Skip to content
Get started

Get a pseudonymous identifier for device being used by a given mobile subscriber

POST/deviceidentifier/retrieve-ppid

Get a pseudonymous identifier for device being used by a given mobile subscriber

Header ParametersExpand Collapse
"x-correlator": optional string
Body ParametersJSONExpand Collapse
device: optional DeviceIdentifierDevice { ipv4Address, ipv6Address, networkAccessIdentifier, phoneNumber }

End-user equipment able to connect to a mobile network. Examples of devices include smartphones or IoT sensors/actuators. The developer can choose to provide the below specified device identifiers:

  • ipv4Address
  • ipv6Address
  • phoneNumber
  • networkAccessIdentifier NOTE 1: The MNO might support only a subset of these options. The API invoker can provide multiple identifiers to be compatible across different MNOs. In this case the identifiers MUST belong to the same device. NOTE 2: For the current Commonalities release, we are enforcing that the networkAccessIdentifier is only part of the schema for future-proofing, and CAMARA does not currently allow its use. After the CAMARA meta-release work is concluded and the relevant issues are resolved, its use will need to be explicitly documented in the guidelines.
ipv4Address: optional DeviceIdentifierDeviceIpv4Addr { privateAddress, publicAddress, publicPort }

The device should be identified by either the public (observed) IP address and port as seen by the application server, or the private (local) and any public (observed) IP addresses in use by the device (this information can be obtained by various means, for example from some DNS servers).

If the allocated and observed IP addresses are the same (i.e. NAT is not in use) then the same address should be specified for both publicAddress and privateAddress.

If NAT64 is in use, the device should be identified by its publicAddress and publicPort, or separately by its allocated IPv6 address (field ipv6Address of the Device object)

In all cases, publicAddress must be specified, along with at least one of either privateAddress or publicPort, dependent upon which is known. In general, mobile devices cannot be identified by their public IPv4 address alone.

privateAddress: optional string

A single IPv4 address with no subnet mask

formatipv4
publicAddress: optional string

A single IPv4 address with no subnet mask

formatipv4
publicPort: optional number

TCP or UDP port number

minimum0
maximum65535
ipv6Address: optional string

The device should be identified by the observed IPv6 address, or by any single IPv6 address from within the subnet allocated to the device (e.g. adding ::0 to the /64 prefix).

formatipv6
networkAccessIdentifier: optional string

A public identifier addressing a subscription in a mobile network. In 3GPP terminology, it corresponds to the GPSI formatted with the External Identifier ({Local Identifier}@{Domain Identifier}). Unlike the telephone number, the network access identifier is not subjected to portability ruling in force, and is individually managed by each operator.

phoneNumber: optional string

A public identifier addressing a telephone subscription. In mobile networks it corresponds to the MSISDN (Mobile Station International Subscriber Directory Number). In order to be globally unique it has to be formatted in international format, according to E.164 standard, prefixed with ’+’.

ReturnsExpand Collapse
device: optional DeviceIdentifierDevice { ipv4Address, ipv6Address, networkAccessIdentifier, phoneNumber }

The device subscription identifier that was used to identify the device whose identifier is being returned. If this property is not present, then the device subscription identifier specified in the request was used.

lastChecked: optional string

Date and time that the information was last confirmed by the mobile operator to be correct. It must follow RFC 3339 and must have time zone.

formatdate-time
ppid: optional string

A PPID for the identified physical device

Get a pseudonymous identifier for device being used by a given mobile subscriber

curl https://api.example.com/camara/deviceidentifier/retrieve-ppid \
    -H 'Content-Type: application/json' \
    -H "Authorization: Bearer $CAMARA_BEARER_TOKEN" \
    -d '{}'
{
  "lastChecked": "2024-02-20T10:41:38.657Z",
  "ppid": "b083f65ccdad365d7489fff24b6d5074b30c12b6d81db3404d25964ffd908813"
}
{
  "device": {
    "phoneNumber": "+123456789"
  },
  "lastChecked": "2024-02-20T10:41:38.657Z",
  "ppid": "b083f65ccdad365d7489fff24b6d5074b30c12b6d81db3404d25964ffd908813"
}
{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "At least one of phoneNumber, networkAccessIdentifier, ipv4Address and ipv6Address must be specified"
}
{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "Multiple inconsistent device parameters specified"
}
{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "Invalid format: networkAccessIdentifier"
}
{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "Invalid format: phoneNumber"
}
{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "Invalid format: ipv4Address"
}
{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "Invalid format: ipv6Address"
}
{
  "status": 400,
  "code": "OUT_OF_RANGE",
  "message": "Invalid value: ipv4Address.publicPort"
}
{
  "status": 401,
  "code": "UNAUTHENTICATED",
  "message": "Request not authenticated due to missing, invalid, or expired credentials. A new authentication is required."
}
{
  "status": 403,
  "code": "PERMISSION_DENIED",
  "message": "Client does not have sufficient permissions to perform this action."
}
{
  "status": 404,
  "code": "IDENTIFIER_NOT_FOUND",
  "message": "The provided identifier cannot be matched to a device."
}
{
  "status": 422,
  "code": "SERVICE_NOT_APPLICABLE",
  "message": "The service is not applicable for the identified device."
}
{
  "status": 422,
  "code": "UNSUPPORTED_IDENTIFIER",
  "message": "None of the provided identifiers is supported by the implementation."
}
{
  "status": 422,
  "code": "UNNECESSARY_IDENTIFIER",
  "message": "An explicit identifier has been provided for the device when this is already identified by the access token"
}
{
  "status": 422,
  "code": "MISSING_IDENTIFIER",
  "message": "An identifier is not included in the request and the device cannot be identified from the 2-legged access token"
}
{
  "status": 429,
  "code": "TOO_MANY_REQUESTS",
  "message": "Rate limit reached"
}
{
  "status": 429,
  "code": "QUOTA_EXCEEDED",
  "message": "Out of resource quota"
}
Returns Examples
{
  "lastChecked": "2024-02-20T10:41:38.657Z",
  "ppid": "b083f65ccdad365d7489fff24b6d5074b30c12b6d81db3404d25964ffd908813"
}
{
  "device": {
    "phoneNumber": "+123456789"
  },
  "lastChecked": "2024-02-20T10:41:38.657Z",
  "ppid": "b083f65ccdad365d7489fff24b6d5074b30c12b6d81db3404d25964ffd908813"
}
{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "At least one of phoneNumber, networkAccessIdentifier, ipv4Address and ipv6Address must be specified"
}
{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "Multiple inconsistent device parameters specified"
}
{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "Invalid format: networkAccessIdentifier"
}
{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "Invalid format: phoneNumber"
}
{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "Invalid format: ipv4Address"
}
{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "Invalid format: ipv6Address"
}
{
  "status": 400,
  "code": "OUT_OF_RANGE",
  "message": "Invalid value: ipv4Address.publicPort"
}
{
  "status": 401,
  "code": "UNAUTHENTICATED",
  "message": "Request not authenticated due to missing, invalid, or expired credentials. A new authentication is required."
}
{
  "status": 403,
  "code": "PERMISSION_DENIED",
  "message": "Client does not have sufficient permissions to perform this action."
}
{
  "status": 404,
  "code": "IDENTIFIER_NOT_FOUND",
  "message": "The provided identifier cannot be matched to a device."
}
{
  "status": 422,
  "code": "SERVICE_NOT_APPLICABLE",
  "message": "The service is not applicable for the identified device."
}
{
  "status": 422,
  "code": "UNSUPPORTED_IDENTIFIER",
  "message": "None of the provided identifiers is supported by the implementation."
}
{
  "status": 422,
  "code": "UNNECESSARY_IDENTIFIER",
  "message": "An explicit identifier has been provided for the device when this is already identified by the access token"
}
{
  "status": 422,
  "code": "MISSING_IDENTIFIER",
  "message": "An identifier is not included in the request and the device cannot be identified from the 2-legged access token"
}
{
  "status": 429,
  "code": "TOO_MANY_REQUESTS",
  "message": "Rate limit reached"
}
{
  "status": 429,
  "code": "QUOTA_EXCEEDED",
  "message": "Out of resource quota"
}