Consecutive authorize requests: new consent, consent extending or consent overriding? #70
Labels
feedback
A general placeholder for feedback.
Comments
|
It is my opinion that these are two independent consents. It may be that the client has registered twice with the ADR under different ids and these consents are for different tenants within the ADRs solution. If the ADR knows that these consents are for the same tenant and same accounts, then the ADR should cancel the initial consent upon generating the second consent. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hypothesis
Scenario: A Data Recipient sends an authorization request with scopes xyz, sharing_duration t1. Consumer authorizes it with account-IDs A and B. Data recipient utilizes corresponding banking APIs using the provided access token. Data recipient sends another authorization request with the same scopes xyz and same sharing_duration t2 and the same consumer authorizes it with account-IDs B and C.
What effect does the second authorization have on the first authorization?
Description
A clear and concise description of the hypothesis.
Example: Based on initial feedback Java is the most prevalent language in use within implementing organisations. In addition Java is a language where engineering resources are readily available. On this basis the project will develop it's core assets in Java and focus on delivering assets for use by industry in Java first.
Available Options
Present a list of considered options with an optional indication of what is currently preferred
Example: Initial assets from the CDS Engineering team will be produced using the Java language.
The text was updated successfully, but these errors were encountered: