Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove public-facing API calls #40

Closed
peacekeeper opened this issue Jan 20, 2020 · 5 comments
Closed

Remove public-facing API calls #40

peacekeeper opened this issue Jan 20, 2020 · 5 comments

Comments

@peacekeeper
Copy link
Member

This is meant to be an internal API used to integrate VC issuing capabilities with an existing backend system such as CRM, etc. This should not contain any operations for interacting directly with a VC Holder. The API however does currently contain two such operations:

  • GET on /credential/{credentialReference}/status: Retrieves the credential status and returns it in the response body.
  • POST on /credential/{credentialReference}/refresh: Refreshes a credential and returns it in the response body.

These should be removed.
@kimdhamilton
Copy link
Contributor

They seem reasonable to keep as internal apis...did you mean remove completely or switch to internal?

@peacekeeper
Copy link
Member Author

Interesting, I haven't thought about this. I guess you're right, we could keep them and simply mark as internal instead of public!

@kimdhamilton kimdhamilton reopened this Aug 14, 2020
@kimdhamilton kimdhamilton reopened this Aug 14, 2020
@kimdhamilton kimdhamilton transferred this issue from w3c-ccg/vc-issuer-http-api Aug 14, 2020
OR13 pushed a commit that referenced this issue Sep 18, 2020
@peacekeeper
Update Danube Tech endpoints and samples (#40)
74ee42b 
* Fix Danube Tech endpoints.

* Accept both application/json and application/ld+json MIME types.

* Update Danube Tech PRC example.

* Update test report and Danube Tech data.

* Remove Danube Tech specific hack for Verifier API.
msporny pushed a commit that referenced this issue Jul 25, 2021
@peacekeeper
Update Danube Tech endpoints and samples (#40)
b36316a 
* Fix Danube Tech endpoints.

* Accept both application/json and application/ld+json MIME types.

* Update Danube Tech PRC example.

* Update test report and Danube Tech data.

* Remove Danube Tech specific hack for Verifier API.
@OR13
Copy link
Contributor

OR13 commented Jul 27, 2021

This issue is stale, and has already been implemented.... this issue should be closed.

@msporny
Copy link
Contributor

msporny commented Jul 27, 2021

This was discussed on the 2021-07-27 call.

Comments made included:

  • In general, there should be authorization on every endpoint.
  • Internal vs. external is not a good indicator of anything.
  • We need a better description related to what this issue is getting at and are leaving this issue open until either 1) the original issuer submitter opens a new, more specific issue, or 2) 30 days elapse, at which point the issue will be closed.

@brianorwhatever brianorwhatever mentioned this issue Jul 27, 2021
Closed
@msporny
Copy link
Contributor

msporny commented Mar 20, 2022

30 days elapse, at which point the issue will be closed.

This has happened, closing.

@msporny msporny closed this as completed Mar 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@msporny @peacekeeper @kimdhamilton @OR13