...
| Description | Restrictions | Intended User / Authorization | Notification sent to | URI | Method | Request Parameters | Request Body | Response Body | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Request verification.
| Can only request if there isn't already a pending request. Content must match user profile, emails, ORCID in system at the time the request is made. Rejected if required fields are blank. | any authorized user | ACT | /verificationSubmission | POST | -- | VerificationSubmission | VerificationSubmission | |||||||||
| Get a list of verification submissions. | ACT | -- | /verificationSubmission | GET | limit, offset, userId, state | -- | VerificationSubmissionPaginatedResults | ||||||||||
| Delete verification request | creator | user who requested verification | /verificationSubmission/{id} | DELETE | reason | -- | -- | ||||||||||
Approve verification submission
| (Must be in 'submitted' state.) There cannot already be an approved V.S. | ACT | user who requested verification | /verificationSubmission/{id}/approval | PUT | -- | -- | -- | |||||||||
Reject verification submission
| (Must be in 'submitted' state.) | ACT | user who requested verification | /verificationSubmission/{id}/rejection | PUT | -- | -- | -- | |||||||||
Suspend verification submission
| (Must be in approved state.) | ACT | user who requested verification | /verificationSubmission/{id}/suspension | PUT | Retract verification
| (Must be in approved or suspended state.) | ACT | user who requested verification | /verificationSubmission/{id}/retraction | PUT | -- | -- | -- | |||
Get UserBundle If not self or ACT then private fields are cleared. | Public | -- | /user/{id}/userBundle | GET | -- | -- | UserBundle | ||||||||||
| Link the user ID given by an oauth2 provider to a Synapse account. | any authorized user | -- | /oauth2/alias | POST | -- | OAuthValidationRequest | PrincipalAlias | ||||||||||
| Download attachment from verification submission. | ACT | -- | /file/{id} | GET | fileAssociateType *(required) fileAssociateId (required) redirect (optional) *Note we introduce a new fileAssociateType, "VerificationSubmission". | download URL | |||||||||||
| Update UserProfile | If user is verified or there's a submitted verification request then if this request changes the verified fields this will nullify the verification submission. | user who owns the profile | user who owns profile | /userProfile/{id} | PUT | -- | UserProfile | UserProfile |
...
- id
- userId
- createdOn
- first name
- last name
- organization
- location
- ORCID
- email list
- attachments (fileHandleIds)
- state (one of submitted, approved, rejected, suspended, retracted)
- verificationApproval
- verificationRetraction
VerificationApproval:
- createdBy
- createdOn
VerificationRetraction:
...
- approval (instance of AuditRecord)
- rejection (instance of AuditRecord)
- suspension (instance of AuditRecord)
AuditRecord:
- createdBy (only returned if user is in the ACT)
- createdOn
- reason (e.g. UserProfile changed wrt V.S., OR ACT initiated the state change)
UserBundle:
- isCertified
- isVerified
- hasSignedTOU
- isACTMember
- isAdmin
- userProfile (public fields for public, private fields for owner)
- ORCID
- verificationStateverificationSubmission* (submitted, approved, rejected, suspended, retracted, shown shown only for owner or ACT)approvedVerificationSubmission (if any, only show public fields)
'* This is complicated as we have to consider multiple verification submissions to determine the state.
...