openapi: 3.0.3
info:
title: Device Roaming Status
description: |
This API provides the API consumer with the ability to query device roaming Status
# Introduction
## Roaming Status
API consumer is able to verify whether a certain user device is in roaming situation (or not).
The verification of the roaming situation depends on the network's ability. Additionally to the roaming status, when the device is in roaming situation, visited country information could be returned in the response.
## Possible Use-Cases
Roaming status verification could be useful in scenario such as (not exhaustive):
- For regulatory reasons, where a customer may need to be within a certain jurisdiction, or out with others, in order for transactions to be authorized
- For security / fraud reasons, to establish that a customer is located where they claim to be
- For service delivery reasons, to ensure that the customer has access to particular service, and will not incur roaming charges in accessing them
## Relevant terms and definitions
* **Device**: A device refers to any physical entity that can connect to a network and participate in network communication.
At least one identifier for the device (user equipment) out of four options: IPv4 address, IPv6 address, Phone number, or Network Access Identifier (not supported for this API version) assigned by the mobile network operator for the device.
* **Roaming** : Roaming status - `true`, if device is in roaming situation - `false` else.
* **Country** : Country code and name - visited country information, provided if the device is in roaming situation.
* **LastStatusTime** : This property specifies the time when the status was last updated. Its presence in the response indicates the freshness of the information, while its absence implies the information may be outdated or its freshness is uncertain.
# API Functionality
The API exposes following capabilities:
## Device roaming situation
The endpoint `POST /retrieve` allows to get roaming status and country information (if device in roaming situation) synchronously.
# Identifying the device from the access token
This API requires the API consumer to identify a device as the subject of the API as follows:
- When the API is invoked using a two-legged access token, the subject will be identified from the optional `device` object, which therefore MUST be provided.
- When a three-legged access token is used however, this optional identifier MUST NOT be provided, as the subject will be uniquely identified from the access token.
This approach simplifies API usage for API consumers using a three-legged access token to invoke the API by relying on the information that is associated with the access token and was identified during the authentication process.
## Error handling:
- If the subject cannot be identified from the access token and the optional `device` object is not included in the request, then the server will return an error with the `422 MISSING_IDENTIFIER` error code.
- If the subject can be identified from the access token and the optional `device` object is also included in the request, then the server will return an error with the `422 UNNECESSARY_IDENTIFIER` error code. This will be the case even if the same device is identified by these two methods, as the server is unable to make this comparison.
# Authorization and authentication
The "Camara Security and Interoperability Profile" provides details of how an API consumer requests an access token. Please refer to Identity and Consent Management (https://github.com/camaraproject/IdentityAndConsentManagement/) for the released version of the profile.
The specific authorization flows to be used will be agreed upon during the onboarding process, happening between the API consumer and the API provider, taking into account the declared purpose for accessing the API, whilst also being subject to the prevailing legal framework dictated by local legislation.
In cases where personal data is processed by the API and users can exercise their rights through mechanisms such as opt-in and/or opt-out, the use of three-legged access tokens is mandatory. This ensures that the API remains in compliance with privacy regulations, upholding the principles of transparency and user-centric privacy-by-design.
## Multi-SIM scenario handling
In multi-SIM scenarios where more than one mobile device is associated with a phone number (e.g. a smartphone with an associated smartwatch), it might not be possible to uniquely identify the device for which the roaming status should be returned from that phone number. If the phone number is used as the device identifier when querying in a multi-SIM scenario, the API may:
- respond with an error, or
- return a combined roaming status for the multi-SIM group as a whole, or
- return the roaming status for a single device in the multi-SIM group, which may not be the intended device.
Possible solutions in such a scenario include:
- Using the authorisation code flow to obtain an access token, which will automatically identify the intended device
- Identifying the intended device from a unique identifier for that device, such as its source IP address and port
- Check with the SIM provider whether a unique "secondary" phone number is already associated with each device, and use the secondary phone number to identify the intended device if available.
## Further info and support
(FAQs will be added in a later version of the documentation)
license:
name: Apache 2.0
url: https://www.apache.org/licenses/LICENSE-2.0.html
version: 1.0.0
x-camara-commonalities: 0.5
externalDocs:
description: Product documentation at CAMARA
url: https://github.com/camaraproject/DeviceStatus
servers:
- url: "{apiRoot}/device-roaming-status/v1"
variables:
apiRoot:
default: http://localhost:9091
description: API root
tags:
- name: Roaming status retrieval
description: Operation to get device roaming status and country information (if roaming) synchronously
paths:
/retrieve:
post:
tags:
- Roaming status retrieval
summary: "Get the current roaming status and the country information"
description: Get the current roaming status and the country information
operationId: getRoamingStatus
parameters:
- $ref: '#/components/parameters/x-correlator'
security:
- openId:
- device-roaming-status:read
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/RoamingStatusRequest"
required: true
responses:
"200":
description: Contains information about current roaming status
headers:
x-correlator:
$ref: '#/components/headers/x-correlator'
content:
application/json:
schema:
$ref: "#/components/schemas/RoamingStatusResponse"
examples:
No-Country-Name:
value:
lastStatusTime: "2024-02-20T10:41:38.657Z"
roaming: true
countryCode: 901
countryName: []
Single-Country-Code:
value:
lastStatusTime: "2024-02-20T10:41:38.657Z"
roaming: true
countryCode: 262
countryName: ["DE"]
Multiple-Country-Codes:
value:
lastStatusTime: "2024-02-20T10:41:38.657Z"
roaming: true
countryCode: 340
countryName: ["BL", "GF", "GP", "MF", "MQ"]
"400":
$ref: "#/components/responses/Generic400"
"401":
$ref: "#/components/responses/Generic401"
"403":
$ref: "#/components/responses/Generic403"
"404":
$ref: "#/components/responses/Generic404"
"422":
$ref: "#/components/responses/Generic422"
"429":
$ref: "#/components/responses/Generic429"
"503":
$ref: "#/components/responses/Generic503"
components:
securitySchemes:
openId:
type: openIdConnect
openIdConnectUrl: https://example.com/.well-known/openid-configuration
parameters:
x-correlator:
name: x-correlator
in: header
description: Correlation id for the different services
schema:
type: string
pattern: ^[a-zA-Z0-9-]{0,55}$
example: "b4333c46-49c0-4f62-80d7-f0ef930f1c46"
headers:
x-correlator:
description: Correlation id for the different services
schema:
type: string
pattern: ^[a-zA-Z0-9-]{0,55}$
example: "b4333c46-49c0-4f62-80d7-f0ef930f1c46"
schemas:
RoamingStatusResponse:
type: object
required:
- roaming
properties:
lastStatusTime:
$ref: "#/components/schemas/LastStatusTime"
roaming:
$ref: "#/components/schemas/ActiveRoaming"
countryCode:
$ref: "#/components/schemas/CountryCode"
countryName:
$ref: "#/components/schemas/CountryName"
LastStatusTime:
description: Last time that the associated device roaming status was updated
type: string
format: date-time
example: "2024-02-20T10:41:38.657Z"
ActiveRoaming:
description: Roaming status. True, if it is roaming
type: boolean
Device:
description: |
End-user equipment able to connect to a mobile network. Examples of devices include smartphones or IoT sensors/actuators.
The developer can choose to provide the below specified device identifiers:
* `ipv4Address`
* `ipv6Address`
* `phoneNumber`
* `networkAccessIdentifier`
NOTE: the MNO might support only a subset of these options. The API invoker can provide multiple identifiers to be compatible across different MNOs. In this case the identifiers MUST belong to the same device.
type: object
properties:
phoneNumber:
$ref: "#/components/schemas/PhoneNumber"
networkAccessIdentifier:
$ref: "#/components/schemas/NetworkAccessIdentifier"
ipv4Address:
$ref: "#/components/schemas/DeviceIpv4Addr"
ipv6Address:
$ref: "#/components/schemas/DeviceIpv6Address"
minProperties: 1
PhoneNumber:
description: A public identifier addressing a telephone subscription. In mobile networks it corresponds to the MSISDN (Mobile Station International Subscriber Directory Number). In order to be globally unique it has to be formatted in international format, according to E.164 standard, prefixed with '+'.
type: string
pattern: '^\+[1-9][0-9]{4,14}$'
example: "+123456789"
NetworkAccessIdentifier:
description: A public identifier addressing a subscription in a mobile network. In 3GPP terminology, it corresponds to the GPSI formatted with the External Identifier ({Local Identifier}@{Domain Identifier}). Unlike the telephone number, the network access identifier is not subjected to portability ruling in force, and is individually managed by each operator.
type: string
example: "[email protected]"
DeviceIpv4Addr:
type: object
description: |
The device should be identified by either the public (observed) IP address and port as seen by the application server, or the private (local) and any public (observed) IP addresses in use by the device (this information can be obtained by various means, for example from some DNS servers).
If the allocated and observed IP addresses are the same (i.e. NAT is not in use) then the same address should be specified for both publicAddress and privateAddress.
If NAT64 is in use, the device should be identified by its publicAddress and publicPort, or separately by its allocated IPv6 address (field ipv6Address of the Device object)
In all cases, publicAddress must be specified, along with at least one of either privateAddress or publicPort, dependent upon which is known. In general, mobile devices cannot be identified by their public IPv4 address alone.
properties:
publicAddress:
$ref: "#/components/schemas/SingleIpv4Addr"
privateAddress:
$ref: "#/components/schemas/SingleIpv4Addr"
publicPort:
$ref: "#/components/schemas/Port"
anyOf:
- required: [publicAddress, privateAddress]
- required: [publicAddress, publicPort]
example:
publicAddress: "84.125.93.10"
publicPort: 59765
SingleIpv4Addr:
description: A single IPv4 address with no subnet mask
type: string
format: ipv4
example: "84.125.93.10"
Port:
description: TCP or UDP port number
type: integer
minimum: 0
maximum: 65535
DeviceIpv6Address:
description: |
The device should be identified by the observed IPv6 address, or by any single IPv6 address from within the subnet allocated to the device (e.g. adding ::0 to the /64 prefix).
type: string
format: ipv6
example: 2001:db8:85a3:8d3:1319:8a2e:370:7344
CountryCode:
description: The Mobile country code (MCC) as an geographic region identifier for the country and the dependent areas.
type: integer
CountryName:
description: The ISO 3166 ALPHA-2 country-codes of mapped to mobile country code(MCC). If there is mapping of one MCC to multiple countries, then we have list of countries. If there is no mapping of MCC to any country, then an empty array [] shall be returned..
type: array
items:
type: string
RoamingStatusRequest:
description: The request for retrieving the current roaming status for the requested device.
type: object
properties:
device:
$ref: "#/components/schemas/Device"
ErrorInfo:
description: The error object used for error-cases.
type: object
required:
- status
- code
- message
properties:
status:
type: integer
description: HTTP response status code
code:
type: string
description: Code given to this error
message:
type: string
description: Detailed error description
responses:
Generic400:
description: Bad Request
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 400
code:
enum:
- INVALID_ARGUMENT
examples:
GENERIC_400_INVALID_ARGUMENT:
description: Invalid Argument. Generic Syntax Exception
value:
status: 400
code: INVALID_ARGUMENT
message: Client specified an invalid argument, request body or query param.
Generic401:
description: Unauthorized
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 401
code:
enum:
- UNAUTHENTICATED
- AUTHENTICATION_REQUIRED
examples:
GENERIC_401_UNAUTHENTICATED:
description: Request cannot be authenticated
value:
status: 401
code: UNAUTHENTICATED
message: Request not authenticated due to missing, invalid, or expired credentials.
GENERIC_401_AUTHENTICATION_REQUIRED:
description: New authentication is needed, authentication is no longer valid
value:
status: 401
code: AUTHENTICATION_REQUIRED
message: New authentication is required.
Generic403:
description: Forbidden
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 403
code:
enum:
- PERMISSION_DENIED
examples:
GENERIC_403_PERMISSION_DENIED:
description: Permission denied. OAuth2 token access does not have the required scope or when the user fails operational security
value:
status: 403
code: PERMISSION_DENIED
message: Client does not have sufficient permissions to perform this action.
Generic404:
description: Not found
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 404
code:
enum:
- NOT_FOUND
- IDENTIFIER_NOT_FOUND
examples:
GENERIC_404_NOT_FOUND:
description: Resource is not found
value:
status: 404
code: NOT_FOUND
message: The specified resource is not found.
GENERIC_404_IDENTIFIER_NOT_FOUND:
description: The phone number is not associated with a CSP customer account
value:
status: 404
code: IDENTIFIER_NOT_FOUND
message: The phone number provided is not associated with a customer account
Generic422:
description: Unprocessable Content
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 422
code:
enum:
- IDENTIFIER_MISMATCH
- SERVICE_NOT_APPLICABLE
- MISSING_IDENTIFIER
- UNSUPPORTED_IDENTIFIER
- UNNECESSARY_IDENTIFIER
examples:
GENERIC_422_IDENTIFIER_MISMATCH:
description: Inconsistency between identifiers not pointing to the same device
value:
status: 422
code: IDENTIFIER_MISMATCH
message: Provided identifiers are not consistent.
GENERIC_422_SERVICE_NOT_APPLICABLE:
description: Service not applicable for the provided identifier
value:
status: 422
code: SERVICE_NOT_APPLICABLE
message: The service is not available for the provided identifier.
GENERIC_422_MISSING_IDENTIFIER:
description: An identifier is not included in the request and the device or phone number identification cannot be derived from the 3-legged access token
value:
status: 422
code: MISSING_IDENTIFIER
message: The device cannot be identified.
GENERIC_422_UNSUPPORTED_IDENTIFIER:
description: None of the provided identifiers is supported by the implementation
value:
status: 422
code: UNSUPPORTED_IDENTIFIER
message: The identifier provided is not supported.
GENERIC_422_UNNECESSARY_IDENTIFIER:
description: An explicit identifier is provided when a device or phone number has already been identified from the access token
value:
status: 422
code: UNNECESSARY_IDENTIFIER
message: The device is already identified by the access token.
Generic429:
description: Too Many Requests
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 429
code:
enum:
- QUOTA_EXCEEDED
- TOO_MANY_REQUESTS
examples:
GENERIC_429_QUOTA_EXCEEDED:
description: Request is rejected due to exceeding a business quota limit
value:
status: 429
code: QUOTA_EXCEEDED
message: Out of resource quota.
GENERIC_429_TOO_MANY_REQUESTS:
description: Access to the API has been temporarily blocked due to rate or spike arrest limits being reached
value:
status: 429
code: TOO_MANY_REQUESTS
message: Rate limit reached.
Generic503:
description: Service Unavailable
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 503
code:
enum:
- UNAVAILABLE
examples:
GENERIC_503_UNAVAILABLE:
description: Service is not available. Temporary situation usually related to maintenance process in the server side
value:
status: 503
code: UNAVAILABLE
message: Network issue