commit 831648a0ad9ff92a52f30333c3d76b27671945dc
parent 6ca148ca06b5f6b7a54aefeb3819f2413b8d057f
Author: Christian Grothoff <christian@grothoff.org>
Date: Fri, 22 Nov 2024 15:01:54 +0100
note on #9349
Diffstat:
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/taler-challenger-manual.rst b/taler-challenger-manual.rst
@@ -470,7 +470,16 @@ by the client using the ``/setup/$CLIENT_ID`` endpoint!
Thus, to generate the authorization URL, a client must first POST to
``/setup/$CLIENT_ID`` using their client secret in an ``Authorization: Bearer
-$CLIENT_SECRET`` HTTP header to obtain a fresh ``$NONCE``.
+$CLIENT_SECRET`` HTTP header to obtain a fresh ``$NONCE``. It is (optionally)
+possible to pass an address in the body of the ``/setup`` POST request. In
+this case, Challenger will pre-populate the address of the KYC form with the
+given body. Here, the format of the body is *address type*-specific.
+
+.. note::
+
+ By passing a flag ``read_only: true`` editing of the address in the SPA can
+ be disabled. However, the backend currently does not enforce this
+ (see #9349).
In the GNU Taler exchange configuration, this is indicated by appending
``#setup`` to the ``KYC_OAUTH2_AUTHORIZE_URL`` endpoint. Be careful to quote
