- changed status to open
Behaviour of AS when presented with a non-uuid x-fapi-interaction-id is not clearly defined
We ran into an interoperability issue in the OB UK ecosystem whereby a client that sent a non-uuid x-fapi-interaction-id header was accepted by some banks and rejected by others. The spec should perhaps be clearer on this.
Comments (11)
-
-
-
assigned issue to
-
assigned issue to
-
reporter We confirmed on the call that the intention is that the client must only send a uuid, as otherwise we’d want more text to set a length limit / allowing char set / etc
I suggest changing:may send the
x-fapi-interaction-id
request header whose value is a RFC4122 UUID to the server to help correlate log entries between client and server, e.g.,x-fapi-interaction-id: c770aef3-6784-41f7-8e0e-ff5f97bddb3a
.to:
may send the
x-fapi-interaction-id
request header, in which case the value shall be a RFC4122 UUID to the server to help correlate log entries between client and server, e.g.,x-fapi-interaction-id: c770aef3-6784-41f7-8e0e-ff5f97bddb3a
. -
-
assigned issue to
-
assigned issue to
-
-
- changed status to resolved
PR merged in
-
- changed component to Part 1: Baseline
-
- changed component to FAPI 1 - Part 1: Baseline
-
- changed component to FAPI 1 – Part 1: Baseline
-
- changed component to FAPI 1 – Baseline
-
- changed component to FAPI 1: Baseline
- Log in to comment
Maybe relax the client requirement.