[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Groups - Action Item "COEL-26 Describe approach to protecting high risk API methods in MMI" added
Action Item Subject: COEL-26 Describe approach to protecting high risk API methods in MMI Item Number: #0035 Description Describe the 2FA callback approach to be used for high risk items in MMI. (see COEL-26) Note that the Operator can initiate a call to forget a consumer or reassign a device, but the Service Provider must provide the final go-ahead through a callback mechanism (e.g. email). The Operators call to the MMI does not block waiting for the Service Provider, it returns immediately to the caller, who cannot tell if it has been approved at this point. (Note that reassignDevice is not in the MMI yet - we should put in a placeholder?) Note that COEL-12 seems similar to this (look before you leap) but the email callback mechanism might be confusing, better to use a more standard RESTful approach of returning a URI which can be used by the caller to retrieve the data in batches. Owner: Dr. David Snelling Status: Open Priority: Medium Due Date: N/A |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]