Confirmed users
471
edits
Identity/AttachedServices/KeyServerProtocol: Difference between revisions
Identity/AttachedServices/KeyServerProtocol (view source)
Revision as of 23:20, 1 August 2013
, 1 August 2013→Deleting The Account: rename to "destroy"
(→Test Vectors: update to current protocol) |
(→Deleting The Account: rename to "destroy") |
||
| Line 303: | Line 303: | ||
The user should be prompted for their password as confirmation (i.e. a browser in the normal attached-and-synchronizing state should not be able to erase the account information: it must acquire a new authToken first). | The user should be prompted for their password as confirmation (i.e. a browser in the normal attached-and-synchronizing state should not be able to erase the account information: it must acquire a new authToken first). | ||
The device then obtains an authToken as described above, then spends it on a HAWK-protected request to the /account/ | The device then obtains an authToken as described above, then spends it on a HAWK-protected request to the /account/destroy endpoint. This request contains no body and returns only a success code. | ||
[[File:PICL-IdPAuth-deleteAccount.png|Deleting the Account]] | [[File:PICL-IdPAuth-deleteAccount.png|Deleting the Account]] | ||