Versions Compared

Version Old Version 6 New Version Current
Changes made by

Aleksandra Novokhatnia

Yuliia Mazur (UA SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

Table of Contents

Purpose

This method is used when you need to re-send SMS to a person who approve creating or updating data about himself.

This method can be used to send to the same number that was sent after the Create/Update person request.
This endpoint is used to send to person’s another authentication method after Update person request. The sms is sended by default to auth_method which has field is_primary = True.
At the response of Update person request and Get by ID in the block urgent has the array of all person’s methods of authentication. There is the alias of the methods. In request of endpoint Resend auth method transfer alias and the type of authentication to send an SMS to it.

Specification

Apiary: Resend Authorization method on Person Request

Specification

Page Properties

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/person-requests/resend-authorization-otp-on-person-request

Посилання на Apiary або Swagger

Resource

/api/person_requests/{{id}}/actions/resend_otp

Посилання на ресурс, наприклад: /api/persons/create

Scope

person_request:write

Scope для доступу

Components

Patient registry

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

il/api

fe/admin-web

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

POST

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Sync

Метод є синхронним чи асинхронним?

Public/Private/Internal

Public

Input parameters

Input parameter

Values

Type

Description

Example

id

String

Required

eeebb86d-5cba-43c9-885b-6482ecaf826b

Request structure

See on Apiary

Authorize

  1. Verify the validity of access token

    • Check user scope person_request:write

...

    • in order to perform this action

...

Generate upload URL

...

    • .

Headers

  • Content-Type:application/json

  • Authorization:Bearer {{access_token}}

  • api-key:{{secret}}

Request data validation

  1. Validate auth method. Person must has auth_method.type = OTP or THIRD_PERSON( where third_person.auth_method.type =

...

  1. OTP)

...

  • Generate URL's with type person.{$.person.documents.[:].type} ( or third_person.documents[:].type)

...

  2. Check that person_request.status = NEW.

Processing

Generate verification code

Invoke Initialize OTP to generate one time password and send it to client number. At this stage, the person receives an SMS message to confirm creating or updating a person's data.

cURL example

Code Block
curl -X POST \
  http://localhost:4000/verifications \
  -H 'content-type: application/json' \
  -d '{
  "phone_number": "+380958697084"
}'

...

Make code that was generated on the creating or updating is not valid.

Change

...

Response structure
Example:
 Expand
titleResponse example
 Code Block
{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  },
  "data": {
    "id": "7d23bebb-1cf3-4221-bf21-18aada444756",
    "status": "NEW",
    "code_expired_at": "2017-07-10T12:20:16.300597Z",
    "active": true
  }
}
HTTP status codes
 Page Properties
HTTP status code
Message
What caused the error
200
 Response
 
403
Invalid scope
Validation failed
404
not_found
Validation failed
409
Auth method is not OTP
Validation failed