Skip to content

Tech debt — converge daemon enrollment-code onto /v1/verification-codes #20

Description

@pedromvgomes

Summary

Tech debt: converge the daemon enrollment-code request onto the unified POST /v1/verification-codes resource, and fold the two code-request paths into one.

Context

PR3 of the My Account initiative introduces the RESTful POST /v1/verification-codes {email, purpose} resource and migrates the web flows (signup + password reset) onto it, superseding POST /v1/auth/password/reset-code and the web-signup use of POST /v1/enrollment-codes.

To keep that initiative's blast radius bounded (and avoid a lock-step daemon release), the daemon enrollment path was deliberately left on POST /v1/enrollment-codes. That leaves two endpoints that both "send a one-time email-proof code," which is the inconsistency to clean up here.

Scope

  • Add purpose: "enrollment" (or equivalent) to POST /v1/verification-codes and route daemon enrollment-code requests through it.
  • Update the daemon client to call /v1/verification-codes (coordinated daemon release).
  • Remove POST /v1/enrollment-codes once no client depends on it (or keep a deprecation shim for one release).
  • Ensure purpose binding still prevents cross-purpose replay (an enrollment code can't reset a password, etc.).

Acceptance criteria

  • A single code-request resource (/v1/verification-codes) serves signup, password-reset, and enrollment.
  • Daemon client migrated; /v1/enrollment-codes removed or deprecated with a removal date.
  • purpose binding covers all three flows.

Notes

  • Requires coordination with the daemon repo (client change). Do not start before PR3 has shipped /v1/verification-codes.
  • Part of the My Account initiative follow-up.

Metadata

Metadata

Assignees

No one assigned

    Labels

    rustPull requests that update rust code

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions