From 4d6f9304f7ad4d7c50610f17d4cafd225b202b48 Mon Sep 17 00:00:00 2001 From: Eric Murray Date: Wed, 18 Dec 2024 10:31:49 +0000 Subject: [PATCH] Update device-reachability-status-subscriptions.yaml --- .../device-reachability-status-subscriptions.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/code/API_definitions/device-reachability-status-subscriptions.yaml b/code/API_definitions/device-reachability-status-subscriptions.yaml index 0b3ff0a..0d5823f 100644 --- a/code/API_definitions/device-reachability-status-subscriptions.yaml +++ b/code/API_definitions/device-reachability-status-subscriptions.yaml @@ -65,6 +65,18 @@ info: It is important to remark that in cases where personal user data is processed by the API, and users can exercise their rights through mechanisms such as opt-in and/or opt-out, the use of 3-legged access tokens becomes mandatory. This measure ensures that the API remains in strict compliance with user privacy preferences and regulatory obligations, upholding the principles of transparency and user-centric data control. + ### Multi-SIM scenario handling + + In multi-SIM scenarios where more than one mobile device is associated with a phone number (e.g. a smartphone with an associated smartwatch), it might not be possible to uniquely identify from that phone number the device for which reachability status updates should be provided. If the phone number is used as the device identifier when creating a subscription for a multi-SIM scenario, the API may: + - respond with an error, or + - provide status updates for the multi-SIM group as a whole, or + - provide status updates only for a single device in the multi-SIM group, which may not be the intended device. + + Possible solutions in such a scenario include: + - Using the authorisation code flow to obtain an access token, which will automatically identify the intended device + - Identifying the intended device from a unique identifier for that device, such as its source IP address and port + - Check with the SIM provider whether a unique "secondary" phone number is already associated with each device, and use the secondary phone number to identify the intended device if available. + license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html