Skip to content

Profile data sharing

Important

Our work follows the mydata principle. This means that the user (guest, profile owner) is the owner of the profile data and is in control of his/her data, can view everything which is stored and decide who can access it.
This has some implications on the functionality we offer to partners as well.

Access control

Under the hood we use the Data Governance. Each piece of data is carrying the information about who is allowed to access it. The main subjects which add to it are

  • Entity type
  • Profile (guest)
  • Partner
  • Role (licence)

Over the api a partner can only access data on which he is registered and together with a valid guest authentication. To access all the data a partner is allowed to access we offer the Profile Data Notification Service where a partner can register to a service bus and retrieve all data relevant for CRM purposes.

Shared data

Info

We plan to give the guest more individual control possibilities over his/her data in the future https://my.discover.swiss/#/shared-data

Shared between partners

An important question with an ongoing discussion is which partner is allowed to access which data of a user. The current state of affairs is:

Entity description Entitiy description
Person
Party
Shared with all partners who do have a relation to this guest:
The guest logged in to one of the partners' sites.
PartnerData
Order
Ticket
All partners can only access data which was created in one of their own applications using their own subscription key.

Shared between guests

A feature available is to allow a guest to share partner data with other guests.

Use case:
A guest can create a list of favorites in a partner's app (stored in a PartnerData object) and then can share it using a link with other guests (friend).

Warning

This sharing is copying the partner data into the friends profile. The data is disconneted afterwards, but can be updated/refreshed using the same api calls any time.

Shared partner data in my.discover.swiss in friends my.discover.swiss

Share a partnerData by name

see developer portal Share partnerdata object

PUT {{ profilUrl }}/partnerdata/meineFavoriten/share
{
    "sharingIdentifier": "8b20238a-8ec4-eb8b-32de-88c24cff4f2f",
    "importApiUrl": "{{ profilUrl }}/import/8b20238a-8ec4-eb8b-32de-88c24cff4f2f",
    "shareObjectApiUrl": "{{ profilUrl }}/partnerdata/meineFavoriten/share"
}

Import the shared data

Share partner-data can only get imported into another profile in the context of the same partner as it was shared.

see developer portal Import shared profile data

PUT {{ profilUrl }}/import/8b20238a-8ec4-eb8b-32de-88c24cff4f2f
{
    "id": "5350bd74-0a5c-4fc7-aea9-eb8f41eead84",
    "objectApiUrl": "http://localhost:7072/api/partnerdata/meineFavoriten-ga"
}

The name of the imported object is extended with the initials fo the sharing guest. This allows to import several partner data of the same "type", have no conflicts and still be able to access them all using the original name as a prefix.

remove the share permission again

The guest can remove the permission in the my.discover.swiss portal any time. This functionality can be offered by the client application as well.

see developer portal Delete partnerdata share permission

DELETE {{ profilUrl }}/partnerdata/meineFavoriten/share
204 No Content

Last update: February 1, 2024 17:37:15