...

Request

Validation

Validate token

• Verify the validity of access token
  • Return 401 in case validation fails
• token is not expired
  • in case error return 401 - "Token is expired"

...

• Check if user is active
  • in case error return 403 - (user is not active)
• check nhs_legal_entity is active
  • in case error return 403 - (Client is not active)

Validate scopes

• Check user scopes in order to perform this action (scope = 'contract_requests:update')
  • Return 403 in case invalid scope(s) 

...

If status is changed to APPROVED - generate printout form

Invoke MAN to render print printuot form.

Request mapping:

...

Set IL.contract_request.printout_content:

if status was changed (status = APPROVED, DECLINED or SIGNED) - add new status to event_manager

...