From acfe0d7223f8495afc9523f88076f69f637fec68 Mon Sep 17 00:00:00 2001 From: Todd Martin <106564991+trmartin4@users.noreply.github.com> Date: Mon, 15 Dec 2025 12:38:53 -0500 Subject: [PATCH] chore(README): Adjust README header level for better formatting * Adjust headers for better formatting. * Fixed formatting. --- .../RequestValidators/SendAccess/readme.md | 35 +++++++++---------- 1 file changed, 16 insertions(+), 19 deletions(-) diff --git a/src/Identity/IdentityServer/RequestValidators/SendAccess/readme.md b/src/Identity/IdentityServer/RequestValidators/SendAccess/readme.md index afab13a156..2a6ea66857 100644 --- a/src/Identity/IdentityServer/RequestValidators/SendAccess/readme.md +++ b/src/Identity/IdentityServer/RequestValidators/SendAccess/readme.md @@ -1,17 +1,15 @@ -Send Access Request Validation -=== +# Send Access Request Validation This feature supports the ability of Tools to require specific claims for access to sends. In order to access Send data a user must meet the requirements laid out in these request validators. -# ***Important: String Constants*** - -The string constants contained herein are used in conjunction with the Auth module in the SDK. Any change to these string values _must_ be intentional and _must_ have a corresponding change in the SDK. +> [!IMPORTANT] +> The string constants contained herein are used in conjunction with the Auth module in the SDK. Any change to these string values _must_ be intentional and _must_ have a corresponding change in the SDK. There is snapshot testing that will fail if the strings change to help detect unintended changes to the string constants. -# Custom Claims +## Custom Claims Send access tokens contain custom claims specific to the Send the Send grant type. @@ -19,41 +17,41 @@ Send access tokens contain custom claims specific to the Send the Send grant typ 1. `send_email` - only set when the Send requires `EmailOtp` authentication type. 1. `type` - this will always be `Send` -# Authentication methods +## Authentication methods -## `NeverAuthenticate` +### `NeverAuthenticate` For a Send to be in this state two things can be true: 1. The Send has been modified and no longer allows access. 2. The Send does not exist. -## `NotAuthenticated` +### `NotAuthenticated` In this scenario the Send is not protected by any added authentication or authorization and the access token is issued to the requesting user. -## `ResourcePassword` +### `ResourcePassword` In this scenario the Send is password protected and a user must supply the correct password hash to be issued an access token. -## `EmailOtp` +### `EmailOtp` In this scenario the Send is only accessible to owners of specific email addresses. The user must submit a correct email. Once the email has been entered then ownership of the email must be established via OTP. The Otp is sent to the aforementioned email and must be supplied, along with the email, to be issued an access token. -# Send Access Request Validation +## Send Access Request Validation -## Required Parameters +### Required Parameters -### All Requests +#### All Requests - `send_id` - Base64 URL-encoded GUID of the send being accessed -### Password Protected Sends +#### Password Protected Sends - `password_hash_b64` - client hashed Base64-encoded password. -### Email OTP Protected Sends +#### Email OTP Protected Sends - `email` - Email address associated with the send - `otp` - One-time password (optional - if missing, OTP is generated and sent) -## Error Responses +### Error Responses All errors include a custom response field: ```json @@ -62,5 +60,4 @@ All errors include a custom response field: "error_description": "Human readable description", "send_access_error_type": "specific_error_code" } -``` - +``` \ No newline at end of file