| Internet-Draft | DataRight+: Enhanced Endpoint Versioning | July 2024 |
| Low & Kolera | Expires 21 January 2025 | [Page] |
This specification outlines the technical components associated with the DataRight+ Enhanced Endpoint Versioning. This is intended to be an alternate endpoint versioning scheme to that outlined with [CDS] which facilitates a more developer friendly response processing mechanism (by way of oneOf) and a deterministic request payload versioning mechanism.¶
The keywords "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 21 January 2025.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.¶
The scope of this specification is specifically with regard to a standardised request and response versioning pattern for resource server endpoint paths as an alternate to that prescribed by [CDS].¶
This specification uses the terms "Provider" and "Initiator" as defined by [DATARIGHTPLUS-ROSETTA].¶
The [CDS] introduced an endpoint versioning scheme based on a negotiation pattern contained within the x-v and x-min-v headers. This effectively allows for dynamic response negotiation by the resource server between a range of available versions. The challenges with this approach though is that the payloads themselves are not explicitly versioned, something oneOf in OpenAPI 3 lends itself to, and the payloads contained within POST requests are essentially unversioned.¶
This specification seeks to solve for these two challenges by introducing an explicit version in both request and response payloads. Further it seeks to retire the x-min-v header on the basis that such a negotiation pattern is unable to be applied to potentially multiple versions of a request payload. Much of this specification assumes the adoption of the related [DATARIGHTPLUS-DISCOVERY] specification.¶
The following provisions apply to Provider Resource Server endpoints supporting this specification:¶
x-v header specified in the request;¶
version attribute in the response payload;¶
x-v value matching the version attribute within the payload¶
version attribute to the appropriate OpenAPI specification¶
x-v value which is unsupported the server shall respond with a urn:au-cds:error:cds-all:Header/UnsupportedVersion error as outlined in [CDS]¶
The following provisions apply to participants operating individual Initiators accessing endpoints supporting this specification:¶
x-v header representing the requested response payload¶
version attribute contained within the relevant OpenAPI specification¶
version attribute and the oneOf specification within the relevant OpenAPI specification¶
x-v header SHALL be validated to ensure the x-v and version values are the same¶
For endpoints which are currently compliant to the [CDS] versioning schema the endpoint can be transitioned by incrementing the endpoint version while introducing the version attribute into the response and, if necessary, the request payloads. In order to retire the use of x-min-v it is necessary to introduce a discovery document, as outlined in [DATARIGHTPLUS-DISCOVERY].¶