Versions Compared

Old Version 9

changes.mady.by.user Tanja de Groot

Saved on

compared with

New Version 10

changes.mady.by.user Tanja de Groot

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Please add your questions to this page.

Table of Contents

Can we release a stable version without first doing an initial version ?

yes if

  • all release assets are available
  • there were not too many changes wrt the previous version
  • it is expected to not have any changes in the next 2 meta-releases
  • the TSC approves it 

M3: yaml info object: How to add reference to commonalities and remove 'termsOfService' and 'contact' fields ?

In your API yaml file, in the info object, under the version field, please make sure to add: x-camara-commonalities: 0.4.0

The fields `termsOfService` and `contact` shall be removed. They are put by API providers for their implementation if they so desire.

example:

info:

  title: One Time Password SMS

  description: |-

    Service Enabling Network Function API to send short-lived OTPs (one time passwords) to a phone number via SMS and validate it afterwards, in order to verify the phone number as a proof of possession.

    # Relevant  Definitions and concepts

    - **NaaS**: *Network-as-a-Service* model where Telco Network resources are exposed to third parties through APIs. In this particular API, One Time Password is exposed following this model.

    - **OTP**: *One Time password* is a one-time authorization code (OTAC) that is valid for only one login session or transaction.

    # API Functionality

    It enables a Service Provider (SP) to send an OTP code by SMS and validate it to verify the phone number (MSISDN) as a proof of possession.

    # Resources and Operations overview

    This API currently provides two endpoints, one to send an OTP to a given phone number and another to validate the code received as input.

    # Authorization and authentication

    [Camara Security and Interoperability Profile](https://github.com/camaraproject/IdentityAndConsentManagement/blob/main/documentation/CAMARA-Security-Interoperability.md) provides details on how a client requests an access token.

    Which specific authorization flows are to be used will be determined during onboarding process, happening between the API Client and the Telco Operator exposing the API, taking into account the declared purpose for accessing the API, while also being subject to the prevailing legal framework dictated by local legislation.

    It is important to remark that in cases where personal user data is processed by the API, and users can exercise their rights through mechanisms such as opt-in and/or opt-out, the use of 3-legged access tokens becomes mandatory. This measure ensures that the API remains in strict compliance with user privacy preferences and regulatory obligations, upholding the principles of transparency and user-centric data control.

  version: 1.0.0-rc.1

  x-camara-commonalities: 0.4.0

  termsOfService: http://example.com/terms/

  contact:

    name: API Support

    url: http://www.example.com/support

    email: support@example.com

  license:

    name: Apache 2.0

    url: https://www.apache.org/licenses/LICENSE-2.0.html

M3: yaml servers object: How to put the API version in the URL ?

The servers object should look like this (API Guidelines section 11.1):

servers:

  - url: '{apiRoot}/yourapiname/v0.yrc1' (for initial release or v1rc1 in case of stable release)

    variables:

      apiRoot:

        default: http://localhost:9091

        description: API root, defined by the service provider, e.g. `api.example.com` or `api.example.com/somepath`