Update

Author: heyams

.chloggen/add_enduser_authentication_id.yaml .chloggen/add_enduser_pseudo_id.yaml

@@ -10,7 +10,7 @@ change_type: enhancement
 component: enduser
 
 # A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`).
-note: introduce new attribute `enduser.authentication.id`, replace `enduser.id` with `enduser.pseudo.id`, and deprecate `enduser.authentication.role`, and `enduser.authentication.scope`.
+note: introduce new attribute `enduser.pseudo.id`
 
 # Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
 # The values here must be integers.
@@ -20,5 +20,4 @@ issues: [1104]
 # These lines will be padded with 2 spaces and then inserted directly into the document.
 # Use pipe (|) for multiline entries.
 subtext: |
-  The new attribute `enduser.authentication.id` is intended to provide an unique identifier of an authenticated enduser.
-  The deprecated attributes `enduser.authentication.role` and `enduser.authentication.scope` are removed from the enduser registry.
+  The new attribute `enduser.pseudo.id` is intended to provide an unique identifier of an authenticated enduser.

docs/attributes-registry/enduser.md

@@ -15,7 +15,7 @@ Describes information about the end user, which can be used as a subdomain of br
 
 | Attribute | Type | Description | Examples | Stability |
 |---|---|---|---|---|
-| <a id="enduser-authentication-id" href="#enduser-authentication-id">`enduser.authentication.id`</a> | string | Unique identifier of an authenticated user in the system. | `S-1-5-21-202424912787-2692429404-2351956786-1000` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+| <a id="enduser-id" href="#enduser-id">`enduser.id`</a> | string | Unique identifier of an authenticated user in the system. | `<authenticated_user_id>` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 | <a id="enduser-pseudo-id" href="#enduser-pseudo-id">`enduser.pseudo.id`</a> | string | Pseudonymous identifier of an end user. This identifier is unique to the user but does not reveal their actual identity. | `QdH5CAWJgqVT4rOr0qtumf` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 
 ## Deprecated End User Attributes
@@ -24,6 +24,5 @@ Describes deprecated end user attributes.
 
 | Attribute | Type | Description | Examples | Stability |
 |---|---|---|---|---|
-| <a id="enduser-id" href="#enduser-id">`enduser.id`</a> | string | Deprecated, use `enduser.pseudo.id` instead. | `QdH5CAWJgqVT4rOr0qtumf` | ![Deprecated](https://img.shields.io/badge/-deprecated-red)<br>Replaced by `enduser.pseudo.id`. |
 | <a id="enduser-role" href="#enduser-role">`enduser.role`</a> | string | Actual/assumed role the client is making the request under extracted from token or application security context. | `admin` | ![Deprecated](https://img.shields.io/badge/-deprecated-red)<br>Removed. |
 | <a id="enduser-scope" href="#enduser-scope">`enduser.scope`</a> | string | Scopes or granted authorities the client currently possesses extracted from token or application security context. The value would come from the scope associated with an [OAuth 2.0 Access Token](https://tools.ietf.org/html/rfc6749#section-3.3) or an attribute value in a [SAML 2.0 Assertion](http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html). | `read:message, write:files` | ![Deprecated](https://img.shields.io/badge/-deprecated-red)<br>Removed. |

docs/general/attributes.md

@@ -396,13 +396,8 @@ These attributes may be used for any operation with an authenticated and/or auth
 
 | Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
 |---|---|---|---|---|---|
-| [`enduser.authentication.id`](/docs/attributes-registry/enduser.md) | string | Unique identifier of an authenticated user in the system. [1] | `S-1-5-21-202424912787-2692429404-2351956786-1000` | `Required` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
-| [`enduser.id`](/docs/attributes-registry/enduser.md) | string | Deprecated, use `enduser.pseudo.id` instead. | `QdH5CAWJgqVT4rOr0qtumf` | `Recommended` | ![Deprecated](https://img.shields.io/badge/-deprecated-red)<br>Replaced by `enduser.pseudo.id` attribute. |
+| [`enduser.id`](/docs/attributes-registry/enduser.md) | string | Unique identifier of an authenticated user in the system. | `<authenticated_user_id>` | `Recommended` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 | [`enduser.pseudo.id`](/docs/attributes-registry/enduser.md) | string | Pseudonymous identifier of an end user. This identifier is unique to the user but does not reveal their actual identity. | `QdH5CAWJgqVT4rOr0qtumf` | `Recommended` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
-| [`enduser.role`](/docs/attributes-registry/enduser.md) | string | Actual/assumed role the client is making the request under extracted from token or application security context. | `admin` | `Recommended` | ![Deprecated](https://img.shields.io/badge/-deprecated-red)<br>Removed. |
-| [`enduser.scope`](/docs/attributes-registry/enduser.md) | string | Scopes or granted authorities the client currently possesses extracted from token or application security context. The value would come from the scope associated with an [OAuth 2.0 Access Token](https://tools.ietf.org/html/rfc6749#section-3.3) or an attribute value in a [SAML 2.0 Assertion](http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html). | `read:message, write:files` | `Recommended` | ![Deprecated](https://img.shields.io/badge/-deprecated-red)<br>Removed. |
-
-**[1] `enduser.authentication.id`:** The `enduser.authentication.id` attribute is intended to provide an unique identifier of an authenticated enduser. The deprecated attributes `enduser.authentication.role` and `enduser.authentication.scope` are removed from the enduser registry.
 
 <!-- markdownlint-restore -->
 <!-- prettier-ignore-end -->

model/enduser/common.yaml

@@ -5,18 +5,6 @@ groups:
       These attributes may be used for any operation with an authenticated and/or authorized enduser.
     attributes:
       - ref: enduser.id
-        deprecated: Replaced by `enduser.pseudo.id` attribute.
         requirement_level: recommended
       - ref: enduser.pseudo.id
         requirement_level: recommended
-      - ref: enduser.role
-        deprecated: "Removed."
-        requirement_level: recommended
-      - ref: enduser.scope
-        deprecated: "Removed."
-        requirement_level: recommended
-      - ref: enduser.authentication.id
-        requirement_level: required
-        note: >
-          The `enduser.authentication.id` attribute is intended to provide an unique identifier of an authenticated enduser.
-          The deprecated attributes `enduser.authentication.role` and `enduser.authentication.scope` are removed from the enduser registry.

model/enduser/deprecated/registry-deprecated.yaml

@@ -4,12 +4,6 @@ groups:
     display_name: Deprecated End User Attributes
     brief: "Describes deprecated end user attributes."
     attributes:
-      - id: enduser.id
-        type: string
-        brief: 'Deprecated, use `enduser.pseudo.id` instead.'
-        stability: experimental
-        deprecated: "Replaced by `enduser.pseudo.id`."
-        examples: ['QdH5CAWJgqVT4rOr0qtumf']
       - id: enduser.role
         type: string
         deprecated: "Removed."

model/enduser/registry.yaml

@@ -5,14 +5,15 @@ groups:
     brief: >
       Describes information about the end user, which can be used as a subdomain of browser, client, or user domains.
     attributes:
+      - id: enduser.id
+        type: string
+        brief: "Unique identifier of an authenticated user in the system."
+        examples: [ '<authenticated_user_id>' ]
+        stability: experimental
       - id: enduser.pseudo.id
         type: string
         stability: experimental
         brief: >
           Pseudonymous identifier of an end user. This identifier is unique to the user but does not reveal their actual identity.
         examples: ['QdH5CAWJgqVT4rOr0qtumf']
-      - id: enduser.authentication.id
-        type: string
-        brief: "Unique identifier of an authenticated user in the system."
-        examples: [ 'S-1-5-21-202424912787-2692429404-2351956786-1000' ]
-        stability: experimental
+