Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id EAEA7200B8E for ; Mon, 26 Sep 2016 11:23:59 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id E975B160AE3; Mon, 26 Sep 2016 09:23:59 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 14330160AB8 for ; Mon, 26 Sep 2016 11:23:58 +0200 (CEST) Received: (qmail 92981 invoked by uid 500); 26 Sep 2016 09:23:58 -0000 Mailing-List: contact dev-help@fineract.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@fineract.incubator.apache.org Delivered-To: mailing list dev@fineract.incubator.apache.org Received: (qmail 92954 invoked by uid 99); 26 Sep 2016 09:23:57 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 26 Sep 2016 09:23:57 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 724451A05F9 for ; Mon, 26 Sep 2016 09:23:57 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.701 X-Spam-Level: X-Spam-Status: No, score=-0.701 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001] autolearn=disabled Authentication-Results: spamd2-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=confluxtechnologies-com.20150623.gappssmtp.com Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id N22GvZ_pLOJP for ; Mon, 26 Sep 2016 09:23:54 +0000 (UTC) Received: from mail-pf0-f175.google.com (mail-pf0-f175.google.com [209.85.192.175]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id EC0855FCED for ; Mon, 26 Sep 2016 09:23:44 +0000 (UTC) Received: by mail-pf0-f175.google.com with SMTP id l25so15803977pfb.1 for ; Mon, 26 Sep 2016 02:23:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=confluxtechnologies-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-transfer-encoding:thread-index :content-language; bh=SiPE2eRGX6BvQuFsQ9Jx2KxDWi0/vhZ7zxtitkarAyM=; b=FMbrK0yBl1upcbsM6/am8jtF1xTpNP0iOkiju1YKaBJPyIklfeaN5pDrpa0A/g9wmt zy07SrMJgceEDGlm4rLioDIStQqrkqGywDLkBRc298kvtAJbRuqtaRzsQ6tFiHngu9eh qWe9seueKzl5Se3UiqhZq/RG7sqZQ/8eiDNMQKWQNsYpdy6ZQ5kB6sOO3JRGZXOEjs2D usEOmwxgkuYsIVKKyEbo/4CYDC2Rhksy8lvoNsP5fR+QoI6NnytCPwGJCJd/8TdG0z9N CIoIFcF5b1hDKO9SU64WO+ZYCFeyIZPDbMMphsHhvjdSo7uU7eJ31Effea1te40ZRJSG cOWg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:references:in-reply-to:subject:date :message-id:mime-version:content-transfer-encoding:thread-index :content-language; bh=SiPE2eRGX6BvQuFsQ9Jx2KxDWi0/vhZ7zxtitkarAyM=; b=TxLF72wTAkpSSFHOg4a4mR0bTaQ7rv8WFHS41PBqj+TRTLRhPckS61kbZsncrpnEsV MBYzgtnXYkccSXFK9PMYdZ33+5MDeqsv6OrDIFPKDfvQ+TRiPJzTqGgxFfYOQOFB8n4Z gffg2yZPgt9XNBjA3zFpskEkMYZoXAFfN8pKSD9fJl8xQ8YpKZxUy27Ax1MIgFDzSiZc O/2uGJcREwYAfQ0E16pGv0gxloLhAKmjnbS8lkKe+gvSnpxpKfsHhOn2NxoGvKjolU8I pXTxclcZBBaD+0TG2sQvMmVGFUh8Dm2TWYZ0ulwTX6pBvrNfDxov9muLjg9vK+c6Ya29 odNg== X-Gm-Message-State: AE9vXwNChgI45JF9fP4Np6c6cMssH/WX/7ggvEjrfxP+M02CMiRz+rr536U7LbFc8oOkAA== X-Received: by 10.98.112.197 with SMTP id l188mr35985317pfc.151.1474881824051; Mon, 26 Sep 2016 02:23:44 -0700 (PDT) Received: from ConfluxAdi ([106.51.39.37]) by smtp.gmail.com with ESMTPSA id b125sm29296427pfg.36.2016.09.26.02.23.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 26 Sep 2016 02:23:43 -0700 (PDT) From: "Adi Raju" To: Cc: "'Antuan Ariel Castillo'" , "'Vishwajeet Srivastava'" References: In-Reply-To: Subject: RE: Using Self-Service APIs to return accounts of only one client Date: Mon, 26 Sep 2016 14:53:42 +0530 Message-ID: <01d201d217d7$ae5db530$0b191f90$@confluxtechnologies.com> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQIM9MBdPoGTTZ83pJAYqU1yweSUt6AVwDSg Content-Language: en-in archived-at: Mon, 26 Sep 2016 09:24:00 -0000 Self Service APIs were created not only with end customer in mind. These = APIs are created to support agent banking, field staff and other = scenarios as well. Basic idea is that the data and operations are = restricted as compared to a bank staff. Design decisions and the approach is documented here = https://mifosforge.jira.com/wiki/display/MIFOSX/Customer+Self+Service , = https://mifosforge.jira.com/wiki/display/MIFOSX/Customer+Self+Service+-+P= hase+2 Gist of the document: 1. App user and roles/permissions is reused. A self-service user is = created/managed using the user APIs, = https://demo.openmf.org/api-docs/apiLive.htm#users_create, by passing = additional params isSelfServiceUser and clients params while creating an = app user. 2. A Self Service User would have access to all the clients' information = that are provided as part of clients param. In case of agent banking = scenario, there can be more than 1 client, who might be able to perform = operations on behalf of a client. In case of individual client, the = clients list would be only 1. 3. As part of user authentication response, if it is a self-service = user, list of clients data is sent. If clients list contains only one = client, then the end user app need not use /self/clients end point. They = can start using the /self/clients/{clientId} directly. So the = intelligence is expected in the self-service app, based on the scenario = it would be used. Regards, Adi -----Original Message----- From: Ed Cable [mailto:edcable@mifos.org]=20 Sent: 24 September 2016 04:44 To: dev@fineract.incubator.apache.org Cc: Antuan Ariel Castillo; Vishwajeet Srivastava Subject: Using Self-Service APIs to return accounts of only one client Adi, Can you give guidance to the community via the mailing list on how to = properly use the self-service APIs. The primary use case and what they = were designed for is for an individual client to authenticate his or = herself and only have access to his/her individual accounts. Both Vishwajeet and a user on Gitter @AntuanC (see message below) have = had issues in using the API in such a manner whereby they return a list = of multiple clients and not just the accounts for that one client. @AntuanC "Hello everyone, I want to create a user for customers, so they may login and check your = statements. However I find no way to link a user to a specific customer, so that = only you can see their accounts and not those of all customers. Can you help me?" -- *Ed Cable* Director of Community Programs, Mifos Initiative edcable@mifos.org | = Skype: edcable | Mobile: +1.484.477.8649 *Collectively Creating a World of 3 Billion Maries | *http://mifos.org =