| Table of Contents |
|---|
...
| Existing or new | Description | Intended User | URI | Method | Request Parameters | Request Body | Response Body |
|---|---|---|---|---|---|---|---|
| Existing | Create a membership invitation. The team must be specified. Either an inviteeId or an inviteeEmail must be specified. If an inviteeEmail is specified, send an email containing an invitation link to the invitee. The link will contain a serialized MembershipInvtnSignedToken. | team administrator | /membershipInvitation | POST | acceptInvitationEndpoint (optional) notificationUnsubscribeEndpoint (optional) | MembershipInvitation | MembershipInvitation |
| New | Retrieve a membership invitation. | signed token holder | /membershipInvitation/{id} | POST | -- | MembershipInvtnSignedToken | MembershipInvitation |
Existing | Start the process of creating a new account, and optionally also the process of associating a membership invitation to the new account. Send a 'validation email' message to the provided email address. The email will contain a link to complete the registration process. The link will contain a serialized AccountCreationToken. Intended to be used in conjunction with POST /account. | public | /account/emailValidation | POST | portalEndpoint | NewUser | -- |
| New | Verify whether the inviteeEmail of the indicated MembershipInvitation is associated with the authenticated user. If it is, the response body will contain an InviteeVerificationSignedToken. If it is not, (in phase 1 the server just responds with a 403) the response body will be null and an identity verification email containing a link will be sent to the inviteeEmail of the indicated MembershipInvitation. The link will contain a serialized InviteeVerificationSignedToken. This call will only succeed if the indicated MembershipInvitation has a null inviteeId and a non null inviteeEmail. | authenticated user | /membershipInvitation/{id}/inviteeVerificationSignedToken | GET | portalEndpoint | InviteeVerificationSignedToken | |
New | Set the inviteeId of a MembershipInvitation. A valid InviteeVerificationSignedToken must have an inviteeId equal to the id of the authenticated user and a membershipInvitationId equal to the id in the URI. This call will only succeed if the indicated MembershipInvitation has a null inviteeId and a non null inviteeEmail. | authenticated signed token holder | /membershipInvitation/{id}/inviteeId | PUT | -- | InviteeVerificationSignedToken | -- |
...
- Which users create invitations, when they create them, and from what teams they create them.
- These statistics are captured by the MembershipInvitation (formerly MembershipInvtnSubmission) model, which is stored in the database.
- How many invitations are accepted and when they are accepted.
- There is no easy way to track when the invitation to the team is accepted, but we can know how many times the invitee will use the email link to create a new account or sign in to their existing account. This is essentially the number of times that PUT /membershipInvitation/{id}/inviteeId is called.
- How many invitees choose to register a new account and how many choose to sign in.
- We know the total number of membership invitations created from the number of POST /emailMembershipInvitation/{id}/membershipInvitation requests.
- We know the total number of invitees who chose to register a new account from the number of POST /emailMembershipInvitation/{id}/account/emailValidation requests.
- We can derive the total number of invitees who chose to sign in with an existing account from the above two numbers.
- We can know how often invitees attempt to sign in using an email address that is not associated with the inviteeEmail of the MembershipInvitation by looking at how often GET /membershipInvitation/{id}/inviteeVerificationSignedToken calls respond with 403 status.
Implementation outline
Phase 1
...