Re: [Architecture] Implementing consent receipt specification in WSO2 Identity Server

Hi Viduranga, I will put my attention to the changes that u have suggested. Thank you for the kind feedback. Thanks and regards, Shan Chathusanda Jayathilaka Software Engineer (Intern) WSO2 Inc. Mobile : +94702062877 Email : sh...@wso2.com LinkedIn : www.linkedin.com/in/shanchathusanda/ On

Re: [Architecture] Implementing consent receipt specification in WSO2 Identity Server

Hi all, In this mail I attached the [1]swagger hub link for the api-user-consent-management.yaml for a better view. [1]. api-user-consent-management.yaml file Thanks and regards, Shan

Re: [Architecture] Implementing consent receipt specification in WSO2 Identity Server

Hi Shan, On Wed, Dec 13, 2017 at 10:39 AM, Shan Jayathilaka wrote: > Hi all, > > In this mail I would like to present my current situation of the project. > > I implemented some features of the consent receipt generation as the > Kantara Consent Receipt specification. In here I

Re: [Architecture] Implementing consent receipt specification in WSO2 Identity Server

Hi all, In this mail I would like to present my current situation of the project. I implemented some features of the consent receipt generation as the Kantara Consent Receipt specification. In here I will explain those in details. As I mentioned in my previous mails I created a MySQL database

Re: [Architecture] Implementing consent receipt specification in WSO2 Identity Server

Hi all, First of all I would like to thank you for the kind feedbacks that you have provided and I’m very sorry for the late reply for this feedbacks. As the feedbacks provided by you, we decided to go through this kind of solution for the PII CATEGORY and the Scopes. As an example let’s take a

Re: [Architecture] Implementing consent receipt specification in WSO2 Identity Server

Hi Shan, As discussed offline, please share the current revised DB design and the assumptions we made on the things that are not certain in the specification. Also +1 for Johann's suggestion to store PII categories separately then depending on scopes. Hence you can define a separate file in

Re: [Architecture] Implementing consent receipt specification in WSO2 Identity Server

Hi all, As I am developing the consent receipt specification I have to keep the details of the consents which are provided by the users. This is the database design that I designed to store those consents. As a standard, data in a database are not deleted permanently until some time is elapsed.

Re: [Architecture] Implementing consent receipt specification in WSO2 Identity Server

Hi all, Regarding to the GDPR regulation, the users have the chance to modify the consents which they provided before for the corresponding organization. When an user requests for his/her consents, the above organization must send the corresponding consents as a consent receipt. This receipt

Re: [Architecture] Implementing consent receipt specification in WSO2 Identity Server

I think it should be the other way around. PII category is protocol agnostic. So we shouldn't store scopes in this new schema Shan is proposing. Instead PII category can be referenced along with the scopes, in registry if that's where scopes are stored. Regards, Johann. On Wed, Sep 20, 2017 at

Re: [Architecture] Implementing consent receipt specification in WSO2 Identity Server

Hi Shan, Along with these detail we save in these tables, we need to keep a mapping > to what each PII category means to WSO2 server. With our current implementation in Identity Server we maintain a scope-claim mapping in the registry level. For a scope a single or multiple claims can be

Re: [Architecture] Implementing consent receipt specification in WSO2 Identity Server

Hi Shan, Along with these detail we save in these tables, we need to keep a mapping to what each PII category means to WSO2 server. In that case we can think of a PII category as a collection of claims. In IS we already have this concept of collection of claims, where we categorize them into a