Archived 2022.11.20. Content moved to error scenarios and responses.
Question
It is possible to imagine scenarios with reasons for non-disclosure that result in inconsistent responses. By sending partial responses, this inconsistency might be removed.
Scenario 1
The Data Holder (DH) has an Authorisation associated with two accounts, Account A and Account B. Both accounts are single owner accounts and thus the authorisation is active
for each account.
The Accredited Data Recipient (ADR) requests a disclosure using this Authorisation. The DH checks the authorisation and recognises that both accounts are eligible and begins retrieving the accounts' information. Account A is successfully processed and a fully compliant JSON response fragment is generated.
However Account B encounters some error during processing. As a result the system cannot create a fully compliant JSON fragment for Account B.
The DH recognises that it is unable to fully respond to the disclosure request and returns a JSON error object to the calling ADR.
The DH could have sent a partial response with the successfully processed details for Account A but instead responds with an error and no customer data.
Scenario 2
Consider the same scenario, but where Account B is a joint account. The Authorisation is created and Account A is active
in the Authorisation. However, Account B is currently pending
as its second owner has yet to approve the Authorisation.
In this scenario, if the ADR requests a disclosure using the Authorisation the DH returns Account A, but not Account B.
Let's assume Account B would have been successfully processed if the joint account owner had approved it.
In scenario 1, the DH takes an all-or-nothing approach and returns nothing.
In scenario 2, the DH takes a best-effort approach and returns just Account A, omitting Account B from the response.
Scenario 3
Consider Scenario 1, but where mandatory fields are missing from Account B. It is not possible to create a compliant JSON response for Account B. The DH responds with an all-or-nothing approach and returns an error response.
Sending a partial response
If a best-effort approach is used in all three scenarios, the DH could still send a JSON response, perhaps with data for only one account, or with missing mandatory fields. Is it possible to take this approach? What is the standard response in these scenarios?
Answer
Currently, the standards require an error response and do not allow partial responses.
If you see value in partial responses the DSB encourages you to raise it as a change request so we can consult on it with the rest of the community. The DSB received similar feedback during consultation on Enhanced Error Handling, so there are others thinking along similar lines. Partial responses would require a community change request to progress.
When different issues result in different errors occurring, the error response is at the discretion of the DH. Different implementations may encounter those errors at different points in their implementation stack or application code. The error response may depend on which error is encountered first.
See:
Comments
0 comments
Please sign in to leave a comment.