Redundancy with GSMA API General Federated Call Flows document

[bigludo7]

Problem description The document https://github.com/camaraproject/IdentityAndConsentManagement/blob/main/documentation/CAMARA-API-access-and-user-consent.md is very helpful but it contains a lot of redundant information with GSMA document: https://github.com/GSMA-Open-Gateway/Open-Gateway-Documents/blob/045689e0c42478cb2e10f2829c0cbdeac8a9a184/Chapters/Chapter%2006%20proposal%201.md#api-general-federated-call-flows

It's probably not a good idea to have 2 technical document on same topic. It will be inconsistency-prone & bring confusion.

Possible evolution Have one document covering the API flows and it will be the reference.

Perhaps the CAMARA document should be expunge from the detailed flow description and refer the GSMA document and only focus around purpose & consent stuff?

Alternative solution

Additional context Same comment raised in GSMA: https://github.com/GSMA-Open-Gateway/Open-Gateway-Documents/pull/86

[sfnuser]

Hi @bigludo7,
I agree on the problem description of duplication and likely inconsistency. However, I would prefer much of the Identity and Consent Management documentation & discussions happening in CAMARA (public) than in GSMA (restricted access).

Would it be possible for GSMA to refer CAMARA docs to avoid duplication (or) could some of those GSMA document directories be made public for wider discussion?

Similar issue was raised here by @chrishowell and I am not sure we have a conclusion on that topic.

[palmerabollo]

+1 to making GSMA docs public for wider discussion and to allow cross-references. I've added some thoughts to https://github.com/GSMA-Open-Gateway/Open-Gateway-Documents/pull/86.

[jpengar]

As discussed in 17/01/2024 WG meeting call, documentation of NBI-CAMARA API interface, authZ/authN flows, Purpose/Consent management, etc... will be in CAMARA. No specific action is needed in CAMARA (flows are here already), but in GSMA a new github issue is needed to explain the agreement and create a PR in GSMA to avoid overlap, basically simplify flows by referring to CAMARA. GSMA doc will not be as detailed, but will solve overlap and need to include info in 2 places. The way forward agreed is to open issue in GSMA to do cleanup to remove duplicate parts.

[jpengar]

Issue Open-Gateway-Documents/issues/101 has been created in the GSMA repository and a new pull request will be created to avoid the existing overlap.

Created new PR #114. Add some response errors to CIBA documentation as per specification. This does not add anything "new", it is just to make sure that there is no information documented in GSMA that is missing in CAMARA.

we can keep open this issue in CAMARA until all documents in GSMA are updated. Just in case some other information needs to be added to CAMARA in the process.

[jpengar]

PR #123 created to move the GSMA Opengateway Chapter 04 Offline Access.md to CAMARA as a last step to fix this issue, taking into account PR https://github.com/camaraproject/IdentityAndConsentManagement/pull/114 as well.

[jpengar]

GSMA doc would be adapted to point to the CAMARA OIDC profile as soon as the first version is ready and merged. GSMA Opengateway will simply adopt what is defined in CAMARA OIDC profile as mentioned by them. Issue #82 will be fixed by #121. Changing label to "get fixed by PR #121"