document extra, and other new things

2 files changed, 25 insertions, 7 deletions

diff --git a/manpages/taler-exchange-kyc-tester.1.rst b/manpages/taler-exchange-kyc-tester.1.rst
index 2c3d5f4c..6bfad3b2 100644
--- a/manpages/taler-exchange-kyc-tester.1.rst
+++ b/manpages/taler-exchange-kyc-tester.1.rst
@@ -33,6 +33,10 @@ Description
 
 To use it, you must first provide a configuration file with at least one KYC service configured. Some other exchange-specific options, like the PORT for the HTTP service and the BASE_URL under which the Taler exchange will run are also required. You should be able to use exactly the same configuration file that one would usually give to a Taler exchange.  Starting with this, the tool allows the simulation of a KYC process. Note that it will not write any information to the database.
 
+Begin with a first invocation of taler-exchange-kyc-tester using the options **-i** for an individual or business and use **-R** to specify a list of checks required from the process. The output will be an URL to visit with the browser, as well as **-p**, **-u**, **-U** options to use in future invocations of the tool.
+
+Next, run taler-exchange-kyc-tester again, but this time using **-w** (to run the Webserver) and using the **-u** and **-U** options output by the previous call, as well as the **-p** option with the payto hash.  Then visit the Web site from the link output by the previous invocation and "pass" (or "fail") the KYC check.
+
 
 **-c** *FILENAME* \| **--config=**\ ‌\ *FILENAME*
    Use the configuration and other resources for the exchange to operate
@@ -48,14 +52,14 @@ To use it, you must first provide a configuration file with at least one KYC ser
 **-l** *FILENAME* \| **--logfile=**\ ‌\ *FILENAME*
    Send logging output to *FILENAME*.
 
-**-i** *SECTION_NAME* \| **--initiate=**\ ‌\ *SECTION_NAME*
-   Start a fresh KYC process using the KYC provider configured in SECTION_NAME of the configuration.  This will output the HTTP URL where the user has to begin the KYC process to the command-line. This is usually the first thing to do when using this tool. Outputs the KYC-logic specific user and legitimization IDs, or NULL if not used by the KYC-logic at the initiation stage.
+**-i** *USERTYPE* \| **--initiate=**\ ‌\ *USERTYPE*
+   Specifies the type of user for which we are starting a fresh KYC process. USERTYPE must be either "individual" or "business".
 
 **-u** *ID* \| **--user=**\ ‌\ *ID*
-   Run the process with ID for the user identifier at the KYC provider. Not useful in conjunction with **-i** as that option will override whatever value is provided here.
+   Run the process with ID for the user identifier at the KYC provider. Not useful in conjunction with **-i** and **-R** as that option will override whatever value is provided here.
 
 **-U** *ID* \| **--legitimization=**\ ‌\ *ID*
-   Run the process with ID for the legitimization process identifier at the KYC provider. Not useful in conjunction with **-i** as that option will override whatever value is provided here.
+   Run the process with ID for the legitimization process identifier at the KYC provider. Not useful in conjunction with **-R** / **-i** as that option will override whatever value is provided here.
 
 **-p** *HASH* \| **--payto-hash=**\ ‌\ *HASH*
    Run the process with HASH as the hash of the payto://-URI that identifies the account or wallet triggering the KYC requirement. If not given, a fresh random value is used. Rarely useful.
@@ -66,6 +70,10 @@ To use it, you must first provide a configuration file with at least one KYC ser
 **-r** *NUMBER* \| **--rowid=**\ ‌\ *NUMBER*
    Run the process with NUMBER as the database row for the legitimization operation. Rarely useful, except maybe for debugging. Defaults to 42.
 
+**-R** *CHECKS* \| **--requirements=**\ ‌\ *CHECKS*
+   Start a fresh KYC process for the given list of CHECKS. CHECKS must be a space-separated list of checks that must be in the configuration under *PROVIDED_CHECKS* for some of the providers. The exchange will determine which provider to use for KYC based on the CHECKS given.  The tool will output the HTTP URL where the user has to begin the KYC process to the command-line. This is usually the first thing to do when using this tool. Outputs the KYC-logic specific user and legitimization IDs, or NULL if not used by the KYC-logic at the initiation stage.  You may want to use the **-P** option to also obtain the Payto-Hash for use with **p** later.
+
+
 **-v** \| **--version**
    Print version information.
 
diff --git a/manpages/taler.conf.5.rst b/manpages/taler.conf.5.rst
index 357c23fc..25846b97 100644
--- a/manpages/taler.conf.5.rst
+++ b/manpages/taler.conf.5.rst
@@ -183,10 +183,10 @@ KYC_OAUTH2_INFO_URL
   URL of the endpoint where the OAuth 2.0 token can be used to download the user's details. The server will use the access token obtained from the KYC_AUTH2_AUTH_URL to show that it is authorized to obtain the details. Example: "http://localhost:8888/api/user/me" or "http://localhost:8888/oauth/v2/info"
 
 KYC_OAUTH2_CLIENT_ID
-  Client ID of the exchange when it talks to the KYC OAuth2 endpoint. 
+  Client ID of the exchange when it talks to the KYC OAuth2 endpoint.
 
 KYC_OAUTH2_CLIENT_SECRET
-  Client secret of the exchange to use when talking to the KYC Oauth2 endpoint. 
+  Client secret of the exchange to use when talking to the KYC Oauth2 endpoint.
 
 KYC_OAUTH2_POST_URL
   URL to which the exchange will redirect the client's browser after successful authorization/login for the KYC process. Example: "http://example.com/thank-you"
@@ -235,6 +235,16 @@ KYC_PERSONA_POST_URL
 KYC_PERSONA_TEMPLATE_ID
   ID of the Persona template to use.
 
+EXCHANGE KYC PERSONA GLOBAL OPTIONS
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The following option must be in the section "[kyclogic-persona]".
+
+
+WEBHOOK_AUTH_TOKEN
+  Authentication token Persona must supply to our webhook. This is an optional setting.
+
+
 
 EXCHANGE OFFLINE SIGNING OPTIONS
 --------------------------------
@@ -366,7 +376,7 @@ AGGREGATOR_SHIFT
 
 DEFAULT_PURSE_LIMIT
   Number of concurrent purses that a reserve may have active
-  if it is paid to be opened for a year. 
+  if it is paid to be opened for a year.
 
 
 EXCHANGE POSTGRES BACKEND DATABASE OPTIONS