[arin-tech-discuss] Detailed Reassignment Permissions

Thu Sep 19 13:57:22 EDT 2013

Hello Tim,

If I'm understanding you correctly, you want to do a GET on a detailed reassignment to a customer via the Reg-RWS API.

The way to accomplish this would be to create the POC handles for the customer's Org ID using the MAKELINK parameter in the POC "Create" method.  Specifying MAKELINK as TRUE links your ARIN Online account to the POC handle, which allows you manage it as well as any Org IDs and any reassignments associated with that Org ID.  You then create an Org ID for the customer using the "Create Recipient ORG" method, then create the detailed reassignment.  You should then be able to do a GET on the customer's reassignment.

The basic rationale for this is that the Reg-RWS API returns information that may not be publicly visible, whereas Whois-RWS does not.  In general, only a web user that's directly linked to a given object can view it, to protect any private information that wouldn't ordinarily be visible to the general public.  The MAKELINK parameter is a way to designate that this record is created to be managed by an upstream ISP, which allows the ISP to view and modify it.

Obviously this would only be useful for records created in this manner, so for detailed reassignments created outside the Reg-RWS API (or ones created within it without the MAKELINK parameter specified as TRUE), you'll run into the same problem you described below.  One idea would be to delete the existing records and recreate them using the MAKELINK parameter.  That would be some work and might not be an acceptable solution to you, but it would allow you to start with a clean slate that allows you to manage your records in the manner you desire.

That's the way the API works today.  If you want to propose a change to the way the service works (aside from posting to this list, obviously), you can formally submit your suggestion via the process documented at:

https://www.arin.net/app/suggestion/

If you have any further questions, comments, or concerns please respond to this message or contact me directly.

Regards,

Jon Worley
Senior Resource Analyst
ARIN Registration Services
https://www.arin.net/
hostmaster at arin.net
703.227.0660

From: Tim Garrison <tgarrison at softlayer.com<mailto:tgarrison at softlayer.com>>
Date: Tuesday, September 17, 2013 4:04 PM
To: "arin-tech-discuss at arin.net<mailto:arin-tech-discuss at arin.net>" <arin-tech-discuss at arin.net<mailto:arin-tech-discuss at arin.net>>
Subject: [arin-tech-discuss] Detailed Reassignment Permissions

Greetings,

I apologize if this has been addressed in a previous thread.

I am working on reconciling some information between a local database and what has been registered with the ARIN RESTful API. The problem I'm coming across though is in the case of detailed reassignments. Where the 'net' has been reassigned to an 'org', I can do absolutely nothing other than 'delete' the reassignment; even simple 'get' requests are failing with an HTTP 401.

This would make sense if the restriction on these objects was global. However, I am able to access the objects just the same using the WHOIS search form at http://whois.arin.net.

It would make sense if further reassignments or allocations on these objects was restricted once they were reassigned, but it is my belief that if it's available via the public search tools, it should also be available in the API. I really don't want to have to modify my application to use both APIs in this case.

If there is no documented business rule for this restriction, could we please get it lifted?

Thanks,
--

Tim Garrison
Software Engineer III

SoftLayer, an IBM Company
315 Capitol Street Suite 205, Houston, TX 77002
281.714.4213 direct | 713.540.4325 mobile | 281.714.4657 fax | tgarrison at softlayer.com<mailto:tgarrison at softlayer.com>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-tech-discuss/attachments/20130919/8715a4db/attachment.html>