Closed CDR-API-Stream closed 2 years ago
The CDR Register API authorisation scope requirements are now corrected as follows:
API Version | Authorisation Scope |
---|---|
GetDataHolderBrands V1 | cdr-register:bank:read |
GetDataHolderBrands V2 | cdr-register:read |
Get Software Statement Assertion (SSA) V1, V2 | cdr-register:bank:read |
Get Software Statement Assertion (SSA) V3 | cdr-register:read |
This change was incorporated into release v1.17.0.
Please refer to Decision 237 for further details.
Description
Version 1.15.0 of the Register APIs introduced new API versions through issues #424 and #425. As part of this work, a new authorisation scope
cdr-register:read
was introduced for authenticated APIs.The new API versions are currently documented as requiring a union of
cdr-register:bank:read
andcdr-register:read
This is a defect and was not intended.
cdr-register:read
is intended to replacecdr-register:bank:read
for the new versions of multi-sector supported authenticated Register APIs.Area Affected
Get Data Holder Brands V2 Get Software Statement Assertion (SSA) V3
Change Proposed
Consider specifying
cdr-register:read
as the only scope required to consume these authenticated Register APIs.