Versions Compared

Old Version 5

changes.mady.by.user Dmytro Kulibaba

Saved on

compared with

New Version 6

changes.mady.by.user Dmytro Kulibaba

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel7

...

This method is designed to exchange an oAuth code Grant with requested scopes for an access token

Specification

...

Page Properties
idAPI_Specification

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/oauth/exchange-oauth-code-grant-to-access-token

Посилання на Apiary або Swagger

Resource

/oauth/tokens

Посилання на ресурс, наприклад: /api/persons/create

Scope

List of scopes that are required in application business logic, separated by space

...

Components

...

Auth

Scope для доступу

Components

oAuth_system_component

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

API paragraph not found

...

Using Microservices

...

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

POST

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Sync

Метод є синхронним чи асинхронним?

Public/Private/Internal

Public

Потрібно зазначити тип методу за ступенем доступності

Logic

...

Preconditions

oAuth code Grant has been obtainedAPI paragraph not found

Global and configuration parameters

...

Attribute

Values

Type

Description

Example

client_id

(required)

String

Medical Service provider ID issued after legal_entity registration. Used to identify the context of the MSP/Pharmacy

6498d88e-97fb-47e2-85a5-99e884f888aa

client_secret

(required)

String

Medical Information System secret key issued upon integration request. Used to identify application developer

msp-001-secret-key

code

(required)

String

oAuth code grant

299383828

grant_type

(required)

String

oAuth Grant Type. Currently only authorization_code is supported

authorization_code

redirect_uri

(required)

String

URL where user will be redirected after authentification. This url will receive code and state parameters in query string

https://example.com/

scope

(required)

String

List of scopes that is required in application business logic, separated by space. Different login forms will be shown based on scopes that you requested

capitation_contracts:view capitation_contracts:create patients:view patients:create

...

Expand
titleRequest example
Code Block
curl --include \
     --request POST \
     --header "Content-Type: application/json" \
     --header "X-CSRF-Token: my-csrf-token" \
     --data-binary "{
  \"token\": {
    \"client_id\": \"6498d88e-97fb-47e2-85a5-99e884f888aa\",
    \"client_secret\": \"msp-001-secret-key\",
    \"code\": \"299383828\",
    \"grant_type\": \"authorization_code\",
    \"redirect_uri\": \"https://example.com/\",
    \"scope\": \"capitation_contracts:view capitation_contracts:create patients:view patients:create\"
  }
}" \
'http://ehealth.com/oauth/tokens'

Authorize

API paragraph not found

Headers

Example

...

titleHeader example

...

:

Content-Type:

...

application/json

...

X-CSRF-Token:

...

my-csrf-token

Validate request (JSON schema)

API paragraph not found

Validation data request

API paragraph not found

...

Code Block
{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "value": "SnNRdCtvU0tTOENBV2dLRUZwNmIzZz09",
    "user_id": "3ff33ced-69dc-415a-b231-c6446898335a",
    "name": "access_token",
    "id": "3ff33ced-69dc-415a-b231-c6446898335a",
    "expires_at": 1498749591,
    "details": {
      "scope": "capitation_contracts:view capitation_contracts:create patients:view patients:create",
      "refresh_token": "my-oauth-refresh-token",
      "redirect_uri": "https://example.com/",
      "grant_type": "authorization_code",
      "client_id": "d290f1ee-6c54-4b01-90e6-d701748f0851"
    }
  }
}

...

HTTP status code

Message

What caused the error

201

Response

 

Backward compatibility

API paragraph not found

...