Skip to end of banner
Go to start of banner

User Profile Support

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Version History

« Previous Version 9 Current »

Introduction

User profiles allow a single household account to be shared between several members of that household.  Each user can have their own profile with their own settings and recordings.

User profiles can be marked as belonging to a child, in which case it will never be allowed to watch adult content.  Note that this restriction cannot be lifted by providing the account PIN code, only adult profiles can be unlocked to display adult content.

Overview of endpoints

We track user profiles using the following entity. Our API endpoints expose the entity.

EntityPurpose
UserProfileThis stores information about profiles of an account.

Sequence diagram



The sequence for using an existing profile is as follows:

  1. The user logs into the account as normal
  2. The authorised user is marked as default user profile by default.
  3. The client retrieves a list of existing profiles and displays this to the user for selection
  4. The user selects a profile
  5. The client swaps the account authentication token for a profile authentication token
  6. All further calls to the API are authenticated with the profile authentication token

The sequence for creating a new profile is as follows:

  1. The user logs into the account as normal
  2. The authorised user is marked as default user profile by default.
  3. The client retrieves a list of existing profiles and displays this to the user for selection
  4. The user chooses to make a new profile
  5. The client POSTs to the profile endpoint to create the profile
  6. The client swaps the account authentication token for a profile authentication token
  7. All further calls to the API are authenticated with the profile authentication token

Filtering content

It is the responsibility of the client to know whether the user is logged in using a child profile or not.  You will be able to tell from examining the "is_child_profile" key of the list that you obtain in the section below titled "Obtaining a list of profiles".

When the user is logged in as a child profile you should remove any adult content from display:

  • Remove any channels from the EPG that have the 'is_adult_rated' flag set to 1
  • Programs have an identical rating system and you should also remove them from the EPG listing and avoid showing a details page of their content

Additionally,

  • Before allowing a stream to be played or marked for recording you should also check that the associated program is safe for children

Logging in

Authentication is done at an account level;  All users will log in with the same account details and then subsequently choose the profile that they want to use for their session or they are automatically selected as default profile.

Tip

There is no additional PIN or other authentication required in order to use an adult profile.

The expected user journey is:

  1. Log in with the account details
  2. Be presented with a list of available profiles
  3. Either create a new profile or select one of the profiles in the list


Although the client is able to read the JWT token this is discouraged as the claim format may change without notice.

Use cases

Each account can have multiple profiles

It is possible that each account have multiple profiles but they should have different profile names. 

GET api/users/v1/users/{user_id}/user_profiles

By calling the above API, it will returns list of profiles of that user

User Profiles
{
  "data": [
    {
      "type": "UserProfile",
      "id": "84eb61a9-75d4-42c7-8c15-84c3d7776227",
      "attributes": {
        "name": "Dad",
        "user_id": 42,
        "is_child_profile": false,
        "age_limit": 16,
        "is_default": false
      },
      "links": {
        "self": "https://demo.aminocom.com/api/users/v1/5b56765e-fa7b-45d2-8dee-2869ec736cc9/user_profiles/84eb61a9-75d4-42c7-8c15-84c3d7776227"
      }
    }
  ]
}


User can create multiple profiles

An Authorised user can create multiple accounts as long as they have different names.

POST api/users/v1/users/{user_id}/user_profiles

By calling the above API, a profile belongs to that user will be created. Here is an example of a request body to create a profile.

User Profiles
{
  "name": "Dad",
  "user_id": 42,
  "is_child_profile": false,
  "age_limit": 16,
  "is_default": false
}

And response body after the successful call.

User Profiles
{
  "data": [
    {
      "type": "UserProfile",
      "id": "dc11a654-882d-47cb-a971-bb1fc6f0ffd8",
      "attributes": {
        "name": "Dad",
        "user_id": 42,
        "is_child_profile": false,
        "age_limit": 16,
        "is_default": false
      },
      "links": {
        "self": "https://demo.aminocom.com/api/users/v1/5b56765e-fa7b-45d2-8dee-2869ec736cc9/user_profiles/dc11a654-882d-47cb-a971-bb1fc6f0ffd8"
      }
    }
  ]
}


Profile can be set as Child profile

When the profile is created, user can set it as Child profile which contains specific things for children or limit them from sensitive channels or adult contents.

We can set it by set the property  "is_child_profile": true in the request body of the following API

POST api/users/v1/users/{user_id}/user_profiles


By default there is one default profile created per account.

When an account is created, the default profile is created correspondingly. The default name of that profile is the account's first name or "Default" if the first name is empty.


User can update information of profiles belong to the account

It is possible to an authorised user can update information of profiles such as name, age limit for the profile, is a child profile or not, is a default profile or not by calling the following API

PATCH api/users/v1/users/{user_id}/user_profiles/{user_profile_id}

Here is an example of request body.

User Profiles
{
  "name": "Dad",
  "is_child_profile": false,
  "age_limit": 16,
  "is_default": true
}

Not all fields are required, just necessary fields are patched. For example, if user wants to update name of the profile, the request body requites field "name".


User can remove profiles which belong to the account

It is possible to an authorised user can remove profiles by calling the following API

DELETE api/users/v1/users/{user_id}/user_profiles/{user_profile_id}


At the initial user login, the default profile is returned automatically without asking the user to select

When user login, the response body includes "accessToken", "refreshToken" which can be decoded. Field "profile" in the decoded result will be the default profile and is used for actions of user. 


Logging in as a particular profile

There is no particular endpoint for logging in as a profile. 

As the user logs in, they login as the default profile. They may then use the access token endpoint to obtain access tokens for another profile. See User Authentication

The client should track which profile is currently logged in for their purposes.


  • No labels