Versions Compared

Old Version 5

changes.mady.by.user Kateryna Yakovleva

Saved on

compared with

New Version Current

changes.mady.by.user Anastasiia Prokhorova (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Автор
Page Properties
idENT-005-011-006

ID метода

API-005-011-006-0202

Note

Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.

Info

/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

Properties of a REST API method document

Document type

Метод REST API

Document title

[DRAFT] Get authentication factor [API-005-010-006-0206]

Guideline ID

GUI-0011

Author

Viacheslav Tybin (SoE eHealth)

...

Версія документа

...

1.0

...

Статус документа

...

Status
titledraft

...

Назва метода (укр.)

...

Отримати фактор автентифікації

...

Назва метода (eng.)

...

Get authentication factor

...

Короткий опис метода

...

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-005-010-006-0206

Microservices (namespace)

IL

Component

Patient Cabinet

Component ID

COM-005-010

Link на API-специфікацію

https://ehealthmisapi1.docs.apiary.io/#reference/public.-patient-cabinet/cabinet/get-authentication-factor

Resource

{{host}}/api/cabinet/authentication_factor

Scope

person:read

Protocol type

REST

Request type

GET

Sync/Async

Sync

Public/Private

Public

Purpose

This WS allows to see 2FA number via Cabinet.

Logic

N/A

Configuration parameters

N/A

Dictionaries

N/A

Input parameters

Input parameter

Mandatory

Type

Description

Example

1

2

 

 

 

 

 

Request structure

See on API-specification

Expand
titleExample
Code Block
Headers
Headers 
Request data validation
Authorize
Request to process the request using a token in the headers.
Validate token
  • Check token existance
    • in case error return 404 - token was not found
  • Check expiration date tokens.expires_at 
    • if  tokens.expires_at < now() return 401 - access denied
  • Extract user_id from token
  • Check user scopes in order to perform this action (scope = ''person:read")
    1. Return 403 in case invalid scope(s) - "Your scope does not allow to access this resource. Missing allowances: "person:read"
Validate person
  • Check if users.is_blocked = false
    • in case error return 401 message "User blocked."
  • Check mpi.persons.status = 'active'
    • in case error return 409 message "Person is not active"
Authentication factor
  • Search authentication factor by user   
    SELECT id, type, factor, is_active, user_id FROM authentication_factors where user_id=$user_id;
Processing
N/A
Response structure examples
See on API-specification
 Expand
titleExample
 Code Block
languagejson
{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "id": "d290f1ee-6c54-4b01-90e6-d701748f0851",
    "type": "sms",
    "factor": "+380881234567",
    "is_active": true,
    "user_id": "d290f1ee-6c54-4b01-90e6-d701748f0851"
  }
}
HTTP status codes
Response code
HTTP Status code
Message
Internal name
Description
1
Базові
2
200
Response
3
401
Access denied
4
401
User blocked
 
5
403
Your scope does not allow to access this resource. Missing allowances: "person:read"
Validation failed
6
404
Token was not found
Validation failed
7
409
Person is not active
Validation failed
8
Специфічні
9
Post-processing processes
N/A
Technical modules where the method is used
Название
ID ТМ
Статус
/wiki/spaces/ESOZ/pages/17378181218
TM0112
/wiki/spaces/YK/pages/17837688354