Orange API Specific Terms for Authentication France API
Service Provider: Orange SA, with registered address located at 78, rue Olivier de Serres, 75015 Paris, France (VAT registered: France 89 380 129 866) (“Orange”)
Version number: 1.0
Date: March, 23 2016
1. AUTHENTICATION FRANCE API DESCRIPTION
Authentication France API gives access to Orange authentication allowing End-Users to authenticate and to use the service of your API Client, as defined in section 1 of the Orange APIs General Terms. Authentication France allows to authenticate End-Users located in France only.
Authentication France API is provided by Orange for free. New pricing may be introduced by Orange at any time, in accordance with the provisions of section 7 of the Orange APIs General Terms.
3. CONTRACTUAL DOCUMENTS
The Terms, as defined in section 1 of the Orange APIs General Terms, consist of (i) such Orange APIs General Terms and (ii) these Orange API Specific Terms for Authentication France API. In case of any discrepancy between the Orange APIs General Terms and these Orange API Specific Terms, the latter shall prevail.
4. SPECIFIC CONDITIONS OF AUTHENTICATION FRANCE API
4.1. Service Availability. Orange will use its best efforts to provide Authentication France API with reasonable care and skill. Orange will grant no guarantee or warranty with respect to Authentication France API. In addition, Orange informs You that Authentication France API may be subject to (i) suspension at any time for technical or operational reasons (in particular but not limited to maintenance operation) or (ii) removal for indefinite periods of time for any reasons or events that are not under the direct or indirect control of Orange.
4.2. Prerequisite with respect to End-Users. To use Authentication France API, You must ensure that End-Users have access to the internet or mobile network, stated that the relevant access fees (including roaming fees or costs) are the liability of End-Users. You are informed that End-Users must have all necessary equipment, including a computer or a smartphone, a modem or any other connection tool to enable them to be connected to the internet or mobile network.
4.3. Authentication France API allows End-Users to authenticate in order to access the service of your API Client, by using their Orange internet and/or mobile user account.
Authentication France API can be used:
- to get the required information to be able to use the APIs requiring an “access_token” (OpenId Connect);
- to perform identity federation.
When End-Users will first access the service of your API Client requiring the Authentication France API, they must be authenticated by the Authentication France API. In some cases, End-Users will be authenticated implicitly or will be forced to authenticate explicitly through the Orange authentication form.
When the authentication is valid, Authentication France API displays a page called “Notice of Consent” corresponding to the “scope” requested. Through this Notice of Consent, the End-User, that has been authenticated by Orange, will have the choice to accept (or not) to grant access to his data provided through other APIs.
The End-User can revoke at any time the permissions given to your API Client at the address: https://openid.orange.fr/oidc/permissions.
You can implement identity federation using the “id token” and in particular the “sub” value, unique for an End-User.
4.4. Grant of Rights to Use. Orange retains all right, title and interest in and to Intellectual Property Rights related to Authentication France API and You are granted a limited right to use Authentication France API under section 3 of the Orange APIs General Terms.
4.5. End-Users Rights. You undertake to make available to End-Users, who have agreed to use Authentication France API, (i) any and all evidences to enable them to claim their rights and (ii) the terms of changing their consent to the use of Authentication FR API.
4.6. End-Users Choice. Orange will cease to authenticate any End-User using Authentication France API, when such End-User chooses to be no longer authenticated by Orange and as soon as possible after receipt of such End-User’s request by Orange and (if applicable) no later than the deadlines required by the relevant laws and regulations.
Authentication data are considered as personal data. You represent and warrant that You comply with the relevant laws and regulations (in particular but not limited to the process and retention) that apply to personal data and privacy with respect to End-Users using Authentication France API . You further represent and warrant that You will NOT store any authentication data, that Orange provides You with, beyond the time necessary for the use of the service of your API Client.
5. ORANGE BRANDS, DESIGN RULES AND GRAPHIC RESOURCES
The ORANGE brand and any trademarks, brands or logos owned by Orange (the “Brands”) are subject to exclusive rights and You are granted a limited right to use the Brands under section 13 of the Orange APIs General Terms. When Orange makes available, on Orange Developer website (developer.orange.com), (i) some rules with regard to, with no limitation, design, use of the Brands, (the “Design Rules”) and (ii) some graphic resources (such as buttons, error messages, the Brands) (the “Graphic Resources”), You undertake to fully comply with such Design Rules and Graphic Resources.
Any non-compliance with section 13 of the Orange APIs General Terms, the Design Rules and/or the Graphic Resources may constitute a material breach of these Specific Terms. Therefore, Orange may either suspend these Specific Terms until You fully comply with the Design Rules and the Graphic Resources, or terminate these Specific Terms if You do not fully comply with the Design Rules and the Graphic Resources within a reasonable time.
6. CONDITIONS OF WITHDRAWAL OF AUTHENTICATION FRANCE API
Notwithstanding section 9 of the Orange APIs General Terms, Orange will inform You of the termination of Authentication France API one-month in advance of the date of the termination, without prejudice of any claim for damages.