openapi: 3.0.3 info: title: Device Location Retrieval description: | This API provides the ability to retrieve a device location. # Introduction With this API, API consumers can retrieve the area where a certain user device is localized. The area provided in the response could be described: - by a circle determined by coordinates (latitude and longitude) and a radius. - by a simple polygon delimited by segments connecting consecutively an array of coordinates (points). The last point connects to the first point to delimit a closed shape bounded with straight sides. The retrieved shape depends on the network conditions at the device's location and any of the supported shapes could be received. The requester could optionally ask for * a freshness of the localization information by providing a `maxAge` ("I want a location not older than 600 seconds"). * an accuracy of the localization information by providing a `maxSurface` ("I want a location not larger than 1000000 square meters"). The result accuracy depends on the network's ability and accuracy to locate the device. Additionally to location information, the answer will also provide indication about the location time. Location retrieval API could be useful in scenarios such as: - Fraud protection to ensure a given user is located in the region, country or location authorized for financial transactions - Verify the GPS coordinates reported by the app on a device to ensure the GPS was not faked e.g. for content delivery with regional restrictions - Contextual-based advertising, to trigger advertising after verifying the device is in the area of interest - Smart Mobility (Vehicle/bikes renting): obtain the location of a vehicle/bike to guarantee they are rented correctly **Note**: Location is in most jurisdictions considered to be sensitive data and thereby consent by device owner/user must be verified before providing it to the developer. # Relevant terms and definitions * **Device**: A device refers to any physical entity that can connect to a network and participate in network communication. * **Area**: It specifies the geographical surface where a device may be physically located. * **Max Age**: Maximum age of the location information which is accepted for the location retrieval (in seconds). * Absence of `maxAge` means that "any age" is acceptable for the client. In other words, this is like `maxAge`=infinite. The system will return `lastLocationTime` in the response. If the system is not able to provide location, an error 422 with code LOCATION_RETRIEVAL.UNABLE_TO_LOCATE is sent back. * `maxAge`=0 means that a fresh calculation is requested by the client. If the system is not able to provide the fresh location, an error 422 with code LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_AGE is sent back. * **Last Location Time** : Last date and time when the device was localized. * **Max Surface**: Maximum surface in square meters which is accepted by the client for the location retrieval. * absence of `maxSurface` means that "any surface size" is acceptable for the client. * API implementation could specify the minimum acceptable `maxSurface` in the documentation (for example a minimum of 10000 square meters are allowed). * If the system is not able to provide an area with a surface acceptable with the client request, an error 422 with code LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_SURFACE is sent back. * Note: if both `maxAge` and `maxSurface` requirements fail, the system can either send back one or the other error code. # API Functionality The API exposes a single endpoint/operation: - `/retrieve` : Retrieve where the device is localized. The operation returns: * a localization defined either as a circle, with the center specified by the latitude and longitude, and a radius for answer accuracy, or as polygon defined by the array of points delimiting its boundary. * a timestamp with the location information freshness. # Authorization and authentication The "Camara Security and Interoperability Profile" provides details of how an API consumer requests an access token. Please refer to Identity and Consent Management (https://github.com/camaraproject/IdentityAndConsentManagement/) for the released version of the profile. The specific authorization flows to be used will be agreed upon during the onboarding process, happening between the API consumer and the API provider, taking into account the declared purpose for accessing the API, whilst also being subject to the prevailing legal framework dictated by local legislation. In cases where personal data is processed by the API and users can exercise their rights through mechanisms such as opt-in and/or opt-out, the use of three-legged access tokens is mandatory. This ensures that the API remains in compliance with privacy regulations, upholding the principles of transparency and user-centric privacy-by-design. # Identifying the device from the access token This API requires the API consumer to identify a device as the subject of the API as follows: - When the API is invoked using a two-legged access token, the subject will be identified from the optional `device` object, which therefore MUST be provided. - When a three-legged access token is used however, this optional identifier MUST NOT be provided, as the subject will be uniquely identified from the access token. This approach simplifies API usage for API consumers using a three-legged access token to invoke the API by relying on the information that is associated with the access token and was identified during the authentication process. ## Error handling: - If the subject cannot be identified from the access token and the optional `device` object is not included in the request, then the server will return an error with the `422 MISSING_IDENTIFIER` error code. - If the subject can be identified from the access token and the optional `device` object is also included in the request, then the server will return an error with the `422 UNNECESSARY_IDENTIFIER` error code. This will be the case even if the same device is identified by these two methods, as the server is unable to make this comparison. # Multi-SIM scenario handling In multi-SIM scenarios, where more than one mobile device is associated with the phone number given as input in the API call (e.g. a smartphone with an associated smartwatch), it might not be possible to uniquely identify the device whose location is to be verified. Check with the API provider what is the expected behaviour when a phone number belonging to a multi-SIM group is used as the device identifier, as the API may response with: - an error indicating that that phone number is not supported for this API, or - the location of a single device in the multi-SIM group, if one of the devices is considered linked to the main SIM and this concept is supported by the operator, or - a location value that combines the location of all the SIMs associated to the requested phone number. Possible solutions to make the scenario more deterministic include: - Using preferably the authorisation code flow to obtain an access token, which will automatically identify the intended device. - Identifying the intended device from a unique identifier for that device, such as its source IP address and port. - Check with the API provider whether a unique "secondary" phone number is already associated with each device and use the secondary phone number to identify the intended device if available. # Additional CAMARA error responses The list of error codes in this API specification is not exhaustive. Therefore the API specification may not document some non-mandatory error statuses as indicated in `CAMARA API Design Guide`. Please refer to the `CAMARA_common.yaml` of the Commonalities Release associated to this API version for a complete list of error responses. The applicable Commonalities Release can be identified in the `API Readiness Checklist` document associated to this API version. As a specific rule, error `501 - NOT_IMPLEMENTED` can be only a possible error response if it is explicitly documented in the API. # Further info and support (FAQs will be added in a later version of the documentation) version: wip license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html x-camara-commonalities: tbd externalDocs: description: Project documentation at Camara url: https://github.com/camaraproject/DeviceLocation servers: - url: '{apiRoot}/location-retrieval/vwip' variables: apiRoot: default: http://localhost:9091 description: API root tags: - name: Location retrieval description: Retrieve the location of a device paths: /retrieve: post: tags: - Location retrieval summary: 'Execute location retrieval for a user device' description: Retrieve the area where a certain user device is localized. operationId: retrieveLocation parameters: - $ref: '#/components/parameters/x-correlator' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/RetrievalLocationRequest' examples: INPUT_PHONE_NUMBER_MAX_AGE: summary: Phone number and maxAge description: Retrieve location for a device identified by a phone number, providing a maxAge value: device: phoneNumber: "+123456789" maxAge: 120 INPUT_PHONE_NUMBER_MAX_AGE_AND_SURFACE: summary: Phone number, maxAge and maxSurface description: Retrieve location for a device identified by a phone number, providing a maxAge and maxSurface value: device: phoneNumber: "+123456789" maxAge: 120 maxSurface: 1000000 INPUT_IP_ADDRESS_V4: summary: IPv4 address without maxAge description: Retrieve location for a device identified by an IPv4 address, without an indication for maxAge value: device: ipv4Address: publicAddress: 123.234.1.2 publicPort: 1234 INPUT_NO_DEVICE_AND_MAX_AGE: summary: Device not provided, only maxAge description: The device has to be deducted from token value: maxAge: 120 INPUT_PHONE_NUMBER_IP_ADDRESS_V4: summary: Both phone number and IPv4 address, without maxAge description: Retrieve location for a device identified both by a phone number and an IPv4 address, without an indication for maxAge value: device: phoneNumber: "+123456789" ipv4Address: publicAddress: 123.234.1.2 publicPort: 1234 responses: '200': description: Location retrieval result headers: x-correlator: $ref: '#/components/headers/x-correlator' content: application/json: schema: $ref: '#/components/schemas/Location' examples: LOCATION_CIRCLE: $ref: "#/components/examples/RETRIEVAL_CIRCLE" LOCATION_POLYGON: $ref: "#/components/examples/RETRIEVAL_POLYGON" LOCATION_CIRCLE_WITH_DEVICE: $ref: "#/components/examples/LOCATION_CIRCLE_WITH_DEVICE" '400': $ref: '#/components/responses/Generic400' '401': $ref: '#/components/responses/Generic401' '403': $ref: '#/components/responses/Generic403' '404': $ref: '#/components/responses/RetrieveLocationNotFound404' '422': $ref: '#/components/responses/RetrieveLocationUnprocessableEntity422' security: - openId: - location-retrieval:read components: securitySchemes: openId: description: OpenID Connect authentication type: openIdConnect openIdConnectUrl: https://example.com/.well-known/openid-configuration parameters: x-correlator: name: x-correlator in: header description: Correlation id for the different services schema: $ref: "#/components/schemas/XCorrelator" headers: x-correlator: description: Correlation id for the different services schema: $ref: "#/components/schemas/XCorrelator" schemas: XCorrelator: type: string pattern: ^[a-zA-Z0-9-_:;.\/<>{}]{0,256}$ example: "b4333c46-49c0-4f62-80d7-f0ef930f1c46" RetrievalLocationRequest: description: Request to retrieve the location of a device. Device is not required when using a 3-legged access token, following the rules in the description. type: object properties: device: $ref: '#/components/schemas/Device' maxAge: type: integer minimum: 0 description: Maximum age of the location information which is accepted for the location retrieval (in seconds). Absence of maxAge means "any age" and maxAge=0 means a fresh calculation. maxSurface: type: integer minimum: 1 description: Maximum surface in square meters which is accepted by the client for the location retrieval. Absence of maxSurface means "any surface size". example: 1000000 Device: description: | End-user device able to connect to a mobile network. Examples of devices include smartphones or IoT sensors/actuators. The developer can choose to provide the below specified device identifiers: * `ipv4Address` * `ipv6Address` * `phoneNumber` * `networkAccessIdentifier` NOTE1: the network operator might support only a subset of these options. The API invoker can provide multiple identifiers to be compatible across different network operators. In this case the identifiers MUST belong to the same device. Where more than one device identifier is provided, only one identifier will be selected by the implementation and this choice indicated to the API consumer in the response. NOTE2: as for this Commonalities release, we are enforcing that the networkAccessIdentifier is only part of the schema for future-proofing, and CAMARA does not currently allow its use. After the CAMARA meta-release work is concluded and the relevant issues are resolved, its use will need to be explicitly documented in the guidelines. type: object properties: phoneNumber: $ref: "#/components/schemas/PhoneNumber" networkAccessIdentifier: $ref: "#/components/schemas/NetworkAccessIdentifier" ipv4Address: $ref: "#/components/schemas/DeviceIpv4Addr" ipv6Address: $ref: "#/components/schemas/DeviceIpv6Address" minProperties: 1 PhoneNumber: description: A public identifier addressing a telephone subscription. In mobile networks it corresponds to the MSISDN (Mobile Station International Subscriber Directory Number). In order to be globally unique it has to be formatted in international format, according to E.164 standard, prefixed with '+'. type: string pattern: '^\+[1-9][0-9]{4,14}$' example: "+123456789" NetworkAccessIdentifier: description: A public identifier addressing a subscription in a mobile network. In 3GPP terminology, it corresponds to the GPSI formatted with the External Identifier ({Local Identifier}@{Domain Identifier}). Unlike the telephone number, the network access identifier is not subjected to portability ruling in force, and is individually managed by each operator. type: string example: "123456789@domain.com" DeviceIpv4Addr: type: object description: | The device should be identified by either the public (observed) IP address and port as seen by the application server, or the private (local) and any public (observed) IP addresses in use by the device (this information can be obtained by various means, for example from some DNS servers). If the allocated and observed IP addresses are the same (i.e. NAT is not in use) then the same address should be specified for both publicAddress and privateAddress. If NAT64 is in use, the device should be identified by its publicAddress and publicPort, or separately by its allocated IPv6 address (field ipv6Address of the Device object) In all cases, publicAddress must be specified, along with at least one of either privateAddress or publicPort, dependent upon which is known. In general, mobile devices cannot be identified by their public IPv4 address alone. properties: publicAddress: $ref: "#/components/schemas/SingleIpv4Addr" privateAddress: $ref: "#/components/schemas/SingleIpv4Addr" publicPort: $ref: "#/components/schemas/Port" anyOf: - required: [publicAddress, privateAddress] - required: [publicAddress, publicPort] example: publicAddress: "84.125.93.10" publicPort: 59765 SingleIpv4Addr: description: A single IPv4 address with no subnet mask type: string format: ipv4 example: "84.125.93.10" Port: description: TCP or UDP port number type: integer minimum: 0 maximum: 65535 DeviceIpv6Address: description: | The device should be identified by the observed IPv6 address, or by any single IPv6 address from within the subnet allocated to the device (e.g. adding ::0 to the /64 prefix). type: string format: ipv6 example: 2001:db8:85a3:8d3:1319:8a2e:370:7344 DeviceResponse: description: | An identifier for the end-user equipment able to connect to the network that the response refers to. This parameter is only returned when the API consumer includes the `device` parameter in their request (i.e. they are using a two-legged access token), and is relevant when more than one device identifier is specified, as only one of those device identifiers is allowed in the response. If the API consumer provides more than one device identifier in their request, the API provider must return a single identifier which is the one they are using to fulfil the request, even if the identifiers do not match the same device. API provider does not perform any logic to validate/correlate that the indicated device identifiers match the same device. No error should be returned if the identifiers are otherwise valid to prevent API consumers correlating different identifiers with a given end user. allOf: - $ref: "#/components/schemas/Device" - maxProperties: 1 Location: type: object description: Device location required: - lastLocationTime - area properties: lastLocationTime: $ref: "#/components/schemas/LastLocationTime" area: $ref: '#/components/schemas/Area' device: $ref: "#/components/schemas/DeviceResponse" Area: description: Base schema for all areas type: object properties: areaType: $ref: "#/components/schemas/AreaType" required: - areaType discriminator: propertyName: areaType mapping: CIRCLE: "#/components/schemas/Circle" POLYGON: "#/components/schemas/Polygon" AreaType: type: string description: | Type of this area. CIRCLE - The area is defined as a circle. POLYGON - The area is defined as a polygon. enum: - CIRCLE - POLYGON Circle: description: Circular area allOf: - $ref: "#/components/schemas/Area" - type: object required: - center - radius properties: center: $ref: "#/components/schemas/Point" radius: type: number description: Distance from the center in meters minimum: 1 Polygon: description: Polygonal area allOf: - $ref: "#/components/schemas/Area" - type: object required: - boundary properties: boundary: $ref: "#/components/schemas/PointList" PointList: description: List of points defining a polygon type: array items: $ref: "#/components/schemas/Point" minItems: 3 maxItems: 15 Point: type: object description: Coordinates (latitude, longitude) defining a location in a map required: - latitude - longitude properties: latitude: $ref: "#/components/schemas/Latitude" longitude: $ref: "#/components/schemas/Longitude" example: latitude: 50.735851 longitude: 7.10066 LastLocationTime: description: Last date and time when the device was localized. It must follow [RFC 3339](https://datatracker.ietf.org/doc/html/rfc3339#section-5.6) and must have time zone. format: date-time type: string example: "2023-09-07T10:40:52Z" Latitude: description: Latitude component of a location type: number format: double minimum: -90 maximum: 90 Longitude: description: Longitude component of location type: number format: double minimum: -180 maximum: 180 ErrorInfo: description: Common schema for errors type: object required: - status - code - message properties: status: type: integer description: HTTP response status code code: type: string description: A human-readable code to describe the error message: type: string description: A human-readable description of what the event represents responses: Generic400: description: Bad Request headers: x-correlator: $ref: "#/components/headers/x-correlator" content: application/json: schema: allOf: - $ref: "#/components/schemas/ErrorInfo" - type: object properties: status: enum: - 400 code: enum: - INVALID_ARGUMENT examples: GENERIC_400_INVALID_ARGUMENT: summary: Invalid argument description: Invalid Argument. Generic Syntax Exception value: status: 400 code: INVALID_ARGUMENT message: Client specified an invalid argument, request body or query param. Generic401: description: Unauthorized headers: x-correlator: $ref: "#/components/headers/x-correlator" content: application/json: schema: allOf: - $ref: "#/components/schemas/ErrorInfo" - type: object properties: status: enum: - 401 code: enum: - UNAUTHENTICATED examples: GENERIC_401_UNAUTHENTICATED: description: Request cannot be authenticated and a new authentication is required value: status: 401 code: UNAUTHENTICATED message: Request not authenticated due to missing, invalid, or expired credentials. A new authentication is required. Generic403: description: Forbidden headers: x-correlator: $ref: "#/components/headers/x-correlator" content: application/json: schema: allOf: - $ref: "#/components/schemas/ErrorInfo" - type: object properties: status: enum: - 403 code: enum: - PERMISSION_DENIED examples: GENERIC_403_PERMISSION_DENIED: summary: Permission denied description: Permission denied. OAuth2 token access does not have the required scope or when the user fails operational security value: status: 403 code: PERMISSION_DENIED message: Client does not have sufficient permissions to perform this action. RetrieveLocationNotFound404: description: Not found headers: x-correlator: $ref: '#/components/headers/x-correlator' content: application/json: schema: allOf: - $ref: "#/components/schemas/ErrorInfo" - type: object properties: status: enum: - 404 code: enum: - IDENTIFIER_NOT_FOUND examples: GENERIC_404_IDENTIFIER_NOT_FOUND: summary: Identifier not found description: Some identifier cannot be matched to a device value: status: 404 code: IDENTIFIER_NOT_FOUND message: Device identifier not found. RetrieveLocationUnprocessableEntity422: description: Unprocessable Content headers: x-correlator: $ref: '#/components/headers/x-correlator' content: application/json: schema: allOf: - $ref: "#/components/schemas/ErrorInfo" - type: object properties: status: enum: - 422 code: enum: - SERVICE_NOT_APPLICABLE - MISSING_IDENTIFIER - UNSUPPORTED_IDENTIFIER - UNNECESSARY_IDENTIFIER - LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_AGE - LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_SURFACE - LOCATION_RETRIEVAL.UNABLE_TO_LOCATE examples: GENERIC_422_SERVICE_NOT_APPLICABLE: summary: Service not applicable description: Service not applicable for the provided identifier value: status: 422 code: SERVICE_NOT_APPLICABLE message: The service is not available for the provided identifier. GENERIC_422_MISSING_IDENTIFIER: summary: Missing identifier description: An identifier is not included in the request and the device or phone number identification cannot be derived from the 3-legged access token value: status: 422 code: MISSING_IDENTIFIER message: The device cannot be identified. GENERIC_422_UNSUPPORTED_IDENTIFIER: summary: Unsupported identifier description: None of the provided identifiers is supported by the implementation value: status: 422 code: UNSUPPORTED_IDENTIFIER message: The identifier provided is not supported. GENERIC_422_UNNECESSARY_IDENTIFIER: summary: Unnecessary identifier description: An explicit identifier is provided when a device or phone number has already been identified from the access token value: status: 422 code: UNNECESSARY_IDENTIFIER message: The device is already identified by the access token. LOCATION_RETRIEVAL_422_UNABLE_TO_FULFILL_MAX_AGE: summary: Unable to fulfill maxAge description: The system is not able to provide the fresh location required by the client value: status: 422 code: LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_AGE message: "Unable to provide expected freshness for location" LOCATION_RETRIEVAL_422_UNABLE_TO_FULFILL_MAX_SURFACE: summary: Unable to fulfill maxSurface description: The system is not able to provide accurate acceptable surface required by the client value: status: 422 code: LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_SURFACE message: "Unable to provide accurate acceptable surface for location" LOCATION_RETRIEVAL_422_UNABLE_TO_LOCATE: summary: Unable to locate device description: The network cannot locate the device value: status: 422 code: LOCATION_RETRIEVAL.UNABLE_TO_LOCATE message: "The network is unable to locate the device" examples: RETRIEVAL_CIRCLE: summary: circle-based device location retrieval description: The device is localized within a circle with a center at the specified coordinates and a radius of 800 meters. value: lastLocationTime: "2023-10-17T13:18:23.682Z" area: areaType: CIRCLE center: latitude: 45.754114 longitude: 4.860374 radius: 800 RETRIEVAL_POLYGON: summary: polygon-based device location retrieval description: The device is localized within a polygon delimited by the provided coordinates. value: lastLocationTime: "2023-10-17T13:18:23.682Z" area: areaType: POLYGON boundary: - latitude: 45.754114 longitude: 4.860374 - latitude: 45.753845 longitude: 4.863185 - latitude: 45.752490 longitude: 4.861876 - latitude: 45.751224 longitude: 4.861125 - latitude: 45.751442 longitude: 4.859827 LOCATION_CIRCLE_WITH_DEVICE: summary: circle-based device location retrieval, returning the device identifier used by the implementation description: The device is localized within a circle with a center at the specified coordinates and a radius of 800 meters. Response when the request used a 2-legged access token with multiple device identifiers, or possibly only a single device identifier. value: lastLocationTime: "2023-10-17T13:18:23.682Z" area: areaType: CIRCLE center: latitude: 45.754114 longitude: 4.860374 radius: 800 device: phoneNumber: "+123456789"