...

This process describes adding an additional authentication method to an existing person, update authentication method and delete it.

Specification

...

Dictionaries

• AUTHENTICATION_METHOD

• DOCUMENT_TYPE

Request structure

See on Apiary

...

Request to process the request using a token in the headers.

Headers

Наприклад:

Content-Type:application/json

Authorization:Bearer c2778f3064753ea70de870a53795f5c9{{access_token}}

api-key:uXhEczJ56adsfh3Ri9SUkc4en{{secret}}

Request data validation

Validate request

...

1. Field type must be THIRD_PERSON. (where person_auth_method.id = $authentication_method.id)

   1. check this auth_method is not primary

   2. auth_method_current != null (null is set if MPI.person_auth_methods.ended_at <= now())

if action = update

1. validate authentication_methods.id belong to this person. Search auth method of this person where  MPI.person_authentication_method.person_id = $.person.id

   1. in case error return 422, "such authentication method does not belong to this person"

2. alias is required.

3. auth_method_current != null (null is set if MPI.person_auth_methods.ended_at <= now())

if action = insert

1. if type = OTP ,

   1. phone_number is required and value shouldn’t be set. And field alias is optional.

   2. validate that person.age >global_parameters.no_self_auth_age

   3. Verificate that il.authentication_method_request.authentication_method.phone_number is in DB.VERIFICATION.VERIFIED_PHONES

2. if type = OFFLINE ,

   1. phone_numberand value shouldn’t be set . And field alias is optional.

   2. validate that person.age > global_parameters.no_self_auth_age

   3. auth_method_current != OFFLINE

      1. error - "Person already has auth method OFFLINE"

   4. auth_method_current = OTP ( if config AUTH_REQUEST_SECURITY_REDUCTION = False)

      1. error - Person cannot set OFFLINE auth method if person had OTP

3. if type = THIRD_PERSON,

   1. value ,phone_number, alias are required.

   2. Validate phone_number with mpi.person_auth_method.phone_number where mpi.person_auth_method.person_id = auth_method_request.authentication_method.value

   3. auth_method_current != null (null is set if MPI.person_auth_methods.ended_at <= now())

   4. if config THIRD_PERSON_OFFLINE = False - validate that third_person has self method = OTP, else:

      1. error THIRD PERSON can't have OFFLINE self auth method type

...

1. validate person.id is UUID

   • in case error return 422

2. search person by person.id in MPI 

   • in case error return 422, "such person doesn't exist"

3. search person by person.id in MPI 

   • in case error return 422, "third person must be active"

4. search third_person.age > prm.global_parameters.no_self_auth_age years:

   • in case error return 422, "third person must be adult"

5. validate third_person.auth_method != (MPI.person_auth_methods.ended_at <= now())

   • in case error return 422, "third person must has auth method OTP or OFFLINE"

6. validate that person hasn’t this third_person isn’t already as third_person

...

Set default auth method of person on IL.auth_method_request.auth_method_current - use function in mpi, that return primary auth method.

• Validate that auth_method_current != null (null is set if MPI.person_auth_methods.ended_at <= now()) if

  • action = deactivate

  • action = update

  • action = insert and type= THIRD_PERSON and person.age>no_self_auth_method

• else errror - “Person can't be authorized with NA authentication method “

...

{
  "meta": {
    "code": "422",
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "error": {
    "type": "unverified",
    "message": "Unverified phone number"
  }
}

Post-processing processes

API paragraph not found

HTTP status codes

...