What is the purpose of encoded_request?

Question

What is the purpose of encoded_request?

Phlamethrower opened this issue 7 years ago · 4 comments

At the moment the spec only says that data controllers mustn't log or store the encoded_request value. Presumably it must serve some purpose, otherwise it wouldn't be included in the API - but what purpose does it have?

Answer 1 · 2018-05-18T19:06:25.000Z

hey @Phlamethrower , the idea behind encoded_request is to have the processor explicitly include the inbound request that they are replying to, this way a controller can always prove that the request was transmitted and confirmed by the processor.

Answer 2 · 2018-05-21T12:26:34.000Z

So is it effectively the processor's interpretation of the request? E.g. if the request body contained some extra elements that the processor didn't understand, those would be omitted from the encoded_request in the response? I'm just wondering what the correct way of validating the value would be.

Answer 3 · 2018-05-23T14:25:34.000Z

I'm not sure you need to validate it, it was intended more for logging completeness: "Proof" that the processor received the request. You could validate the id and a few fields if you wanted to be super-thorough, but it's not required.

Answer 4 · 2018-05-24T13:32:47.000Z

OK, thanks for the explanation!