Questions about the iSHARE API specification for H2M interaction

Created by Vinith Bhandari, Modified on Wed, 31 Jan 2024 at 02:57 PM by Vinith Bhandari


Question

  • Looking at the specification of the /userinfo endpoint on this page, I cannot find a request parameter. Am I missing something?
  •  The sequence diagrams on the same page depicts a situation where the user needs to choose which        organization it will represent. Further down the line, the user's organization is 'validated'. Am I right to            assume that the IDP has the EORI numbers of all organisations that the user may represent via that          IDP,  and that it validates the chosen organization by requesting its status via the iSHARE satellite?
  •  Why is the company choice and validation of the company not depicted in the i4Trust building blocks             document examples? Is this because the IDPs are all locally hosted within the organisations themselves    and only contain user info about their employees/customers?

Answer :

  •    iSHARE specifications are generic and caters to different possible scenarios, some of them are mentioned in the dev portal. A user may be working for multiple organisations and while using the same identity provider in which case the additional steps of organisation selection are to be followed. If the user only is known for one organisation within IDP then that flow is not necessary. 
  • In i4Trust building blocks examples it is assumed that the user only represents one organisation, so that flow is not depicted. 
  • Note: in the examples, the IDPs are shown as locally hosted components, but it symbolises that they are actually provided by service providers (IDPs) and each organisation has the right to choose its own preferred IDP.
  •  In experiment and in PoC, technically hosting IDP only allows you to demonstrate the concept, however, in production you would use a real IDP which meets the specifications. Due to standardised specifications you do not need to recode when you switch from one provider to another. 
  • iSHARE Trust Framework provides for these interoperability aspects.



Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article