Hi Darshana, On Thu, Feb 1, 2018 at 5:42 PM, Darshana Gunawardana <darsh...@wso2.com> wrote:
> > On Thu, Feb 1, 2018 at 5:13 PM, Isura Karunaratne <is...@wso2.com> wrote: > >> Hi Darshana, >> >> On Thu, Feb 1, 2018 at 3:39 PM, Darshana Gunawardana <darsh...@wso2.com> >> wrote: >> >>> Hi Isura, >>> >>> How these concents are handled with state changes of related entities? >>> >>> For example, >>> > user delete >>> > sp delete >>> >>> This should be handled through a user operation event listener or event >> handler. >> > > Yes. So are we going to have relavent implementations with this feature? > As the API is not specific to a product these scenarios should be handled as a part of integrating the feature to the product. We will handle these cases during the integration effort for product IS. > > Can there be any other cases similar to above? > Apart from the above scenarios, user store removal and tenant deactivation are 2 such cases. However, revoking consents for tenant deactivation is something we have to think a bit more as we can reactivate the tenants and once that it done, the consents will no longer be active. > > Thanks, > >> Isura. >> >>> >>> Thanks, >>> >>> On Wed, Jan 10, 2018 at 1:58 PM, Isura Karunaratne <is...@wso2.com> >>> wrote: >>> >>>> On Wed, Jan 10, 2018 at 12:44 PM, Godwin Shrimal <god...@wso2.com> >>>> wrote: >>>> >>>>> Hi Isuru, >>>>> >>>>> Please see below few suggestions. >>>>> >>>>> 1. API name of the Purpose Category (/pcategories) is not readable. >>>>> Why don't we use it as */**purpose-categories* ? >>>>> 2. What is /*category*/{purposeCategoryId} API ? It shows API name >>>>> as /*category. *I think it should be renamed as below (According to >>>>> the suggestion in #1) >>>>> /*purpose-categories*/{purposeCategoryId} >>>>> >>>>> 3. Change API /piicategories as /*pii-categories* since pii and >>>>> categories are two words. >>>>> 4. Change API /piicategory/{piiCategoryId} as /*pii-categories* >>>>> /{piiCategoryId} >>>>> >>>> >>>> +1. Modified the definition according to the suggestions. [1] >>>> >>>> [1] https://app.swaggerhub.com/apis/consent/Approval-Consent/1.0.0 >>>> >>>> Thanks >>>> Isura. >>>> >>>>> >>>>> Thanks >>>>> Godwin >>>>> >>>>> >>>>> On Wed, Jan 10, 2018 at 1:54 PM, Isura Karunaratne <is...@wso2.com> >>>>> wrote: >>>>> >>>>>> Hi Malithi / all, >>>>>> >>>>>> The updated API definition can be found in [1]. >>>>>> >>>>>> [1] https://app.swaggerhub.com/apis/consent/Approval-Consent/1.0.0 >>>>>> >>>>>> Thanks >>>>>> Isura. >>>>>> >>>>>> On Tue, Jan 9, 2018 at 10:46 PM, Malithi Edirisinghe < >>>>>> malit...@wso2.com> wrote: >>>>>> >>>>>>> Hi All, >>>>>>> >>>>>>> Noted below under revoke API definition >>>>>>> /consents/user/{piiPrincipalId}/ >>>>>>> >>>>>>> piiprincipalID seems to be a field of the consent object. Shouldn't >>>>>>> this be a defined over a filter from piiPrincipalId attribute. >>>>>>> >>>>>>> Same applies to below I think. >>>>>>> /consents/service/{serviceId}/ >>>>>>> >>>>>>> Moreover, add consents returns the consent receipt right. Or receipt >>>>>>> is an embedded resource of the consent ? Is there a specific reason to >>>>>>> specifically mention the receipt as a separate resource when retrieving >>>>>>> and >>>>>>> revoking >>>>>>> /consents/receipt/{receiptId} >>>>>>> >>>>>>> Thanks, >>>>>>> Malithi >>>>>>> >>>>>>> On Tue, Jan 9, 2018 at 4:57 PM, Rushmin Fernando <rush...@wso2.com> >>>>>>> wrote: >>>>>>> >>>>>>>> IMO we are exposing the internal implementation here. >>>>>>>> >>>>>>>> The reason why we use PUT is, the record is being updated with the >>>>>>>> new state. >>>>>>>> >>>>>>>> But from the API users POV the consent is revoked and it doesn't >>>>>>>> exist anymore. >>>>>>>> >>>>>>>> So I believe that we should go with DELETE. >>>>>>>> >>>>>>>> [1] and [2] are some examples. >>>>>>>> >>>>>>>> [1] - https://developer.github.com/v3/oauth_authorizations/#revo >>>>>>>> ke-a-grant-for-an-application >>>>>>>> >>>>>>>> [2] - https://developers.facebook.com/docs/facebook-login/permis >>>>>>>> sions/requesting-and-revoking >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Tue, Jan 9, 2018 at 2:23 PM, Godwin Shrimal <god...@wso2.com> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Agree with Ruwan. Since we are updating an existing resource here, >>>>>>>>> +1 to use PUT. >>>>>>>>> >>>>>>>>> >>>>>>>>> Thanks >>>>>>>>> Godwin >>>>>>>>> >>>>>>>>> On Tue, Jan 9, 2018 at 3:31 PM, Ruwan Abeykoon <ruw...@wso2.com> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Tue, Jan 9, 2018 at 1:58 PM, Ishara Karunarathna < >>>>>>>>>> isha...@wso2.com> wrote: >>>>>>>>>> >>>>>>>>>>> HI, >>>>>>>>>>> >>>>>>>>>>> On Tue, Jan 9, 2018 at 1:51 PM, Omindu Rathnaweera < >>>>>>>>>>> omi...@wso2.com> wrote: >>>>>>>>>>> >>>>>>>>>>>> Hi Ishara/Ruwan/Godwin, >>>>>>>>>>>> >>>>>>>>>>>> The revoke operation is an UPDATE in a DB level (changes the >>>>>>>>>>>> state of the consent from APPROVED to REVOKED). We used a POST for >>>>>>>>>>>> consent >>>>>>>>>>>> revocation following the convention we have in oauth token revoke >>>>>>>>>>>> spec [1]. >>>>>>>>>>>> Would it still make sense to have a DELETE for the revoke >>>>>>>>>>>> operation ? >>>>>>>>>>>> >>>>>>>>>>> In this case you can't use DELETE operation since it does not >>>>>>>>>>> delete the resource. Here you can use POST to revoke endpoint. >>>>>>>>>>> >>>>>>>>>> +1 >>>>>>>>>> >>>>>>>>>> We can not use >>>>>>>>>> POST /consents/{consentReceiptId}/revoke >>>>>>>>>> >>>>>>>>>> It should be >>>>>>>>>> PUT with delta. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> -Ishara >>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> [1] - https://tools.ietf.org/html/rfc7009 >>>>>>>>>>>> >>>>>>>>>>>> On Tue, Jan 9, 2018 at 1:44 PM, Godwin Shrimal <god...@wso2.com >>>>>>>>>>>> > wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Hi Ruwan, >>>>>>>>>>>>> >>>>>>>>>>>>> AFAIU this is not deleting the consent but revoking (changing >>>>>>>>>>>>> state as revoke). So it would be >>>>>>>>>>>>> >>>>>>>>>>>>> POST /consents/{consentReceiptId}/revoke >>>>>>>>>>>>> >>>>>>>>>>>>> Thanks >>>>>>>>>>>>> Godwin >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> On Tue, Jan 9, 2018 at 3:05 PM, Ruwan Abeykoon < >>>>>>>>>>>>> ruw...@wso2.com> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Hi all, >>>>>>>>>>>>>> If we follow the REST, it would be >>>>>>>>>>>>>> >>>>>>>>>>>>>> DELETE /consents/{consentReceiptId} >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> Cheers, >>>>>>>>>>>>>> Ruwan >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Tue, Jan 9, 2018 at 12:34 PM, Godwin Shrimal < >>>>>>>>>>>>>> god...@wso2.com> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks for the response Isura. I am not clear about the >>>>>>>>>>>>>>> filtering you mentioned above. Can you please explain it using >>>>>>>>>>>>>>> an example? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> If you are planning to have an API to revoke the whole >>>>>>>>>>>>>>> consent at once. API should be as follows. Right? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> /consents/{consentReceiptId}/revoke >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>> Godwin >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Tue, Jan 9, 2018 at 1:52 PM, Isura Karunaratne < >>>>>>>>>>>>>>> is...@wso2.com> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Hi Godwin, >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> On Tue, Jan 9, 2018 at 10:45 AM, Godwin Shrimal < >>>>>>>>>>>>>>>> god...@wso2.com> wrote: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Hi Isuru, >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Can't we use consentId to remove the consent without >>>>>>>>>>>>>>>>> sending a request payload like below? >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> /consents/{consentid}/revoke >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> In real use-cases, we need to filter user consents based on >>>>>>>>>>>>>>>> following parameters and then needs to be revoked. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> - piiPrincipalId >>>>>>>>>>>>>>>> - piiCategory >>>>>>>>>>>>>>>> - tenantDomain >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> However, it will be better to have an API to revoke the >>>>>>>>>>>>>>>> whole consent at once. So, we will add a revoke API as follows, >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> /consents/revoke/{consentReceiptId} >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>>> Isura. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>>>> Godwin >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> On Mon, Jan 8, 2018 at 8:57 PM, Isura Karunaratne < >>>>>>>>>>>>>>>>> is...@wso2.com> wrote: >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Hi all, >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Consent Management is an import aspect for GDPR >>>>>>>>>>>>>>>>>> compliancy and it will be a major feature of IS 5.5.0. >>>>>>>>>>>>>>>>>> Following is the API >>>>>>>>>>>>>>>>>> definitions of consent management APIs for IS 5.5.0 [1]. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> The API is designed to support following operations and >>>>>>>>>>>>>>>>>> the consent receipt structure is defined based on the consent >>>>>>>>>>>>>>>>>> receipt specification [2]. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> - Add Consent >>>>>>>>>>>>>>>>>> - Search/List consents >>>>>>>>>>>>>>>>>> - Get Consent >>>>>>>>>>>>>>>>>> - Revoke Consent >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> *These APIs will be secured through generic >>>>>>>>>>>>>>>>>> Authentication and Authorization valve described in [3].* >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Following is a sample ConsentReceipt based on the >>>>>>>>>>>>>>>>>> specification. According to the spec, the receipt is >>>>>>>>>>>>>>>>>> generated with one or >>>>>>>>>>>>>>>>>> more piiCategory. (Personally Identifiable Information >>>>>>>>>>>>>>>>>> Category). In >>>>>>>>>>>>>>>>>> Identity Server perspective, one piiCategory may contain one >>>>>>>>>>>>>>>>>> or more user >>>>>>>>>>>>>>>>>> attributes. So, we have to implement a way to map attributes >>>>>>>>>>>>>>>>>> to >>>>>>>>>>>>>>>>>> piiCategory. (Through a rest API) >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> { >>>>>>>>>>>>>>>>>> "version": "KI-CR-v1.1.0", >>>>>>>>>>>>>>>>>> "jurisdiction": "DW", >>>>>>>>>>>>>>>>>> "consentTimestamp": 1510592400, >>>>>>>>>>>>>>>>>> "collectionMethod": "Web Subscription Form with opt-in for >>>>>>>>>>>>>>>>>> marketing", >>>>>>>>>>>>>>>>>> "consentReceiptID": "c1befd3e-b7e5-4ea6-8688-e9a565aade21", >>>>>>>>>>>>>>>>>> "publicKey": >>>>>>>>>>>>>>>>>> "04:a3:1d:40:53:f0:4b:f1:f9:1b:b2:3a:83:a9:d1:\r\n40:02:cc: >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> 31:b6:4a:77:bf:5e:a0:db:4f:ea:d2:07:\r\nc4:23:57:6f:83:2c:3d:3e: >>>>>>>>>>>>>>>>>> 8d:e7:02:71:60:54:01:\r\nf4:6a:fb:a2:1e:8b:42:53:33:78:68:d9:7d: >>>>>>>>>>>>>>>>>> 5e:b2:\r\ncc:0b:f8:a1:bf", >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "language": "en", >>>>>>>>>>>>>>>>>> "piiPrincipalId": "Bowden Jeffries", >>>>>>>>>>>>>>>>>> "piiControllers": [ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> { >>>>>>>>>>>>>>>>>> "piiController": "Ankh-Morpork Times", >>>>>>>>>>>>>>>>>> "contact": "William De Worde", >>>>>>>>>>>>>>>>>> "address": { >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "streetAddress": "Gleam Street", >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "addressCountry": "DW" >>>>>>>>>>>>>>>>>> }, >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "email": "will...@times.ankh-morpork.xyz", >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "phone": "(555) 555-DISC (3429)" >>>>>>>>>>>>>>>>>> } >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> ], >>>>>>>>>>>>>>>>>> "policyUrl": "https://times.ankh-morpork.xzy/privacy_2017", >>>>>>>>>>>>>>>>>> "services": [ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> { >>>>>>>>>>>>>>>>>> "service": "Digital Subscription and News Alerts", >>>>>>>>>>>>>>>>>> "purposes": [ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> { >>>>>>>>>>>>>>>>>> "purpose": "To provide contracted services", >>>>>>>>>>>>>>>>>> "purposeCategory": [ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "2 - Contracted Service" >>>>>>>>>>>>>>>>>> ], >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "consentType": "EXPLICIT", >>>>>>>>>>>>>>>>>> "piiCategory": [ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "1 - Biographical", >>>>>>>>>>>>>>>>>> "2 - Contact", >>>>>>>>>>>>>>>>>> "4 - Communications/Social", >>>>>>>>>>>>>>>>>> "7 - Financial" >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> ], >>>>>>>>>>>>>>>>>> "primaryPurpose": true, >>>>>>>>>>>>>>>>>> "termination": "Subscription end date + 1 year", >>>>>>>>>>>>>>>>>> "thirdPartyDisclosure": true, >>>>>>>>>>>>>>>>>> "thirdPartyName": "The Ankh-morpork Deadbeat Debt >>>>>>>>>>>>>>>>>> Collectors >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Society" }, >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> { >>>>>>>>>>>>>>>>>> "purpose": "To personalize service experience", >>>>>>>>>>>>>>>>>> "purposeCategory": [ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "5 - Personalize Experience" >>>>>>>>>>>>>>>>>> ], >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "consentType": "EXPLICIT", >>>>>>>>>>>>>>>>>> "piiCategory": [ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "1 - Biographical", >>>>>>>>>>>>>>>>>> "2 - Contact", >>>>>>>>>>>>>>>>>> "4 - Communications/Social" >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> ], >>>>>>>>>>>>>>>>>> "primaryPurpose": false, >>>>>>>>>>>>>>>>>> "termination": "Subscription end date + 1 year", >>>>>>>>>>>>>>>>>> "thirdPartyDisclosure": false >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> }, { >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "purpose": "To market services", >>>>>>>>>>>>>>>>>> "purposeCategory": [ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "6 - Marketing" >>>>>>>>>>>>>>>>>> ], >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "consentType": "EXPLICIT", >>>>>>>>>>>>>>>>>> "piiCategory": [ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "2 - Contact" >>>>>>>>>>>>>>>>>> ], >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "primaryPurpose": false, >>>>>>>>>>>>>>>>>> "termination": "Subscription end date + 1 year", >>>>>>>>>>>>>>>>>> "thirdPartyDisclosure": false, >>>>>>>>>>>>>>>>>> "thirdPartyName": "DiscWorld Octarine Programmatic Ad >>>>>>>>>>>>>>>>>> Agency" >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> }, { >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "purpose": "Complying with legal obligations", >>>>>>>>>>>>>>>>>> "purposeCategory": [ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "12 - Legally Required Data Retention", >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "13 - Required by Law Enforcement or Government" >>>>>>>>>>>>>>>>>> ], >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "consentType": "N/A", >>>>>>>>>>>>>>>>>> "piiCategory": [ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "1 - Biographical", >>>>>>>>>>>>>>>>>> "2 - Contact", >>>>>>>>>>>>>>>>>> "4 - Communications/Social", >>>>>>>>>>>>>>>>>> "7 - Financial" >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> ], >>>>>>>>>>>>>>>>>> "primaryPurpose": false, >>>>>>>>>>>>>>>>>> "termination": "N/A", >>>>>>>>>>>>>>>>>> "thirdPartyDisclosure": true, >>>>>>>>>>>>>>>>>> "thirdPartyName": "Requesting legal authority" >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> } ] >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> } ], >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "sensitive": true, >>>>>>>>>>>>>>>>>> "spiCat": [ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "1 - Biographical", >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> "7 - Financial" >>>>>>>>>>>>>>>>>> ] >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> } >>>>>>>>>>>>>>>>>> *One of the concerns we have is, whether the PII >>>>>>>>>>>>>>>>>> controller values should be treated per SP, Tenant or >>>>>>>>>>>>>>>>>> Globally?* >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> PII controller definition is as follows, >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> *PII Controller* >>>>>>>>>>>>>>>>>>> *Name of the first PII(Personally Identifiable >>>>>>>>>>>>>>>>>>> Information) Controller who collects the data. This entity >>>>>>>>>>>>>>>>>>> is accountable >>>>>>>>>>>>>>>>>>> for compliance with the management of PII. The PII >>>>>>>>>>>>>>>>>>> Controller determines >>>>>>>>>>>>>>>>>>> the purpose(s) and type(s) of PII processing. There may be >>>>>>>>>>>>>>>>>>> more than one >>>>>>>>>>>>>>>>>>> PII Controller for the same set(s) of operations performed >>>>>>>>>>>>>>>>>>> on the PII, in >>>>>>>>>>>>>>>>>>> which case the different PII Controllers SHOULD be listed. >>>>>>>>>>>>>>>>>>> For Sensitive >>>>>>>>>>>>>>>>>>> PII, the PII Controller MUST be specified with legally >>>>>>>>>>>>>>>>>>> required explicit >>>>>>>>>>>>>>>>>>> notice to the PII Principal. This field MUST contain a >>>>>>>>>>>>>>>>>>> non-empty string.* >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Your inputs are highly appreciated. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>>>>> Isura. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> [1] https://app.swaggerhub.com/api >>>>>>>>>>>>>>>>>> s/consent/Approval-Consent/1.0.0 >>>>>>>>>>>>>>>>>> [2] https://kantarainitiative. >>>>>>>>>>>>>>>>>> org/confluence/download/attach >>>>>>>>>>>>>>>>>> ments/76447870/Consent%20Receipt%20Specification%201_1_0% >>>>>>>>>>>>>>>>>> 20DRAFT%207%20clean.docx?versi >>>>>>>>>>>>>>>>>> on=2&modificationDate=1511391031000&api=v2 >>>>>>>>>>>>>>>>>> [3] "[Architecture] Authentication and Authorization for >>>>>>>>>>>>>>>>>> Rest APIs in Carbon Products" >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> *Isura Dilhara Karunaratne* >>>>>>>>>>>>>>>>>> Associate Technical Lead | WSO2 >>>>>>>>>>>>>>>>>> Email: is...@wso2.com >>>>>>>>>>>>>>>>>> Mob : +94 772 254 810 <+94%2077%20225%204810> >>>>>>>>>>>>>>>>>> Blog : http://isurad.blogspot.com/ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>> *Godwin Amila Shrimal* >>>>>>>>>>>>>>>>> Associate Technical Lead >>>>>>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> mobile: *+94772264165* >>>>>>>>>>>>>>>>> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ >>>>>>>>>>>>>>>>> <https://www.linkedin.com/in/godwin-amila-2ba26844/>* >>>>>>>>>>>>>>>>> twitter: https://twitter.com/godwinamila >>>>>>>>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> *Isura Dilhara Karunaratne* >>>>>>>>>>>>>>>> Associate Technical Lead | WSO2 >>>>>>>>>>>>>>>> Email: is...@wso2.com >>>>>>>>>>>>>>>> Mob : +94 772 254 810 <+94%2077%20225%204810> >>>>>>>>>>>>>>>> Blog : http://isurad.blogspot.com/ >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> *Godwin Amila Shrimal* >>>>>>>>>>>>>>> Associate Technical Lead >>>>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> mobile: *+94772264165* >>>>>>>>>>>>>>> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ >>>>>>>>>>>>>>> <https://www.linkedin.com/in/godwin-amila-2ba26844/>* >>>>>>>>>>>>>>> twitter: https://twitter.com/godwinamila >>>>>>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>>>> Dev mailing list >>>>>>>>>>>>>>> Dev@wso2.org >>>>>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> >>>>>>>>>>>>>> *Ruwan Abeykoon* >>>>>>>>>>>>>> *Associate Director/Architect**,* >>>>>>>>>>>>>> *WSO2, Inc. http://wso2.com <https://wso2.com/signature> * >>>>>>>>>>>>>> *lean.enterprise.middleware.* >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> *Godwin Amila Shrimal* >>>>>>>>>>>>> Associate Technical Lead >>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>> >>>>>>>>>>>>> mobile: *+94772264165* >>>>>>>>>>>>> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ >>>>>>>>>>>>> <https://www.linkedin.com/in/godwin-amila-2ba26844/>* >>>>>>>>>>>>> twitter: https://twitter.com/godwinamila >>>>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>>>> >>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>> Dev mailing list >>>>>>>>>>>>> Dev@wso2.org >>>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> Omindu Rathnaweera >>>>>>>>>>>> Senior Software Engineer, WSO2 Inc. >>>>>>>>>>>> Mobile: +94 771 197 211 <+94%2077%20119%207211> >>>>>>>>>>>> >>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>> Dev mailing list >>>>>>>>>>>> Dev@wso2.org >>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> Ishara Karunarathna >>>>>>>>>>> Technical Lead >>>>>>>>>>> WSO2 Inc. - lean . enterprise . middleware | wso2.com >>>>>>>>>>> >>>>>>>>>>> email: isha...@wso2.com, blog: isharaaruna.blogspot.com, >>>>>>>>>>> mobile: +94717996791 <+94%2071%20799%206791> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Architecture mailing list >>>>>>>>>>> architect...@wso2.org >>>>>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> >>>>>>>>>> *Ruwan Abeykoon* >>>>>>>>>> *Associate Director/Architect**,* >>>>>>>>>> *WSO2, Inc. http://wso2.com <https://wso2.com/signature> * >>>>>>>>>> *lean.enterprise.middleware.* >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> _______________________________________________ >>>>>>>>>> Architecture mailing list >>>>>>>>>> architect...@wso2.org >>>>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> *Godwin Amila Shrimal* >>>>>>>>> Associate Technical Lead >>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>> lean.enterprise.middleware >>>>>>>>> >>>>>>>>> mobile: *+94772264165* >>>>>>>>> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ >>>>>>>>> <https://www.linkedin.com/in/godwin-amila-2ba26844/>* >>>>>>>>> twitter: https://twitter.com/godwinamila >>>>>>>>> <http://wso2.com/signature> >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> Architecture mailing list >>>>>>>>> architect...@wso2.org >>>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> *Best Regards* >>>>>>>> >>>>>>>> *Rushmin Fernando* >>>>>>>> *Technical Lead* >>>>>>>> >>>>>>>> WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware >>>>>>>> >>>>>>>> mobile : +94775615183 >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Dev mailing list >>>>>>>> Dev@wso2.org >>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> *Malithi Edirisinghe* >>>>>>> Associate Technical Lead >>>>>>> WSO2 Inc. >>>>>>> >>>>>>> Mobile : +94 (0) 718176807 >>>>>>> malit...@wso2.com >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Dev mailing list >>>>>>> Dev@wso2.org >>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> >>>>>> *Isura Dilhara Karunaratne* >>>>>> Associate Technical Lead | WSO2 >>>>>> Email: is...@wso2.com >>>>>> Mob : +94 772 254 810 <+94%2077%20225%204810> >>>>>> Blog : http://isurad.blogspot.com/ >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Architecture mailing list >>>>>> architect...@wso2.org >>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> *Godwin Amila Shrimal* >>>>> Associate Technical Lead >>>>> WSO2 Inc.; http://wso2.com >>>>> lean.enterprise.middleware >>>>> >>>>> mobile: *+94772264165* >>>>> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ >>>>> <https://www.linkedin.com/in/godwin-amila-2ba26844/>* >>>>> twitter: https://twitter.com/godwinamila >>>>> <http://wso2.com/signature> >>>>> >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> architect...@wso2.org >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>> >>>> >>>> >>>> -- >>>> >>>> *Isura Dilhara Karunaratne* >>>> Associate Technical Lead | WSO2 >>>> Email: is...@wso2.com >>>> Mob : +94 772 254 810 <+94%2077%20225%204810> >>>> Blog : http://isurad.blogspot.com/ >>>> >>>> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>> -- >>> Regards, >>> >>> >>> *Darshana Gunawardana*Technical Lead >>> WSO2 Inc.; http://wso2.com >>> >>> *E-mail: darsh...@wso2.com <darsh...@wso2.com>* >>> *Mobile: +94718566859 <+94%2071%20856%206859>*Lean . Enterprise . >>> Middleware >>> >> >> >> >> -- >> >> *Isura Dilhara Karunaratne* >> Associate Technical Lead | WSO2 >> Email: is...@wso2.com >> Mob : +94 772 254 810 <+94%2077%20225%204810> >> Blog : http://isurad.blogspot.com/ >> >> >> >> -- > Regards, > > > *Darshana Gunawardana*Technical Lead > WSO2 Inc.; http://wso2.com > > *E-mail: darsh...@wso2.com <darsh...@wso2.com>* > *Mobile: +94718566859 <+94%2071%20856%206859>*Lean . Enterprise . > Middleware > > _______________________________________________ > Architecture mailing list > architect...@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > Regards, Omindu. -- Omindu Rathnaweera Senior Software Engineer, WSO2 Inc. Mobile: +94 771 197 211 <+94%2077%20119%207211>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev