Big picture
User Stories - business integration
New User buys new STB
- User go to KN store and buy a new STB
- NetAdmin then provision new user
- NetAdmin then link the STB to that user
- User go home and turn on the new STB
- STB uses the key included in the firmware to sign a JWT that includes the STB serial number as a "sub" claim
- Move API compares the serial number to the list of users set up in step 3
Existing User buys new STB
- User go to KN store and buy a new STB
- NetAdmin then link the STB to the existing user account
- Optionally, NetAdmin unlinks the old STB
- User go home and turn on the new STB
- STB uses the key included in the firmware to sign a JWT that includes the STB serial number as a "sub" claim
- Move API compares the serial number to the list of users set up in step 3
Existing user sell his/her STB
- User A sells his/her STB to user B
- User A call KN to unlink the STB from his/her account
- User B call KN to link the STB to his/her account
- KN captures information and passes to NetAdmin to:
- Unlink the STB from user account A
- Link the STB to user account B
- User B turns STB on after being told the linking is complete
- STB uses the key included in the firmware to sign a JWT that includes the STB serial number as a "sub" claim
- Move API compares the serial number to the list of users set up in step 3 and finds user B
Use case diagrams
Create new user
This will only be done in Phase 2. In Phase 1 users will be manually provisioned through
This API is used to add a new user account. Following rules apply:
- Email address or customer-id should not belong to any customer that is not in DELETED state; otherwise API will return an error.
- If the user with that email exists in DELETED state and his grace period is not expired, his previous registration state is restored.
- A new user is created in UNREGISTERED state.
Flow diagram
| Code Block | ||||
|---|---|---|---|---|
| ||||
title Create new user account NetAdmin->Move API: POST https://boox.fi/api/management/user Move API->NetAdmin: 200 OK |
Technical details
Request
| Method Type | URL | Authorization |
|---|---|---|
| POST | https://boox.fi/api/management/user | Service (Digest Authentication) |
Query Strings
Please note that M is for Mandatory and O for Optional.
| Parameter | M/O | Description | Values |
|---|---|---|---|
| service | M | Service to which the user belongs. | String of service username. Shared separately. |
| M | Email address of the user. | Email address of the user | |
| cid | M | Customer Identifier. | Numeric ID linking the user to NetAdmin system |
| auth_pin | M | Authentication PIN code. | Number with the length of 4. e.g. 8798 |
| purchase_pin | M | Purchase PIN code. | Number with the length of 4. e.g. 8798 |
| dob | O | User Date of birth in YYYY-MM-DD format. | SUSPEND or ACTIVATE keywords are allowed only. |
Error Codes
| Error Code | Description |
|---|---|
| 1403 | email is missing |
| 1405 | cid is missing |
| 1406 | auth_pin is missing |
| 1407 | purchase_pin is missing |
| 1412 | Email already exists |
| 1413 | CID already Exists |
Link user account to STB
Flow diagram (non-technical)
| Code Block | ||||
|---|---|---|---|---|
| ||||
title Link user account to STB note left of Amino factory At manufacture time end note Amino factory->Move API: List of STB serial numbers and keys note right of NetAdmin: At sale time end note NetAdmin->Move API: User identity and their STB serial number |
Technical details
NetAdmin will POST to https://boox.fi/api/management/stb/link_user
Request
| Method | URL | Authorization |
|---|---|---|
POST | https://boox.fi/api/management/stb/link_user | IP, Service (Digest Authentication) |
Parameters
Please note that M is for Mandatory and O is for Optional.
| Parameters | M/O | Description | Values | ||
|---|---|---|---|---|---|
| service | M | Service to which the user belongs. | String of service username. Shared separately. | ||
serial_no | M | Serial Number of STB. If device does not exists with provided serial no then it will be added. | Alpha numeric string. | ||
| M | Email address of user who is provisioned for using the STB | Valid email address. e.g. john.doe@example.com | |||
public_keys | M | 8 Public keys which will be used to authenticate the STB.
| key0_base64;key1_base64;...........;key7_base64 (no limit on max length). where each public key is base-64 encoded,semicolon(;) is used between keys as separator. | ||
| chipset_id | O | STB device chipset number/ID. | chipset_id is a random list of characters (max 32 characters). | ||
| mac | O | Ethernet interface MAC address. | mac is a random list of characters (max 18 characters). |
Response
| HTTP Code | Response |
|---|---|
| 200 | { |
| 400 | |
| 401 | none |
Error Codes
| Error Code | Description |
|---|---|
| 1414 | Email does not exist |
| 1426 | Parameter is required |
| 1427 | Invalid length of chipset_id |
| 1428 | Invalid length of mac |
| 1433 | STB exists and linked |
| 1434 | Record already exists for value |
| 1435 | STB is already assigned |
| 1436 | Invalid email address format |
How the user will sign in
See /wiki/spaces/BPLAT/pages/38550375 to see the process of letting the user sign in.
Entitle user to "A" package
The API is documented at Channel License
| Code Block | ||||
|---|---|---|---|---|
| ||||
title Entitle user to "A" package
KN BSS->Move API: POST /user/{user_id}/relationships/channel_licenses
Move API->Irdeto: SOAP entitlement call
Irdeto->Move API: 200 OK
Move API->KN BSS: 201 CREATED
|
Remove user entitlement to "A" package
The API is documented at Channel License
| Code Block | ||||
|---|---|---|---|---|
| ||||
title Remove user entitlement to package A
KN BSS->Move API: DELETE /user/{user_id}/relationships/channel_licenses/{channel_license_id}
Move API->Irdeto: SOAP entitlement call
Irdeto->Move API: 200 OK
Move API->KN BSS: 204 NO RESPONSE BODY |