Documentation

Integration guidelines for autoupdate

Integrating auto-update into your platform is a crucial step towards ensuring seamless data synchronization and user experience. You’ll find below the guidelines you need to follow to successfully incorporate the auto-update functionality.

1. Ensure successful end-to-end transactions

Test end-to-end transactions with mock sources, such as DP "Persona," to validate the system's ability to handle external data effectively.

2. Facilitate user consent revocation

Provide users with a simple mechanism to revoke their consent, which should halt synchronization immediately upon revocation.

3. Handle user credential changes promptly

Implement a notification system (via email or other means) to alert users when subsequent transactions fail due to changes in their credentials for the considered DP. Prompt users to reconfigure synchronization to avoid disruptions.

4. Implement a retry mechanism for failures

In case of transaction failures due to reasons like invalid profiles or technical errors, establish a retry mechanism. Consider attempting synchronization for multiple consecutive days before interrupting and notifying the user.

5. Integrate the token refresh mechanism

Embed token expiration dates within the tokens themselves and ensure the system refreshes tokens accordingly. As of the current duration (04/04/2024), tokens should expire after 90 days.

6. Anticipate mass email sending for policy changes

Implement a procedure for mass email sending to manage instances where the DP modifies its terms of service ("user_action_required"). For example, if users need to accept new terms of service, utilize mass email sending to notify them. While optional, this feature is highly recommended.

7. Conduct a thorough code review

MiTrust will arrange with you a code review to verify the proper handling of error statuses, user notifications, token refresh functionality, and the frequency and parallelism of calls.

Following the implementation of these guidelines, a joint session with MiTrust will be conducted to validate the integration. This session will involve a comprehensive review of the implemented features and functionalities to ensure compliance with the guidelines outlined above.

Upon successful validation, both parties will sign the Recipe Validation Report (RVR), affirming the successful implementation of the auto-update functionality within the platform.