ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Purpose

This method is designed to exchange an oAuth code Grant with requested scopes for an access token

Specification

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/oauth/exchange-oauth-code-grant-to-access-token

Посилання на Apiary або Swagger

Resource

/oauth/tokens

Посилання на ресурс, наприклад: /api/persons/create

Scope

List of scopes that are required in application business logic, separated by space

Scope для доступу

Components

oAuth_system_component

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

API paragraph not found

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

POST

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Sync

Метод є синхронним чи асинхронним?

Public/Private/Internal

Public

Потрібно зазначити тип методу за ступенем доступності

Logic

Preconditions

API paragraph not found

Global and configuration parameters

API paragraph not found

Input parameters

Attributes

Token:

Attribute

Values

Type

Description

Example

client_id

(required)

String

Medical Service provider ID issued after legal_entity registration. Used to identify the context of the MSP/Pharmacy

6498d88e-97fb-47e2-85a5-99e884f888aa

client_secret

(required)

String

Medical Information System secret key issued upon integration request. Used to identify application developer

msp-001-secret-key

code

(required)

String

oAuth code grant

299383828

grant_type

(required)

String

oAuth Grant Type. Currently only authorization_code is supported

authorization_code

redirect_uri

(required)

String

URL where user will be redirected after authentification. This url will receive code and state parameters in query string

https://example.com/

scope

(required)

String

List of scopes that is required in application business logic, separated by space. Different login forms will be shown based on scopes that you requested

capitation_contracts:view capitation_contracts:create patients:view patients:create

Filters

None

Request structure

See on Apiary

Example

 Request example
{
  "token": {
    "client_id": "6498d88e-97fb-47e2-85a5-99e884f888aa",
    "client_secret": "msp-001-secret-key",
    "code": "299383828",
    "grant_type": "authorization_code",
    "redirect_uri": "https://example.com/",
    "scope": "capitation_contracts:view capitation_contracts:create patients:view patients:create"
  }
}

Authorize

API paragraph not found

Headers

Example:

Content-Type:application/json

X-CSRF-Token:my-csrf-token

Validation data request

API paragraph not found

Processing

API paragraph not found

Response structure

See on Apiary

Example:

{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "value": "SnNRdCtvU0tTOENBV2dLRUZwNmIzZz09",
    "user_id": "3ff33ced-69dc-415a-b231-c6446898335a",
    "name": "access_token",
    "id": "3ff33ced-69dc-415a-b231-c6446898335a",
    "expires_at": 1498749591,
    "details": {
      "scope": "capitation_contracts:view capitation_contracts:create patients:view patients:create",
      "refresh_token": "my-oauth-refresh-token",
      "redirect_uri": "https://example.com/",
      "grant_type": "authorization_code",
      "client_id": "d290f1ee-6c54-4b01-90e6-d701748f0851"
    }
  }
}

Post-processing processes

API paragraph not found

HTTP status codes

HTTP status code

Message

What caused the error

201

Response

 

Backward compatibility

API paragraph not found

  • No labels