...

• Verify the validity of access token

  • Return (401, 'Invalid access token') in case of validation fails

• Verify that token is not expired

  • in case of error - return (401, 'Invalid access token')

• Check user scopes in order to perform this action (scope = 'service_request:read')

  • Return (403, 'Your scope does not allow to access this resource. Missing allowances: service_request:read') in case of invalid scope(s)

Access to the resource is also managed by https://e-health-ua.atlassian.net/wiki/spaces/EH/pages/17347479829/RC+REHAB+ABAC+rules .

Headers

Наприклад:

• Content-Type:application/json

• Authorization:Bearer mF_9.B5f-4.1JqM

• api-key:aFBLVTZ6Z2dON1V

...