Skip to content

Remove sequence diagram image in the yaml and instead refer to ICM #213

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
bigludo7 merged 4 commits into from
Aug 27, 2025
Merged

Remove sequence diagram image in the yaml and instead refer to ICM #213

Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
08dd294
Remove sequence flow diagram
bigludo7 Aug 22, 2025
2dae581
Update number-verification.yaml
bigludo7 Aug 22, 2025
b0903ef
Update number-verification.yaml
bigludo7 Aug 25, 2025
e66502b
Update number-verification.yaml
bigludo7 Aug 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 6 additions & 10 deletions code/API_definitions/number-verification.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,22 +46,18 @@ info:
It compares the received phone number with the user's phone number associated to the access token in order to respond **true/false**.
- The /device-phone-number endpoint returns the phone number associated by the network operator with the SIM in the end user's device.

# Sequence Diagram
# Implementation Details

The following sequence diagram shows an example of a direct integration into the developer's application and the API Provider's Authorization Server and API for the case that no temporary token is available.
Detailed sequence diagrams of end-to-end integration with CIBA and JWT-Bearer token flow are available in **[CAMARA-API-access-and-user-consent document](https://github.com/camaraproject/IdentityAndConsentManagement/blob/main/documentation/CAMARA-API-access-and-user-consent.md)**.

![UML Sequence Diagram](https://raw.githubusercontent.com/camaraproject/NumberVerification/r2.4/documentation/API_documentation/assets/uml_v0.3.jpg)

**Implementation Details:**

- **(1):** Authentication must be automatic without any user interactions.
- **Note1:** Authentication must be automatic without any user interactions.
Authentication methods such as SMS OTP or user/password are incompatible, as the goal is to validate the mobile phone number that is accessing the App.

The API Consumer should use the request parameter prompt=none in the Authentication Request, as described in **[OIDC Connect](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest)**, ensuring no user interaction.

The API Provider implies the request parameter prompt=none in the Authentication Request for this API.

- **(2):** The way in which the phone number is retrieved depends upon the implementation.
- **Note2:** The way in which the phone number is retrieved depends upon the implementation.
For example, the access token may be a self-contained encrypted JWT, and so the API provider can decrypt and identify phone number directly from the access token.
Other implementations might retrieve the phone number associated with the access token from their Authorization Server.

Expand All @@ -83,7 +79,7 @@ info:

As a specific rule, error `501 - NOT_IMPLEMENTED` can be only a possible error response if it is explicitly documented in the API.

version: 2.1.0-rc.1
version: wip
x-camara-commonalities: 0.6
license:
name: Apache 2.0
Expand All @@ -92,7 +88,7 @@ externalDocs:
description: Project documentation at CAMARA
url: https://github.com/camaraproject/NumberVerification
servers:
- url: '{apiRoot}/number-verification/v2rc1'
- url: '{apiRoot}/number-verification/vwip'
variables:
apiRoot:
default: http://localhost:9091
Expand Down