Merged
Conversation
Add user stories
AxelNennker
requested changes
Jul 8, 2024
documentation/API_documentation/NumberVerificationdevice_phone_number_User_Story.md
Outdated
Show resolved
Hide resolved
…_number_User_Story.md Co-authored-by: Axel Nennker <axel.nennker@telekom.de>
jgarciahospital
suggested changes
Jul 15, 2024
|
|
||
| | **Item** | **Details** | | ||
| | ---- | ------- | | ||
| | ***Summary*** | As an enterprise application developer, I want to verify the phone number associated with the line from which the call was made, so that I can ensure that I avoid identity theft fraud. | |
Collaborator
There was a problem hiding this comment.
To align with SMS OTP definition:
As an enterprise application developer, I want to verify the phone number associated with the line from which the call was made, so I can get a proof of possession of the phone number.
| | ---- | ------- | | ||
| | ***Summary*** | As an enterprise application developer, I want to verify the phone number associated with the line from which the call was made, so that I can ensure that I avoid identity theft fraud. | | ||
| | ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator<br> **Actors:** Application service providers, hyperscalers, application developers, end users. <br> **Scope:** <br> - Verifies if the specified phone number (plain text or hashed format) matches the one that the user is currently using. | | ||
| | ***Pre-conditions*** |The preconditions are listed below:<br><ol><li>The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.</li><li>The Customer:BusinessManager has successfully subscribed to the Number Verification product from the product catalog.</li><li>The Customer:Administrator has onboarded the Customer:User to the platform.</li><li>The Customer:user performs an authorization request to CSP</li><li>The means to get the access token are known to the Customer:User to ensure secure access of the API.| |
Collaborator
There was a problem hiding this comment.
The means to get the access token are known to the Customer:User to ensure secure access of the API.
--> Access token generation initiated by Customer:User is based on network authentication to ensure secure access of the API
Collaborator
Author
There was a problem hiding this comment.
I have reworked the sentence and add one step.
| | ***Summary*** | As an enterprise application developer, I want to verify the phone number associated with the line from which the call was made, so that I can ensure that I avoid identity theft fraud. | | ||
| | ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator<br> **Actors:** Application service providers, hyperscalers, application developers, end users. <br> **Scope:** <br> - Verifies if the specified phone number (plain text or hashed format) matches the one that the user is currently using. | | ||
| | ***Pre-conditions*** |The preconditions are listed below:<br><ol><li>The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.</li><li>The Customer:BusinessManager has successfully subscribed to the Number Verification product from the product catalog.</li><li>The Customer:Administrator has onboarded the Customer:User to the platform.</li><li>The Customer:user performs an authorization request to CSP</li><li>The means to get the access token are known to the Customer:User to ensure secure access of the API.| | ||
| | ***Activities/Steps*** | **Starts when:** The customer application makes a POST verify via the number verification API providing in the request the phone number keyed by the user on the application. This input could be hashed or plain.<br>**Ends when:** The Number verification server answers if the phone number provided corresponds to the one of the line from which the request was triggered. | |
Collaborator
There was a problem hiding this comment.
the phone number keyed by the user on the application
--> the phone number provided by the end user in the application
| | ---- | ------- | | ||
| | ***Summary*** | As an enterprise application developer, I want to retrieve the phone number associated with the line from which the call was made, so that I can ensure that I obtain the correct phone number and avoid identity theft fraud. | | ||
| | ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator<br> **Actors:** Application service providers, hyperscalers, application developers, end users. <br> **Scope:** <br>-Returns the phone number associated with the access token so API clients can get the number and verify it themselves. | | ||
| | ***Pre-conditions*** |The preconditions are listed below:<br><ol><li>The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.</li><li>The Customer:BusinessManager has successfully subscribed to the Number Verification product from the product catalog.</li><li>The Customer:Administrator has onboarded the Customer:User to the platform.</li><li>The Customer:user performs an authorization request to CSP</li><li>The means to get the access token are known to the Customer:User to ensure secure access of the API.| |
Collaborator
There was a problem hiding this comment.
The means to get the access token are known to the Customer:User to ensure secure access of the API.
--> Access token generation initiated by Customer:User is based on network authentication to ensure secure access of the API
Update NumberVerification_verify_User_Story following Jorge comments
Collaborator
Author
|
Thanks @jgarciahospital - I've took into consideration your comment. |
jgarciahospital
approved these changes
Jul 18, 2024
AxelNennker
requested changes
Jul 22, 2024
Collaborator
AxelNennker
left a comment
There was a problem hiding this comment.
Please explain CSP once introducing that term.
Must this text mention network authentication? The customer does not care about the technical means, I think.
documentation/API_documentation/NumberVerification_verify_User_Story.md
Outdated
Show resolved
Hide resolved
documentation/API_documentation/NumberVerification_verify_User_Story.md
Outdated
Show resolved
Hide resolved
AxelNennker
requested changes
Jul 22, 2024
Collaborator
AxelNennker
left a comment
There was a problem hiding this comment.
I would not use the word "line" if we can avoid it.
documentation/API_documentation/NumberVerificationdevice_phone_number_User_Story.md
Outdated
Show resolved
Hide resolved
documentation/API_documentation/NumberVerificationdevice_phone_number_User_Story.md
Outdated
Show resolved
Hide resolved
documentation/API_documentation/NumberVerificationdevice_phone_number_User_Story.md
Outdated
Show resolved
Hide resolved
documentation/API_documentation/NumberVerificationdevice_phone_number_User_Story.md
Outdated
Show resolved
Hide resolved
…_Story.md Co-authored-by: Axel Nennker <axel.nennker@telekom.de>
…_Story.md Co-authored-by: Axel Nennker <axel.nennker@telekom.de>
…_number_User_Story.md Co-authored-by: Axel Nennker <axel.nennker@telekom.de>
…_number_User_Story.md Co-authored-by: Axel Nennker <axel.nennker@telekom.de>
…_number_User_Story.md Co-authored-by: Axel Nennker <axel.nennker@telekom.de>
…_number_User_Story.md Co-authored-by: Axel Nennker <axel.nennker@telekom.de>
Collaborator
Author
Fixed ! |
Collaborator
Author
Thanks @AxelNennker for the review. Added CSP in actor. |
AxelNennker
approved these changes
Jul 25, 2024
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
What this PR does / why we need it:
Document user stories as it is a mandatory piece to target stable maturity level.
Which issue(s) this PR fixes:
Fixes #117
Special notes for reviewers:
Changelog input
Additional documentation
This section can be blank.