Add user stories #118
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # Number Verification Verify API User Story | ||
|
|
||
| | **Item** | **Details** | | ||
| | ---- | ------- | | ||
| | ***Summary*** | As an enterprise application developer, I want to verify the phone number associated with the line from which the call was made, so that I can ensure that I avoid identity theft fraud. | | ||
| | ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator<br> **Actors:** Application service providers, hyperscalers, application developers, end users. <br> **Scope:** <br> - Verifies if the specified phone number (plain text or hashed format) matches the one that the user is currently using. | | ||
| | ***Pre-conditions*** |The preconditions are listed below:<br><ol><li>The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.</li><li>The Customer:BusinessManager has successfully subscribed to the Number Verification product from the product catalog.</li><li>The Customer:Administrator has onboarded the Customer:User to the platform.</li><li>The Customer:user performs an authorization request to CSP</li><li>The means to get the access token are known to the Customer:User to ensure secure access of the API.| | ||
|
There was a problem hiding this comment. The means to get the access token are known to the Customer:User to ensure secure access of the API. There was a problem hiding this comment. I have reworked the sentence and add one step. |
||
| | ***Activities/Steps*** | **Starts when:** The customer application makes a POST verify via the number verification API providing in the request the phone number keyed by the user on the application. This input could be hashed or plain.<br>**Ends when:** The Number verification server answers if the phone number provided corresponds to the one of the line from which the request was triggered. | | ||
|
There was a problem hiding this comment. the phone number keyed by the user on the application |
||
| | ***Post-conditions*** | The customer application could continue offering its service to the user with the confirmation of the user phone number. | | ||
| | ***Exceptions*** | Several exceptions might occur during the Number Verification API operations<br>- Unauthorized: Not valid credentials (e.g. use of already expired access token).<br>- Invalid input: Not valid input data to invoke operation (e.g. phone number without the '+' prefix).<br>- Not able to provide: Client authentication was not performed via mobile network. Not working on mobile hotspot (tethering) neither Wifi nor VPN mobile connections | | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # Number Verification Device Phone Number API User Story | ||
|
|
||
| | **Item** | **Details** | | ||
| | ---- | ------- | | ||
| | ***Summary*** | As an enterprise application developer, I want to retrieve the phone number associated with the line from which the call was made, so that I can ensure that I obtain the correct phone number and avoid identity theft fraud. | | ||
bigludo7 marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| | ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator<br> **Actors:** Application service providers, hyperscalers, application developers, end users. <br> **Scope:** <br>-Returns the phone number associated with the access token so API clients can get the number and verify it themselves. | | ||
bigludo7 marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| | ***Pre-conditions*** |The preconditions are listed below:<br><ol><li>The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.</li><li>The Customer:BusinessManager has successfully subscribed to the Number Verification product from the product catalog.</li><li>The Customer:Administrator has onboarded the Customer:User to the platform.</li><li>The Customer:user performs an authorization request to CSP</li><li>The means to get the access token are known to the Customer:User to ensure secure access of the API.| | ||
|
There was a problem hiding this comment. The means to get the access token are known to the Customer:User to ensure secure access of the API. |
||
| | ***Activities/Steps*** | **Starts when:** The customer application makes a POST device phone number via the number verification API.<br>**Ends when:** The Number verification server answers providing the phone number corresponding to the one of the line from which the request was triggered. The customer application can check if this number corresponds to the one keyed by the user.| | ||
| | ***Post-conditions*** | TThe customer application could continue offering its service to the user with the confirmation of the user phone number. | | ||
bigludo7 marked this conversation as resolved.
Show resolved
Hide resolved
bigludo7 marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| | ***Exceptions*** | Several exceptions might occur during the Number Verification API operations<br>- Unauthorized: Not valid credentials (e.g. use of already expired access token).<br>- Invalid input: Not valid input data to invoke operation (e.g. phone number without the '+' prefix).<br>- Not able to provide: Client authentication was not performed via mobile network. Not working on mobile hotspot (tethering) neither Wifi nor VPN mobile connections| | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To align with SMS OTP definition:
As an enterprise application developer, I want to verify the phone number associated with the line from which the call was made, so I can get a proof of possession of the phone number.