Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixes bugs on user stories + improve them #125

Merged
merged 1 commit into from
Jul 31, 2024
Merged

Fixes bugs on user stories + improve them #125

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 4 additions & 6 deletions documentation/API_documentation/NumberVerification_verify_User_Story.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,8 @@
| **Item** | **Details** |
| ---- | ------- |
| ***Summary*** | As an enterprise application developer, I want to verify the phone number associated with the phone from which the call was made, so I can get a proof of possession of the phone number. |

| ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator<br> **Actors:** Application service providers, hyperscalers, application developers, end users, Communication Service Provider (CSP). <br> **Scope:** <br> - Verifies if the specified phone number (plain text or hashed format) matches the one that the user is currently using. |
| ***Pre-conditions*** |The preconditions are listed below:<br><ol><li>The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.</li><li>The Customer:BusinessManager has successfully subscribed to the Number Verification product from the product catalog.</li><li>The Customer:Administrator has onboarded the Customer:User to the platform.</li><li>The Customer:User performs an authorization request to CSP.</li><li> The CSP checks access & user approval then provide access token to the Customer:User </li><li> The Customer:User get the access token based on network authentication to ensure secure access of the API.|

| ***Activities/Steps*** | **Starts when:** The customer application makes a POST verify via the number verification API providing in the request the phone number provided by the user on the application. This input could be hashed or plain.<br>**Ends when:** The Number Verification Server responds to confirm whether the provided phone number matches the device from which the request was initiated or not. |
| ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator<br>, end-user, Communication Service Provider (CSP), Channel Partner **Actors:** Application service providers, hyperscalers, aggregator, application developers, end users, Communication Service Provider (CSP). <br> **Scope:** <br> - Verifies if the specified phone number (plain text or hashed format) matches the one that the user is currently using. |
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.


is needed before actors

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CSP is both role and actor. not sure what does this mean.

| ***Pre-conditions*** |The preconditions are listed below:<br><ol><li>The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform via (or not) a Channel Partner.</li><li>The Customer:BusinessManager has successfully subscribed to the Number Verification product from the product catalog.</li><li>The Customer:Administrator has onboarded the Customer:User to the CSP API platform via (or not) a Channel Partner.</li><li>The Customer:User performs an authorization request to CSP.</li><li> The CSP checks access & user approval then provide access token to the Customer:User </li><li> The Customer:User get the access token, via (or not) the Channel Partner, based on network authentication to ensure secure access of the API.|
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"user approval" - "end-user" approval? At least we this is how the role is called above.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"from the product catalog" -> "from the the CSP's product catalog via (or not) a Channel Partner"

| ***Activities/Steps*** | **Starts when:** The customer application makes a POST verify via the number verification API providing in the request the phone number provided by the user on the application. This request could be done via (or not) the Channel Partner. This input could be hashed or plain.<br>**Ends when:** The Number Verification Server responds to confirm whether the provided phone number matches the device from which the request was initiated or not. |
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"customer application" should be replaced with a Customer:User

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I assume that "user on the application" is the end-user (otherwise this is a new role)

| ***Post-conditions*** | The customer application could continue offering its service to the user with the confirmation of the user phone number. |
| ***Exceptions*** | Several exceptions might occur during the Number Verification API operations<br>- Unauthorized: Not valid credentials (e.g. use of already expired access token).<br>- Invalid input: Not valid input data to invoke operation (e.g. phone number without the '+' prefix).<br>- Not able to provide: Client authentication was not performed via mobile network. Not working on mobile hotspot (tethering) neither Wifi nor VPN mobile connections |
| ***Exceptions*** | Several exceptions might occur during the Number Verification API operations<br>- Unauthorized: Not valid credentials (e.g. use of already expired access token).<br>- Invalid input: Not valid input data to invoke operation (e.g. phone number without the '+' prefix).<br>- Not able to provide: Client authentication was not performed via mobile network. Not working on mobile hotspot (tethering) neither Wifi nor VPN mobile connections |
13 changes: 5 additions & 8 deletions ...mentation/API_documentation/NumberVerificationdevice_phone_number_User_Story.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,8 @@
| **Item** | **Details** |
| ---- | ------- |
| ***Summary*** | As an enterprise application developer, I want to retrieve the phone number associated with the device from which the call was made, so that I can ensure that I obtain the correct phone number and avoid fraud e.g. identity theft. |

| ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator<br> **Actors:** Application service providers, hyperscalers, application developers, end users, Communication Service Provider (CSP). <br> **Scope:** <br>-Returns the phone number associated with the access token so API clients can get the phone number and verify it themselves. |
| ***Pre-conditions*** |The preconditions are listed below:<br><ol><li>The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.</li><li>The Customer:BusinessManager has successfully subscribed to the Number Verification product from the product catalog.</li><li>The Customer:Administrator has onboarded the Customer:User to the platform.</li><li>The Customer:user performs an authorization request to CSP</li><li> The CSP checked access & user approval then provide access token to the Customer:user </li><li> The Customer:User gets the access token based on network authentication to ensure secure access of the API.|

| ***Activities/Steps*** | **Starts when:** The customer application makes a POST device phone number via the number verification API.<br>**Ends when:** The Number verification server answers providing the phone number corresponding to the one of the device from which the request was triggered. The customer application can check if this number corresponds to the one keyed by the user.|
| ***Post-conditions*** | The customer application could continue offering its service to the user with the confirmation of the user phone number. |

| ***Exceptions*** | Several exceptions might occur during the Number Verification API operations<br>- Unauthorized: Not valid credentials (e.g. use of already expired access token).<br>- Invalid input: Not valid input data to invoke operation (e.g. phone number without the '+' prefix).<br>- Not able to provide: Client authentication was not performed via mobile network. Not working on mobile hotspot (tethering) neither Wifi nor VPN mobile connections|
| ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator, end-user, Communication Service Provider (CSP), Channel Partner. <br> **Actors:** Application service providers, hyperscalers, aggregator, application developers, end users, Communication Service Provider (CSP). <br> **Scope:** <br>-Returns the phone number associated with the access token so API clients can get the phone number and verify it themselves. This user story is valid in direct interaction between Application service providers and CSP as with the presence of the channel partner betwen them. |
| ***Pre-conditions*** |The preconditions are listed below:<br><ol><li>The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform via (or not) a Channel Partner.</li><li>The Customer:BusinessManager has successfully subscribed to the Number Verification product from the product catalog.</li><li>The Customer:Administrator has onboarded the Customer:User to the platform via (or not) a Channel Partner.</li><li>The Customer:user performs an authorization request to CSP</li><li> The CSP checked access & user approval then provide access token to the Customer:user </li><li> The Customer:User gets the access token,via (or not) a Channel Partner, based on network authentication to ensure secure access of the API.|
| ***Activities/Steps*** | **Starts when:** The customer application makes a POST device phone number via the number verification API. This request could be done via (or not) the Channel Partner.<br>**Ends when:** The Number verification server answers providing the phone number corresponding to the one of the device from which the request was triggered. The customer application can check if this number corresponds to the one keyed by the end-user.|
| ***Post-conditions*** | The customer application could continue offering its service to the end-user with the confirmation of the end-user phone number. |
| ***Exceptions*** | Several exceptions might occur during the Number Verification API operations<br>- Unauthorized: Not valid credentials (e.g. use of already expired access token).<br>- Invalid input: Not valid input data to invoke operation (e.g. phone number without the '+' prefix).<br>- Not able to provide: Client authentication was not performed via mobile network. Not working on mobile hotspot (tethering) neither Wifi nor VPN mobile connections|