From 6c4c9f7273abbba87ca24845d9f22a98f3cd429c Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Thu, 16 May 2019 09:46:52 +0200
Subject: [PATCH] Remote wipe client api docs

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 .../client_apis/RemoteWipe/index.rst          | 51 +++++++++++++++++++
 developer_manual/client_apis/index.rst        |  1 +
 2 files changed, 52 insertions(+)
 create mode 100644 developer_manual/client_apis/RemoteWipe/index.rst

diff --git a/developer_manual/client_apis/RemoteWipe/index.rst b/developer_manual/client_apis/RemoteWipe/index.rst
new file mode 100644
index 000000000..f27159f26
--- /dev/null
+++ b/developer_manual/client_apis/RemoteWipe/index.rst
@@ -0,0 +1,51 @@
+.. _remotewipeindex:
+
+===========
+Remote wipe
+===========
+
+This document provides a quick overview of the remote wipe API that should be used by clients to implement the remote wipe functionality.
+This will allow users to wipe a lost device for example.
+
+Note that wiping only works when clients use the login flow so that a dedicated token is set for this client.
+
+
+Obtaining wipe status
+---------------------
+
+Once a client recieves a 401 or 403 status response it will do a fetch to :code:`<server>/index.php/core/wipe/check` and set the
+token parameter to the apptoken.
+
+.. code-block:: bash
+
+     curl https://cloud.example.com/index.php/core/wipe/check -X POST -d 'token=<TOKEN>'
+
+In case the client gets back a 200 status code and a JSON array with wipe set to true like:
+
+.. code-block:: json
+        {
+                "wipe":true
+        }
+
+then the client should proceed to wipe the device.
+
+
+Wiping the actual device
+------------------------
+
+The client must remove all user data linked to the account. This includes:
+  * caches 
+  * offline files
+  * the actual account itself
+
+
+Signalling completion
+----------------------
+
+Once the client has wiped all the required data a POST to :code:`<server>/index.php/core/wipe/success` has to be made with the token.
+This signals the server the wipe is completed and triggers the final cleanup on the server side.
+
+.. code-block:: bash
+
+     curl https://cloud.example.com/index.php/core/wipe/success -X POST -d 'token=<TOKEN>'
+
diff --git a/developer_manual/client_apis/index.rst b/developer_manual/client_apis/index.rst
index 715719a72..68c18f8f0 100644
--- a/developer_manual/client_apis/index.rst
+++ b/developer_manual/client_apis/index.rst
@@ -10,3 +10,4 @@ Client APIs
     WebDAV/index
     OCS/index
     LoginFlow/index
+    RemoteWipe/index