Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Page Properties
idENT-005-011-006

ID метода

API-005-011-006-0202

Автор

Viacheslav Tybin (SoE eHealth)

Версія документа

1.0

Статус документа

Status
titledraft

Назва метода (укр.)

Отримати фактор автентифікації

Назва метода (eng.)

Get authentication factor

Короткий опис метода

Щоб бачити номер 2FA в кабінеті.

...

Note

Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.

Info

/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

Properties of a REST API method document

Document type

Метод REST API

Document title

[DRAFT] Get authentication factor [API-005-010-006-0206]

Guideline ID

GUI-0011

Author

Viacheslav Tybin (SoE eHealth)

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-005-010-006-0206

Microservices (namespace)

IL

Component

Patient Cabinet

Component ID

COM-005-010

Link на API-специфікацію

https://ehealthmisapi1.docs.apiary.io/#reference/public.-patient-cabinet/cabinet/get-authentication-factor

Resource

{{host}}/api/cabinet/authentication_factor

Scope

person:read

Protocol type

REST

Request type

GET

Sync/Async

Sync

Public/Private

Public

Purpose

This WS allows to see 2FA number via Cabinet.

Logic

Description of the working algorithm of the API method and the interaction of services with each other add Service logic (if necessary)N/A

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

Description of input N/A

Dictionaries

N/A

Input parameters

Composition object ID

Input parameter

Mandatory

Type

Description

Example

1

composition_id

 M

String ($uuid) (path)

 89678f60-4cdc-4fe3-ae83-e8b3ebd35c59

2

 

 

 

 

 

Request structure

See on API-specification (посилання на сторінку з API-специфікацією)

Description of the REST API request structure, example

Expand
titleExample
Code Block

Headers

...

Headers

...

Request data validation

...

Mandatory

...

Description

...

Example

...

Content-Type

...

application/json

...

M

...

Тип контенту

...

Content-Type:application/json

...

 Authorization

...

 Bearer {{access_token}}

...

 

...

 

...

 Authorization:Bearer {{access_token}}

Request data validation

Authorize

Request to process the request using a token in the headers.

Validate token

  • Check token existance

    • in case error return 404 - token was not found

  • Check expiration date tokens.expires_at 

    • if  tokens.expires_at < now() return 401 - access denied

  • Extract user_id from token

  • Check user scopes in order to perform this action (scope = ''person:read")

    1. Return 403 in case invalid scope(s) - "Your scope does not allow to access this resource. Missing allowances: "person:read"

Validate person

  • Check if users.is_blocked = false

    • in case error return 401 message "User blocked."

  • Check mpi.persons.status = 'active'

    • in case error return 409 message "Person is not active"

Authentication factor

  • Search authentication factor by user   

    SELECT id, type, factor, is_active, user_id FROM authentication_factors where user_id=$user_id;

Processing

A list of processes related to receiving, changing or transmitting data according to the logic defined in the REST APIN/A

Response structure examples

See on API-specification (посилання на сторінку з API-специфікацією)Description of the REST API response structure, example

Expand
titleExample
Code Block
languagejson
{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "id": "d290f1ee-6c54-4b01-90e6-d701748f0851",
    "type": "sms",
    "factor": "+380881234567",
    "is_active": true,
    "user_id": "d290f1ee-6c54-4b01-90e6-d701748f0851"
  }
}

HTTP status codes

Response code

HTTP Status code

Message

Internal name

Description

1

Базові

2

 200200

Response 

3

401

Access denied

Validation failed

4

401

User blocked

5

401

Unauthorized

 

Помилка підтвердження

65

403

Your scope does not allow to access this resource. Missing allowances: "person:read"

Validation failed

7

1000

404

Composition not found

COMPOSITION_NOT_FOUND_404

Не знайдено медичний висновок

86

404

Token was not found

Validation failed

97

409

Person is not active

Validation failed

108

Специфічні

11

 

422

Only for active MPI record can be created medication request!

 

 

9

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical N/A

Technical modules where the method is used