Table of Contents

Specification

Apiary

Service logic

1. Only authenticated and authorized user can use patient request
2. Service returns only patient request related to the same legal entity as the user

Authentication

1. Verify the validity of access token
   
   1. Return 401 in case validation fails
2. Check scopes in order to perform this action (scope = 'patient_request:read')
   1. Return 403 in case invalid scope(s)

...

If type= third_person` and in field `value` instead ID show confidant_person person.auth_method.value