This process describes adding an additional authentication method to an existing person, update authentication method and delete it.
Use GET persom/{id}/ authentication_method to find authentication method' id of person
| Table of Contents |
|---|
Specification
...
| Code Block | ||
|---|---|---|
| ||
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"action": "deactivate",
"authentication_methods": {
"id": "057413fb-2c2e-4f33-b2d6-433469212744"
}
}
} |
if action = insert update
| Code Block |
|---|
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"action": "insertupdate",
"authentication_methods": {
"typeid": "THIRD_PERSON",
"value": "d12888c0-1159-4296-8f03-a592c136f673057413fb-2c2e-4f33-b2d6-433469212744",
"phone_number` alias": "f6d9a852-a339-44ac-a682-8f7a8da9cca0roksolana",
"aliasdefault": "roksolanatrue"
}
}
} |
if action = update insert
| Code Block |
|---|
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"action": "updateinsert",
"authentication_methods": {
"type": "THIRD_PERSON",
"idvalue": "057413fbd12888c0-2c2e1159-4f334296-b2d68f03-433469212744a592c136f673",
"alias"phone_number` : "roksolana+380656779678",
"defaultalias": "trueroksolana"
}
}
} |
Validate ids
Fiend value is person.id
validate person.id UUID
in case error return 422
search person by person.id in MPI
in case error return 422, "Such person doesn't exist"
Validate
...
Search auth requests by person id
To prevent requests duplication search in il.auth_method_requests.person_id = $.person_id and il.auth_method_requests.status = NEW or APPROVED, then
Change status of all found person requests:
|
Validate by actions
if action = deactivate
Field
typemust beTHIRD_PERSON. (where person_auth_method.id = $authentication_method.id)If person < 14, check that count(this auth_method, where .default=False
if action = update
validate authentication_methods.id belong to this person. Search auth
_methodsmethod of this person where MPI.person_authentication_method.person_id = $.person
_id) >=1 left.id
in case error return 422, "such authentication method does not belong to this person"
set it only for auth_method.type = THIR_PERSON
optional field
defaultmust be only = TRUE
if action = insert
if type = OTP or OFFLINE,
phone_numberis required and don’t setvalue. And fieldaliasis optional.if type = THIRD_PERSON,
valueis required and don’t setphone_number. And fieldaliasis required.validate value:
validate person.id is UUID
in case error return 422
search person by person.id in MPI
in case error return 422, "such person doesn't exist"
if action =
updatevalidate authentication_methods.id belong to this person. Search auth method of this person where MPI.person_authentication_method.person_id = $.person.idsearch person by person.id in MPI
in case error return 422, "third person must be active"
search third_person.age > 18 years:
in case error return 422, "
if the transferred method is the main one (
default= TRUE), method that had this flagdefault = TRUEnow hasdefault = FALSE- if person>18 and auth_method.type=
THIRD_PERSONcan’t setdefault= TRUEthird person must be adult"
validate third_person.auth_method !=N/A
in case error return 422, "third person must has ayjth method OTP or OFFLINE"
Generate verification code
...
Invoke Initialize OTP to generate one time password and send it to third_person number (that is added as a new auth method). At this stage, the patients receive an SMS message.Phone_numbers: mpi.person_auth_method.value, where person_id = $.third_person.id and type = OTPwhere auth_method_requests.auth_method_current = OTP. (Use function in mpi, that returm default auth method)
cURL example
|
Generate upload URL
If action = insert
...
Where auth_method_requests.auth_method
...
_current = OFFLINE
Generate URL's with type person.{$
.person_request.person.documents.[:].type} (or Generate URL's with type third_person.{$.third_person.documents.[:].type})