...

Endpoints used for integration is described here

Sequence diagram

Image RemovedImage Added

https://sequencediagram.org

Auth Flow

Front-end: ReCaptcha validation

...

1. Search user in users table by tax_id
   1. if user found:
      1. Search person in MPI by user.person_id
      2. if person found → /wiki/spaces/EH/pages/583403011
      3. if person not found → continue registration
   2. if user not found → continue registration
2. Create UserRequest with tax_id, first_name, last_name, email fields in temporary DB
3. Generate JWT with UserRequest id (user_request_id)
4. Redirects to Front-end Sign-Up page with JWT

...

Process of person creation with id.gov.ua is very close to Sign Up 2.3 MPI/User Create/Update/wiki/spaces/PCAB/pages/583402002

The difference is that the form data is not signed and users personal data should be verified using UserRequest in Mithril, and not with DS

1. Validate JWT expiration and claim
   1. if JWT is invalid - return 401 error
2. Get user_request_id from JWT
3. Get UserRequest from Mithril (Apiary)
   1. if UserRequest expired or not found - return 409 error
4. Ignore preferred_way_communication from input and set it to phone
5. Validate Form input via Json Schema (described in Sign Up 2.3 MPI/User Create/Update/wiki/spaces/PCAB/pages/583402002)
6. Create User in MPI (described in Sign Up 2.3 MPI/User Create/Update/wiki/spaces/PCAB/pages/583402002)
7. Create Token for Consent dialog
8. Send back created User, Patient and Token 

...