Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rephrase description in yaml #101

Closed
AxelNennker opened this issue Apr 26, 2024 · 2 comments · Fixed by #102
Closed

Rephrase description in yaml #101

AxelNennker opened this issue Apr 26, 2024 · 2 comments · Fixed by #102
Labels
documentation Improvements or additions to documentation

Comments

@AxelNennker
Copy link
Collaborator

Problem description

  1. The description confused "user" and "subscriber".

Example re 1:
Network operators know to which user a network resource is assigned at a given moment
Network operators know to which subscriber a network resource is assigned at a given moment

The user might be the subscriber's child or any other person using the device.

  1. The term 3-legged tokenis not defined.

Expected action
Rephrase the user - subscriber text.

Either define 3-legged token or rephrase.
Clarify prompt=none and 3-legged token and user consent/privacy.
@AxelNennker AxelNennker added the documentation Improvements or additions to documentation label Apr 26, 2024
@AxelNennker AxelNennker mentioned this issue Apr 26, 2024
Merged
@mhfoo
Copy link
Collaborator

mhfoo commented Apr 26, 2024

Clarify prompt=none

Based on 3.1.2.1. Authentication Request, the prompt should be consent.

prompt
OPTIONAL. Space-delimited, case-sensitive list of ASCII string values that specifies whether the Authorization Server prompts the End-User for reauthentication and consent. The defined values are:
none
The Authorization Server MUST NOT display any authentication or consent user interface pages. An error is returned if an End-User is not already authenticated or the Client does not have pre-configured consent for the requested Claims or does not fulfill other conditions for processing the request. The error code will typically be login_required, interaction_required, or another code defined in Section 3.1.2.6. This can be used as a method to check for existing authentication and/or consent.
login
The Authorization Server SHOULD prompt the End-User for reauthentication. If it cannot reauthenticate the End-User, it MUST return an error, typically login_required.
consent
The Authorization Server SHOULD prompt the End-User for consent before returning information to the Client. If it cannot obtain consent, it MUST return an error, typically consent_required.
select_account
The Authorization Server SHOULD prompt the End-User to select a user account. This enables an End-User who has multiple accounts at the Authorization Server to select amongst the multiple accounts that they might have current sessions for. If it cannot obtain an account selection choice made by the End-User, it MUST return an error, typically account_selection_required.

@AxelNennker
Copy link
Collaborator Author

Sorry, I did not mean to clarify "prompt=none" per se but the relationship to privacy and consent

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

clarify description in yaml file camaraproject/NumberVerification
2 participants
@AxelNennker @mhfoo