...
| Description | Restrictions | Intended User / Authorization | Notification sent to | URI | Method | Request Parameters | Request Body | Response Body | |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Request verification.
| Can only request if there isn't already a pending submitted or approved request. Content must match user profile, emails, ORCID in system at the time the request is made. Rejected if required fields are blank. | any authorized user | ACT | /verificationSubmission | POST | -- | VerificationSubmission | VerificationSubmission | |||||||||||||||||||||||
| Get a list of verification submissions. | ACT | -- | /verificationSubmission | GET | limit, offset, userId, state | -- | VerificationSubmissionPaginatedResults | ||||||||||||||||||||||||
| Delete verification request | creator | user who requested verification | /verificationSubmission/{id} | DELETE | reason | -- | -- | ||||||||||||||||||||||||
| Approve verification Change submission
| (Must be in 'submitted' state.) There cannot already be an approved V.S. | ACT | user who requested verification | /verificationSubmission/{id}/approval | PUT | -- | -- | -- | Reject verification submission
| (Must be in 'submitted' state.)state | Allowed state transitions shown in diagram above. | ACT | user who requested verification | /verificationSubmission/{id}/rejection | PUT | -- | -- | -- | Suspend verification submission
| (Must be in approved state.) | ACT | user who requested verification | /verificationSubmission/{id}/suspension | PUT | POST | reason | VerificationState | VerificationState | |||
Get UserBundle If not self or ACT then private fields are cleared. | Public | -- | /user/{id}/userBundle | GET | -- | -- | UserBundle | ||||||||||||||||||||||||
| Link the user ID given by an oauth2 provider to a Synapse account. | any authorized user | -- | /oauth2/alias | POST | -- | OAuthValidationRequest | PrincipalAlias | ||||||||||||||||||||||||
| Download attachment from verification submission. | ACT | -- | /file/{id} | GET | fileAssociateType *(required) fileAssociateId (required) redirect (optional) *Note we introduce a new fileAssociateType, "VerificationSubmission". | download URL | |||||||||||||||||||||||||
| Update UserProfile | If user is verified or there's a submitted verification request then if this request changes the verified fields this will nullify the verification submission. | user who owns the profile | user who owns profile | /userProfile/{id} | PUT | -- | UserProfile | UserProfile |
...
- id
- userId
- createdOn
- first name
- last name
- organization
- location
- ORCID
- email list
- attachments (fileHandleIds)
- state (one of submitted, approved, rejected, suspended)
- approval (instance of AuditRecord)
- rejection (instance of AuditRecord)
- suspension (instance of AuditRecord)
AuditRecord:
- stateHistory
VerificationState
- createdBy (only returned if user is in the ACT)
- createdOn
- reason (e.g. UserProfile changed wrt V.S., OR ACT initiated the state change)
...
- hasSignedTOU
- isACTMember
- isAdmin
- userProfile (public fields for public, private fields for owner)
- ORCID
- verificationSubmission* ( shown the sole submitted or approved submission, if any. Shown only for owner or ACT)
'* This is complicated as we have to consider multiple verification submissions to determine the state.