...
This WS designed to deactivate Authentication method
Specification
Authorization
Verify the validity of access token
Return (401, 'Invalid access token') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'Invalid access token')
Check user scopes in order to perform this action (scope = 'authentication_method_request:deactivate_pis')
Return (403, 'Your scope does not allow to access this resource. Missing allowances: authentication_method:deactivate_pis') in case of invalid scope(s)
Check that token contains person_id
in case of error - return (401, 'Invalid access token')
...
If equals - check that person must not be authorized by confidant person, so it doesn’t correspond to following rules:
persons age < no_self_registration_age global parameter;
persons age between no_self_registration_age and person_full_legal_capacity_age global parameters and person does not have document with type from PIS_PERSON_LEGAL_CAPACITY_DOCUMENT_TYPES config parameter;
persons age > person_full_legal_capacity_age global parameter and exists at least one active and approved confidant person relationship for person (using following process /wiki/spaces/PCAB/pages/17415995422 Check confidant person relationship with person_id = person from request - expected
:ok, :approvedresponse)In case of error - return 409 (‘Request must be authorized by confidant person’)
If not equal - validate relationship with following steps:
Check that there is registered relationship between
person_idandapplicant_person_id(MPI.confidant_person_relationships)Check that relationship is VERIFIED
In case of error - return 409 (‘Can’t confirm relationship’)
Check that
applicant_person_idexists (status = 'active' & is_active = 'true') and has verification_status any butNOT_VERIFIEDIn case of error - return 409 (‘Confidant person not found or is not verified’)
...