This process describes adding an additional authentication method to an existing person.
Specification
Apiary
Authorize
Verify the validity of access token
Check user scope append_auth_method:write in order to perform this action
Get global parameters
Invoke Global parameters to get following parameter:
third_person_limit
In table person_auth_methods with type = third_person > N, then error 422
cURL example
curl -X GET \
{:host}/prm/api/global_parameters
|
Validate request
{
"$schema": "http://json-schema.org/append_auth_method/schema#",
"type": "object",
"properties": {
"person_id": {
"type": "string"
},
"third_person": {
"id": {
"type": "string"
},
"alias": {
"type": "string"
},
"required": [
"id",
"alias"
]
},
"required": [
"person_id",
"third_person"
]
}
}
Validate person id
validate person_id, third_person_id UUID
in case error return 422
search person by person_id, third_person_id in MPI
in case error return 422, "Such person doesn't exist"
Generate verification code
Invoke Initialize OTP to generate one time two passwords and send it to person number and third_person number. At this stage, the patients receive an SMS messages to confirm this two phone and the consent to add new auth method to person
Phone_numbers:
mpi.person_auth_method.value, where person_id = $.person_id and id_primary=True
mpi.person_auth_method.value, where person_id = $.third_person.id and type = OTP
cURL example
curl -X POST \
http://localhost:4000/verifications \
-H 'content-type: application/json' \
-d '{
"phone_number": "+380936235985"
}'
|