Versions Compared

Old Version 12

changes.mady.by.user Dmytro Omelchenko (SoE eHealth)

Saved on

compared with

New Version 13

changes.mady.by.user Dmytro Omelchenko (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Оновлено відповідно до CSI-1693.
Table of Contents

...

This method allows to find all the active person's authentication methods. Any user with appropriate scope can read information about authentication method of the person (data is taken from person_authnetication_method by person_id).

Specification

Page Properties
idAPI_Specification

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/persons/get-person-authentication-methods

Посилання на Apiary або Swagger

Resource

/api/persons/{{id}}/authentication_methods

Посилання на ресурс, наприклад: /api/persons/create

Scope

person:read

Scope для доступу

Components

Patient registry

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

mpi/api

fe/admin-web

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

GET

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Sync

Метод є синхронним чи асинхронним?

Public/Private/Internal

Public

Потрібно зазначити тип методу за ступенем доступності

Logic

Service returns primary authentication method for person or for confident person if type of authentication method = 'THIRD_PERSON':

  • Get authentication method by person_id from person_authentication_methods where updated_at is the newest

Input parameters

Input parameter

Values

Type

Description

Example

id

String

Required

030d5c41-a945-41ac-89d1-b7c6d1c226c7

...

Request structure

See on Apiary

Authorize

  • Verify the validity of access token

    • Return (401, 'Invalid access token') in case of validation fails

  • Verify that token is not expired

...

    • in case of error - return (401, 'Invalid access token')

  • Check user scopes in order to perform this action (scope = 'person:read')

    • Return (403, 'Your scope does not allow to access this resource. Missing allowances: person:read ') in case of invalid scope(s)

Headers

Content-Type:application/json

...

Api-key:{{secret}}

Request data validation

Validate

...

User

...

  • Extract user_id

...

  • validate person.id is UUID

    • in case error return 422

  • search person by person.id in MPI 

    • in case error return 422, "such person doesn't exist"

Processing

Search person’s authentication methods

Search ACTIVE (ended_at > now) person auth methods using person_id in mpi.person_authentiocation_methods.

...

  • from token.

Validate Patient

  • Get person_id from URL

  • Validate patient status is active (status = ‘active' & is_active = 'true’)

    • in case of error - return 404 ('not found')

Response structure

Example:

...

Page Properties
idAPI_HTTP status codes

HTTP status code

Message

What caused the error

200

Response

 

401

Invalid access token

Validation error

403

Such person not found

422

 Your scope does not allow to access this resource. Missing allowances: person:read

Validation error

404

 Validation error