...
This WS designed to create authentication method request for Patient
Specification
Authorization
Verify the validity of access token
Return (401, 'Invalid access token') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'Invalid access token')
Check user scopes in order to perform this action (scope = 'authentication_method_request:write_pis')
Return (403, 'Your scope does not allow to access this resource. Missing allowances: 'authentication_method_request:write_pis') in case of invalid scope(s)
Check that token contains person_id
in case of error - return (401, 'Invalid access token')
...
Create authentication method request in il.authentication_method_request with
status = NEW
action = INSERT
authentication_method = $authentication_method
authentication_method_current =
authentication_method_id = $authentication_method_id
channel = PIS
If OTP verification needed
Invoke Initialize OTP to generate one-time password and send it to the client number.
Search requests where person_id = person.id and authentication_method_requests.status = NEW, then
Change the status of all found authentication_method_requests to CANCELED.
If OTP verification is not needed
Search requests where person_id = person.id and authentication_method_requests.status = NEW, then
Change the status of all found authentication_method_requests to CANCELED.
Update mpi.person_authentication_methods
person’s auth method that was before becomes inactive - set
ended_at= now() (Get current date-time) and is_active = falseset new auth_method in person_auth_methods. Set fields -
type,phone_numer,alias(if it is in request)
Update authentication method request
Change entity status in il.authentication_method_request to COMPLETED
Set updated_at - now() (Get current date-time)
Render response according to specification.