Skip to content
Snippets Groups Projects
Commit c35c9356 authored by Hugo's avatar Hugo
Browse files

added consent handling from enedis/grdf

parent 56775066
No related branches found
No related tags found
No related merge requests found
Pipeline #10100 passed
...@@ -104,6 +104,14 @@ Regarding Enedis, two endpoints are exposed: ...@@ -104,6 +104,14 @@ Regarding Enedis, two endpoints are exposed:
On success, response will contain **access_token** or **refresh_token**, **usage_point_id** among other things. All informations will be stored by the cozy-stack in a cozy-accounts database. On success, response will contain **access_token** or **refresh_token**, **usage_point_id** among other things. All informations will be stored by the cozy-stack in a cozy-accounts database.
#### Consent Handling
Consent is replaced everytime a new oauth dance is launched (for 6 months, hardcoded in **/authorize** request).
User can revoke its consent from the Enedis website, no external endpoints are available for this purpose.
If a consent has been revoked or expired. A 403 error will be thrown saying: *No consent can be found for this customer and this usage point*.
Ecolyo can warn the user that the service is unable to continue and ask to give new consent.
### Grdf Adict ### Grdf Adict
!!! info "grdf documentation" !!! info "grdf documentation"
...@@ -127,11 +135,17 @@ The */access_token* endpoint can be called with two different *grant_type* param ...@@ -127,11 +135,17 @@ The */access_token* endpoint can be called with two different *grant_type* param
The grdf Konnector would only need to call the *client_credentials* to get a refresh token. The grdf Konnector would only need to call the *client_credentials* to get a refresh token.
#### Optional: Revoke Consent #### Consent Handling
Consent is represented by an access right. This access holds characteristics specific to the consent of the end customer.
##### Optional: Revoke consent from external applications
It is possible to cancel a consent that was given from the user to our service (for test or development purpose for instance). It is possible to cancel a consent that was given from the user to our service (for test or development purpose for instance).
api.grdf.fr/adict/v1/droit_acces/{id_accreditation} **api.grdf.fr/adict/v1/droit_acces/{id_accreditation}**
!!! info "revoked consent"
When the consent is revoked, the service cannot ask for another consent before the revoked one has achieved its duration.
### Cozy Oauth Protocol ### Cozy Oauth Protocol
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment