anil.recoil.org / gemini-codegen-test
Testing a Gemini codegen run
fork atom
gemini-codegen-test / rfc8620.txt
at main 181 kB view raw
1 2 3 4 5 6 7Internet Engineering Task Force (IETF) N. Jenkins 8Request for Comments: 8620 Fastmail 9Category: Standards Track C. Newman 10ISSN: 2070-1721 Oracle 11 July 2019 12 13 14 The JSON Meta Application Protocol (JMAP) 15 16Abstract 17 18 This document specifies a protocol for clients to efficiently query, 19 fetch, and modify JSON-based data objects, with support for push 20 notification of changes and fast resynchronisation and for out-of- 21 band binary data upload/download. 22 23Status of This Memo 24 25 This is an Internet Standards Track document. 26 27 This document is a product of the Internet Engineering Task Force 28 (IETF). It represents the consensus of the IETF community. It has 29 received public review and has been approved for publication by the 30 Internet Engineering Steering Group (IESG). Further information on 31 Internet Standards is available in Section 2 of RFC 7841. 32 33 Information about the current status of this document, any errata, 34 and how to provide feedback on it may be obtained at 35 https://www.rfc-editor.org/info/rfc8620. 36 37Copyright Notice 38 39 Copyright (c) 2019 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 41 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (https://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 51 52 53 54 55 56 57 58Jenkins & Newman Standards Track [Page 1] 59 60RFC 8620 JMAP July 2019 61 62 63Table of Contents 64 65 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 66 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 4 67 1.2. The Id Data Type . . . . . . . . . . . . . . . . . . . . 6 68 1.3. The Int and UnsignedInt Data Types . . . . . . . . . . . 6 69 1.4. The Date and UTCDate Data Types . . . . . . . . . . . . . 7 70 1.5. JSON as the Data Encoding Format . . . . . . . . . . . . 7 71 1.6. Terminology . . . . . . . . . . . . . . . . . . . . . . . 7 72 1.6.1. User . . . . . . . . . . . . . . . . . . . . . . . . 7 73 1.6.2. Accounts . . . . . . . . . . . . . . . . . . . . . . 7 74 1.6.3. Data Types and Records . . . . . . . . . . . . . . . 8 75 1.7. The JMAP API Model . . . . . . . . . . . . . . . . . . . 8 76 1.8. Vendor-Specific Extensions . . . . . . . . . . . . . . . 9 77 2. The JMAP Session Resource . . . . . . . . . . . . . . . . . . 9 78 2.1. Example . . . . . . . . . . . . . . . . . . . . . . . . . 14 79 2.2. Service Autodiscovery . . . . . . . . . . . . . . . . . . 15 80 3. Structured Data Exchange . . . . . . . . . . . . . . . . . . 16 81 3.1. Making an API Request . . . . . . . . . . . . . . . . . . 16 82 3.2. The Invocation Data Type . . . . . . . . . . . . . . . . 16 83 3.3. The Request Object . . . . . . . . . . . . . . . . . . . 16 84 3.3.1. Example Request . . . . . . . . . . . . . . . . . . . 18 85 3.4. The Response Object . . . . . . . . . . . . . . . . . . . 18 86 3.4.1. Example Response . . . . . . . . . . . . . . . . . . 19 87 3.5. Omitting Arguments . . . . . . . . . . . . . . . . . . . 19 88 3.6. Errors . . . . . . . . . . . . . . . . . . . . . . . . . 19 89 3.6.1. Request-Level Errors . . . . . . . . . . . . . . . . 20 90 3.6.2. Method-Level Errors . . . . . . . . . . . . . . . . . 21 91 3.7. References to Previous Method Results . . . . . . . . . . 22 92 3.8. Localisation of User-Visible Strings . . . . . . . . . . 27 93 3.9. Security . . . . . . . . . . . . . . . . . . . . . . . . 28 94 3.10. Concurrency . . . . . . . . . . . . . . . . . . . . . . . 28 95 4. The Core/echo Method . . . . . . . . . . . . . . . . . . . . 28 96 4.1. Example . . . . . . . . . . . . . . . . . . . . . . . . . 28 97 5. Standard Methods and Naming Convention . . . . . . . . . . . 29 98 5.1. /get . . . . . . . . . . . . . . . . . . . . . . . . . . 29 99 5.2. /changes . . . . . . . . . . . . . . . . . . . . . . . . 30 100 5.3. /set . . . . . . . . . . . . . . . . . . . . . . . . . . 34 101 5.4. /copy . . . . . . . . . . . . . . . . . . . . . . . . . . 40 102 5.5. /query . . . . . . . . . . . . . . . . . . . . . . . . . 42 103 5.6. /queryChanges . . . . . . . . . . . . . . . . . . . . . . 48 104 5.7. Examples . . . . . . . . . . . . . . . . . . . . . . . . 51 105 5.8. Proxy Considerations . . . . . . . . . . . . . . . . . . 58 106 6. Binary Data . . . . . . . . . . . . . . . . . . . . . . . . . 58 107 6.1. Uploading Binary Data . . . . . . . . . . . . . . . . . . 59 108 6.2. Downloading Binary Data . . . . . . . . . . . . . . . . . 60 109 6.3. Blob/copy . . . . . . . . . . . . . . . . . . . . . . . . 61 110 111 112 113 114Jenkins & Newman Standards Track [Page 2] 115 116RFC 8620 JMAP July 2019 117 118 119 7. Push . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 120 7.1. The StateChange Object . . . . . . . . . . . . . . . . . 63 121 7.1.1. Example . . . . . . . . . . . . . . . . . . . . . . . 64 122 7.2. PushSubscription . . . . . . . . . . . . . . . . . . . . 64 123 7.2.1. PushSubscription/get . . . . . . . . . . . . . . . . 67 124 7.2.2. PushSubscription/set . . . . . . . . . . . . . . . . 68 125 7.2.3. Example . . . . . . . . . . . . . . . . . . . . . . . 69 126 7.3. Event Source . . . . . . . . . . . . . . . . . . . . . . 71 127 8. Security Considerations . . . . . . . . . . . . . . . . . . . 73 128 8.1. Transport Confidentiality . . . . . . . . . . . . . . . . 73 129 8.2. Authentication Scheme . . . . . . . . . . . . . . . . . . 73 130 8.3. Service Autodiscovery . . . . . . . . . . . . . . . . . . 73 131 8.4. JSON Parsing . . . . . . . . . . . . . . . . . . . . . . 74 132 8.5. Denial of Service . . . . . . . . . . . . . . . . . . . . 74 133 8.6. Connection to Unknown Push Server . . . . . . . . . . . . 74 134 8.7. Push Encryption . . . . . . . . . . . . . . . . . . . . . 75 135 8.8. Traffic Analysis . . . . . . . . . . . . . . . . . . . . 76 136 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 76 137 9.1. Assignment of jmap Service Name . . . . . . . . . . . . . 76 138 9.2. Registration of Well-Known URI Suffix for JMAP . . . . . 76 139 9.3. Registration of the jmap URN Sub-namespace . . . . . . . 77 140 9.4. Creation of "JMAP Capabilities" Registry . . . . . . . . 77 141 9.4.1. Preliminary Community Review . . . . . . . . . . . . 77 142 9.4.2. Submit Request to IANA . . . . . . . . . . . . . . . 78 143 9.4.3. Designated Expert Review . . . . . . . . . . . . . . 78 144 9.4.4. Change Procedures . . . . . . . . . . . . . . . . . . 78 145 9.4.5. JMAP Capabilities Registry Template . . . . . . . . . 79 146 9.4.6. Initial Registration for JMAP Core . . . . . . . . . 79 147 9.4.7. Registration for JMAP Error Placeholder in JMAP 148 Capabilities Registry . . . . . . . . . . . . . . . . 80 149 9.5. Creation of "JMAP Error Codes" Registry . . . . . . . . . 80 150 9.5.1. Expert Review . . . . . . . . . . . . . . . . . . . . 80 151 9.5.2. JMAP Error Codes Registry Template . . . . . . . . . 81 152 9.5.3. Initial Contents for the JMAP Error Codes Registry . 81 153 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 86 154 10.1. Normative References . . . . . . . . . . . . . . . . . . 86 155 10.2. Informative References . . . . . . . . . . . . . . . . . 89 156 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 90 157 158 159 160 161 162 163 164 165 166 167 168 169 170Jenkins & Newman Standards Track [Page 3] 171 172RFC 8620 JMAP July 2019 173 174 1751. Introduction 176 177 The JSON Meta Application Protocol (JMAP) is used for synchronising 178 data, such as mail, calendars, or contacts, between a client and a 179 server. It is optimised for mobile and web environments and aims to 180 provide a consistent interface to different data types. 181 182 This specification is for the generic mechanism of data 183 synchronisation. Further specifications define the data models for 184 different data types that may be synchronised via JMAP. 185 186 JMAP is designed to make efficient use of limited network resources. 187 Multiple API calls may be batched in a single request to the server, 188 reducing round trips and improving battery life on mobile devices. 189 Push connections remove the need for polling, and an efficient delta 190 update mechanism ensures a minimum amount of data is transferred. 191 192 JMAP is designed to be horizontally scalable to a very large number 193 of users. This is facilitated by separate endpoints for users after 194 login, the separation of binary and structured data, and a data model 195 for sharing that does not allow data dependencies between accounts. 196 1971.1. Notational Conventions 198 199 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 200 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 201 "OPTIONAL" in this document are to be interpreted as described in 202 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 203 capitals, as shown here. 204 205 The underlying format used for this specification is JSON. 206 Consequently, the terms "object" and "array" as well as the four 207 primitive types (strings, numbers, booleans, and null) are to be 208 interpreted as described in Section 1 of [RFC8259]. Unless otherwise 209 noted, all the property names and values are case sensitive. 210 211 Some examples in this document contain "partial" JSON documents used 212 for illustrative purposes. In these examples, three periods "..." 213 are used to indicate a portion of the document that has been removed 214 for compactness. 215 216 For compatibility with publishing requirements, line breaks have been 217 inserted inside long JSON strings, with the following continuation 218 lines indented. To form the valid JSON example, any line breaks 219 inside a string must be replaced with a space and any other white 220 space after the line break removed. 221 222 223 224 225 226Jenkins & Newman Standards Track [Page 4] 227 228RFC 8620 JMAP July 2019 229 230 231 Unless otherwise specified, examples of API exchanges only show the 232 methodCalls array of the Request object or the methodResponses array 233 of the Response object. For compactness, the rest of the Request/ 234 Response object is omitted. 235 236 Type signatures are given for all JSON values in this document. The 237 following conventions are used: 238 239 o "*" - The type is undefined (the value could be any type, although 240 permitted values may be constrained by the context of this value). 241 242 o "String" - The JSON string type. 243 244 o "Number" - The JSON number type. 245 246 o "Boolean" - The JSON boolean type. 247 248 o "A[B]" - A JSON object where the keys are all of type "A", and the 249 values are all of type "B". 250 251 o "A[]" - An array of values of type "A". 252 253 o "A|B" - The value is either of type "A" or of type "B". 254 255 Other types may also be given, with their representation defined 256 elsewhere in this document. 257 258 Object properties may also have a set of attributes defined along 259 with the type signature. These have the following meanings: 260 261 o "server-set" -- Only the server can set the value for this 262 property. The client MUST NOT send this property when creating a 263 new object of this type. 264 265 o "immutable" -- The value MUST NOT change after the object is 266 created. 267 268 o "default" -- (This is followed by a JSON value). The value that 269 will be used for this property if it is omitted in an argument or 270 when creating a new object of this type. 271 272 273 274 275 276 277 278 279 280 281 282Jenkins & Newman Standards Track [Page 5] 283 284RFC 8620 JMAP July 2019 285 286 2871.2. The Id Data Type 288 289 All record ids are assigned by the server and are immutable. 290 291 Where "Id" is given as a data type, it means a "String" of at least 1 292 and a maximum of 255 octets in size, and it MUST only contain 293 characters from the "URL and Filename Safe" base64 alphabet, as 294 defined in Section 5 of [RFC4648], excluding the pad character ("="). 295 This means the allowed characters are the ASCII alphanumeric 296 characters ("A-Za-z0-9"), hyphen ("-"), and underscore ("_"). 297 298 These characters are safe to use in almost any context (e.g., 299 filesystems, URIs, and IMAP atoms). For maximum safety, servers 300 SHOULD also follow defensive allocation strategies to avoid creating 301 risks where glob completion or data type detection may be present 302 (e.g., on filesystems or in spreadsheets). In particular, it is wise 303 to avoid: 304 305 o Ids starting with a dash 306 307 o Ids starting with digits 308 309 o Ids that contain only digits 310 311 o Ids that differ only by ASCII case (for example, A vs. a) 312 313 o the specific sequence of three characters "NIL" (because this 314 sequence can be confused with the IMAP protocol expression of the 315 null value) 316 317 A good solution to these issues is to prefix every id with a single 318 alphabetical character. 319 3201.3. The Int and UnsignedInt Data Types 321 322 Where "Int" is given as a data type, it means an integer in the range 323 -2^53+1 <= value <= 2^53-1, the safe range for integers stored in a 324 floating-point double, represented as a JSON "Number". 325 326 Where "UnsignedInt" is given as a data type, it means an "Int" where 327 the value MUST be in the range 0 <= value <= 2^53-1. 328 329 330 331 332 333 334 335 336 337 338Jenkins & Newman Standards Track [Page 6] 339 340RFC 8620 JMAP July 2019 341 342 3431.4. The Date and UTCDate Data Types 344 345 Where "Date" is given as a type, it means a string in "date-time" 346 format [RFC3339]. To ensure a normalised form, the "time-secfrac" 347 MUST always be omitted if zero, and any letters in the string (e.g., 348 "T" and "Z") MUST be uppercase. For example, 349 "2014-10-30T14:12:00+08:00". 350 351 Where "UTCDate" is given as a type, it means a "Date" where the 352 "time-offset" component MUST be "Z" (i.e., it must be in UTC time). 353 For example, "2014-10-30T06:12:00Z". 354 3551.5. JSON as the Data Encoding Format 356 357 JSON is a text-based data interchange format as specified in 358 [RFC8259]. The Internet JSON (I-JSON) format defined in [RFC7493] is 359 a strict subset of this, adding restrictions to avoid potentially 360 confusing scenarios (for example, it mandates that an object MUST NOT 361 have two members with the same name). 362 363 All data sent from the client to the server or from the server to the 364 client (except binary file upload/download) MUST be valid I-JSON 365 according to the RFC and is therefore case sensitive and encoded in 366 UTF-8 [RFC3629]. 367 3681.6. Terminology 369 3701.6.1. User 371 372 A user is a person accessing data via JMAP. A user has a set of 373 permissions determining the data that they can see. 374 3751.6.2. Accounts 376 377 An account is a collection of data. A single account may contain an 378 arbitrary set of data types, for example, a collection of mail, 379 contacts, and calendars. Most JMAP methods take a mandatory 380 "accountId" argument that specifies on which account the operations 381 are to take place. 382 383 An account is not the same as a user, although it is common for a 384 primary account to directly belong to the user. For example, you may 385 have an account that contains data for a group or business, to which 386 multiple users have access. 387 388 389 390 391 392 393 394Jenkins & Newman Standards Track [Page 7] 395 396RFC 8620 JMAP July 2019 397 398 399 A single set of credentials may provide access to multiple accounts, 400 for example, if another user is sharing their work calendar with the 401 authenticated user or if there is a group mailbox for a support-desk 402 inbox. 403 404 In the event of a severe internal error, a server may have to 405 reallocate ids or do something else that violates standard JMAP data 406 constraints for an account. In this situation, the data on the 407 server is no longer compatible with cached data the client may have 408 from before. The server MUST treat this as though the account has 409 been deleted and then recreated with a new account id. Clients will 410 then be forced to throw away any data with the old account id and 411 refetch all data from scratch. 412 4131.6.3. Data Types and Records 414 415 JMAP provides a uniform interface for creating, retrieving, updating, 416 and deleting various types of objects. A "data type" is a collection 417 of named, typed properties, just like the schema for a database 418 table. Each instance of a data type is called a "record". 419 420 The id of a record is immutable and assigned by the server. The id 421 MUST be unique among all records of the *same type* within the *same 422 account*. Ids may clash across accounts or for two records of 423 different types within the same account. 424 4251.7. The JMAP API Model 426 427 JMAP uses HTTP [RFC7230] to expose API, push, upload, and download 428 resources. All HTTP requests MUST use the "https://" scheme (HTTP 429 over TLS [RFC2818]). All HTTP requests MUST be authenticated. 430 431 An authenticated client can fetch the user's Session object with 432 details about the data and capabilities the server can provide as 433 shown in Section 2. The client may then exchange data with the 434 server in the following ways: 435 436 1. The client may make an API request to the server to get or set 437 structured data. This request consists of an ordered series of 438 method calls. These are processed by the server, which then 439 returns an ordered series of responses. This is described in 440 Sections 3, 4, and 5. 441 442 2. The client may download or upload binary files from/to the 443 server. This is detailed in Section 6. 444 445 3. The client may connect to a push channel on the server, to be 446 notified when data has changed. This is explained in Section 7. 447 448 449 450Jenkins & Newman Standards Track [Page 8] 451 452RFC 8620 JMAP July 2019 453 454 4551.8. Vendor-Specific Extensions 456 457 Individual services will have custom features they wish to expose 458 over JMAP. This may take the form of extra data types and/or methods 459 not in the spec, extra arguments to JMAP methods, or extra properties 460 on existing data types (which may also appear in arguments to methods 461 that take property names). 462 463 The server can advertise custom extensions it supports by including 464 the identifiers in the capabilities object. Identifiers for vendor 465 extensions MUST be a URL belonging to a domain owned by the vendor, 466 to avoid conflict. The URL SHOULD resolve to documentation for the 467 changes the extension makes. 468 469 The client MUST opt in to use an extension by passing the appropriate 470 capability identifier in the "using" array of the Request object, as 471 described in Section 3.3. The server MUST only follow the 472 specifications that are opted into and behave as though it does not 473 implement anything else when processing a request. This is to ensure 474 compatibility with clients that don't know about a specific custom 475 extension and for compatibility with future versions of JMAP. 476 4772. The JMAP Session Resource 478 479 You need two things to connect to a JMAP server: 480 481 1. The URL for the JMAP Session resource. This may be requested 482 directly from the user or discovered automatically based on a 483 username domain (see Section 2.2 below). 484 485 2. Credentials to authenticate with. How to obtain credentials is 486 out of scope for this document. 487 488 A successful authenticated GET request to the JMAP Session resource 489 MUST return a JSON-encoded *Session* object, giving details about the 490 data and capabilities the server can provide to the client given 491 those credentials. It has the following properties: 492 493 o capabilities: "String[Object]" 494 495 An object specifying the capabilities of this server. Each key is 496 a URI for a capability supported by the server. The value for 497 each of these keys is an object with further information about the 498 server's capabilities in relation to that capability. 499 500 The client MUST ignore any properties it does not understand. 501 502 503 504 505 506Jenkins & Newman Standards Track [Page 9] 507 508RFC 8620 JMAP July 2019 509 510 511 The capabilities object MUST include a property called 512 "urn:ietf:params:jmap:core". The value of this property is an 513 object that MUST contain the following information on server 514 capabilities (suggested minimum values for limits are supplied 515 that allow clients to make efficient use of the network): 516 517 * maxSizeUpload: "UnsignedInt" 518 519 The maximum file size, in octets, that the server will accept 520 for a single file upload (for any purpose). Suggested minimum: 521 50,000,000. 522 523 * maxConcurrentUpload: "UnsignedInt" 524 525 The maximum number of concurrent requests the server will 526 accept to the upload endpoint. Suggested minimum: 4. 527 528 * maxSizeRequest: "UnsignedInt" 529 530 The maximum size, in octets, that the server will accept for a 531 single request to the API endpoint. Suggested minimum: 532 10,000,000. 533 534 * maxConcurrentRequests: "UnsignedInt" 535 536 The maximum number of concurrent requests the server will 537 accept to the API endpoint. Suggested minimum: 4. 538 539 * maxCallsInRequest: "UnsignedInt" 540 541 The maximum number of method calls the server will accept in a 542 single request to the API endpoint. Suggested minimum: 16. 543 544 * maxObjectsInGet: "UnsignedInt" 545 546 The maximum number of objects that the client may request in a 547 single /get type method call. Suggested minimum: 500. 548 549 * maxObjectsInSet: "UnsignedInt" 550 551 The maximum number of objects the client may send to create, 552 update, or destroy in a single /set type method call. This is 553 the combined total, e.g., if the maximum is 10, you could not 554 create 7 objects and destroy 6, as this would be 13 actions, 555 which exceeds the limit. Suggested minimum: 500. 556 557 558 559 560 561 562Jenkins & Newman Standards Track [Page 10] 563 564RFC 8620 JMAP July 2019 565 566 567 * collationAlgorithms: "String[]" 568 569 A list of identifiers for algorithms registered in the 570 collation registry, as defined in [RFC4790], that the server 571 supports for sorting when querying records. 572 573 Specifications for future capabilities will define their own 574 properties on the capabilities object. 575 576 Servers MAY advertise vendor-specific JMAP extensions, as 577 described in Section 1.8. To avoid conflict, an identifier for a 578 vendor-specific extension MUST be a URL with a domain owned by the 579 vendor. Clients MUST opt in to any capability it wishes to use 580 (see Section 3.3). 581 582 o accounts: "Id[Account]" 583 584 A map of an account id to an Account object for each account (see 585 Section 1.6.2) the user has access to. An *Account* object has 586 the following properties: 587 588 * name: "String" 589 590 A user-friendly string to show when presenting content from 591 this account, e.g., the email address representing the owner of 592 the account. 593 594 * isPersonal: "Boolean" 595 596 This is true if the account belongs to the authenticated user 597 rather than a group account or a personal account of another 598 user that has been shared with them. 599 600 * isReadOnly: "Boolean" 601 602 This is true if the entire account is read-only. 603 604 * accountCapabilities: "String[Object]" 605 606 The set of capability URIs for the methods supported in this 607 account. Each key is a URI for a capability that has methods 608 you can use with this account. The value for each of these 609 keys is an object with further information about the account's 610 permissions and restrictions with respect to this capability, 611 as defined in the capability's specification. 612 613 The client MUST ignore any properties it does not understand. 614 615 616 617 618Jenkins & Newman Standards Track [Page 11] 619 620RFC 8620 JMAP July 2019 621 622 623 The server advertises the full list of capabilities it supports 624 in the capabilities object, as defined above. If the 625 capability defines new methods, the server MUST include it in 626 the accountCapabilities object if the user may use those 627 methods with this account. It MUST NOT include it in the 628 accountCapabilities object if the user cannot use those methods 629 with this account. 630 631 For example, you may have access to your own account with mail, 632 calendars, and contacts data and also a shared account that 633 only has contacts data (a business address book, for example). 634 In this case, the accountCapabilities property on the first 635 account would include something like 636 "urn:ietf:params:jmap:mail", "urn:ietf:params:jmap:calendars", 637 and "urn:ietf:params:jmap:contacts", while the second account 638 would just have the last of these. 639 640 Attempts to use the methods defined in a capability with one of 641 the accounts that does not support that capability are rejected 642 with an "accountNotSupportedByMethod" error (see "Method-Level 643 Errors", Section 3.6.2). 644 645 o primaryAccounts: "String[Id]" 646 647 A map of capability URIs (as found in accountCapabilities) to the 648 account id that is considered to be the user's main or default 649 account for data pertaining to that capability. If no account 650 being returned belongs to the user, or in any other way there is 651 no appropriate way to determine a default account, there MAY be no 652 entry for a particular URI, even though that capability is 653 supported by the server (and in the capabilities object). 654 "urn:ietf:params:jmap:core" SHOULD NOT be present. 655 656 o username: "String" 657 658 The username associated with the given credentials, or the empty 659 string if none. 660 661 o apiUrl: "String" 662 663 The URL to use for JMAP API requests. 664 665 666 667 668 669 670 671 672 673 674Jenkins & Newman Standards Track [Page 12] 675 676RFC 8620 JMAP July 2019 677 678 679 o downloadUrl: "String" 680 681 The URL endpoint to use when downloading files, in URI Template 682 (level 1) format [RFC6570]. The URL MUST contain variables called 683 "accountId", "blobId", "type", and "name". The use of these 684 variables is described in Section 6.2. Due to potential encoding 685 issues with slashes in content types, it is RECOMMENDED to put the 686 "type" variable in the query section of the URL. 687 688 o uploadUrl: "String" 689 690 The URL endpoint to use when uploading files, in URI Template 691 (level 1) format [RFC6570]. The URL MUST contain a variable 692 called "accountId". The use of this variable is described in 693 Section 6.1. 694 695 o eventSourceUrl: "String" 696 697 The URL to connect to for push events, as described in 698 Section 7.3, in URI Template (level 1) format [RFC6570]. The URL 699 MUST contain variables called "types", "closeafter", and "ping". 700 The use of these variables is described in Section 7.3. 701 702 o state: "String" 703 704 A (preferably short) string representing the state of this object 705 on the server. If the value of any other property on the Session 706 object changes, this string will change. The current value is 707 also returned on the API Response object (see Section 3.4), 708 allowing clients to quickly determine if the session information 709 has changed (e.g., an account has been added or removed), so they 710 need to refetch the object. 711 712 To ensure future compatibility, other properties MAY be included on 713 the Session object. Clients MUST ignore any properties they are not 714 expecting. 715 716 Implementors must take care to avoid inappropriate caching of the 717 Session object at the HTTP layer. Since the client should only 718 refetch when it detects there is a change (via the sessionState 719 property of an API response), it is RECOMMENDED to disable HTTP 720 caching altogether, for example, by setting "Cache-Control: no-cache, 721 no-store, must-revalidate" on the response. 722 723 724 725 726 727 728 729 730Jenkins & Newman Standards Track [Page 13] 731 732RFC 8620 JMAP July 2019 733 734 7352.1. Example 736 737 In the following example Session object, the user has access to their 738 own mail and contacts via JMAP, as well as read-only access to shared 739 mail from another user. The server is advertising a custom 740 "https://example.com/apis/foobar" capability. 741 742 { 743 "capabilities": { 744 "urn:ietf:params:jmap:core": { 745 "maxSizeUpload": 50000000, 746 "maxConcurrentUpload": 8, 747 "maxSizeRequest": 10000000, 748 "maxConcurrentRequest": 8, 749 "maxCallsInRequest": 32, 750 "maxObjectsInGet": 256, 751 "maxObjectsInSet": 128, 752 "collationAlgorithms": [ 753 "i;ascii-numeric", 754 "i;ascii-casemap", 755 "i;unicode-casemap" 756 ] 757 }, 758 "urn:ietf:params:jmap:mail": {} 759 "urn:ietf:params:jmap:contacts": {}, 760 "https://example.com/apis/foobar": { 761 "maxFoosFinangled": 42 762 } 763 }, 764 "accounts": { 765 "A13824": { 766 "name": "john@example.com", 767 "isPersonal": true, 768 "isReadOnly": false, 769 "accountCapabilities": { 770 "urn:ietf:params:jmap:mail": { 771 "maxMailboxesPerEmail": null, 772 "maxMailboxDepth": 10, 773 ... 774 }, 775 "urn:ietf:params:jmap:contacts": { 776 ... 777 } 778 } 779 }, 780 781 782 783 784 785 786Jenkins & Newman Standards Track [Page 14] 787 788RFC 8620 JMAP July 2019 789 790 791 "A97813": { 792 "name": "jane@example.com", 793 "isPersonal": false, 794 "isReadOnly": true, 795 "accountCapabilities": { 796 "urn:ietf:params:jmap:mail": { 797 "maxMailboxesPerEmail": 1, 798 "maxMailboxDepth": 10, 799 ... 800 } 801 } 802 } 803 }, 804 "primaryAccounts": { 805 "urn:ietf:params:jmap:mail": "A13824", 806 "urn:ietf:params:jmap:contacts": "A13824" 807 }, 808 "username": "john@example.com", 809 "apiUrl": "https://jmap.example.com/api/", 810 "downloadUrl": "https://jmap.example.com 811 /download/{accountId}/{blobId}/{name}?accept={type}", 812 "uploadUrl": "https://jmap.example.com/upload/{accountId}/", 813 "eventSourceUrl": "https://jmap.example.com 814 /eventsource/?types={types}&closeafter={closeafter}&ping={ping}", 815 "state": "75128aab4b1b" 816 } 817 8182.2. Service Autodiscovery 819 820 There are two standardised autodiscovery methods in use for Internet 821 protocols: 822 823 o DNS SRV (see [RFC2782], [RFC6186], and [RFC6764]) 824 825 o .well-known/servicename (see [RFC8615]) 826 827 A JMAP-supporting host for the domain "example.com" SHOULD publish a 828 SRV record "_jmap._tcp.example.com" that gives a hostname and port 829 (usually port "443"). The JMAP Session resource is then 830 "https://${hostname}[:${port}]/.well-known/jmap" (following any 831 redirects). 832 833 If the client has a username in the form of an email address, it MAY 834 use the domain portion of this to attempt autodiscovery of the JMAP 835 server. 836 837 838 839 840 841 842Jenkins & Newman Standards Track [Page 15] 843 844RFC 8620 JMAP July 2019 845 846 8473. Structured Data Exchange 848 849 The client may make an API request to the server to get or set 850 structured data. This request consists of an ordered series of 851 method calls. These are processed by the server, which then returns 852 an ordered series of responses. 853 8543.1. Making an API Request 855 856 To make an API request, the client makes an authenticated POST 857 request to the API resource, which is defined by the "apiUrl" 858 property in the Session object (see Section 2). 859 860 The request MUST be of type "application/json" and consist of a 861 single JSON-encoded "Request" object, as defined in Section 3.3. If 862 successful, the response MUST also be of type "application/json" and 863 consist of a single "Response" object, as defined in Section 3.4. 864 8653.2. The Invocation Data Type 866 867 Method calls and responses are represented by the *Invocation* data 868 type. This is a tuple, represented as a JSON array containing three 869 elements: 870 871 1. A "String" *name* of the method to call or of the response. 872 873 2. A "String[*]" object containing named *arguments* for that method 874 or response. 875 876 3. A "String" *method call id*: an arbitrary string from the client 877 to be echoed back with the responses emitted by that method call 878 (a method may return 1 or more responses, as it may make implicit 879 calls to other methods; all responses initiated by this method 880 call get the same method call id in the response). 881 8823.3. The Request Object 883 884 A *Request* object has the following properties: 885 886 o using: "String[]" 887 888 The set of capabilities the client wishes to use. The client MAY 889 include capability identifiers even if the method calls it makes 890 do not utilise those capabilities. The server advertises the set 891 of specifications it supports in the Session object (see 892 Section 2), as keys on the "capabilities" property. 893 894 895 896 897 898Jenkins & Newman Standards Track [Page 16] 899 900RFC 8620 JMAP July 2019 901 902 903 o methodCalls: "Invocation[]" 904 905 An array of method calls to process on the server. The method 906 calls MUST be processed sequentially, in order. 907 908 o createdIds: "Id[Id]" (optional) 909 910 A map of a (client-specified) creation id to the id the server 911 assigned when a record was successfully created. 912 913 As described later in this specification, some records may have a 914 property that contains the id of another record. To allow more 915 efficient network usage, you can set this property to reference a 916 record created earlier in the same API request. Since the real id 917 is unknown when the request is created, the client can instead 918 specify the creation id it assigned, prefixed with a "#" (see 919 Section 5.3 for more details). 920 921 As the server processes API requests, any time it successfully 922 creates a new record, it adds the creation id to this map (see the 923 "create" argument to /set in Section 5.3), with the server- 924 assigned real id as the value. If it comes across a reference to 925 a creation id in a create/update, it looks it up in the map and 926 replaces the reference with the real id, if found. 927 928 The client can pass an initial value for this map as the 929 "createdIds" property of the Request object. This may be an empty 930 object. If given in the request, the response will also include a 931 createdIds property. This allows proxy servers to easily split a 932 JMAP request into multiple JMAP requests to send to different 933 servers. For example, it could send the first two method calls to 934 server A, then the third to server B, before sending the fourth to 935 server A again. By passing the createdIds of the previous 936 response to the next request, it can ensure all of these still 937 resolve. See Section 5.8 for further discussion of proxy 938 considerations. 939 940 Future specifications MAY add further properties to the Request 941 object to extend the semantics. To ensure forwards compatibility, a 942 server MUST ignore any other properties it does not understand on the 943 JMAP Request object. 944 945 946 947 948 949 950 951 952 953 954Jenkins & Newman Standards Track [Page 17] 955 956RFC 8620 JMAP July 2019 957 958 9593.3.1. Example Request 960 961{ 962 "using": [ "urn:ietf:params:jmap:core", "urn:ietf:params:jmap:mail" ], 963 "methodCalls": [ 964 [ "method1", { 965 "arg1": "arg1data", 966 "arg2": "arg2data" 967 }, "c1" ], 968 [ "method2", { 969 "arg1": "arg1data" 970 }, "c2" ], 971 [ "method3", {}, "c3" ] 972 ] 973} 974 9753.4. The Response Object 976 977 A *Response* object has the following properties: 978 979 o methodResponses: "Invocation[]" 980 981 An array of responses, in the same format as the "methodCalls" on 982 the Request object. The output of the methods MUST be added to 983 the "methodResponses" array in the same order that the methods are 984 processed. 985 986 o createdIds: "Id[Id]" (optional; only returned if given in the 987 request) 988 989 A map of a (client-specified) creation id to the id the server 990 assigned when a record was successfully created. This MUST 991 include all creation ids passed in the original createdIds 992 parameter of the Request object, as well as any additional ones 993 added for newly created records. 994 995 o sessionState: "String" 996 997 The current value of the "state" string on the Session object, as 998 described in Section 2. Clients may use this to detect if this 999 object has changed and needs to be refetched. 1000 1001 Unless otherwise specified, if the method call completed 1002 successfully, its response name is the same as the method name in the 1003 request. 1004 1005 1006 1007 1008 1009 1010Jenkins & Newman Standards Track [Page 18] 1011 1012RFC 8620 JMAP July 2019 1013 1014 10153.4.1. Example Response 1016 1017 { 1018 "methodResponses": [ 1019 [ "method1", { 1020 "arg1": 3, 1021 "arg2": "foo" 1022 }, "c1" ], 1023 [ "method2", { 1024 "isBlah": true 1025 }, "c2" ], 1026 [ "anotherResponseFromMethod2", { 1027 "data": 10, 1028 "yetmoredata": "Hello" 1029 }, "c2"], 1030 [ "error", { 1031 "type":"unknownMethod" 1032 }, "c3" ] 1033 ], 1034 "sessionState": "75128aab4b1b" 1035 } 1036 10373.5. Omitting Arguments 1038 1039 An argument to a method may be specified to have a default value. If 1040 omitted by the client, the server MUST treat the method call the same 1041 as if the default value had been specified. Similarly, the server 1042 MAY omit any argument in a response that has the default value. 1043 1044 Unless otherwise specified in a method description, null is the 1045 default value for any argument in a request or response where this is 1046 allowed by the type signature. Other arguments may only be omitted 1047 if an explicit default value is defined in the method description. 1048 10493.6. Errors 1050 1051 There are three different levels of granularity at which an error may 1052 be returned in JMAP. 1053 1054 When an API request is made, the request as a whole may be rejected 1055 due to rate limiting, malformed JSON, request for an unknown 1056 capability, etc. In this case, the entire request is rejected with 1057 an appropriate HTTP error response code and an additional JSON body 1058 with more detail for the client. 1059 1060 Provided the request itself is syntactically valid (the JSON is valid 1061 and when decoded, it matches the type signature of a Request object), 1062 the methods within it are executed sequentially by the server. Each 1063 1064 1065 1066Jenkins & Newman Standards Track [Page 19] 1067 1068RFC 8620 JMAP July 2019 1069 1070 1071 method may individually fail, for example, if invalid arguments are 1072 given or an unknown method name is called. 1073 1074 Finally, methods that make changes to the server state often act upon 1075 a number of different records within a single call. Each record 1076 change may be separately rejected with a SetError, as described in 1077 Section 5.3. 1078 10793.6.1. Request-Level Errors 1080 1081 When an HTTP error response is returned to the client, the server 1082 SHOULD return a JSON "problem details" object as the response body, 1083 as per [RFC7807]. 1084 1085 The following problem types are defined: 1086 1087 o "urn:ietf:params:jmap:error:unknownCapability" 1088 The client included a capability in the "using" property of the 1089 request that the server does not support. 1090 1091 o "urn:ietf:params:jmap:error:notJSON" 1092 The content type of the request was not "application/json" or the 1093 request did not parse as I-JSON. 1094 1095 o "urn:ietf:params:jmap:error:notRequest" 1096 The request parsed as JSON but did not match the type signature of 1097 the Request object. 1098 1099 o "urn:ietf:params:jmap:error:limit" 1100 The request was not processed as it would have exceeded one of the 1101 request limits defined on the capability object, such as 1102 maxSizeRequest, maxCallsInRequest, or maxConcurrentRequests. A 1103 "limit" property MUST also be present on the "problem details" 1104 object, containing the name of the limit being applied. 1105 11063.6.1.1. Example 1107 1108 { 1109 "type": "urn:ietf:params:jmap:error:unknownCapability", 1110 "status": 400, 1111 "detail": "The Request object used capability 1112 'https://example.com/apis/foobar', which is not supported 1113 by this server." 1114 } 1115 1116 1117 1118 1119 1120 1121 1122Jenkins & Newman Standards Track [Page 20] 1123 1124RFC 8620 JMAP July 2019 1125 1126 1127 Another example: 1128 1129 { 1130 "type": "urn:ietf:params:jmap:error:limit", 1131 "limit": "maxSizeRequest", 1132 "status": 400, 1133 "detail": "The request is larger than the server is willing to 1134 process." 1135 } 1136 11373.6.2. Method-Level Errors 1138 1139 If a method encounters an error, the appropriate "error" response 1140 MUST be inserted at the current point in the "methodResponses" array 1141 and, unless otherwise specified, further processing MUST NOT happen 1142 within that method call. 1143 1144 Any further method calls in the request MUST then be processed as 1145 normal. Errors at the method level MUST NOT generate an HTTP-level 1146 error. 1147 1148 An "error" response looks like this: 1149 1150 [ "error", { 1151 "type": "unknownMethod" 1152 }, "call-id" ] 1153 1154 The response name is "error", and it MUST have a type property. 1155 Other properties may be present with further information; these are 1156 detailed in the error type descriptions where appropriate. 1157 1158 With the exception of when the "serverPartialFail" error is returned, 1159 the externally visible state of the server MUST NOT have changed if 1160 an error is returned at the method level. 1161 1162 The following error types are defined, which may be returned for any 1163 method call where appropriate: 1164 1165 "serverUnavailable": Some internal server resource was temporarily 1166 unavailable. Attempting the same operation later (perhaps after a 1167 backoff with a random factor) may succeed. 1168 1169 "serverFail": An unexpected or unknown error occurred during the 1170 processing of the call. A "description" property should provide more 1171 details about the error. The method call made no changes to the 1172 server's state. Attempting the same operation again is expected to 1173 fail again. Contacting the service administrator is likely necessary 1174 to resolve this problem if it is persistent. 1175 1176 1177 1178Jenkins & Newman Standards Track [Page 21] 1179 1180RFC 8620 JMAP July 2019 1181 1182 1183 "serverPartialFail": Some, but not all, expected changes described by 1184 the method occurred. The client MUST resynchronise impacted data to 1185 determine server state. Use of this error is strongly discouraged. 1186 1187 "unknownMethod": The server does not recognise this method name. 1188 1189 "invalidArguments": One of the arguments is of the wrong type or is 1190 otherwise invalid, or a required argument is missing. A 1191 "description" property MAY be present to help debug with an 1192 explanation of what the problem was. This is a non-localised string, 1193 and it is not intended to be shown directly to end users. 1194 1195 "invalidResultReference": The method used a result reference for one 1196 of its arguments (see Section 3.7), but this failed to resolve. 1197 1198 "forbidden": The method and arguments are valid, but executing the 1199 method would violate an Access Control List (ACL) or other 1200 permissions policy. 1201 1202 "accountNotFound": The accountId does not correspond to a valid 1203 account. 1204 1205 "accountNotSupportedByMethod": The accountId given corresponds to a 1206 valid account, but the account does not support this method or data 1207 type. 1208 1209 "accountReadOnly": This method modifies state, but the account is 1210 read-only (as returned on the corresponding Account object in the 1211 JMAP Session resource). 1212 1213 Further possible errors for a particular method are specified in the 1214 method descriptions. 1215 1216 Further general errors MAY be defined in future RFCs. Should a 1217 client receive an error type it does not understand, it MUST treat it 1218 the same as the "serverFail" type. 1219 12203.7. References to Previous Method Results 1221 1222 To allow clients to make more efficient use of the network and avoid 1223 round trips, an argument to one method can be taken from the result 1224 of a previous method call in the same request. 1225 1226 To do this, the client prefixes the argument name with "#" (an 1227 octothorpe). The value is a ResultReference object as described 1228 below. When processing a method call, the server MUST first check 1229 the arguments object for any names beginning with "#". If found, the 1230 result reference should be resolved and the value used as the "real" 1231 1232 1233 1234Jenkins & Newman Standards Track [Page 22] 1235 1236RFC 8620 JMAP July 2019 1237 1238 1239 argument. The method is then processed as normal. If any result 1240 reference fails to resolve, the whole method MUST be rejected with an 1241 "invalidResultReference" error. If an arguments object contains the 1242 same argument name in normal and referenced form (e.g., "foo" and 1243 "#foo"), the method MUST return an "invalidArguments" error. 1244 1245 A *ResultReference* object has the following properties: 1246 1247 o resultOf: "String" 1248 1249 The method call id (see Section 3.2) of a previous method call in 1250 the current request. 1251 1252 o name: "String" 1253 1254 The required name of a response to that method call. 1255 1256 o path: "String" 1257 1258 A pointer into the arguments of the response selected via the name 1259 and resultOf properties. This is a JSON Pointer [RFC6901], except 1260 it also allows the use of "*" to map through an array (see the 1261 description below). 1262 1263 To resolve: 1264 1265 1. Find the first response with a method call id identical to the 1266 "resultOf" property of the ResultReference in the 1267 "methodResponses" array from previously processed method calls in 1268 the same request. If none, evaluation fails. 1269 1270 2. If the response name is not identical to the "name" property of 1271 the ResultReference, evaluation fails. 1272 1273 3. Apply the "path" to the arguments object of the response (the 1274 second item in the response array) following the JSON Pointer 1275 algorithm [RFC6901], except with the following addition in 1276 "Evaluation" (see Section 4): 1277 1278 If the currently referenced value is a JSON array, the reference 1279 token may be exactly the single character "*", making the new 1280 referenced value the result of applying the rest of the JSON 1281 Pointer tokens to every item in the array and returning the 1282 results in the same order in a new array. If the result of 1283 applying the rest of the pointer tokens to each item was itself 1284 an array, the contents of this array are added to the output 1285 rather than the array itself (i.e., the result is flattened from 1286 an array of arrays to a single array). If the result of applying 1287 1288 1289 1290Jenkins & Newman Standards Track [Page 23] 1291 1292RFC 8620 JMAP July 2019 1293 1294 1295 the rest of the pointer tokens to a value was itself an array, 1296 its items should be included individually in the output rather 1297 than including the array itself (i.e., the result is flattened 1298 from an array of arrays to a single array). 1299 1300 As a simple example, suppose we have the following API request 1301 "methodCalls": 1302 1303 [[ "Foo/changes", { 1304 "accountId": "A1", 1305 "sinceState": "abcdef" 1306 }, "t0" ], 1307 [ "Foo/get", { 1308 "accountId": "A1", 1309 "#ids": { 1310 "resultOf": "t0", 1311 "name": "Foo/changes", 1312 "path": "/created" 1313 } 1314 }, "t1" ]] 1315 1316 After executing the first method call, the "methodResponses" array 1317 is: 1318 1319 [[ "Foo/changes", { 1320 "accountId": "A1", 1321 "oldState": "abcdef", 1322 "newState": "123456", 1323 "hasMoreChanges": false, 1324 "created": [ "f1", "f4" ], 1325 "updated": [], 1326 "destroyed": [] 1327 }, "t0" ]] 1328 1329 To execute the "Foo/get" call, we look through the arguments and find 1330 there is one with a "#" prefix. To resolve this, we apply the 1331 algorithm above: 1332 1333 1. Find the first response with method call id "t0". The "Foo/ 1334 changes" response fulfils this criterion. 1335 1336 2. Check that the response name is the same as in the result 1337 reference. It is, so this is fine. 1338 1339 3. Apply the "path" as a JSON Pointer to the arguments object. This 1340 simply selects the "created" property, so the result of 1341 evaluating is: [ "f1", "f4" ]. 1342 1343 1344 1345 1346Jenkins & Newman Standards Track [Page 24] 1347 1348RFC 8620 JMAP July 2019 1349 1350 1351 The JMAP server now continues to process the "Foo/get" call as though 1352 the arguments were: 1353 1354 { 1355 "accountId": "A1", 1356 "ids": [ "f1", "f4" ] 1357 } 1358 1359 Now, a more complicated example using the JMAP Mail data model: fetch 1360 the "from"/"date"/"subject" for every Email in the first 10 Threads 1361 in the inbox (sorted newest first): 1362 1363 [[ "Email/query", { 1364 "accountId": "A1", 1365 "filter": { "inMailbox": "id_of_inbox" }, 1366 "sort": [{ "property": "receivedAt", "isAscending": false }], 1367 "collapseThreads": true, 1368 "position": 0, 1369 "limit": 10, 1370 "calculateTotal": true 1371 }, "t0" ], 1372 [ "Email/get", { 1373 "accountId": "A1", 1374 "#ids": { 1375 "resultOf": "t0", 1376 "name": "Email/query", 1377 "path": "/ids" 1378 }, 1379 "properties": [ "threadId" ] 1380 }, "t1" ], 1381 [ "Thread/get", { 1382 "accountId": "A1", 1383 "#ids": { 1384 "resultOf": "t1", 1385 "name": "Email/get", 1386 "path": "/list/*/threadId" 1387 } 1388 }, "t2" ], 1389 [ "Email/get", { 1390 "accountId": "A1", 1391 "#ids": { 1392 "resultOf": "t2", 1393 "name": "Thread/get", 1394 "path": "/list/*/emailIds" 1395 }, 1396 "properties": [ "from", "receivedAt", "subject" ] 1397 }, "t3" ]] 1398 1399 1400 1401 1402Jenkins & Newman Standards Track [Page 25] 1403 1404RFC 8620 JMAP July 2019 1405 1406 1407 After executing the first 3 method calls, the "methodResponses" array 1408 might be: 1409 1410 [[ "Email/query", { 1411 "accountId": "A1", 1412 "queryState": "abcdefg", 1413 "canCalculateChanges": true, 1414 "position": 0, 1415 "total": 101, 1416 "ids": [ "msg1023", "msg223", "msg110", "msg93", "msg91", 1417 "msg38", "msg36", "msg33", "msg11", "msg1" ] 1418 }, "t0" ], 1419 [ "Email/get", { 1420 "accountId": "A1", 1421 "state": "123456", 1422 "list": [{ 1423 "id": "msg1023", 1424 "threadId": "trd194" 1425 }, { 1426 "id": "msg223", 1427 "threadId": "trd114" 1428 }, 1429 ... 1430 ], 1431 "notFound": [] 1432 }, "t1" ], 1433 [ "Thread/get", { 1434 "accountId": "A1", 1435 "state": "123456", 1436 "list": [{ 1437 "id": "trd194", 1438 "emailIds": [ "msg1020", "msg1021", "msg1023" ] 1439 }, { 1440 "id": "trd114", 1441 "emailIds": [ "msg201", "msg223" ] 1442 }, 1443 ... 1444 ], 1445 "notFound": [] 1446 }, "t2" ]] 1447 1448 To execute the final "Email/get" call, we look through the arguments 1449 and find there is one with a "#" prefix. To resolve this, we apply 1450 the algorithm: 1451 1452 1. Find the first response with method call id "t2". The "Thread/ 1453 get" response fulfils this criterion. 1454 1455 1456 1457 1458Jenkins & Newman Standards Track [Page 26] 1459 1460RFC 8620 JMAP July 2019 1461 1462 1463 2. "Thread/get" is the name specified in the result reference, so 1464 this is fine. 1465 1466 3. Apply the "path" as a JSON Pointer to the arguments object. 1467 Token by token: 1468 1469 1. "list": get the array of thread objects 1470 1471 2. "*": for each of the items in the array: 1472 1473 a. "emailIds": get the array of Email ids 1474 1475 b. Concatenate these into a single array of all the ids in 1476 the result. 1477 1478 The JMAP server now continues to process the "Email/get" call as 1479 though the arguments were: 1480 1481{ 1482 "accountId": "A1", 1483 "ids": [ "msg1020", "msg1021", "msg1023", "msg201", "msg223", ... ], 1484 "properties": [ "from", "receivedAt", "subject" ] 1485} 1486 1487 The ResultReference performs a similar role to that of the creation 1488 id, in that it allows a chained method call to refer to information 1489 not available when the request is generated. However, they are 1490 different things and not interchangeable; the only commonality is the 1491 octothorpe used to indicate them. 1492 14933.8. Localisation of User-Visible Strings 1494 1495 If returning a custom string to be displayed to the user, for 1496 example, an error message, the server SHOULD use information from the 1497 Accept-Language header of the request (as defined in Section 5.3.5 of 1498 [RFC7231]) to choose the best available localisation. The Content- 1499 Language header of the response (see Section 3.1.3.2 of [RFC7231]) 1500 SHOULD indicate the language being used for user-visible strings. 1501 1502 For example, suppose a request was made with the following header: 1503 1504 Accept-Language: fr-CH, fr;q=0.9, de;q=0.8, en;q=0.7, *;q=0.5 1505 1506 and a method generated an error to display to the user. The server 1507 has translations of the error message in English and German. Looking 1508 at the Accept-Language header, the user's preferred language is 1509 French. Since we don't have a translation for this, we look at the 1510 1511 1512 1513 1514Jenkins & Newman Standards Track [Page 27] 1515 1516RFC 8620 JMAP July 2019 1517 1518 1519 next most preferred, which is German. We have a German translation, 1520 so the server returns this and indicates the language chosen in a 1521 Content-Language header like so: 1522 1523 Content-Language: de 1524 15253.9. Security 1526 1527 As always, the server must be strict about data received from the 1528 client. Arguments need to be checked for validity; a malicious user 1529 could attempt to find an exploit through the API. In case of invalid 1530 arguments (unknown/insufficient/wrong type for data, etc.), the 1531 method MUST return an "invalidArguments" error and terminate. 1532 15333.10. Concurrency 1534 1535 Method calls within a single request MUST be executed in order. 1536 However, method calls from different concurrent API requests may be 1537 interleaved. This means that the data on the server may change 1538 between two method calls within a single API request. 1539 15404. The Core/echo Method 1541 1542 The "Core/echo" method returns exactly the same arguments as it is 1543 given. It is useful for testing if you have a valid authenticated 1544 connection to a JMAP API endpoint. 1545 15464.1. Example 1547 1548 Request: 1549 1550 [[ "Core/echo", { 1551 "hello": true, 1552 "high": 5 1553 }, "b3ff" ]] 1554 1555 Response: 1556 1557 [[ "Core/echo", { 1558 "hello": true, 1559 "high": 5 1560 }, "b3ff" ]] 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570Jenkins & Newman Standards Track [Page 28] 1571 1572RFC 8620 JMAP July 2019 1573 1574 15755. Standard Methods and Naming Convention 1576 1577 JMAP provides a uniform interface for creating, retrieving, updating, 1578 and deleting objects of a particular type. For a "Foo" data type, 1579 records of that type would be fetched via a "Foo/get" call and 1580 modified via a "Foo/set" call. Delta updates may be fetched via a 1581 "Foo/changes" call. These methods all follow a standard format as 1582 described below. 1583 1584 Some types may not have all these methods. Specifications defining 1585 types MUST specify which methods are available for the type. 1586 15875.1. /get 1588 1589 Objects of type Foo are fetched via a call to "Foo/get". 1590 1591 It takes the following arguments: 1592 1593 o accountId: "Id" 1594 1595 The id of the account to use. 1596 1597 o ids: "Id[]|null" 1598 1599 The ids of the Foo objects to return. If null, then *all* records 1600 of the data type are returned, if this is supported for that data 1601 type and the number of records does not exceed the 1602 "maxObjectsInGet" limit. 1603 1604 o properties: "String[]|null" 1605 1606 If supplied, only the properties listed in the array are returned 1607 for each Foo object. If null, all properties of the object are 1608 returned. The id property of the object is *always* returned, 1609 even if not explicitly requested. If an invalid property is 1610 requested, the call MUST be rejected with an "invalidArguments" 1611 error. 1612 1613 The response has the following arguments: 1614 1615 o accountId: "Id" 1616 1617 The id of the account used for the call. 1618 1619 1620 1621 1622 1623 1624 1625 1626Jenkins & Newman Standards Track [Page 29] 1627 1628RFC 8620 JMAP July 2019 1629 1630 1631 o state: "String" 1632 1633 A (preferably short) string representing the state on the server 1634 for *all* the data of this type in the account (not just the 1635 objects returned in this call). If the data changes, this string 1636 MUST change. If the Foo data is unchanged, servers SHOULD return 1637 the same state string on subsequent requests for this data type. 1638 When a client receives a response with a different state string to 1639 a previous call, it MUST either throw away all currently cached 1640 objects for the type or call "Foo/changes" to get the exact 1641 changes. 1642 1643 o list: "Foo[]" 1644 1645 An array of the Foo objects requested. This is the *empty array* 1646 if no objects were found or if the "ids" argument passed in was 1647 also an empty array. The results MAY be in a different order to 1648 the "ids" in the request arguments. If an identical id is 1649 included more than once in the request, the server MUST only 1650 include it once in either the "list" or the "notFound" argument of 1651 the response. 1652 1653 o notFound: "Id[]" 1654 1655 This array contains the ids passed to the method for records that 1656 do not exist. The array is empty if all requested ids were found 1657 or if the "ids" argument passed in was either null or an empty 1658 array. 1659 1660 The following additional error may be returned instead of the "Foo/ 1661 get" response: 1662 1663 "requestTooLarge": The number of ids requested by the client exceeds 1664 the maximum number the server is willing to process in a single 1665 method call. 1666 16675.2. /changes 1668 1669 When the state of the set of Foo records in an account changes on the 1670 server (whether due to creation, updates, or deletion), the "state" 1671 property of the "Foo/get" response will change. The "Foo/changes" 1672 method allows a client to efficiently update the state of its Foo 1673 cache to match the new state on the server. It takes the following 1674 arguments: 1675 1676 o accountId: "Id" 1677 1678 The id of the account to use. 1679 1680 1681 1682Jenkins & Newman Standards Track [Page 30] 1683 1684RFC 8620 JMAP July 2019 1685 1686 1687 o sinceState: "String" 1688 1689 The current state of the client. This is the string that was 1690 returned as the "state" argument in the "Foo/get" response. The 1691 server will return the changes that have occurred since this 1692 state. 1693 1694 o maxChanges: "UnsignedInt|null" 1695 1696 The maximum number of ids to return in the response. The server 1697 MAY choose to return fewer than this value but MUST NOT return 1698 more. If not given by the client, the server may choose how many 1699 to return. If supplied by the client, the value MUST be a 1700 positive integer greater than 0. If a value outside of this range 1701 is given, the server MUST reject the call with an 1702 "invalidArguments" error. 1703 1704 The response has the following arguments: 1705 1706 o accountId: "Id" 1707 1708 The id of the account used for the call. 1709 1710 o oldState: "String" 1711 1712 This is the "sinceState" argument echoed back; it's the state from 1713 which the server is returning changes. 1714 1715 o newState: "String" 1716 1717 This is the state the client will be in after applying the set of 1718 changes to the old state. 1719 1720 o hasMoreChanges: "Boolean" 1721 1722 If true, the client may call "Foo/changes" again with the 1723 "newState" returned to get further updates. If false, "newState" 1724 is the current server state. 1725 1726 o created: "Id[]" 1727 1728 An array of ids for records that have been created since the old 1729 state. 1730 1731 o updated: "Id[]" 1732 1733 An array of ids for records that have been updated since the old 1734 state. 1735 1736 1737 1738Jenkins & Newman Standards Track [Page 31] 1739 1740RFC 8620 JMAP July 2019 1741 1742 1743 o destroyed: "Id[]" 1744 1745 An array of ids for records that have been destroyed since the old 1746 state. 1747 1748 If a record has been created AND updated since the old state, the 1749 server SHOULD just return the id in the "created" list but MAY return 1750 it in the "updated" list as well. 1751 1752 If a record has been updated AND destroyed since the old state, the 1753 server SHOULD just return the id in the "destroyed" list but MAY 1754 return it in the "updated" list as well. 1755 1756 If a record has been created AND destroyed since the old state, the 1757 server SHOULD remove the id from the response entirely. However, it 1758 MAY include it in just the "destroyed" list or in both the 1759 "destroyed" and "created" lists. 1760 1761 If a "maxChanges" is supplied, or set automatically by the server, 1762 the server MUST ensure the number of ids returned across "created", 1763 "updated", and "destroyed" does not exceed this limit. If there are 1764 more changes than this between the client's state and the current 1765 server state, the server SHOULD generate an update to take the client 1766 to an intermediate state, from which the client can continue to call 1767 "Foo/changes" until it is fully up to date. If it is unable to 1768 calculate an intermediate state, it MUST return a 1769 "cannotCalculateChanges" error response instead. 1770 1771 When generating intermediate states, the server may choose how to 1772 divide up the changes. For many types, it will provide a better user 1773 experience to return the more recent changes first, as this is more 1774 likely to be what the user is most interested in. The client can 1775 then continue to page in the older changes while the user is viewing 1776 the newer data. For example, suppose a server went through the 1777 following states: 1778 1779 A -> B -> C -> D -> E 1780 1781 And a client asks for changes from state "B". The server might first 1782 get the ids of records created, updated, or destroyed between states 1783 D and E, returning them with: 1784 1785 state: "B-D-E" 1786 hasMoreChanges: true 1787 1788 1789 1790 1791 1792 1793 1794Jenkins & Newman Standards Track [Page 32] 1795 1796RFC 8620 JMAP July 2019 1797 1798 1799 The client will then ask for the change from state "B-D-E", and the 1800 server can return the changes between states C and D, returning: 1801 1802 state: "B-C-E" 1803 hasMoreChanges: true 1804 1805 Finally, the client will request the changes from "B-C-E", and the 1806 server can return the changes between states B and C, returning: 1807 1808 state: "E" 1809 hasMoreChanges: false 1810 1811 Should the state on the server be modified in the middle of all this 1812 (to "F"), the server still does the same, but now when the update to 1813 state "E" is returned, it would indicate that it still has more 1814 changes for the client to fetch. 1815 1816 Where multiple changes to a record are split across different 1817 intermediate states, the server MUST NOT return a record as created 1818 after a response that deems it as updated or destroyed, and it MUST 1819 NOT return a record as destroyed before a response that deems it as 1820 created or updated. The server may have to coalesce multiple changes 1821 to a record to satisfy this requirement. 1822 1823 The following additional errors may be returned instead of the "Foo/ 1824 changes" response: 1825 1826 "cannotCalculateChanges": The server cannot calculate the changes 1827 from the state string given by the client. Usually, this is due to 1828 the client's state being too old or the server being unable to 1829 produce an update to an intermediate state when there are too many 1830 updates. The client MUST invalidate its Foo cache. 1831 1832 Maintaining state to allow calculation of "Foo/changes" can be 1833 expensive for the server, but always returning 1834 "cannotCalculateChanges" severely increases network traffic and 1835 resource usage for the client. To allow efficient sync, servers 1836 SHOULD be able to calculate changes from any state string that was 1837 given to a client within the last 30 days (but of course may support 1838 calculating updates from states older than this). 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850Jenkins & Newman Standards Track [Page 33] 1851 1852RFC 8620 JMAP July 2019 1853 1854 18555.3. /set 1856 1857 Modifying the state of Foo objects on the server is done via the 1858 "Foo/set" method. This encompasses creating, updating, and 1859 destroying Foo records. This allows the server to sort out ordering 1860 and dependencies that may exist if doing multiple operations at once 1861 (for example, to ensure there is always a minimum number of a certain 1862 record type). 1863 1864 The "Foo/set" method takes the following arguments: 1865 1866 o accountId: "Id" 1867 1868 The id of the account to use. 1869 1870 o ifInState: "String|null" 1871 1872 This is a state string as returned by the "Foo/get" method 1873 (representing the state of all objects of this type in the 1874 account). If supplied, the string must match the current state; 1875 otherwise, the method will be aborted and a "stateMismatch" error 1876 returned. If null, any changes will be applied to the current 1877 state. 1878 1879 o create: "Id[Foo]|null" 1880 1881 A map of a *creation id* (a temporary id set by the client) to Foo 1882 objects, or null if no objects are to be created. 1883 1884 The Foo object type definition may define default values for 1885 properties. Any such property may be omitted by the client. 1886 1887 The client MUST omit any properties that may only be set by the 1888 server (for example, the "id" property on most object types). 1889 1890 o update: "Id[PatchObject]|null" 1891 1892 A map of an id to a Patch object to apply to the current Foo 1893 object with that id, or null if no objects are to be updated. 1894 1895 A *PatchObject* is of type "String[*]" and represents an unordered 1896 set of patches. The keys are a path in JSON Pointer format 1897 [RFC6901], with an implicit leading "/" (i.e., prefix each key 1898 with "/" before applying the JSON Pointer evaluation algorithm). 1899 1900 All paths MUST also conform to the following restrictions; if 1901 there is any violation, the update MUST be rejected with an 1902 "invalidPatch" error: 1903 1904 1905 1906Jenkins & Newman Standards Track [Page 34] 1907 1908RFC 8620 JMAP July 2019 1909 1910 1911 * The pointer MUST NOT reference inside an array (i.e., you MUST 1912 NOT insert/delete from an array; the array MUST be replaced in 1913 its entirety instead). 1914 1915 * All parts prior to the last (i.e., the value after the final 1916 slash) MUST already exist on the object being patched. 1917 1918 * There MUST NOT be two patches in the PatchObject where the 1919 pointer of one is the prefix of the pointer of the other, e.g., 1920 "alerts/1/offset" and "alerts". 1921 1922 The value associated with each pointer determines how to apply 1923 that patch: 1924 1925 * If null, set to the default value if specified for this 1926 property; otherwise, remove the property from the patched 1927 object. If the key is not present in the parent, this a no-op. 1928 1929 * Anything else: The value to set for this property (this may be 1930 a replacement or addition to the object being patched). 1931 1932 Any server-set properties MAY be included in the patch if their 1933 value is identical to the current server value (before applying 1934 the patches to the object). Otherwise, the update MUST be 1935 rejected with an "invalidProperties" SetError. 1936 1937 This patch definition is designed such that an entire Foo object 1938 is also a valid PatchObject. The client may choose to optimise 1939 network usage by just sending the diff or may send the whole 1940 object; the server processes it the same either way. 1941 1942 o destroy: "Id[]|null" 1943 1944 A list of ids for Foo objects to permanently delete, or null if no 1945 objects are to be destroyed. 1946 1947 Each creation, modification, or destruction of an object is 1948 considered an atomic unit. It is permissible for the server to 1949 commit changes to some objects but not others; however, it MUST NOT 1950 only commit part of an update to a single record (e.g., update a 1951 "name" property but not a "count" property, if both are supplied in 1952 the update object). 1953 1954 The final state MUST be valid after the "Foo/set" is finished; 1955 however, the server may have to transition through invalid 1956 intermediate states (not exposed to the client) while processing the 1957 individual create/update/destroy requests. For example, suppose 1958 there is a "name" property that must be unique. A single method call 1959 1960 1961 1962Jenkins & Newman Standards Track [Page 35] 1963 1964RFC 8620 JMAP July 2019 1965 1966 1967 could rename an object A => B and simultaneously rename another 1968 object B => A. If the final state is valid, this is allowed. 1969 Otherwise, each creation, modification, or destruction of an object 1970 should be processed sequentially and accepted/rejected based on the 1971 current server state. 1972 1973 If a create, update, or destroy is rejected, the appropriate error 1974 MUST be added to the notCreated/notUpdated/notDestroyed property of 1975 the response, and the server MUST continue to the next create/update/ 1976 destroy. It does not terminate the method. 1977 1978 If an id given cannot be found, the update or destroy MUST be 1979 rejected with a "notFound" set error. 1980 1981 The server MAY skip an update (rejecting it with a "willDestroy" 1982 SetError) if that object is destroyed in the same /set request. 1983 1984 Some records may hold references to other records (foreign keys). 1985 That reference may be set (via create or update) in the same request 1986 as the referenced record is created. To do this, the client refers 1987 to the new record using its creation id prefixed with a "#". The 1988 order of the method calls in the request by the client MUST be such 1989 that the record being referenced is created in the same or an earlier 1990 call. Thus, the server never has to look ahead. Instead, while 1991 processing a request, the server MUST keep a simple map for the 1992 duration of the request of creation id to record id for each newly 1993 created record, so it can substitute in the correct value if 1994 necessary in later method calls. In the case of records with 1995 references to the same type, the server MUST order the creates and 1996 updates within a single method call so that creates happen before 1997 their creation ids are referenced by another create/update/destroy in 1998 the same call. 1999 2000 Creation ids are not scoped by type but are a single map for all 2001 types. A client SHOULD NOT reuse a creation id anywhere in the same 2002 API request. If a creation id is reused, the server MUST map the 2003 creation id to the most recently created item with that id. To allow 2004 easy proxying of API requests, an initial set of creation id to real 2005 id values may be passed with a request (see "The Request Object", 2006 Section 3.3) and the final state of the map passed out with the 2007 response (see "The Response Object", Section 3.4). 2008 2009 The response has the following arguments: 2010 2011 o accountId: "Id" 2012 2013 The id of the account used for the call. 2014 2015 2016 2017 2018Jenkins & Newman Standards Track [Page 36] 2019 2020RFC 8620 JMAP July 2019 2021 2022 2023 o oldState: "String|null" 2024 2025 The state string that would have been returned by "Foo/get" before 2026 making the requested changes, or null if the server doesn't know 2027 what the previous state string was. 2028 2029 o newState: "String" 2030 2031 The state string that will now be returned by "Foo/get". 2032 2033 o created: "Id[Foo]|null" 2034 2035 A map of the creation id to an object containing any properties of 2036 the created Foo object that were not sent by the client. This 2037 includes all server-set properties (such as the "id" in most 2038 object types) and any properties that were omitted by the client 2039 and thus set to a default by the server. 2040 2041 This argument is null if no Foo objects were successfully created. 2042 2043 o updated: "Id[Foo|null]|null" 2044 2045 The keys in this map are the ids of all Foos that were 2046 successfully updated. 2047 2048 The value for each id is a Foo object containing any property that 2049 changed in a way *not* explicitly requested by the PatchObject 2050 sent to the server, or null if none. This lets the client know of 2051 any changes to server-set or computed properties. 2052 2053 This argument is null if no Foo objects were successfully updated. 2054 2055 o destroyed: "Id[]|null" 2056 2057 A list of Foo ids for records that were successfully destroyed, or 2058 null if none. 2059 2060 o notCreated: "Id[SetError]|null" 2061 2062 A map of the creation id to a SetError object for each record that 2063 failed to be created, or null if all successful. 2064 2065 o notUpdated: "Id[SetError]|null" 2066 2067 A map of the Foo id to a SetError object for each record that 2068 failed to be updated, or null if all successful. 2069 2070 2071 2072 2073 2074Jenkins & Newman Standards Track [Page 37] 2075 2076RFC 8620 JMAP July 2019 2077 2078 2079 o notDestroyed: "Id[SetError]|null" 2080 2081 A map of the Foo id to a SetError object for each record that 2082 failed to be destroyed, or null if all successful. 2083 2084 A *SetError* object has the following properties: 2085 2086 o type: "String" 2087 2088 The type of error. 2089 2090 o description: "String|null" 2091 2092 A description of the error to help with debugging that includes an 2093 explanation of what the problem was. This is a non-localised 2094 string and is not intended to be shown directly to end users. 2095 2096 The following SetError types are defined and may be returned for set 2097 operations on any record type where appropriate: 2098 2099 o "forbidden": (create; update; destroy). The create/update/destroy 2100 would violate an ACL or other permissions policy. 2101 2102 o "overQuota": (create; update). The create would exceed a server- 2103 defined limit on the number or total size of objects of this type. 2104 2105 o "tooLarge": (create; update). The create/update would result in 2106 an object that exceeds a server-defined limit for the maximum size 2107 of a single object of this type. 2108 2109 o "rateLimit": (create). Too many objects of this type have been 2110 created recently, and a server-defined rate limit has been 2111 reached. It may work if tried again later. 2112 2113 o "notFound": (update; destroy). The id given to update/destroy 2114 cannot be found. 2115 2116 o "invalidPatch": (update). The PatchObject given to update the 2117 record was not a valid patch (see the patch description). 2118 2119 o "willDestroy": (update). The client requested that an object be 2120 both updated and destroyed in the same /set request, and the 2121 server has decided to therefore ignore the update. 2122 2123 2124 2125 2126 2127 2128 2129 2130Jenkins & Newman Standards Track [Page 38] 2131 2132RFC 8620 JMAP July 2019 2133 2134 2135 o "invalidProperties": (create; update). The record given is 2136 invalid in some way. For example: 2137 2138 * It contains properties that are invalid according to the type 2139 specification of this record type. 2140 2141 * It contains a property that may only be set by the server 2142 (e.g., "id") and is different to the current value. Note, to 2143 allow clients to pass whole objects back, it is not an error to 2144 include a server-set property in an update as long as the value 2145 is identical to the current value on the server. 2146 2147 * There is a reference to another record (foreign key), and the 2148 given id does not correspond to a valid record. 2149 2150 The SetError object SHOULD also have a property called 2151 "properties" of type "String[]" that lists *all* the properties 2152 that were invalid. 2153 2154 Individual methods MAY specify more specific errors for certain 2155 conditions that would otherwise result in an invalidProperties 2156 error. If the condition of one of these is met, it MUST be 2157 returned instead of the invalidProperties error. 2158 2159 o "singleton": (create; destroy). This is a singleton type, so you 2160 cannot create another one or destroy the existing one. 2161 2162 Other possible SetError types MAY be given in specific method 2163 descriptions. Other properties MAY also be present on the SetError 2164 object, as described in the relevant methods. 2165 2166 The following additional errors may be returned instead of the "Foo/ 2167 set" response: 2168 2169 "requestTooLarge": The total number of objects to create, update, or 2170 destroy exceeds the maximum number the server is willing to process 2171 in a single method call. 2172 2173 "stateMismatch": An "ifInState" argument was supplied, and it does 2174 not match the current state. 2175 2176 2177 2178 2179 2180 2181 2182 2183 2184 2185 2186Jenkins & Newman Standards Track [Page 39] 2187 2188RFC 8620 JMAP July 2019 2189 2190 21915.4. /copy 2192 2193 The only way to move Foo records *between* two different accounts is 2194 to copy them using the "Foo/copy" method; once the copy has 2195 succeeded, delete the original. The "onSuccessDestroyOriginal" 2196 argument allows you to try to do this in one method call; however, 2197 note that the two different actions are not atomic, so it is possible 2198 for the copy to succeed but the original not to be destroyed for some 2199 reason. 2200 2201 The copy is conceptually in three phases: 2202 2203 1. Reading the current values from the "from" account. 2204 2205 2. Writing the new copies to the other account. 2206 2207 3. Destroying the originals in the "from" account, if requested. 2208 2209 Data may change in between phases due to concurrent requests. 2210 2211 The "Foo/copy" method takes the following arguments: 2212 2213 o fromAccountId: "Id" 2214 2215 The id of the account to copy records from. 2216 2217 o ifFromInState: "String|null" 2218 2219 This is a state string as returned by the "Foo/get" method. If 2220 supplied, the string must match the current state of the account 2221 referenced by the fromAccountId when reading the data to be 2222 copied; otherwise, the method will be aborted and a 2223 "stateMismatch" error returned. If null, the data will be read 2224 from the current state. 2225 2226 o accountId: "Id" 2227 2228 The id of the account to copy records to. This MUST be different 2229 to the "fromAccountId". 2230 2231 o ifInState: "String|null" 2232 2233 This is a state string as returned by the "Foo/get" method. If 2234 supplied, the string must match the current state of the account 2235 referenced by the accountId; otherwise, the method will be aborted 2236 and a "stateMismatch" error returned. If null, any changes will 2237 be applied to the current state. 2238 2239 2240 2241 2242Jenkins & Newman Standards Track [Page 40] 2243 2244RFC 8620 JMAP July 2019 2245 2246 2247 o create: "Id[Foo]" 2248 2249 A map of the *creation id* to a Foo object. The Foo object MUST 2250 contain an "id" property, which is the id (in the fromAccount) of 2251 the record to be copied. When creating the copy, any other 2252 properties included are used instead of the current value for that 2253 property on the original. 2254 2255 o onSuccessDestroyOriginal: "Boolean" (default: false) 2256 2257 If true, an attempt will be made to destroy the original records 2258 that were successfully copied: after emitting the "Foo/copy" 2259 response, but before processing the next method, the server MUST 2260 make a single call to "Foo/set" to destroy the original of each 2261 successfully copied record; the output of this is added to the 2262 responses as normal, to be returned to the client. 2263 2264 o destroyFromIfInState: "String|null" 2265 2266 This argument is passed on as the "ifInState" argument to the 2267 implicit "Foo/set" call, if made at the end of this request to 2268 destroy the originals that were successfully copied. 2269 2270 Each record copy is considered an atomic unit that may succeed or 2271 fail individually. 2272 2273 The response has the following arguments: 2274 2275 o fromAccountId: "Id" 2276 2277 The id of the account records were copied from. 2278 2279 o accountId: "Id" 2280 2281 The id of the account records were copied to. 2282 2283 o oldState: "String|null" 2284 2285 The state string that would have been returned by "Foo/get" on the 2286 account records that were copied to before making the requested 2287 changes, or null if the server doesn't know what the previous 2288 state string was. 2289 2290 o newState: "String" 2291 2292 The state string that will now be returned by "Foo/get" on the 2293 account records were copied to. 2294 2295 2296 2297 2298Jenkins & Newman Standards Track [Page 41] 2299 2300RFC 8620 JMAP July 2019 2301 2302 2303 o created: "Id[Foo]|null" 2304 2305 A map of the creation id to an object containing any properties of 2306 the copied Foo object that are set by the server (such as the "id" 2307 in most object types; note, the id is likely to be different to 2308 the id of the object in the account it was copied from). 2309 2310 This argument is null if no Foo objects were successfully copied. 2311 2312 o notCreated: "Id[SetError]|null" 2313 2314 A map of the creation id to a SetError object for each record that 2315 failed to be copied, or null if none. 2316 2317 The SetError may be any of the standard set errors returned for a 2318 create or update. In addition, the following SetError is defined: 2319 2320 "alreadyExists": The server forbids duplicates, and the record 2321 already exists in the target account. An "existingId" property of 2322 type "Id" MUST be included on the SetError object with the id of the 2323 existing record. 2324 2325 The following additional errors may be returned instead of the "Foo/ 2326 copy" response: 2327 2328 "fromAccountNotFound": The "fromAccountId" does not correspond to a 2329 valid account. 2330 2331 "fromAccountNotSupportedByMethod": The "fromAccountId" given 2332 corresponds to a valid account, but the account does not support this 2333 data type. 2334 2335 "stateMismatch": An "ifInState" argument was supplied and it does not 2336 match the current state, or an "ifFromInState" argument was supplied 2337 and it does not match the current state in the from account. 2338 23395.5. /query 2340 2341 For data sets where the total amount of data is expected to be very 2342 small, clients can just fetch the complete set of data and then do 2343 any sorting/filtering locally. However, for large data sets (e.g., 2344 multi-gigabyte mailboxes), the client needs to be able to 2345 search/sort/window the data type on the server. 2346 2347 A query on the set of Foos in an account is made by calling "Foo/ 2348 query". This takes a number of arguments to determine which records 2349 to include, how they should be sorted, and which part of the result 2350 2351 2352 2353 2354Jenkins & Newman Standards Track [Page 42] 2355 2356RFC 8620 JMAP July 2019 2357 2358 2359 should be returned (the full list may be *very* long). The result is 2360 returned as a list of Foo ids. 2361 2362 A call to "Foo/query" takes the following arguments: 2363 2364 o accountId: "Id" 2365 2366 The id of the account to use. 2367 2368 o filter: "FilterOperator|FilterCondition|null" 2369 2370 Determines the set of Foos returned in the results. If null, all 2371 objects in the account of this type are included in the results. 2372 A *FilterOperator* object has the following properties: 2373 2374 * operator: "String" 2375 2376 This MUST be one of the following strings: 2377 2378 + "AND": All of the conditions must match for the filter to 2379 match. 2380 2381 + "OR": At least one of the conditions must match for the 2382 filter to match. 2383 2384 + "NOT": None of the conditions must match for the filter to 2385 match. 2386 2387 * conditions: "(FilterOperator|FilterCondition)[]" 2388 2389 The conditions to evaluate against each record. 2390 2391 A *FilterCondition* is an "object" whose allowed properties and 2392 semantics depend on the data type and is defined in the /query 2393 method specification for that type. It MUST NOT have an 2394 "operator" property. 2395 2396 o sort: "Comparator[]|null" 2397 2398 Lists the names of properties to compare between two Foo records, 2399 and how to compare them, to determine which comes first in the 2400 sort. If two Foo records have an identical value for the first 2401 comparator, the next comparator will be considered, and so on. If 2402 all comparators are the same (this includes the case where an 2403 empty array or null is given as the "sort" argument), the sort 2404 order is server dependent, but it MUST be stable between calls to 2405 "Foo/query". A *Comparator* has the following properties: 2406 2407 2408 2409 2410Jenkins & Newman Standards Track [Page 43] 2411 2412RFC 8620 JMAP July 2019 2413 2414 2415 * property: "String" 2416 2417 The name of the property on the Foo objects to compare. 2418 2419 * isAscending: "Boolean" (optional; default: true) 2420 2421 If true, sort in ascending order. If false, reverse the 2422 comparator's results to sort in descending order. 2423 2424 * collation: "String" (optional; default is server-dependent) 2425 2426 The identifier, as registered in the collation registry defined 2427 in [RFC4790], for the algorithm to use when comparing the order 2428 of strings. The algorithms the server supports are advertised 2429 in the capabilities object returned with the Session object 2430 (see Section 2). 2431 2432 If omitted, the default algorithm is server dependent, but: 2433 2434 1. It MUST be unicode-aware. 2435 2436 2. It MAY be selected based on an Accept-Language header in 2437 the request (as defined in [RFC7231], Section 5.3.5) or 2438 out-of-band information about the user's language/locale. 2439 2440 3. It SHOULD be case insensitive where such a concept makes 2441 sense for a language/locale. Where the user's language is 2442 unknown, it is RECOMMENDED to follow the advice in 2443 Section 5.2.3 of [RFC8264]. 2444 2445 The "i;unicode-casemap" collation [RFC5051] and the Unicode 2446 Collation Algorithm (<http://www.unicode.org/reports/tr10/>) 2447 are two examples that fulfil these criterion and provide 2448 reasonable behaviour for a large number of languages. 2449 2450 When the property being compared is not a string, the 2451 "collation" property is ignored, and the following comparison 2452 rules apply based on the type. In ascending order: 2453 2454 + "Boolean": false comes before true. 2455 2456 + "Number": A lower number comes before a higher number. 2457 2458 + "Date"/"UTCDate": The earlier date comes first. 2459 2460 The Comparator object may also have additional properties as 2461 required for specific sort operations defined in a type's /query 2462 method. 2463 2464 2465 2466Jenkins & Newman Standards Track [Page 44] 2467 2468RFC 8620 JMAP July 2019 2469 2470 2471 o position: "Int" (default: 0) 2472 2473 The zero-based index of the first id in the full list of results 2474 to return. 2475 2476 If a negative value is given, it is an offset from the end of the 2477 list. Specifically, the negative value MUST be added to the total 2478 number of results given the filter, and if still negative, it's 2479 clamped to "0". This is now the zero-based index of the first id 2480 to return. 2481 2482 If the index is greater than or equal to the total number of 2483 objects in the results list, then the "ids" array in the response 2484 will be empty, but this is not an error. 2485 2486 o anchor: "Id|null" 2487 2488 A Foo id. If supplied, the "position" argument is ignored. The 2489 index of this id in the results will be used in combination with 2490 the "anchorOffset" argument to determine the index of the first 2491 result to return (see below for more details). 2492 2493 o anchorOffset: "Int" (default: 0) 2494 2495 The index of the first result to return relative to the index of 2496 the anchor, if an anchor is given. This MAY be negative. For 2497 example, "-1" means the Foo immediately preceding the anchor is 2498 the first result in the list returned (see below for more 2499 details). 2500 2501 o limit: "UnsignedInt|null" 2502 2503 The maximum number of results to return. If null, no limit 2504 presumed. The server MAY choose to enforce a maximum "limit" 2505 argument. In this case, if a greater value is given (or if it is 2506 null), the limit is clamped to the maximum; the new limit is 2507 returned with the response so the client is aware. If a negative 2508 value is given, the call MUST be rejected with an 2509 "invalidArguments" error. 2510 2511 o calculateTotal: "Boolean" (default: false) 2512 2513 Does the client wish to know the total number of results in the 2514 query? This may be slow and expensive for servers to calculate, 2515 particularly with complex filters, so clients should take care to 2516 only request the total when needed. 2517 2518 2519 2520 2521 2522Jenkins & Newman Standards Track [Page 45] 2523 2524RFC 8620 JMAP July 2019 2525 2526 2527 If an "anchor" argument is given, the anchor is looked for in the 2528 results after filtering and sorting. If found, the "anchorOffset" is 2529 then added to its index. If the resulting index is now negative, it 2530 is clamped to 0. This index is now used exactly as though it were 2531 supplied as the "position" argument. If the anchor is not found, the 2532 call is rejected with an "anchorNotFound" error. 2533 2534 If an "anchor" is specified, any position argument supplied by the 2535 client MUST be ignored. If no "anchor" is supplied, any 2536 "anchorOffset" argument MUST be ignored. 2537 2538 A client can use "anchor" instead of "position" to find the index of 2539 an id within a large set of results. 2540 2541 The response has the following arguments: 2542 2543 o accountId: "Id" 2544 2545 The id of the account used for the call. 2546 2547 o queryState: "String" 2548 2549 A string encoding the current state of the query on the server. 2550 This string MUST change if the results of the query (i.e., the 2551 matching ids and their sort order) have changed. The queryState 2552 string MAY change if something has changed on the server, which 2553 means the results may have changed but the server doesn't know for 2554 sure. 2555 2556 The queryState string only represents the ordered list of ids that 2557 match the particular query (including its sort/filter). There is 2558 no requirement for it to change if a property on an object 2559 matching the query changes but the query results are unaffected 2560 (indeed, it is more efficient if the queryState string does not 2561 change in this case). The queryState string only has meaning when 2562 compared to future responses to a query with the same type/sort/ 2563 filter or when used with /queryChanges to fetch changes. 2564 2565 Should a client receive back a response with a different 2566 queryState string to a previous call, it MUST either throw away 2567 the currently cached query and fetch it again (note, this does not 2568 require fetching the records again, just the list of ids) or call 2569 "Foo/queryChanges" to get the difference. 2570 2571 2572 2573 2574 2575 2576 2577 2578Jenkins & Newman Standards Track [Page 46] 2579 2580RFC 8620 JMAP July 2019 2581 2582 2583 o canCalculateChanges: "Boolean" 2584 2585 This is true if the server supports calling "Foo/queryChanges" 2586 with these "filter"/"sort" parameters. Note, this does not 2587 guarantee that the "Foo/queryChanges" call will succeed, as it may 2588 only be possible for a limited time afterwards due to server 2589 internal implementation details. 2590 2591 o position: "UnsignedInt" 2592 2593 The zero-based index of the first result in the "ids" array within 2594 the complete list of query results. 2595 2596 o ids: "Id[]" 2597 2598 The list of ids for each Foo in the query results, starting at the 2599 index given by the "position" argument of this response and 2600 continuing until it hits the end of the results or reaches the 2601 "limit" number of ids. If "position" is >= "total", this MUST be 2602 the empty list. 2603 2604 o total: "UnsignedInt" (only if requested) 2605 2606 The total number of Foos in the results (given the "filter"). 2607 This argument MUST be omitted if the "calculateTotal" request 2608 argument is not true. 2609 2610 o limit: "UnsignedInt" (if set by the server) 2611 2612 The limit enforced by the server on the maximum number of results 2613 to return. This is only returned if the server set a limit or 2614 used a different limit than that given in the request. 2615 2616 The following additional errors may be returned instead of the "Foo/ 2617 query" response: 2618 2619 "anchorNotFound": An anchor argument was supplied, but it cannot be 2620 found in the results of the query. 2621 2622 "unsupportedSort": The "sort" is syntactically valid, but it includes 2623 a property the server does not support sorting on or a collation 2624 method it does not recognise. 2625 2626 "unsupportedFilter": The "filter" is syntactically valid, but the 2627 server cannot process it. If the filter was the result of a user's 2628 search input, the client SHOULD suggest that the user simplify their 2629 search. 2630 2631 2632 2633 2634Jenkins & Newman Standards Track [Page 47] 2635 2636RFC 8620 JMAP July 2019 2637 2638 26395.6. /queryChanges 2640 2641 The "Foo/queryChanges" method allows a client to efficiently update 2642 the state of a cached query to match the new state on the server. It 2643 takes the following arguments: 2644 2645 o accountId: "Id" 2646 2647 The id of the account to use. 2648 2649 o filter: "FilterOperator|FilterCondition|null" 2650 2651 The filter argument that was used with "Foo/query". 2652 2653 o sort: "Comparator[]|null" 2654 2655 The sort argument that was used with "Foo/query". 2656 2657 o sinceQueryState: "String" 2658 2659 The current state of the query in the client. This is the string 2660 that was returned as the "queryState" argument in the "Foo/query" 2661 response with the same sort/filter. The server will return the 2662 changes made to the query since this state. 2663 2664 o maxChanges: "UnsignedInt|null" 2665 2666 The maximum number of changes to return in the response. See 2667 error descriptions below for more details. 2668 2669 o upToId: "Id|null" 2670 2671 The last (highest-index) id the client currently has cached from 2672 the query results. When there are a large number of results, in a 2673 common case, the client may have only downloaded and cached a 2674 small subset from the beginning of the results. If the sort and 2675 filter are both only on immutable properties, this allows the 2676 server to omit changes after this point in the results, which can 2677 significantly increase efficiency. If they are not immutable, 2678 this argument is ignored. 2679 2680 o calculateTotal: "Boolean" (default: false) 2681 2682 Does the client wish to know the total number of results now in 2683 the query? This may be slow and expensive for servers to 2684 calculate, particularly with complex filters, so clients should 2685 take care to only request the total when needed. 2686 2687 2688 2689 2690Jenkins & Newman Standards Track [Page 48] 2691 2692RFC 8620 JMAP July 2019 2693 2694 2695 The response has the following arguments: 2696 2697 o accountId: "Id" 2698 2699 The id of the account used for the call. 2700 2701 o oldQueryState: "String" 2702 2703 This is the "sinceQueryState" argument echoed back; that is, the 2704 state from which the server is returning changes. 2705 2706 o newQueryState: "String" 2707 2708 This is the state the query will be in after applying the set of 2709 changes to the old state. 2710 2711 o total: "UnsignedInt" (only if requested) 2712 2713 The total number of Foos in the results (given the "filter"). 2714 This argument MUST be omitted if the "calculateTotal" request 2715 argument is not true. 2716 2717 o removed: "Id[]" 2718 2719 The "id" for every Foo that was in the query results in the old 2720 state and that is not in the results in the new state. 2721 2722 If the server cannot calculate this exactly, the server MAY return 2723 the ids of extra Foos in addition that may have been in the old 2724 results but are not in the new results. 2725 2726 If the sort and filter are both only on immutable properties and 2727 an "upToId" is supplied and exists in the results, any ids that 2728 were removed but have a higher index than "upToId" SHOULD be 2729 omitted. 2730 2731 If the "filter" or "sort" includes a mutable property, the server 2732 MUST include all Foos in the current results for which this 2733 property may have changed. The position of these may have moved 2734 in the results, so they must be reinserted by the client to ensure 2735 its query cache is correct. 2736 2737 2738 2739 2740 2741 2742 2743 2744 2745 2746Jenkins & Newman Standards Track [Page 49] 2747 2748RFC 8620 JMAP July 2019 2749 2750 2751 o added: "AddedItem[]" 2752 2753 The id and index in the query results (in the new state) for every 2754 Foo that has been added to the results since the old state AND 2755 every Foo in the current results that was included in the 2756 "removed" array (due to a filter or sort based upon a mutable 2757 property). 2758 2759 If the sort and filter are both only on immutable properties and 2760 an "upToId" is supplied and exists in the results, any ids that 2761 were added but have a higher index than "upToId" SHOULD be 2762 omitted. 2763 2764 The array MUST be sorted in order of index, with the lowest index 2765 first. 2766 2767 An *AddedItem* object has the following properties: 2768 2769 * id: "Id" 2770 2771 * index: "UnsignedInt" 2772 2773 The result of this is that if the client has a cached sparse array of 2774 Foo ids corresponding to the results in the old state, then: 2775 2776 fooIds = [ "id1", "id2", null, null, "id3", "id4", null, null, null ] 2777 2778 If it *splices out* all ids in the removed array that it has in its 2779 cached results, then: 2780 2781 removed = [ "id2", "id31", ... ]; 2782 fooIds => [ "id1", null, null, "id3", "id4", null, null, null ] 2783 2784 and *splices in* (one by one in order, starting with the lowest 2785 index) all of the ids in the added array: 2786 2787 added = [{ id: "id5", index: 0, ... }]; 2788 fooIds => [ "id5", "id1", null, null, "id3", "id4", null, null, null ] 2789 2790 and *truncates* or *extends* to the new total length, then the 2791 results will now be in the new state. 2792 2793 Note: splicing in adds the item at the given index, incrementing the 2794 index of all items previously at that or a higher index. Splicing 2795 out is the inverse, removing the item and decrementing the index of 2796 every item after it in the array. 2797 2798 2799 2800 2801 2802Jenkins & Newman Standards Track [Page 50] 2803 2804RFC 8620 JMAP July 2019 2805 2806 2807 The following additional errors may be returned instead of the "Foo/ 2808 queryChanges" response: 2809 2810 "tooManyChanges": There are more changes than the client's 2811 "maxChanges" argument. Each item in the removed or added array is 2812 considered to be one change. The client may retry with higher max 2813 changes or invalidate its cache of the query results. 2814 2815 "cannotCalculateChanges": The server cannot calculate the changes 2816 from the queryState string given by the client, usually due to the 2817 client's state being too old. The client MUST invalidate its cache 2818 of the query results. 2819 28205.7. Examples 2821 2822 Suppose we have a type *Todo* with the following properties: 2823 2824 o id: "Id" (immutable; server-set) 2825 2826 The id of the object. 2827 2828 o title: "String" 2829 2830 A brief summary of what is to be done. 2831 2832 o keywords: "String[Boolean]" (default: {}) 2833 2834 A set of keywords that apply to the Todo. The set is represented 2835 as an object, with the keys being the "keywords". The value for 2836 each key in the object MUST be true. (This format allows you to 2837 update an individual key using patch syntax rather than having to 2838 update the whole set of keywords as one, which a "String[]" 2839 representation would require.) 2840 2841 o neuralNetworkTimeEstimation: "Number" (server-set) 2842 2843 The title and keywords are fed into the server's state-of-the-art 2844 neural network to get an estimation of how long this Todo will 2845 take, in seconds. 2846 2847 o subTodoIds: "Id[]|null" 2848 2849 The ids of a list of other Todos to complete as part of this Todo. 2850 2851 Suppose also that all the standard methods are defined for this type 2852 and the FilterCondition object supports a "hasKeyword" property to 2853 match Todos with the given keyword. 2854 2855 2856 2857 2858Jenkins & Newman Standards Track [Page 51] 2859 2860RFC 8620 JMAP July 2019 2861 2862 2863 A client might want to display the list of Todos with either a 2864 "music" keyword or a "video" keyword, so it makes the following 2865 method call: 2866 2867 [[ "Todo/query", { 2868 "accountId": "x", 2869 "filter": { 2870 "operator": "OR", 2871 "conditions": [ 2872 { "hasKeyword": "music" }, 2873 { "hasKeyword": "video" } 2874 ] 2875 }, 2876 "sort": [{ "property": "title" }], 2877 "position": 0, 2878 "limit": 10 2879 }, "0" ], 2880 [ "Todo/get", { 2881 "accountId": "x", 2882 "#ids": { 2883 "resultOf": "0", 2884 "name": "Todo/query", 2885 "path": "/ids" 2886 } 2887 }, "1" ]] 2888 2889 2890 2891 2892 2893 2894 2895 2896 2897 2898 2899 2900 2901 2902 2903 2904 2905 2906 2907 2908 2909 2910 2911 2912 2913 2914Jenkins & Newman Standards Track [Page 52] 2915 2916RFC 8620 JMAP July 2019 2917 2918 2919 This would query the server for the set of Todos with a keyword of 2920 either "music" or "video", sorted by title, and limited to the first 2921 10 results. It fetches the full object for each of these Todos using 2922 back-references to reference the result of the query. The response 2923 might look something like: 2924 2925 [[ "Todo/query", { 2926 "accountId": "x", 2927 "queryState": "y13213", 2928 "canCalculateChanges": true, 2929 "position": 0, 2930 "ids": [ "a", "b", "c", "d", "e", "f", "g", "h", "i", "j" ] 2931 }, "0" ], 2932 [ "Todo/get", { 2933 "accountId": "x", 2934 "state": "10324", 2935 "list": [{ 2936 "id": "a", 2937 "title": "Practise Piano", 2938 "keywords": { 2939 "music": true, 2940 "beethoven": true, 2941 "mozart": true, 2942 "liszt": true, 2943 "rachmaninov": true 2944 }, 2945 "neuralNetworkTimeEstimation": 3600 2946 }, { 2947 "id": "b", 2948 "title": "Watch Daft Punk music video", 2949 "keywords": { 2950 "music": true, 2951 "video": true, 2952 "trance": true 2953 }, 2954 "neuralNetworkTimeEstimation": 18000 2955 }, 2956 ... 2957 ] 2958 }, "1" ]] 2959 2960 2961 2962 2963 2964 2965 2966 2967 2968 2969 2970Jenkins & Newman Standards Track [Page 53] 2971 2972RFC 8620 JMAP July 2019 2973 2974 2975 Now, suppose the user adds a keyword "chopin" and removes the keyword 2976 "mozart" from the "Practise Piano" task. The client may send the 2977 whole object to the server, as this is a valid PatchObject: 2978 2979 [[ "Todo/set", { 2980 "accountId": "x", 2981 "ifInState": "10324", 2982 "update": { 2983 "a": { 2984 "id": "a", 2985 "title": "Practise Piano", 2986 "keywords": { 2987 "music": true, 2988 "beethoven": true, 2989 "chopin": true, 2990 "liszt": true, 2991 "rachmaninov": true 2992 }, 2993 "neuralNetworkTimeEstimation": 360 2994 } 2995 } 2996 }, "0" ]] 2997 2998 or it may send a minimal patch: 2999 3000 [[ "Todo/set", { 3001 "accountId": "x", 3002 "ifInState": "10324", 3003 "update": { 3004 "a": { 3005 "keywords/chopin": true, 3006 "keywords/mozart": null 3007 } 3008 } 3009 }, "0" ]] 3010 3011 3012 3013 3014 3015 3016 3017 3018 3019 3020 3021 3022 3023 3024 3025 3026Jenkins & Newman Standards Track [Page 54] 3027 3028RFC 8620 JMAP July 2019 3029 3030 3031 The effect is exactly the same on the server in either case, and 3032 presuming the server is still in state "10324", it will probably 3033 return success: 3034 3035 [[ "Todo/set", { 3036 "accountId": "x", 3037 "oldState": "10324", 3038 "newState": "10329", 3039 "updated": { 3040 "a": { 3041 "neuralNetworkTimeEstimation": 5400 3042 } 3043 } 3044 }, "0" ]] 3045 3046 The server changed the "neuralNetworkTimeEstimation" property on the 3047 object as part of this change; as this changed in a way *not* 3048 explicitly requested by the PatchObject sent to the server, it is 3049 returned with the "updated" confirmation. 3050 3051 Let us now add a sub-Todo to our new "Practise Piano" Todo. In this 3052 example, we can see the use of a reference to a creation id to allow 3053 us to set a foreign key reference to a record created in the same 3054 request: 3055 3056 [[ "Todo/set", { 3057 "accountId": "x", 3058 "create": { 3059 "k15": { 3060 "title": "Warm up with scales" 3061 } 3062 }, 3063 "update": { 3064 "a": { 3065 "subTodoIds": [ "#k15" ] 3066 } 3067 } 3068 }, "0" ]] 3069 3070 3071 3072 3073 3074 3075 3076 3077 3078 3079 3080 3081 3082Jenkins & Newman Standards Track [Page 55] 3083 3084RFC 8620 JMAP July 2019 3085 3086 3087 Now, suppose another user deleted the "Listen to Daft Punk" Todo. 3088 The first user will receive a push notification (see Section 7) with 3089 the changed state string for the "Todo" type. Since the new string 3090 does not match its current state, it knows it needs to check for 3091 updates. It may make a request like: 3092 3093 [[ "Todo/changes", { 3094 "accountId": "x", 3095 "sinceState": "10324", 3096 "maxChanges": 50 3097 }, "0" ], 3098 [ "Todo/queryChanges", { 3099 "accountId": "x", 3100 "filter": { 3101 "operator": "OR", 3102 "conditions": [ 3103 { "hasKeyword": "music" }, 3104 { "hasKeyword": "video" } 3105 ] 3106 }, 3107 "sort": [{ "property": "title" }], 3108 "sinceQueryState": "y13213", 3109 "maxChanges": 50 3110 }, "1" ]] 3111 3112 and receive in response: 3113 3114 [[ "Todo/changes", { 3115 "accountId": "x", 3116 "oldState": "10324", 3117 "newState": "871903", 3118 "hasMoreChanges": false, 3119 "created": [], 3120 "updated": [], 3121 "destroyed": ["b"] 3122 }, "0" ], 3123 [ "Todo/queryChanges", { 3124 "accountId": "x", 3125 "oldQueryState": "y13213", 3126 "newQueryState": "y13218", 3127 "removed": ["b"], 3128 "added": null 3129 }, "1" ]] 3130 3131 3132 3133 3134 3135 3136 3137 3138Jenkins & Newman Standards Track [Page 56] 3139 3140RFC 8620 JMAP July 2019 3141 3142 3143 Suppose the user has access to another account "y", for example, a 3144 team account shared between multiple users. To move an existing Todo 3145 from account "x", the client would call: 3146 3147 [[ "Todo/copy", { 3148 "fromAccountId": "x", 3149 "accountId": "y", 3150 "create": { 3151 "k5122": { 3152 "id": "a" 3153 } 3154 }, 3155 "onSuccessDestroyOriginal": true 3156 }, "0" ]] 3157 3158 The server successfully copies the Todo to a new account (where it 3159 receives a new id) and deletes the original. Due to the implicit 3160 call to "Todo/set", there are two responses to the single method 3161 call, both with the same method call id: 3162 3163 [[ "Todo/copy", { 3164 "fromAccountId": "x", 3165 "accountId": "y", 3166 "created": { 3167 "k5122": { 3168 "id": "DAf97" 3169 } 3170 }, 3171 "oldState": "c1d64ecb038c", 3172 "newState": "33844835152b" 3173 }, "0" ], 3174 [ "Todo/set", { 3175 "accountId": "x", 3176 "oldState": "871903", 3177 "newState": "871909", 3178 "destroyed": [ "a" ], 3179 ... 3180 }, "0" ]] 3181 3182 3183 3184 3185 3186 3187 3188 3189 3190 3191 3192 3193 3194Jenkins & Newman Standards Track [Page 57] 3195 3196RFC 8620 JMAP July 2019 3197 3198 31995.8. Proxy Considerations 3200 3201 JMAP has been designed to allow an API endpoint to easily proxy 3202 through to one or more JMAP servers. This may be useful for load 3203 balancing, augmenting capabilities, or presenting a single endpoint 3204 to accounts hosted on different JMAP servers (splitting the request 3205 based on each method's "accountId" argument). The proxy need only 3206 understand the general structure of a JMAP Request object; it does 3207 not need to know anything specifically about the methods and 3208 arguments it will pass through to other servers. 3209 3210 If splitting up the methods in a request to call them on different 3211 backend servers, the proxy must do two things to ensure back- 3212 references and creation-id references resolve the same as if the 3213 entire request were processed on a single server: 3214 3215 1. It must pass a "createdIds" property with each subrequest. If 3216 this is not given by the client, an empty object should be used 3217 for the first subrequest. The "createdIds" property of each 3218 subresponse should be passed on in the next subrequest. 3219 3220 2. It must resolve back-references to previous method results that 3221 were processed on a different server. This is a relatively 3222 simple syntactic substitution, described in Section 3.7. 3223 3224 When splitting a request based on accountId, proxy implementors do 3225 need to be aware of "/copy" methods that copy between accounts. If 3226 the accounts are on different servers, the proxy will have to 3227 implement this functionality directly. 3228 32296. Binary Data 3230 3231 Binary data is referenced by a *blobId* in JMAP and uploaded/ 3232 downloaded separately to the core API. The blobId solely represents 3233 the raw bytes of data, not any associated metadata such as a file 3234 name or content type. Such metadata is stored alongside the blobId 3235 in the object referencing it. The data represented by a blobId is 3236 immutable. 3237 3238 Any blobId that exists within an account may be used when creating/ 3239 updating another object in that account. For example, an Email type 3240 may have a blobId that represents the object in Internet Message 3241 Format [RFC5322]. A client could create a new Email object with an 3242 attachment and use this blobId, in effect attaching the old message 3243 to the new one. Similarly, it could attach any existing attachment 3244 of an old message without having to download and upload it again. 3245 3246 3247 3248 3249 3250Jenkins & Newman Standards Track [Page 58] 3251 3252RFC 8620 JMAP July 2019 3253 3254 3255 When the client uses a blobId in a create/update, the server MAY 3256 assign a new blobId to refer to the same binary data within the new/ 3257 updated object. If it does so, it MUST return any properties that 3258 contain a changed blobId in the created/updated response, so the 3259 client gets the new ids. 3260 3261 A blob that is not referenced by a JMAP object (e.g., as a message 3262 attachment) MAY be deleted by the server to free up resources. 3263 Uploads (see below) are initially unreferenced blobs. To ensure 3264 interoperability: 3265 3266 o The server SHOULD use a separate quota for unreferenced blobs to 3267 the account's usual quota. In the case of shared accounts, this 3268 quota SHOULD be separate per user. 3269 3270 o This quota SHOULD be at least the maximum total size that a single 3271 object can reference on this server. For example, if supporting 3272 JMAP Mail, this should be at least the maximum total attachments 3273 size for a message. 3274 3275 o When an upload would take the user over quota, the server MUST 3276 delete unreferenced blobs in date order, oldest first, until there 3277 is room for the new blob. 3278 3279 o Except where quota restrictions force early deletion, an 3280 unreferenced blob MUST NOT be deleted for at least 1 hour from the 3281 time of upload; if reuploaded, the same blobId MAY be returned, 3282 but this SHOULD reset the expiry time. 3283 3284 o A blob MUST NOT be deleted during the method call that removed the 3285 last reference, so that a client can issue a create and a destroy 3286 that both reference the blob within the same method call. 3287 32886.1. Uploading Binary Data 3289 3290 There is a single endpoint that handles all file uploads for an 3291 account, regardless of what they are to be used for. The Session 3292 object (see Section 2) has an "uploadUrl" property in URI Template 3293 (level 1) format [RFC6570], which MUST contain a variable called 3294 "accountId". The client may use this template in combination with an 3295 "accountId" to get the URL of the file upload resource. 3296 3297 To upload a file, the client submits an authenticated POST request to 3298 the file upload resource. 3299 3300 3301 3302 3303 3304 3305 3306Jenkins & Newman Standards Track [Page 59] 3307 3308RFC 8620 JMAP July 2019 3309 3310 3311 A successful request MUST return a single JSON object with the 3312 following properties as the response: 3313 3314 o accountId: "Id" 3315 3316 The id of the account used for the call. 3317 3318 o blobId: "Id" 3319 3320 The id representing the binary data uploaded. The data for this 3321 id is immutable. The id *only* refers to the binary data, not any 3322 metadata. 3323 3324 o type: "String" 3325 3326 The media type of the file (as specified in [RFC6838], 3327 Section 4.2) as set in the Content-Type header of the upload HTTP 3328 request. 3329 3330 o size: "UnsignedInt" 3331 3332 The size of the file in octets. 3333 3334 If identical binary content to an existing blob in the account is 3335 uploaded, the existing blobId MAY be returned. 3336 3337 Clients should use the blobId returned in a timely manner. Under 3338 rare circumstances, the server may have deleted the blob before the 3339 client uses it; the client should keep a reference to the local file 3340 so it can upload it again in such a situation. 3341 3342 When an HTTP error response is returned to the client, the server 3343 SHOULD return a JSON "problem details" object as the response body, 3344 as per [RFC7807]. 3345 3346 As access controls are often determined by the object holding the 3347 reference to a blob, unreferenced blobs MUST only be accessible to 3348 the uploader, even in shared accounts. 3349 33506.2. Downloading Binary Data 3351 3352 The Session object (see Section 2) has a "downloadUrl" property, 3353 which is in URI Template (level 1) format [RFC6570]. The URL MUST 3354 contain variables called "accountId", "blobId", "type", and "name". 3355 3356 3357 3358 3359 3360 3361 3362Jenkins & Newman Standards Track [Page 60] 3363 3364RFC 8620 JMAP July 2019 3365 3366 3367 To download a file, the client makes an authenticated GET request to 3368 the download URL with the appropriate variables substituted in: 3369 3370 o "accountId": The id of the account to which the record with the 3371 blobId belongs. 3372 3373 o "blobId": The blobId representing the data of the file to 3374 download. 3375 3376 o "type": The type for the server to set in the "Content-Type" 3377 header of the response; the blobId only represents the binary data 3378 and does not have a content-type innately associated with it. 3379 3380 o "name": The name for the file; the server MUST return this as the 3381 filename if it sets a "Content-Disposition" header. 3382 3383 As the data for a particular blobId is immutable, and thus the 3384 response in the generated download URL is too, implementors are 3385 recommended to set long cache times and use the "immutable" Cache- 3386 Control extension [RFC8246] for successful responses, for example, 3387 "Cache-Control: private, immutable, max-age=31536000". 3388 3389 When an HTTP error response is returned to the client, the server 3390 SHOULD return a JSON "problem details" object as the response body, 3391 as per [RFC7807]. 3392 33936.3. Blob/copy 3394 3395 Binary data may be copied *between* two different accounts using the 3396 "Blob/copy" method rather than having to download and then reupload 3397 on the client. 3398 3399 The "Blob/copy" method takes the following arguments: 3400 3401 o fromAccountId: "Id" 3402 3403 The id of the account to copy blobs from. 3404 3405 o accountId: "Id" 3406 3407 The id of the account to copy blobs to. 3408 3409 o blobIds: "Id[]" 3410 3411 A list of ids of blobs to copy to the other account. 3412 3413 3414 3415 3416 3417 3418Jenkins & Newman Standards Track [Page 61] 3419 3420RFC 8620 JMAP July 2019 3421 3422 3423 The response has the following arguments: 3424 3425 o fromAccountId: "Id" 3426 3427 The id of the account blobs were copied from. 3428 3429 o accountId: "Id" 3430 3431 The id of the account blobs were copied to. 3432 3433 o copied: "Id[Id]|null" 3434 3435 A map of the blobId in the fromAccount to the id for the blob in 3436 the account it was copied to, or null if none were successfully 3437 copied. 3438 3439 o notCopied: "Id[SetError]|null" 3440 3441 A map of blobId to a SetError object for each blob that failed to 3442 be copied, or null if none. 3443 3444 The SetError may be any of the standard set errors that may be 3445 returned for a create, as defined in Section 5.3. In addition, the 3446 "notFound" SetError error may be returned if the blobId to be copied 3447 cannot be found. 3448 3449 The following additional method-level error may be returned instead 3450 of the "Blob/copy" response: 3451 3452 "fromAccountNotFound": The "fromAccountId" included with the request 3453 does not correspond to a valid account. 3454 34557. Push 3456 3457 Push notifications allow clients to efficiently update (almost) 3458 instantly to stay in sync with data changes on the server. The 3459 general model for push is simple and sends minimal data over the push 3460 channel: just enough for the client to know whether it needs to 3461 resync. The format allows multiple changes to be coalesced into a 3462 single push update and the frequency of pushes to be rate limited by 3463 the server. It doesn't matter if some push events are dropped before 3464 they reach the client; the next time it gets/sets any records of a 3465 changed type, it will discover the data has changed and still sync 3466 all changes. 3467 3468 3469 3470 3471 3472 3473 3474Jenkins & Newman Standards Track [Page 62] 3475 3476RFC 8620 JMAP July 2019 3477 3478 3479 There are two different mechanisms by which a client can receive push 3480 notifications, to allow for the different environments in which a 3481 client may exist. An event source resource (see Section 7.3) allows 3482 clients that can hold transport connections open to receive push 3483 notifications directly from the JMAP server. This is simple and 3484 avoids third parties, but it is often not feasible on constrained 3485 platforms such as mobile devices. Alternatively, clients can make 3486 use of any push service supported by their environment. A URL for 3487 the push service is registered with the JMAP server (see 3488 Section 7.2); the server then POSTs each notification to that URL. 3489 The push service is then responsible for routing these to the client. 3490 34917.1. The StateChange Object 3492 3493 When something changes on the server, the server pushes a StateChange 3494 object to the client. A *StateChange* object has the following 3495 properties: 3496 3497 o @type: "String" 3498 3499 This MUST be the string "StateChange". 3500 3501 o changed: "Id[TypeState]" 3502 3503 A map of an "account id" to an object encoding the state of data 3504 types that have changed for that account since the last 3505 StateChange object was pushed, for each of the accounts to which 3506 the user has access and for which something has changed. 3507 3508 A *TypeState* object is a map. The keys are the type name "Foo" 3509 (e.g., "Mailbox" or "Email"), and the value is the "state" 3510 property that would currently be returned by a call to "Foo/get". 3511 3512 The client can compare the new state strings with its current 3513 values to see whether it has the current data for these types. If 3514 not, the changes can then be efficiently fetched in a single 3515 standard API request (using the /changes type methods). 3516 3517 3518 3519 3520 3521 3522 3523 3524 3525 3526 3527 3528 3529 3530Jenkins & Newman Standards Track [Page 63] 3531 3532RFC 8620 JMAP July 2019 3533 3534 35357.1.1. Example 3536 3537 In this example, the server has amalgamated a few changes together 3538 across two different accounts the user has access to, before pushing 3539 the following StateChange object to the client: 3540 3541 { 3542 "@type": "StateChange", 3543 "changed": { 3544 "a3123": { 3545 "Email": "d35ecb040aab", 3546 "EmailDelivery": "428d565f2440", 3547 "CalendarEvent": "87accfac587a" 3548 }, 3549 "a43461d": { 3550 "Mailbox": "0af7a512ce70", 3551 "CalendarEvent": "7a4297cecd76" 3552 } 3553 } 3554 } 3555 3556 The client can compare the state strings with its current state for 3557 the Email, CalendarEvent, etc., object types in the appropriate 3558 accounts to see if it needs to fetch changes. 3559 3560 If the client is itself making changes, it may receive a StateChange 3561 object while the /set API call is in flight. It can wait until the 3562 call completes and then compare if the new state string after the 3563 /set is the same as was pushed in the StateChange object; if so, and 3564 the old state of the /set response matches the client's previous 3565 state, it does not need to waste a request asking for changes it 3566 already knows. 3567 35687.2. PushSubscription 3569 3570 Clients may create a PushSubscription to register a URL with the JMAP 3571 server. The JMAP server will then make an HTTP POST request to this 3572 URL for each push notification it wishes to send to the client. 3573 3574 As a push subscription causes the JMAP server to make a number of 3575 requests to a previously unknown endpoint, it can be used as a vector 3576 for launching a denial-of-service attack. To prevent this, when a 3577 subscription is created, the JMAP server immediately sends a 3578 PushVerification object to that URL (see Section 7.2.2). The JMAP 3579 server MUST NOT make any further requests to the URL until the client 3580 receives the push and updates the subscription with the correct 3581 verification code. 3582 3583 3584 3585 3586Jenkins & Newman Standards Track [Page 64] 3587 3588RFC 8620 JMAP July 2019 3589 3590 3591 A *PushSubscription* object has the following properties: 3592 3593 o id: "Id" (immutable; server-set) 3594 3595 The id of the push subscription. 3596 3597 o deviceClientId: "String" (immutable) 3598 3599 An id that uniquely identifies the client + device it is running 3600 on. The purpose of this is to allow clients to identify which 3601 PushSubscription objects they created even if they lose their 3602 local state, so they can revoke or update them. This string MUST 3603 be different on different devices and be different from apps from 3604 other vendors. It SHOULD be easy to regenerate and not depend on 3605 persisted state. It is RECOMMENDED to use a secure hash of a 3606 string that contains: 3607 3608 1. A unique identifier associated with the device where the JMAP 3609 client is running, normally supplied by the device's operating 3610 system. 3611 3612 2. A custom vendor/app id, including a domain controlled by the 3613 vendor of the JMAP client. 3614 3615 To protect the privacy of the user, the deviceClientId id MUST NOT 3616 contain an unobfuscated device id. 3617 3618 o url: "String" (immutable) 3619 3620 An absolute URL where the JMAP server will POST the data for the 3621 push message. This MUST begin with "https://". 3622 3623 o keys: "Object|null" (immutable) 3624 3625 Client-generated encryption keys. If supplied, the server MUST 3626 use them as specified in [RFC8291] to encrypt all data sent to the 3627 push subscription. The object MUST have the following properties: 3628 3629 * p256dh: "String" 3630 3631 The P-256 Elliptic Curve Diffie-Hellman (ECDH) public key as 3632 described in [RFC8291], encoded in URL-safe base64 3633 representation as defined in [RFC4648]. 3634 3635 * auth: "String" 3636 3637 The authentication secret as described in [RFC8291], encoded in 3638 URL-safe base64 representation as defined in [RFC4648]. 3639 3640 3641 3642Jenkins & Newman Standards Track [Page 65] 3643 3644RFC 8620 JMAP July 2019 3645 3646 3647 o verificationCode: "String|null" 3648 3649 This MUST be null (or omitted) when the subscription is created. 3650 The JMAP server then generates a verification code and sends it in 3651 a push message, and the client updates the PushSubscription object 3652 with the code; see Section 7.2.2 for details. 3653 3654 o expires: "UTCDate|null" 3655 3656 The time this push subscription expires. If specified, the JMAP 3657 server MUST NOT make further requests to this resource after this 3658 time. It MAY automatically destroy the push subscription at or 3659 after this time. 3660 3661 The server MAY choose to set an expiry if none is given by the 3662 client or modify the expiry time given by the client to a shorter 3663 duration. 3664 3665 o types: "String[]|null" 3666 3667 A list of types the client is interested in (using the same names 3668 as the keys in the TypeState object defined in the previous 3669 section). A StateChange notification will only be sent if the 3670 data for one of these types changes. Other types are omitted from 3671 the TypeState object. If null, changes will be pushed for all 3672 types. 3673 3674 The POST request MUST have a content type of "application/json" and 3675 contain the UTF-8 JSON-encoded object as the body. The request MUST 3676 have a "TTL" header and MAY have "Urgency" and/or "Topic" headers, as 3677 specified in Section 5 of [RFC8030]. The JMAP server is expected to 3678 understand and handle HTTP status responses in a reasonable manner. 3679 A "429" (Too Many Requests) response MUST cause the JMAP server to 3680 reduce the frequency of pushes; the JMAP push structure allows 3681 multiple changes to be coalesced into a single minimal StateChange 3682 object. See the security considerations in Section 8.6 for a 3683 discussion of the risks in connecting to unknown servers. 3684 3685 The JMAP server acts as an application server as defined in 3686 [RFC8030]. A client MAY use the rest of [RFC8030] in combination 3687 with its own push service to form a complete end-to-end solution, or 3688 it MAY rely on alternative mechanisms to ensure the delivery of the 3689 pushed data after it leaves the JMAP server. 3690 3691 The push subscription is tied to the credentials used to authenticate 3692 the API request that created it. Should these credentials expire or 3693 be revoked, the push subscription MUST be destroyed by the JMAP 3694 3695 3696 3697 3698Jenkins & Newman Standards Track [Page 66] 3699 3700RFC 8620 JMAP July 2019 3701 3702 3703 server. Only subscriptions created by these credentials are returned 3704 when the client fetches existing subscriptions. 3705 3706 When these credentials have their own expiry (i.e., it is a session 3707 with a timeout), the server SHOULD NOT set or bound the expiry time 3708 for the push subscription given by the client but MUST expire it when 3709 the session expires. 3710 3711 When these credentials are not time bounded (e.g., Basic 3712 authentication [RFC7617]), the server SHOULD set an expiry time for 3713 the push subscription if none is given and limit the expiry time if 3714 set too far in the future. This maximum expiry time MUST be at least 3715 48 hours in the future and SHOULD be at least 7 days in the future. 3716 An app running on a mobile device may only be able to refresh the 3717 push subscription lifetime when it is in the foreground, so this 3718 gives a reasonable time frame to allow this to happen. 3719 3720 In the case of separate access and refresh credentials, as in Oauth 3721 2.0 [RFC6749], the server SHOULD tie the push subscription to the 3722 validity of the refresh token rather than the access token and behave 3723 according to whether this is time-limited or not. 3724 3725 When a push subscription is destroyed, the server MUST securely erase 3726 the URL and encryption keys from memory and storage as soon as 3727 possible. 3728 37297.2.1. PushSubscription/get 3730 3731 Standard /get method as described in Section 5.1, except it does 3732 *not* take or return an "accountId" argument, as push subscriptions 3733 are not tied to specific accounts. It also does *not* return a 3734 "state" argument. The "ids" argument may be null to fetch all at 3735 once. 3736 3737 The server MUST only return push subscriptions that were created 3738 using the same authentication credentials as for this 3739 "PushSubscription/get" request. 3740 3741 As the "url" and "keys" properties may contain data that is private 3742 to a particular device, the values for these properties MUST NOT be 3743 returned. If the "properties" argument is null or omitted, the 3744 server MUST default to all properties excluding these two. If one of 3745 them is explicitly requested, the method call MUST be rejected with a 3746 "forbidden" error. 3747 3748 3749 3750 3751 3752 3753 3754Jenkins & Newman Standards Track [Page 67] 3755 3756RFC 8620 JMAP July 2019 3757 3758 37597.2.2. PushSubscription/set 3760 3761 Standard /set method as described in Section 5.3, except it does 3762 *not* take or return an "accountId" argument, as push subscriptions 3763 are not tied to specific accounts. It also does *not* take an 3764 "ifInState" argument or return "oldState" or "newState" arguments. 3765 3766 The "url" and "keys" properties are immutable; if the client wishes 3767 to change these, it must destroy the current push subscription and 3768 create a new one. 3769 3770 When a PushSubscription is created, the server MUST immediately push 3771 a *PushVerification* object to the URL. It has the following 3772 properties: 3773 3774 o @type: "String" 3775 3776 This MUST be the string "PushVerification". 3777 3778 o pushSubscriptionId: "String" 3779 3780 The id of the push subscription that was created. 3781 3782 o verificationCode: "String" 3783 3784 The verification code to add to the push subscription. This MUST 3785 contain sufficient entropy to avoid the client being able to guess 3786 the code via brute force. 3787 3788 The client MUST update the push subscription with the correct 3789 verification code before the server makes any further requests to the 3790 subscription's URL. Attempts to update the subscription with an 3791 invalid verification code MUST be rejected by the server with an 3792 "invalidProperties" SetError. 3793 3794 The client may update the "expires" property to extend (or, less 3795 commonly, shorten) the lifetime of a push subscription. The server 3796 MAY modify the proposed new expiry time to enforce server-defined 3797 limits. Extending the lifetime does not require the subscription to 3798 be verified again. 3799 3800 Clients SHOULD NOT update or destroy a push subscription that they 3801 did not create (i.e., has a "deviceClientId" that they do not 3802 recognise). 3803 3804 3805 3806 3807 3808 3809 3810Jenkins & Newman Standards Track [Page 68] 3811 3812RFC 8620 JMAP July 2019 3813 3814 38157.2.3. Example 3816 3817 At "2018-07-06T02:14:29Z", a client with deviceClientId "a889-ffea- 3818 910" fetches the set of push subscriptions currently on the server, 3819 making an API request with: 3820 3821 [[ "PushSubscription/get", { 3822 "ids": null 3823 }, "0" ]] 3824 3825 Which returns: 3826 3827 [[ "PushSubscription/get", { 3828 "list": [{ 3829 "id": "e50b2c1d-9553-41a3-b0a7-a7d26b599ee1", 3830 "deviceClientId": "b37ff8001ca0", 3831 "verificationCode": "b210ef734fe5f439c1ca386421359f7b", 3832 "expires": "2018-07-31T00:13:21Z", 3833 "types": [ "Todo" ] 3834 }, { 3835 "id": "f2d0aab5-e976-4e8b-ad4b-b380a5b987e4", 3836 "deviceClientId": "X8980fc", 3837 "verificationCode": "f3d4618a9ae15c8b7f5582533786d531", 3838 "expires": "2018-07-12T05:55:00Z", 3839 "types": [ "Mailbox", "Email", "EmailDelivery" ] 3840 }], 3841 "notFound": [] 3842 }, "0" ]] 3843 3844 Since neither of the returned push subscription objects have the 3845 client's deviceClientId, it knows it does not have a current push 3846 subscription active on the server. So it creates one, sending this 3847 request: 3848 3849[[ "PushSubscription/set", { 3850 "create": { 3851 "4f29": { 3852 "deviceClientId": "a889-ffea-910", 3853 "url": "https://example.com/push/?device=X8980fc&client=12c6d086", 3854 "types": null 3855 } 3856 } 3857}, "0" ]] 3858 3859 3860 3861 3862 3863 3864 3865 3866Jenkins & Newman Standards Track [Page 69] 3867 3868RFC 8620 JMAP July 2019 3869 3870 3871 The server creates the push subscription but limits the expiry time 3872 to 7 days in the future, returning this response: 3873 3874 [[ "PushSubscription/set", { 3875 "created": { 3876 "4f29": { 3877 "id": "P43dcfa4-1dd4-41ef-9156-2c89b3b19c60", 3878 "keys": null, 3879 "expires": "2018-07-13T02:14:29Z" 3880 } 3881 } 3882 }, "0" ]] 3883 3884 The server also immediately makes a POST request to 3885 "https://example.com/push/?device=X8980fc&client=12c6d086" with the 3886 data: 3887 3888 { 3889 "@type": "PushVerification", 3890 "pushSubscriptionId": "P43dcfa4-1dd4-41ef-9156-2c89b3b19c60", 3891 "verificationCode": "da1f097b11ca17f06424e30bf02bfa67" 3892 } 3893 3894 The client receives this and updates the subscription with the 3895 verification code (note there is a potential race condition here; the 3896 client MUST be able to handle receiving the push while the request 3897 creating the subscription is still in progress): 3898 3899 [[ "PushSubscription/set", { 3900 "update": { 3901 "P43dcfa4-1dd4-41ef-9156-2c89b3b19c60": { 3902 "verificationCode": "da1f097b11ca17f06424e30bf02bfa67" 3903 } 3904 } 3905 }, "0" ]] 3906 3907 The server confirms the update was successful and will now make 3908 requests to the registered URL when the state changes. 3909 3910 3911 3912 3913 3914 3915 3916 3917 3918 3919 3920 3921 3922Jenkins & Newman Standards Track [Page 70] 3923 3924RFC 8620 JMAP July 2019 3925 3926 3927 Two days later, the client updates the subscription to extend its 3928 lifetime, sending this request: 3929 3930 [[ "PushSubscription/set", { 3931 "update": { 3932 "P43dcfa4-1dd4-41ef-9156-2c89b3b19c60": { 3933 "expires": "2018-08-13T00:00:00Z" 3934 } 3935 } 3936 }, "0" ]] 3937 3938 The server extends the expiry time, but only again to its maximum 3939 limit of 7 days in the future, returning this response: 3940 3941 [[ "PushSubscription/set", { 3942 "updated": { 3943 "P43dcfa4-1dd4-41ef-9156-2c89b3b19c60": { 3944 "expires": "2018-07-15T02:22:50Z" 3945 } 3946 } 3947 }, "0" ]] 3948 39497.3. Event Source 3950 3951 Clients that can hold transport connections open can connect directly 3952 to the JMAP server to receive push notifications via a "text/event- 3953 stream" resource, as described in [EventSource]. This is a long 3954 running HTTP request, where the server can push data to the client by 3955 appending data without ending the response. 3956 3957 When a change occurs in the data on the server, it pushes an event 3958 called "state" to any connected clients, with the StateChange object 3959 as the data. 3960 3961 The server SHOULD also send a new event id that encodes the entire 3962 server state visible to the user immediately after sending a "state" 3963 event. When a new connection is made to the event-source endpoint, a 3964 client following the server-sent events specification will send a 3965 Last-Event-ID HTTP header field with the last id it saw, which the 3966 server can use to work out whether the client has missed some 3967 changes. If so, it SHOULD send these changes immediately on 3968 connection. 3969 3970 The Session object (see Section 2) has an "eventSourceUrl" property, 3971 which is in URI Template (level 1) format [RFC6570]. The URL MUST 3972 contain variables called "types", "closeafter", and "ping". 3973 3974 3975 3976 3977 3978Jenkins & Newman Standards Track [Page 71] 3979 3980RFC 8620 JMAP July 2019 3981 3982 3983 To connect to the resource, the client makes an authenticated GET 3984 request to the event-source URL with the appropriate variables 3985 substituted in: 3986 3987 o "types": This MUST be either: 3988 3989 * A comma-separated list of type names, e.g., 3990 "Email,CalendarEvent". The server MUST only push changes for 3991 the types in this list. 3992 3993 * The single character: "*". Changes to all types are pushed. 3994 3995 o "closeafter": This MUST be one of the following values: 3996 3997 * "state": The server MUST end the HTTP response after pushing a 3998 state event. This can be used by clients in environments where 3999 buffering proxies prevent the pushed data from arriving 4000 immediately, or indeed at all, when operating in the usual 4001 mode. 4002 4003 * "no": The connection is persisted by the server as a standard 4004 event-source resource. 4005 4006 o "ping": A positive integer value representing a length of time in 4007 seconds, e.g., "300". If non-zero, the server MUST send an event 4008 called "ping" whenever this time elapses since the previous event 4009 was sent. This MUST NOT set a new event id. If the value is "0", 4010 the server MUST NOT send ping events. 4011 4012 The server MAY modify a requested ping interval to be subject to a 4013 minimum and/or maximum value. For interoperability, servers MUST 4014 NOT have a minimum allowed value higher than 30 or a maximum 4015 allowed value less than 300. 4016 4017 The data for the ping event MUST be a JSON object containing an 4018 "interval" property, the value (type "UnsignedInt") being the 4019 interval in seconds the server is using to send pings (this may be 4020 different to the requested value if the server clamped it to be 4021 within a min/max value). 4022 4023 Clients can monitor for the ping event to help determine when the 4024 closeafter mode may be required. 4025 4026 A client MAY hold open multiple connections to the event-source 4027 resource, although it SHOULD try to use a single connection for 4028 efficiency. 4029 4030 4031 4032 4033 4034Jenkins & Newman Standards Track [Page 72] 4035 4036RFC 8620 JMAP July 2019 4037 4038 40398. Security Considerations 4040 40418.1. Transport Confidentiality 4042 4043 To ensure the confidentiality and integrity of data sent and received 4044 via JMAP, all requests MUST use TLS 1.2 [RFC5246] [RFC8446] or later, 4045 following the recommendations in [RFC7525]. Servers SHOULD support 4046 TLS 1.3 [RFC8446] or later. 4047 4048 Clients MUST validate TLS certificate chains to protect against 4049 man-in-the-middle attacks [RFC5280]. 4050 40518.2. Authentication Scheme 4052 4053 A number of HTTP authentication schemes have been standardised (see 4054 <https://www.iana.org/assignments/http-authschemes/>). Servers 4055 should take care to assess the security characteristics of different 4056 schemes in relation to their needs when deciding what to implement. 4057 4058 Use of the Basic authentication scheme is NOT RECOMMENDED. Services 4059 that choose to use it are strongly recommended to require generation 4060 of a unique "app password" via some external mechanism for each 4061 client they wish to connect. This allows connections from different 4062 devices to be differentiated by the server and access to be 4063 individually revoked. 4064 40658.3. Service Autodiscovery 4066 4067 Unless secured by something like DNSSEC, autodiscovery of server 4068 details using SRV DNS records is vulnerable to a DNS poisoning 4069 attack, which can lead to the client talking to an attacker's server 4070 instead of the real JMAP server. The attacker may then intercept 4071 requests to execute man-in-the-middle attacks and, depending on the 4072 authentication scheme, steal credentials to generate its own 4073 requests. 4074 4075 Clients that do not support SRV lookups are likely to try just using 4076 the "/.well-known/jmap" path directly against the domain of the 4077 username over HTTPS. Servers SHOULD ensure this path resolves or 4078 redirects to the correct JMAP Session resource to allow this to work. 4079 If this is not feasible, servers MUST ensure this path cannot be 4080 controlled by an attacker, as again it may be used to steal 4081 credentials. 4082 4083 4084 4085 4086 4087 4088 4089 4090Jenkins & Newman Standards Track [Page 73] 4091 4092RFC 8620 JMAP July 2019 4093 4094 40958.4. JSON Parsing 4096 4097 The Security Considerations of [RFC8259] apply to the use of JSON as 4098 the data interchange format. 4099 4100 As for any serialization format, parsers need to thoroughly check the 4101 syntax of the supplied data. JSON uses opening and closing tags for 4102 several types and structures, and it is possible that the end of the 4103 supplied data will be reached when scanning for a matching closing 4104 tag; this is an error condition, and implementations need to stop 4105 scanning at the end of the supplied data. 4106 4107 JSON also uses a string encoding with some escape sequences to encode 4108 special characters within a string. Care is needed when processing 4109 these escape sequences to ensure that they are fully formed before 4110 the special processing is triggered, with special care taken when the 4111 escape sequences appear adjacent to other (non-escaped) special 4112 characters or adjacent to the end of data (as in the previous 4113 paragraph). 4114 4115 If parsing JSON into a non-textual structured data format, 4116 implementations may need to allocate storage to hold JSON string 4117 elements. Since JSON does not use explicit string lengths, the risk 4118 of denial of service due to resource exhaustion is small, but 4119 implementations may still wish to place limits on the size of 4120 allocations they are willing to make in any given context, to avoid 4121 untrusted data causing excessive memory allocation. 4122 41238.5. Denial of Service 4124 4125 A small request may result in a very large response and require 4126 considerable work on the server if resource limits are not enforced. 4127 JMAP provides mechanisms for advertising and enforcing a wide variety 4128 of limits for mitigating this threat, including limits on the number 4129 of objects fetched in a single method call, number of methods in a 4130 single request, number of concurrent requests, etc. 4131 4132 JMAP servers MUST implement sensible limits to mitigate against 4133 resource exhaustion attacks. 4134 41358.6. Connection to Unknown Push Server 4136 4137 When a push subscription is registered, the application server will 4138 make POST requests to the given URL. There are a number of security 4139 considerations that MUST be considered when implementing this. 4140 4141 4142 4143 4144 4145 4146Jenkins & Newman Standards Track [Page 74] 4147 4148RFC 8620 JMAP July 2019 4149 4150 4151 The server MUST ensure the URL is externally resolvable to avoid 4152 server-side request forgery, where the server makes a request to a 4153 resource on its internal network. 4154 4155 A malicious client may use the push subscription to attempt to flood 4156 a third party server with requests, creating a denial-of-service 4157 attack and masking the attacker's true identity. There is no 4158 guarantee that the URL given to the JMAP server is actually a valid 4159 push server. Upon creation of a push subscription, the JMAP server 4160 sends a PushVerification object to the URL and MUST NOT send any 4161 further requests until the client verifies it has received the 4162 initial push. The verification code MUST contain sufficient entropy 4163 to prevent the client from being able to verify the subscription via 4164 brute force. 4165 4166 The verification code does not guarantee the URL is a valid push 4167 server, only that the client is able to access the data submitted to 4168 it. While the verification step significantly reduces the set of 4169 potential targets, there is still a risk that the server is unrelated 4170 to the client and being targeted for a denial-of-service attack. 4171 4172 The server MUST limit the number of push subscriptions any one user 4173 may have to ensure the user cannot cause the server to send a large 4174 number of push notifications at once, which could again be used as 4175 part of a denial-of-service attack. The rate of creation MUST also 4176 be limited to minimise the ability to abuse the verification request 4177 as an attack vector. 4178 41798.7. Push Encryption 4180 4181 When data changes, a small object is pushed with the new state 4182 strings for the types that have changed. While the data here is 4183 minimal, a passive man-in-the-middle attacker may be able to gain 4184 useful information. To ensure confidentiality and integrity, if the 4185 push is sent via a third party outside of the control of the client 4186 and JMAP server, the client MUST specify encryption keys when 4187 establishing the PushSubscription and ignore any push notification 4188 received that is not encrypted with those keys. 4189 4190 The privacy and security considerations of [RFC8030] and [RFC8291] 4191 also apply to the use of the PushSubscription mechanism. 4192 4193 As there is no crypto algorithm agility in Web Push Encryption 4194 [RFC8291], a new specification will be needed to provide this if new 4195 algorithms are required in the future. 4196 4197 4198 4199 4200 4201 4202Jenkins & Newman Standards Track [Page 75] 4203 4204RFC 8620 JMAP July 2019 4205 4206 42078.8. Traffic Analysis 4208 4209 While the data is encrypted, a passive observer with the ability to 4210 monitor network traffic may be able to glean information from the 4211 timing of API requests and push notifications. For example, suppose 4212 an email or calendar invitation is sent from User A (hosted on Server 4213 X) to User B (hosted on Server Y). If Server X hosts data for many 4214 users, a passive observer can see that the two servers connected but 4215 does not know who the data was for. However, if a push notification 4216 is immediately sent to User B and the attacker can observe this as 4217 well, they may reasonably conclude that someone on Server X is 4218 connecting to User B. 4219 42209. IANA Considerations 4221 42229.1. Assignment of jmap Service Name 4223 4224 IANA has assigned the 'jmap' service name in the "Service Name and 4225 Transport Protocol Port Number Registry" [RFC6335]. 4226 4227 Service Name: jmap 4228 4229 Transport Protocol(s): tcp 4230 4231 Assignee: IESG 4232 4233 Contact: IETF Chair 4234 4235 Description: JSON Meta Application Protocol 4236 4237 Reference: RFC 8620 4238 4239 Assignment Notes: This service name was previously assigned under the 4240 name "JSON Mail Access Protocol". This has been de-assigned and 4241 re-assigned with the approval of the previous assignee. 4242 42439.2. Registration of Well-Known URI Suffix for JMAP 4244 4245 IANA has registered the following suffix in the "Well-Known URIs" 4246 registry for JMAP, as described in [RFC8615]: 4247 4248 URI Suffix: jmap 4249 4250 Change Controller: IETF 4251 4252 Specification Document: RFC 8620, Section 2.2. 4253 4254 4255 4256 4257 4258Jenkins & Newman Standards Track [Page 76] 4259 4260RFC 8620 JMAP July 2019 4261 4262 42639.3. Registration of the jmap URN Sub-namespace 4264 4265 IANA has registered the following URN sub-namespace in the "IETF URN 4266 Sub-namespace for Registered Protocol Parameter Identifiers" registry 4267 within the "Uniform Resource Name (URN) Namespace for IETF Use" 4268 registry as described in [RFC3553]. 4269 4270 Registered Parameter Identifier: jmap 4271 4272 Reference: RFC 8620, Section 9.4 4273 4274 IANA Registry Reference: http://www.iana.org/assignments/jmap 4275 42769.4. Creation of "JMAP Capabilities" Registry 4277 4278 IANA has created the "JMAP Capabilities" registry as described in 4279 Section 2. JMAP capabilities are advertised in the "capabilities" 4280 property of the JMAP Session resource. They are used to extend the 4281 functionality of a JMAP server. A capability is referenced by a URI. 4282 The JMAP capability URI can be a URN starting with 4283 "urn:ietf:params:jmap:" plus a unique suffix that is the index value 4284 in the jmap URN sub-namespace. Registration of a JMAP capability 4285 with another form of URI has no impact on the jmap URN sub-namespace. 4286 4287 This registry follows the expert review process unless the "intended 4288 use" field is "common" or "placeholder", in which case registration 4289 follows the specification required process. 4290 4291 A JMAP capability registration can have an intended use of "common", 4292 "placeholder", "limited", or "obsolete". IANA will list common-use 4293 registrations prominently and separately from those with other 4294 intended use values. 4295 4296 The JMAP capability registration procedure is not a formal standards 4297 process but rather an administrative procedure intended to allow 4298 community comment and sanity checking without excessive time delay. 4299 4300 A "placeholder" registration reserves part of the jmap URN namespace 4301 for another purpose but is typically not included in the 4302 "capabilities" property of the JMAP Session resource. 4303 43049.4.1. Preliminary Community Review 4305 4306 Notice of a potential JMAP common-use registration SHOULD be sent to 4307 the JMAP mailing list <jmap@ietf.org> for review. This mailing list 4308 is appropriate to solicit community feedback on a proposed JMAP 4309 4310 4311 4312 4313 4314Jenkins & Newman Standards Track [Page 77] 4315 4316RFC 8620 JMAP July 2019 4317 4318 4319 capability. Registrations that are not intended for common use MAY 4320 be sent to the list for review as well; doing so is entirely 4321 OPTIONAL, but is encouraged. 4322 4323 The intent of the public posting to this list is to solicit comments 4324 and feedback on the choice of the capability name, the unambiguity of 4325 the specification document, and a review of any interoperability or 4326 security considerations. The submitter may submit a revised 4327 registration proposal or abandon the registration completely at any 4328 time. 4329 43309.4.2. Submit Request to IANA 4331 4332 Registration requests can be sent to <iana@iana.org>. 4333 43349.4.3. Designated Expert Review 4335 4336 For a limited-use registration, the primary concern of the designated 4337 expert (DE) is preventing name collisions and encouraging the 4338 submitter to document security and privacy considerations; a 4339 published specification is not required. For a common-use 4340 registration, the DE is expected to confirm that suitable 4341 documentation, as described in Section 4.6 of [RFC8126], is 4342 available. The DE should also verify that the capability does not 4343 conflict with work that is active or already published within the 4344 IETF. 4345 4346 Before a period of 30 days has passed, the DE will either approve or 4347 deny the registration request and publish a notice of the decision to 4348 the JMAP WG mailing list or its successor, as well as inform IANA. A 4349 denial notice must be justified by an explanation, and, in the cases 4350 where it is possible, concrete suggestions on how the request can be 4351 modified so as to become acceptable should be provided. 4352 4353 If the DE does not respond within 30 days, the registrant may request 4354 the IESG take action to process the request in a timely manner. 4355 43569.4.4. Change Procedures 4357 4358 Once a JMAP capability has been published by the IANA, the change 4359 controller may request a change to its definition. The same 4360 procedure that would be appropriate for the original registration 4361 request is used to process a change request. 4362 4363 JMAP capability registrations may not be deleted; capabilities that 4364 are no longer believed appropriate for use can be declared obsolete 4365 by a change to their "intended use" field; such capabilities will be 4366 clearly marked in the lists published by the IANA. 4367 4368 4369 4370Jenkins & Newman Standards Track [Page 78] 4371 4372RFC 8620 JMAP July 2019 4373 4374 4375 Significant changes to a capability's definition should be requested 4376 only when there are serious omissions or errors in the published 4377 specification. When review is required, a change request may be 4378 denied if it renders entities that were valid under the previous 4379 definition invalid under the new definition. 4380 4381 The owner of a JMAP capability may pass responsibility to another 4382 person or agency by informing the IANA; this can be done without 4383 discussion or review. 4384 4385 The IESG may reassign responsibility for a JMAP capability. The most 4386 common case of this will be to enable changes to be made to 4387 capabilities where the author of the registration has died, moved out 4388 of contact, or is otherwise unable to make changes that are important 4389 to the community. 4390 43919.4.5. JMAP Capabilities Registry Template 4392 4393 Capability name: (see capability property in Section 2) 4394 4395 Specification document: 4396 4397 Intended use: (one of common, limited, placeholder, or obsolete) 4398 4399 Change controller: ("IETF" for Standards Track / BCP RFCs) 4400 4401 Security and privacy considerations: 4402 44039.4.6. Initial Registration for JMAP Core 4404 4405 Capability Name: "urn:ietf:params:jmap:core" 4406 4407 Specification document: RFC 8620, Section 2 4408 4409 Intended use: common 4410 4411 Change Controller: IETF 4412 4413 Security and privacy considerations: RFC 8620, Section 8. 4414 4415 4416 4417 4418 4419 4420 4421 4422 4423 4424 4425 4426Jenkins & Newman Standards Track [Page 79] 4427 4428RFC 8620 JMAP July 2019 4429 4430 44319.4.7. Registration for JMAP Error Placeholder in JMAP Capabilities 4432 Registry 4433 4434 Capability Name: "urn:ietf:params:jmap:error:" 4435 4436 Specification document: RFC 8620, Section 9.5 4437 4438 Intended use: placeholder 4439 4440 Change Controller: IETF 4441 4442 Security and privacy considerations: RFC 8620, Section 8. 4443 44449.5. Creation of "JMAP Error Codes" Registry 4445 4446 IANA has created the "JMAP Error Codes" registry. JMAP error codes 4447 appear in the "type" member of a JSON problem details object (as 4448 described in Section 3.6.1), the "type" member in a JMAP error object 4449 (as described in Section 3.6.2), or the "type" member of a JMAP 4450 method-specific error object (such as SetError in Section 5.3). When 4451 used in a problem details object, the prefix 4452 "urn:ietf:params:jmap:error:" is always included; when used in JMAP 4453 objects, the prefix is always omitted. 4454 4455 This registry follows the expert review process. Preliminary 4456 community review for this registry follows the same procedures as the 4457 "JMAP Capabilities" registry, but it is optional. The change 4458 procedures for this registry are the same as the change procedures 4459 for the "JMAP Capabilities" registry. 4460 44619.5.1. Expert Review 4462 4463 The designated expert should review the following aspects of the 4464 registration: 4465 4466 1. Verify the error code does not conflict with existing names. 4467 4468 2. Verify the error code follows the syntax limitations (does not 4469 require URI encoding). 4470 4471 3. Encourage the submitter to follow the naming convention of 4472 previously registered errors. 4473 4474 4. Encourage the submitter to describe client behaviours that are 4475 recommended in response to the error code. These may distinguish 4476 the error code from other error codes. 4477 4478 4479 4480 4481 4482Jenkins & Newman Standards Track [Page 80] 4483 4484RFC 8620 JMAP July 2019 4485 4486 4487 5. Encourage the submitter to describe when the server should issue 4488 the error as opposed to some other error code. 4489 4490 6. Encourage the submitter to note any security considerations 4491 associated with the error, if any (e.g., an error code that might 4492 disclose existence of data the authenticated user does not have 4493 permission to know about). 4494 4495 Steps 3-6 are meant to promote a higher-quality registry. However, 4496 the expert is encouraged to approve any registration that would not 4497 actively harm JMAP interoperability to make this a relatively 4498 lightweight process. 4499 45009.5.2. JMAP Error Codes Registry Template 4501 4502 JMAP Error Code: 4503 4504 Intended use: (one of "common", "limited", "obsolete") 4505 4506 Change Controller: ("IETF" for Standards Track / BCP RFCs) 4507 4508 Reference: (Optional. Only required if defined in an RFC.) 4509 4510 Description: 4511 45129.5.3. Initial Contents for the JMAP Error Codes Registry 4513 4514 o JMAP Error Code: accountNotFound 4515 Intended Use: Common 4516 Change Controller: IETF 4517 Reference: RFC 8620, Section 3.6.2 4518 Description: The accountId does not correspond to a valid account. 4519 4520 o JMAP Error Code: accountNotSupportedByMethod 4521 Intended Use: Common 4522 Change Controller: IETF 4523 Reference: RFC 8620, Section 3.6.2 4524 Description: The accountId given corresponds to a valid account, 4525 but the account does not support this method or data type. 4526 4527 o JMAP Error Code: accountReadOnly 4528 Intended Use: Common 4529 Change Controller: IETF 4530 Reference: RFC 8620, Section 3.6.2 4531 Description: This method modifies state, but the account is read- 4532 only (as returned on the corresponding Account object in the JMAP 4533 Session resource). 4534 4535 4536 4537 4538Jenkins & Newman Standards Track [Page 81] 4539 4540RFC 8620 JMAP July 2019 4541 4542 4543 o JMAP Error Code: anchorNotFound 4544 Intended Use: Common 4545 Change Controller: IETF 4546 Reference: RFC 8620, Section 5.5 4547 Description: An anchor argument was supplied, but it cannot be 4548 found in the results of the query. 4549 4550 o JMAP Error Code: alreadyExists 4551 Intended Use: Common 4552 Change Controller: IETF 4553 Reference: RFC 8620, Section 5.4 4554 Description: The server forbids duplicates, and the record already 4555 exists in the target account. An existingId property of type Id 4556 MUST be included on the SetError object with the id of the 4557 existing record. 4558 4559 o JMAP Error Code: cannotCalculateChanges 4560 Intended Use: Common 4561 Change Controller: IETF 4562 Reference: RFC 8620, Sections 5.2 and 5.6 4563 Description: The server cannot calculate the changes from the 4564 state string given by the client. 4565 4566 o JMAP Error Code: forbidden 4567 Intended Use: Common 4568 Change Controller: IETF 4569 Reference: RFC 8620, Sections 3.6.2, 5.3, and 7.2.1 4570 Description: The action would violate an ACL or other permissions 4571 policy. 4572 4573 o JMAP Error Code: fromAccountNotFound 4574 Intended Use: Common 4575 Change Controller: IETF 4576 Reference: RFC 8620, Sections 5.4 and 6.3 4577 Description: The fromAccountId does not correspond to a valid 4578 account. 4579 4580 o JMAP Error Code: fromAccountNotSupportedByMethod 4581 Intended Use: Common 4582 Change Controller: IETF 4583 Reference: RFC 8620, Section 5.4 4584 Description: The fromAccountId given corresponds to a valid 4585 account, but the account does not support this data type. 4586 4587 4588 4589 4590 4591 4592 4593 4594Jenkins & Newman Standards Track [Page 82] 4595 4596RFC 8620 JMAP July 2019 4597 4598 4599 o JMAP Error Code: invalidArguments 4600 Intended Use: Common 4601 Change Controller: IETF 4602 Reference: RFC 8620, Section 3.6.2 4603 Description: One of the arguments is of the wrong type or 4604 otherwise invalid, or a required argument is missing. 4605 4606 o JMAP Error Code: invalidPatch 4607 Intended Use: Common 4608 Change Controller: IETF 4609 Reference: RFC 8620, Section 5.3 4610 Description: The PatchObject given to update the record was not a 4611 valid patch. 4612 4613 o JMAP Error Code: invalidProperties 4614 Intended Use: Common 4615 Change Controller: IETF 4616 Reference: RFC 8620, Section 5.3 4617 Description: The record given is invalid. 4618 4619 o JMAP Error Code: notFound 4620 Intended Use: Common 4621 Change Controller: IETF 4622 Reference: RFC 8620, Section 5.3 4623 Description: The id given cannot be found. 4624 4625 o JMAP Error Code: notJSON 4626 Intended Use: Common 4627 Change Controller: IETF 4628 Reference: RFC 8620, Section 3.6.1 4629 Description: The content type of the request was not application/ 4630 json, or the request did not parse as I-JSON. 4631 4632 o JMAP Error Code: notRequest 4633 Intended Use: Common 4634 Change Controller: IETF 4635 Reference: RFC 8620, Section 3.6.1 4636 Description: The request parsed as JSON but did not match the type 4637 signature of the Request object. 4638 4639 o JMAP Error Code: overQuota 4640 Intended Use: Common 4641 Change Controller: IETF 4642 Reference: RFC 8620, Section 5.3 4643 Description: The create would exceed a server-defined limit on the 4644 number or total size of objects of this type. 4645 4646 4647 4648 4649 4650Jenkins & Newman Standards Track [Page 83] 4651 4652RFC 8620 JMAP July 2019 4653 4654 4655 o JMAP Error Code: rateLimit 4656 Intended Use: Common 4657 Change Controller: IETF 4658 Reference: RFC 8620, Section 5.3 4659 Description: Too many objects of this type have been created 4660 recently, and a server-defined rate limit has been reached. It 4661 may work if tried again later. 4662 4663 o JMAP Error Code: requestTooLarge 4664 Intended Use: Common 4665 Change Controller: IETF 4666 Reference: RFC 8620, Sections 5.1 and 5.3 4667 Description: The total number of actions exceeds the maximum 4668 number the server is willing to process in a single method call. 4669 4670 o JMAP Error Code: invalidResultReference 4671 Intended Use: Common 4672 Change Controller: IETF 4673 Reference: RFC 8620, Section 3.6.2 4674 Description: The method used a result reference for one of its 4675 arguments, but this failed to resolve. 4676 4677 o JMAP Error Code: serverFail 4678 Intended Use: Common 4679 Change Controller: IETF 4680 Reference: RFC 8620, Section 3.6.2 4681 Description: An unexpected or unknown error occurred during the 4682 processing of the call. The method call made no changes to the 4683 server's state. 4684 4685 o JMAP Error Code: serverPartialFail 4686 Intended Use: Limited 4687 Change Controller: IETF 4688 Reference: RFC 8620, Section 3.6.2 4689 Description: Some, but not all, expected changes described by the 4690 method occurred. The client MUST resynchronise impacted data to 4691 determine the server state. Use of this error is strongly 4692 discouraged. 4693 4694 o JMAP Error Code: serverUnavailable 4695 Intended Use: Common 4696 Change Controller: IETF 4697 Reference: RFC 8620, Section 3.6.2 4698 Description: Some internal server resource was temporarily 4699 unavailable. Attempting the same operation later (perhaps after a 4700 backoff with a random factor) may succeed. 4701 4702 4703 4704 4705 4706Jenkins & Newman Standards Track [Page 84] 4707 4708RFC 8620 JMAP July 2019 4709 4710 4711 o JMAP Error Code: singleton 4712 Intended Use: Common 4713 Change Controller: IETF 4714 Reference: RFC 8620, Section 5.3 4715 Description: This is a singleton type, so you cannot create 4716 another one or destroy the existing one. 4717 4718 o JMAP Error Code: stateMismatch 4719 Intended Use: Common 4720 Change Controller: IETF 4721 Reference: RFC 8620, Section 5.3 4722 Description: An ifInState argument was supplied, and it does not 4723 match the current state. 4724 4725 o JMAP Error Code: tooLarge 4726 Intended Use: Common 4727 Change Controller: IETF 4728 Reference: RFC 8620, Section 5.3 4729 Description: The action would result in an object that exceeds a 4730 server-defined limit for the maximum size of a single object of 4731 this type. 4732 4733 o JMAP Error Code: tooManyChanges 4734 Intended Use: Common 4735 Change Controller: IETF 4736 Reference: RFC 8620, Section 5.6 4737 Description: There are more changes than the client's maxChanges 4738 argument. 4739 4740 o JMAP Error Code: unknownCapability 4741 Intended Use: Common 4742 Change Controller: IETF 4743 Reference: RFC 8620, Section 3.6.1 4744 Description: The client included a capability in the "using" 4745 property of the request that the server does not support. 4746 4747 o JMAP Error Code: unknownMethod 4748 Intended Use: Common 4749 Change Controller: IETF 4750 Reference: RFC 8620, Section 3.6.2 4751 Description: The server does not recognise this method name. 4752 4753 o JMAP Error Code: unsupportedFilter 4754 Intended Use: Common 4755 Change Controller: IETF 4756 Reference: RFC 8620, Section 5.5 4757 Description: The filter is syntactically valid, but the server 4758 cannot process it. 4759 4760 4761 4762Jenkins & Newman Standards Track [Page 85] 4763 4764RFC 8620 JMAP July 2019 4765 4766 4767 o JMAP Error Code: unsupportedSort 4768 Intended Use: Common 4769 Change Controller: IETF 4770 Reference: RFC 8620, Section 5.5 4771 Description: The sort is syntactically valid but includes a 4772 property the server does not support sorting on or a collation 4773 method it does not recognise. 4774 4775 o JMAP Error Code: willDestroy 4776 Intended Use: Common 4777 Change Controller: IETF 4778 Reference: RFC 8620, Section 5.3 4779 Description: The client requested an object be both updated and 4780 destroyed in the same /set request, and the server has decided to 4781 therefore ignore the update. 4782 478310. References 4784 478510.1. Normative References 4786 4787 [EventSource] 4788 Hickson, I., "Server-Sent Events", World Wide Web 4789 Consortium Recommendation REC-eventsource-20150203, 4790 February 2015, <https://www.w3.org/TR/eventsource/>. 4791 4792 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 4793 Requirement Levels", BCP 14, RFC 2119, 4794 DOI 10.17487/RFC2119, March 1997, 4795 <https://www.rfc-editor.org/info/rfc2119>. 4796 4797 [RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for 4798 specifying the location of services (DNS SRV)", RFC 2782, 4799 DOI 10.17487/RFC2782, February 2000, 4800 <https://www.rfc-editor.org/info/rfc2782>. 4801 4802 [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, 4803 DOI 10.17487/RFC2818, May 2000, 4804 <https://www.rfc-editor.org/info/rfc2818>. 4805 4806 [RFC3339] Klyne, G. and C. Newman, "Date and Time on the Internet: 4807 Timestamps", RFC 3339, DOI 10.17487/RFC3339, July 2002, 4808 <https://www.rfc-editor.org/info/rfc3339>. 4809 4810 [RFC3553] Mealling, M., Masinter, L., Hardie, T., and G. Klyne, "An 4811 IETF URN Sub-namespace for Registered Protocol 4812 Parameters", BCP 73, RFC 3553, DOI 10.17487/RFC3553, June 4813 2003, <https://www.rfc-editor.org/info/rfc3553>. 4814 4815 4816 4817 4818Jenkins & Newman Standards Track [Page 86] 4819 4820RFC 8620 JMAP July 2019 4821 4822 4823 [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO 4824 10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November 4825 2003, <https://www.rfc-editor.org/info/rfc3629>. 4826 4827 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data 4828 Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, 4829 <https://www.rfc-editor.org/info/rfc4648>. 4830 4831 [RFC4790] Newman, C., Duerst, M., and A. Gulbrandsen, "Internet 4832 Application Protocol Collation Registry", RFC 4790, 4833 DOI 10.17487/RFC4790, March 2007, 4834 <https://www.rfc-editor.org/info/rfc4790>. 4835 4836 [RFC5051] Crispin, M., "i;unicode-casemap - Simple Unicode Collation 4837 Algorithm", RFC 5051, DOI 10.17487/RFC5051, October 2007, 4838 <https://www.rfc-editor.org/info/rfc5051>. 4839 4840 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 4841 (TLS) Protocol Version 1.2", RFC 5246, 4842 DOI 10.17487/RFC5246, August 2008, 4843 <https://www.rfc-editor.org/info/rfc5246>. 4844 4845 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 4846 Housley, R., and W. Polk, "Internet X.509 Public Key 4847 Infrastructure Certificate and Certificate Revocation List 4848 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, 4849 <https://www.rfc-editor.org/info/rfc5280>. 4850 4851 [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322, 4852 DOI 10.17487/RFC5322, October 2008, 4853 <https://www.rfc-editor.org/info/rfc5322>. 4854 4855 [RFC6186] Daboo, C., "Use of SRV Records for Locating Email 4856 Submission/Access Services", RFC 6186, 4857 DOI 10.17487/RFC6186, March 2011, 4858 <https://www.rfc-editor.org/info/rfc6186>. 4859 4860 [RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. 4861 Cheshire, "Internet Assigned Numbers Authority (IANA) 4862 Procedures for the Management of the Service Name and 4863 Transport Protocol Port Number Registry", BCP 165, 4864 RFC 6335, DOI 10.17487/RFC6335, August 2011, 4865 <https://www.rfc-editor.org/info/rfc6335>. 4866 4867 [RFC6570] Gregorio, J., Fielding, R., Hadley, M., Nottingham, M., 4868 and D. Orchard, "URI Template", RFC 6570, 4869 DOI 10.17487/RFC6570, March 2012, 4870 <https://www.rfc-editor.org/info/rfc6570>. 4871 4872 4873 4874Jenkins & Newman Standards Track [Page 87] 4875 4876RFC 8620 JMAP July 2019 4877 4878 4879 [RFC6749] Hardt, D., Ed., "The OAuth 2.0 Authorization Framework", 4880 RFC 6749, DOI 10.17487/RFC6749, October 2012, 4881 <https://www.rfc-editor.org/info/rfc6749>. 4882 4883 [RFC6764] Daboo, C., "Locating Services for Calendaring Extensions 4884 to WebDAV (CalDAV) and vCard Extensions to WebDAV 4885 (CardDAV)", RFC 6764, DOI 10.17487/RFC6764, February 2013, 4886 <https://www.rfc-editor.org/info/rfc6764>. 4887 4888 [RFC6838] Freed, N., Klensin, J., and T. Hansen, "Media Type 4889 Specifications and Registration Procedures", BCP 13, 4890 RFC 6838, DOI 10.17487/RFC6838, January 2013, 4891 <https://www.rfc-editor.org/info/rfc6838>. 4892 4893 [RFC6901] Bryan, P., Ed., Zyp, K., and M. Nottingham, Ed., 4894 "JavaScript Object Notation (JSON) Pointer", RFC 6901, 4895 DOI 10.17487/RFC6901, April 2013, 4896 <https://www.rfc-editor.org/info/rfc6901>. 4897 4898 [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 4899 Protocol (HTTP/1.1): Message Syntax and Routing", 4900 RFC 7230, DOI 10.17487/RFC7230, June 2014, 4901 <https://www.rfc-editor.org/info/rfc7230>. 4902 4903 [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 4904 Protocol (HTTP/1.1): Semantics and Content", RFC 7231, 4905 DOI 10.17487/RFC7231, June 2014, 4906 <https://www.rfc-editor.org/info/rfc7231>. 4907 4908 [RFC7493] Bray, T., Ed., "The I-JSON Message Format", RFC 7493, 4909 DOI 10.17487/RFC7493, March 2015, 4910 <https://www.rfc-editor.org/info/rfc7493>. 4911 4912 [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, 4913 "Recommendations for Secure Use of Transport Layer 4914 Security (TLS) and Datagram Transport Layer Security 4915 (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May 4916 2015, <https://www.rfc-editor.org/info/rfc7525>. 4917 4918 [RFC7617] Reschke, J., "The 'Basic' HTTP Authentication Scheme", 4919 RFC 7617, DOI 10.17487/RFC7617, September 2015, 4920 <https://www.rfc-editor.org/info/rfc7617>. 4921 4922 [RFC7807] Nottingham, M. and E. Wilde, "Problem Details for HTTP 4923 APIs", RFC 7807, DOI 10.17487/RFC7807, March 2016, 4924 <https://www.rfc-editor.org/info/rfc7807>. 4925 4926 4927 4928 4929 4930Jenkins & Newman Standards Track [Page 88] 4931 4932RFC 8620 JMAP July 2019 4933 4934 4935 [RFC8030] Thomson, M., Damaggio, E., and B. Raymor, Ed., "Generic 4936 Event Delivery Using HTTP Push", RFC 8030, 4937 DOI 10.17487/RFC8030, December 2016, 4938 <https://www.rfc-editor.org/info/rfc8030>. 4939 4940 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 4941 Writing an IANA Considerations Section in RFCs", BCP 26, 4942 RFC 8126, DOI 10.17487/RFC8126, June 2017, 4943 <https://www.rfc-editor.org/info/rfc8126>. 4944 4945 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 4946 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 4947 May 2017, <https://www.rfc-editor.org/info/rfc8174>. 4948 4949 [RFC8259] Bray, T., Ed., "The JavaScript Object Notation (JSON) Data 4950 Interchange Format", STD 90, RFC 8259, 4951 DOI 10.17487/RFC8259, December 2017, 4952 <https://www.rfc-editor.org/info/rfc8259>. 4953 4954 [RFC8264] Saint-Andre, P. and M. Blanchet, "PRECIS Framework: 4955 Preparation, Enforcement, and Comparison of 4956 Internationalized Strings in Application Protocols", 4957 RFC 8264, DOI 10.17487/RFC8264, October 2017, 4958 <https://www.rfc-editor.org/info/rfc8264>. 4959 4960 [RFC8291] Thomson, M., "Message Encryption for Web Push", RFC 8291, 4961 DOI 10.17487/RFC8291, November 2017, 4962 <https://www.rfc-editor.org/info/rfc8291>. 4963 4964 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 4965 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 4966 <https://www.rfc-editor.org/info/rfc8446>. 4967 4968 [RFC8615] Nottingham, M., "Well-Known Uniform Resource Identifiers 4969 (URIs)", RFC 8615, DOI 10.17487/RFC8615, May 2019, 4970 <https://www.rfc-editor.org/info/rfc8615>. 4971 497210.2. Informative References 4973 4974 [RFC8246] McManus, P., "HTTP Immutable Responses", RFC 8246, 4975 DOI 10.17487/RFC8246, September 2017, 4976 <https://www.rfc-editor.org/info/rfc8246>. 4977 4978 4979 4980 4981 4982 4983 4984 4985 4986Jenkins & Newman Standards Track [Page 89] 4987 4988RFC 8620 JMAP July 2019 4989 4990 4991Authors' Addresses 4992 4993 Neil Jenkins 4994 Fastmail 4995 PO Box 234, Collins St. West 4996 Melbourne, VIC 8007 4997 Australia 4998 4999 Email: neilj@fastmailteam.com 5000 URI: https://www.fastmail.com 5001 5002 5003 Chris Newman 5004 Oracle 5005 440 E. Huntington Dr., Suite 400 5006 Arcadia, CA 91006 5007 United States of America 5008 5009 Email: chris.newman@oracle.com 5010 5011 5012 5013 5014 5015 5016 5017 5018 5019 5020 5021 5022 5023 5024 5025 5026 5027 5028 5029 5030 5031 5032 5033 5034 5035 5036 5037 5038 5039 5040 5041 5042Jenkins & Newman Standards Track [Page 90] 5043