ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

Specification

Apiaryget-token-to-change-the-password
Posthttp://ehealth.edenlabllc.com/oauth/tokens

Purpose

This WS gives possibility to registered user change password to token

Request parameters

  • grant_type
  • email
  • password
  • client_id
  • scope

Validation

Validate client_id

  • Check id client_id exist in DB
    • in case error return 401, "Invalid client id."

Validate grand type

  • grant_type Check if $.grant_type in allowed_grant_types for client_id
    • in case error return 401, "Client is not allowed to issue login token."
  • validate grant_type = "password"
    • in case error return

Validate email

  • Check user with email = $.email exists in DB
    • in case error return 401, "User not found."
  • Validate user is_block flag = false
    • in case error return 401, "User blocked."

Validate psw 

  • Check $.user's password = $.password
    • in case error return 401, "Identity, password combination is wrong."

Validate scope

  • validate client_id has scope=$.scope
    • in case error return

Response

  • 201 if access_token with scope "app:authorize" created
  • 4XX in other case
  • No labels

ЕСОЗ - публічна документація