[Openid-specs-risc] openid/sharedsignals: Comment created on issue 158

Fri Apr 26 15:43:25 UTC 2024

openid/sharedsignals event

Issue Comment created on issue 158
Issue Title: Explore machine reachable approach to event definitions
https://github.com/openid/sharedsignals/issues/158

Comment: Here's an example of the CAEP Session Revoked event, defined in JSON Schema. This only includes the properties of the event object (e.g. "https://schemas.openid.net/secevent/caep/event-type/session-revoked/": { }. ```json { "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://schemas.openid.net/secevent/caep/event-type/session-revoked/v1.schema.json", "title": "Session Revoked", "description": "Session Revoked signals that the session identified by the subject has been revoked. The explicit session identifier may be directly referenced in the subject or other properties of the session may be included to allow the receiver to identify applicable sessions.", "type": "object", "properties": { "initiating_entity": { "description": "Describes the entity that invoked the event.", "type": "string", "oneOf": [ { "const": "admin", "description": "an administrative action triggered the event" }, { "const": "user", "description": "an end-user action triggered the event" }, { "const": "policy", "description": "a policy evaluation triggered the event" }, { "const": "system", "description": "a system or platform assertion triggered the event" } ] }, "reason_admin": { "description": "a localizable administrative message intended for logging and auditing. The object MUST contain one or more key/value pairs, with a BCP47 [RFC5646] language tag as the key and the locale-specific administrative message as the value.", "type": "object" }, "reason_user": { "description": "a localizable user-friendly message for display to an end-user. The object MUST contain one or more key/value pairs, with a BCP47 [RFC5646] language tag as the key and the locale-specific end-user message as the value.", "type": "object" }, "event_timestamp": { "description": "the time at which the event described by this SET occurred. Its value is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time. This value MUST represent the time at which the session revocation occurred", "type": "number" } } } ``` I think this could work. One question is whether the schema should contain the entire SET (including `sub_id`) or just the event payload. Thoughts @openid/wg-sharedsignals-editors?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20240426/fe2f5aff/attachment-0001.html>