configuring quotas on different write-actions to limit how often a user can execute those. These quotas can be defined per identity. However, there are some endpoints that allow anonymous access and that therefore cannot be rate limited by quotas. These endpoints currently are:
9393

94-
- `POST /api/v1/Challenges`
95-
- `POST /api/v1/Identities`
94+
- `POST /api/v2/Challenges`
95+
- `POST /api/v2/Identities`
9696

9797
When operating the Backbone's Consumer API, you should make sure that the endpoints mentioned above are not abused by malicious users by implementing rate limiting on the network level.
9898

0 commit comments

Comments
 (0)