Archived 22/02/2024. Please see the CDS Guide on Authorisation Scopes.
As an outcome of Maintenance Iteration 11, obligations for Data Holders to ignore unsupported scopes was brought forward to 31st August 2022.
Data Holder Brands MUST ignore unsupported authorisation scopes presented in the SSA for the creation and update of Client Registrations.
To ensure interoperability with existing Banking Data Holders, ADRs can request a Software Statement Assertion (SSA) from the CDR Register with only Banking scopes.
If ADRs need to update their client metadata held by a Banking Data Holder, ADRs are advised they should continue to request an SSA with only the banking scopes by calling Get Software Statement Assertion (SSA) v2 with the {industry} path parameter set to banking
. ADRs can continue using v2 of this service for Banking Data Holders until its retirement on 7th April 2023. Once all Banking Data Holders have successfully met the obligation of ignoring unsupported scopes, ADRs should commence transition to v3 of the Get SSA endpoint. When calling the v3 endpoint, ADRs can choose to retain the use of the “banking” path parameter or transition to the sector agnostic “all” path parameter. Either way, the path parameter will not effect the filtering of scope values in the SSA produced by the v3 endpoint.
It is required that ADRs call Get Software Statement Assertion (SSA) v3 for registering with Energy Data Holders. Any industry path parameter can be used as it will have no effect on the SSA produced. The v3 endpoint will return energy scopes within the SSA, which are required when registering with an Energy Data Holder.
When all data holders have met the unsupported scopes obligation, we will announce it in the CDR Implementation call / newsletter.
See
- Standards Maintenance Issue 507: https://github.com/ConsumerDataStandardsAustralia/standards-maintenance/issues/507
Comments
0 comments
Please sign in to leave a comment.