[LC-1423] X-API Scoped by Contract #900

TaylorBeeston · 2025-12-19T18:14:40Z

Overview

🎟 Relevant Jira Issues

[LC-1423] Port xAPI activity logs to the new ConsentFlow design

📚 What is the context and goal of this PR?

In order to query X-API statements scoped by contract, we need to tag them!

🥴 TL; RL:

Tags X-API statements with a contract URI by adding the contract URI to the VP JWT

💡 Feature Breakdown (screenshots & videos encouraged!)

Adds contract URI to VP JWT in LCA
Reads contract URI from JWT in X-API Wrapper and adds to the X-API statement

🛠 Important tradeoffs made:

🔍 Types of Changes

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Breaking change (fix or feature that would cause existing functionality to not work as expected)
Chore (refactor, documentation update, etc)

💳 Does This Create Any New Technical Debt? ( If yes, please describe and add JIRA TODOs )

No
Yes

Testing

🔬 How Can Someone QA This?

Easiest way is to just run the tests! =) The E2E tests will check the new JWT format and test correctly
tag statements

📱 🖥 Which devices would you like help testing on?

🧪 Code Coverage

Wrote E2E tests

Documentation

I had Claude update the docs =)

📝 Documentation Checklist

User-Facing Docs (docs/ → docs.learncard.com)

Tutorial — New capability that users need to learn (docs/tutorials/)
How-To Guide — New workflow or integration (docs/how-to-guides/)
Reference — New/changed API, config, or SDK method (docs/sdks/)
Concept — New mental model or architecture explanation (docs/core-concepts/)
App Flows — Changes to LearnCard App or ScoutPass user flows (docs/apps/)

Internal/AI Docs

CLAUDE.md — New pattern, flow, or context that AI assistants need
Code comments/JSDoc — Complex logic that needs inline explanation

Visual Documentation

Mermaid diagram — Complex flow, state machine, or architecture

B[LearnCard] --> C[Network]

-->

#### 💭 Documentation Notes
<!-- If no docs needed, briefly explain why (e.g., "Internal refactor, no API changes") -->


# ✅ PR Checklist
- [x] Related to a Jira issue ([create one if not](https://welibrary.atlassian.net/jira/software/projects/WE/boards/2))
- [x] My code follows **style guidelines** (eslint / prettier)
- [x] I have **manually tested** common end-2-end cases
- [x] I have **reviewed** my code
- [x] I have **commented** my code, particularly where ambiguous
- [x] New and existing **unit tests pass** locally with my changes
- [x] I have completed the **Documentation Checklist** above (or explained why N/A)

### 🚀 Ready to squash-and-merge?:
- [x] Code is backwards compatible
- [x] There is **not** a "Do Not Merge" label on this PR
- [x] I have thoughtfully considered the security implications of this change.
- [x] This change does not expose new public facing endpoints that do not have authentication


[LC-1423]: https://welibrary.atlassian.net/browse/LC-1423?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

changeset-bot · 2025-12-19T18:14:44Z

🦋 Changeset detected

Latest commit: 7be34ed

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 16 packages

Name	Type
@learncard/learn-cloud-service	Patch
learn-card-app	Patch
@learncard/learn-cloud-client	Patch
@learncard/learn-cloud-plugin	Patch
@learncard/cli	Patch
@learncard/init	Patch
@learncard/chapi-example	Patch
@learncard/create-http-bridge	Patch
@learncard/react	Patch
learn-card-discord-bot	Patch
@learncard/lca-api-service	Patch
scoutpass-app	Patch
@learncard/snap-chapi-example	Patch
@learncard/lca-api-client	Patch
@learncard/lca-api-plugin	Patch
learn-card-base	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

netlify · 2025-12-19T18:14:46Z

✅ Deploy Preview for learncarddocs canceled.

Name	Link
🔨 Latest commit	`7be34ed`
🔍 Latest deploy log	https://app.netlify.com/projects/learncarddocs/deploys/6945d09a03cc79000851c227

netlify · 2025-12-19T18:15:23Z

✅ Deploy Preview for staging-learncardapp canceled.

Name	Link
🔨 Latest commit	`7be34ed`
🔍 Latest deploy log	https://app.netlify.com/projects/staging-learncardapp/deploys/6945d09ad5391b0008b61a17

gitstream-cm · 2025-12-19T18:16:24Z

🥷 Code experts: Custard7

Custard7, TaylorBeeston have most 👩‍💻 activity in the files.
Custard7, TaylorBeeston have most 🧠 knowledge in the files.

See details

apps/learn-card-app/src/pages/consentFlow/ExternalConsentFlowDoor.tsx

Activity based on git-commit:

	Custard7	TaylorBeeston
DEC
NOV		340 additions & 0 deletions
OCT
SEP
AUG
JUL

Knowledge based on git-blame:
TaylorBeeston: 100%

apps/learn-card-app/src/pages/consentFlow/FullScreenConsentFlow.tsx

Activity based on git-commit:

	Custard7	TaylorBeeston
DEC		107 additions & 43 deletions
NOV		220 additions & 0 deletions
OCT
SEP
AUG
JUL

Knowledge based on git-blame:
TaylorBeeston: 100%

docs/core-concepts/consent-and-permissions/writing-consented-data.md

Activity based on git-commit:

	Custard7	TaylorBeeston
DEC	77 additions & 0 deletions	29 additions & 2 deletions
NOV
OCT
SEP
AUG
JUL

Knowledge based on git-blame:
Custard7: 72%
TaylorBeeston: 28%

docs/sdks/learncloud-storage-api/xapi-reference.md

Activity based on git-commit:

	Custard7	TaylorBeeston
DEC	528 additions & 0 deletions
NOV
OCT
SEP
AUG
JUL