You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Current diaspora API doesn't contain any routes for requesting user profile.
We talked that besides full archive we also want a lightweight version of the archive, which includes the essentials: basic profile, private key and, perhaps, contacts.
For the full archive we currently have a two step process: you request the archive and then when it is available, you download the archive. We need a similar approach with the API. However, I think that the lightweight archive could be exported in one go, just with a signle GET request.
Also since archive contains sensitive information (e.g. private key) it needs an additional access scope.
We might add a scope called archive to control access to archive related API methods. Another option could be to create a scope called private_key and require several scopes to be authorized to request the archive, e.g. private_key+profile for the basic profiles and private_key+profile+read for the full profile.
So for the lightweight archive it is just GET /api/v1/user/archive/basic which returns the archive JSON.
For the full archive, I'm not quite sure. What I though could be GET /api/v1/user/archive/full/request as a method to request a new archive export. Then, when archive is ready, a link to the archive is retrieved by GET /api/v1/user/archive/full/url. It returns a URL to the archive file. When new archive export is requested this route returns nothing until the archive is ready. The same approach can be used for photos with following routes respectively: GET /api/v1/user/archive/photos/request, GET /api/v1/user/archive/photos/url.
Also we need a way to inform the client about the export finish/failure. However I'm unsure if we have to do that in the archive API namespace. Maybe we can just reuse notifications for that? BTW, it looks a bit inconsistent that we have an email for (un)successful export, but don't have UI notifications for that. Maybe it worth change that and then we can use it as a tracker for export state in clients?
The text was updated successfully, but these errors were encountered:
Current diaspora API doesn't contain any routes for requesting user profile.
We talked that besides full archive we also want a lightweight version of the archive, which includes the essentials: basic profile, private key and, perhaps, contacts.
For the full archive we currently have a two step process: you request the archive and then when it is available, you download the archive. We need a similar approach with the API. However, I think that the lightweight archive could be exported in one go, just with a signle GET request.
Also since archive contains sensitive information (e.g. private key) it needs an additional access scope.
Currently scopes are defined as
We might add a scope called
archiveto control access to archive related API methods. Another option could be to create a scope calledprivate_keyand require several scopes to be authorized to request the archive, e.g.private_key+profilefor the basic profiles andprivate_key+profile+readfor the full profile.So for the lightweight archive it is just
GET /api/v1/user/archive/basicwhich returns the archive JSON.For the full archive, I'm not quite sure. What I though could be
GET /api/v1/user/archive/full/requestas a method to request a new archive export. Then, when archive is ready, a link to the archive is retrieved byGET /api/v1/user/archive/full/url. It returns a URL to the archive file. When new archive export is requested this route returns nothing until the archive is ready. The same approach can be used for photos with following routes respectively:GET /api/v1/user/archive/photos/request,GET /api/v1/user/archive/photos/url.Also we need a way to inform the client about the export finish/failure. However I'm unsure if we have to do that in the archive API namespace. Maybe we can just reuse notifications for that? BTW, it looks a bit inconsistent that we have an email for (un)successful export, but don't have UI notifications for that. Maybe it worth change that and then we can use it as a tracker for export state in clients?
The text was updated successfully, but these errors were encountered: