...

...

Purpose

...

Use this method to approve previously created Authentication method Request.

Specification

...

Page Properties

API paragraph not found Link https://uaehealthapiehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/persons/approve-authentication-method-request Resource /api/persons/{{id}}/authentication_method_requests/{{request_id}}/actions/approve Scope authentication_method_request:write Components Patient registry Microservices mpi/api fe/admin-web Protocol type API paragraph not foundREST Request type PATCH Sync/Async Sync Public/Private/Internal Public

Preconditions

...

Authentication method Request must be created.

Logic

Use this method to approve previously created Authentication method Request.

...

In case if authentication_method is OFFLINE, request body should be empty. Before approve patient's scanned documents should be uploaded to the (Signed URL's). All links are generated for one one-page document in jpeg format. Document should be no more than 10MB.

Confluence - https://e-health-ua.atlassian.net/wiki/x/G4DJJ

Input parameters

Request structure

...

See on Apiary

Example:

Expand
title Request example
Code Block { "verification_code": 7489 }

Authorize

...

1. Verify the validity of access token

   1. Return 401 in case validation fails

2. Check scopes in order to perform this action (scope = 'authentication_method_request:write')

   1. Return 403 in case invalid scope(s)

Request to process the request using a token in the headers

Headers

...

Наприклад:

• Content-Type:application/json

• Authorization:Bearer c2778f3064753ea70de870a53795f5c9api{{access_token}}

• Api-key:uXhEczJ56adsfh3Ri9SUkc4en{{secret}}

Request data validation

...

Check if Person should be sent for verification*

...

1. validate auth_method_request.auth_method_current:

   1. If auth_method_request.auth_method_current = OTP - Verificate sms (Invoke verification module to verify OTP (OTP Verification))

   2. If auth_method_request.auth_method_current = OFFLINE - verificate download documents

2. If il.authentication_method_request.authentication_method.type = OFFLINE

   1. verificate download documents

3. if type = THIRD_PERSON, set

   1. value = il.authentication_method_request.authentication_method.value

   2. alias = il.authentication_method_request.authentication_method.alias

   3. Start date: start_date = Current_date()

   4. End date:

      Code Block
      if (person.age < 14) { end_date =birth_date + no_self_auth_age - 1d;} else {  end_date = start_date + third_person_term;}

       

4. Update authentication method request

   1. Change entity status in IL_DB.authentication_method_request to COMPLETED

   2. Set updated_at - now() (Get current date-time)

   3. Set updated_by - user_id (Extract user from token)

5. Update mpi.person_asuthentication_methods

   1. If active il.authentication_method_request.authentication_method.type = OTP or OFFLINE or NA,

      1. person’s auth method that was before becomes inactive - set ended_at = now() (Get current date-time)

      2. set new auth_method in person_auth_methods. Set fields - type,phone_numer, alias(if it is in request)

6. If il.authentication_method_request.authentication_method.type = THIRD_PERSON

   1. Add to table person_auth_methods row with type = third_person. Set fields - type,value, alias, ended_at,started_at

Processing

...

Send Person to verification process

...

• If $.authenticationMethod.type = OFFLINE and action = insert then (
  verification is needed

  • Set MPI.persons.verification_status = VERIFICATION_NEEDED and

  • Set MPI.persons.verification_reason = AUTO and

  • Create StateChangeEvent in event manager with new verification status )

• elseif $.authenticationMethod.type = OTP and action = insert and MPI.persons.verification_status != VERIFIED
  then (
  checking Rule 02-05

  • if (Person's age >= no_self_auth_age and no_tax_id = true) or
    (Person's age >= no_self_auth_age and Person’s tax_id is invalid: not match with birth date or gender or checksum) or
    (Person’s age < no_self_auth_age and has document with type BIRTH_CERTIFICATE_FOREIGN) or (Person’s age >= no_self_auth_age and has document with type PERMANENT_RESIDENCE_PERMIT) then
    manual verification is needed

    • Set MPI.persons.verification_status = VERIFICATION_NEEDED and

    • Set MPI.persons.verification_reason = RULES_TRIGGERED and

    • Create StateChangeEvent in event manager with new verification status

  • else
    person will be verified with Registers

    • Set MPI.persons.verification_status = VERIFICATION_NEEDED and

    • Set MPI.persons.verification_reason = RULES_PASSED and

    • Set MPI.persons.verification_comment = NULL and

    • Create StateChangeEvent in event manager with new verification status

)

Response structure

...

See on Apiary

Example:

Expand
title Response example
Code Block { "meta": { "code": 201, "url": "https://example.com/resource", "type": "object", "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810" }, "data": { "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b", "status": "COMPLETED", "channel": "MIS" } }

Expand
title Response example
Code Block { "meta": { "code": "422", "url": "https://example.com/resource", "type": "object", "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810" }, "error": { "type": "request_malformed", "message": "This doctor has X declarations and could not sign more" } }

Post-processing processes*

API paragraph not found

HTTP status codes

...

Page Properties
HTTP status code Message What caused the error  201    Completed  422     This doctor has X declarations and could not sign more   Request is malformed