...

...

...

...

...

...

Specification

Apiary

Service logic

1. Only authenticated and authorized user can use person requests

2. Service returns only person requests related to the same legal entity as the user

Authentication

1. Verify the validity of access token
   

   1. Return 401 in case validation fails

2. Check scopes in order to perform this action (scope = 'person_request:read')

   1. Return 403 in case invalid scope(s)

Prepare response

Service returns only person requests related to the same legal entity as the user

1. Extract client_id from token

2. Return entries filtered by client_id and query params