| Table of Contents | ||||
|---|---|---|---|---|
|
...
Method for receiving a list of patient approvals. It is allowed only for the doctor who has an active declaration with a patient from url (can get all approvals) or approval is granted to user (can get own approval).
Filters
Filter | Values | Type | Description | Example |
|---|---|---|---|---|
patient_id | String | identifier of the patient |
| |
granted_to | String | identifier of the employee or legal entity to whom access has been granted |
| |
granted_resources | String | identifier of the entity for which the approval was created |
| |
granted_resource_type | String | entity type for which the approval was created |
| |
status | String | status of approval |
| |
reason | String | type and identifier of entity based on which approval has been created |
| |
access_level | String | access level to data |
| |
page | Number | Page number |
| |
page_size | Number | A limit on the number of objects to be returned, between 1 and 100. Default: 50 |
|
Authorize
Verify the validity of access token
Return (401, 'Invalid access token') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'Invalid access token')
Check user scopes in order to perform this action (scope = 'approval:read')
Return (403, 'Your scope does not allow to access this resource. Missing allowances: approval:read') in case of invalid scope(s)
Request to process the request using a token in the headers
Headers
Наприклад:
Content-Type:application/json
Authorization:Bearer c2778f3064753ea70de870a53795f5c9
api-key:uXhEczJ56adsfh3Ri9SUkc4en
...
Extract user_id from token.
Check user has an active declaration with a patient from URL (can get all approvals) or approval is granted to user (can get own approval: granted_to OR created_by):
Return 200 with empty array in case the employee doesn't have an active declaration with the patient or approval is granted to user
...