The RP sends a Streaming Response to a Streaming Request. In a Streaming Response, the RP uses SSE to stream the Command Response as a sequence of events. If the RP receives a valid Command, it MUST sent the HTTP/1.1 200 OK
response, followed by the following headers:¶
-
Content-Type
with the text/event-stream
value¶
-
Cache-Control
with the no-cache
value¶
-
Connection
with the keep-alive
value¶
If the OP sent a Content-Encoding
header in the request with a compression the RP understands, the RP MAY include a Content-Encoding
header with one of the OP provided values.¶
Per SSE, the body of the response is a series of events. In addition to the required field name data
, each event MUST include the id
field with a unique value for each event, and the event
field with a value of either account-state
, or command-complete
. The RP sends an account-state
event for each Account at the RP for the iss
, and org
if sent, in the Audit Tenant Command. When all account-state
events have been sent, the RP sends an command-complete
event.¶
The data
parameter of the account-state
event MUST contain the following:¶
The data
parameter MAY include other Claims as defined by the Tenant Command.¶
The data
parameter of the command-complete
event MUST include the total_accounts
property with a value for the total number of account-state
events the RP has sent.¶
If there are no Accounts for the Tenant at the RP, the RP responds with only the command-complete
event with total-accounts
having a value of 0
.¶
The following is a non-normative example of a Streaming Response for an Audit Tenant Command:¶
HTTP/1.1 200 OK
Content-Type: text/event-stream
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
id: 1
event: account-state
data: {
"sub": "248289761001",
"email": "janes.smith@example.com",
"given_name": "Jane",
"family_name": "Smith",
"groups": [
"b0f4861d-f3d6-4f76-be2f-e467daddc6f6",
"88799417-c72f-48fc-9e63-f012d8822ad1"
],
"account_state": "active"
}
id: 2
event: account-state
data: {
"sub": "98765412345",
"email": "john.doe@example.com",
"given_name": "John",
"family_name": "Doe",
"groups": [
"88799417-c72f-48fc-9e63-f012d8822ad1"
],
"account_state": "suspended"
}
id: 3
event: command-complete
data: {
"total_accounts": 2
}
¶
If the connection is lost during a Streaming Response, The OP SHOULD generate a new Command Token and send a Streaming Request include the HTTP header Last-Event-Id
with the last event id
property received per SSE.¶
Following is a non-normative example of a Streaming Request sent after a connection was lost:¶
POST /commands HTTP/1.1
Host: rp.example.net
Content-Type: application/x-www-form-urlencoded
Accept: text/event-stream
Cache-Control: no-cache
Connection: keep-alive
Accept-Encoding: gzip, br
Last-Event-Id: 3
command_token=eyJhbGci ... .eyJpc3Mi ... .T3BlbklE ...
¶