ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

This process describes adding an additional authentication method to an existing person.

Specification

Apiary

Authorize

  1. Verify the validity of access token

    • Check user scope append_auth_method:write in order to perform this action

Get global parameters

Invoke Global parameters to get following parameter:

  • third_person_limit

In table person_auth_methods with type = third_person > N, then error 422

cURL example

curl -X GET \
  {:host}/prm/api/global_parameters

Validate request

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "auth_method_request": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "THIRD_PERSON"
          ]
        },
        "value": {
          "type": "string"
        },
        "alias": {
          "type": "string"
        }
      },
      "required": [
        "type",
        "phone_number",
        "alias"
      ]
    }
  }
}

Validate person id

Fiend value is person.id

  • validate person_id UUID

    • in case error return 422

  • search person by person_id in MPI 

    • in case error return 422, "Such person doesn't exist"

Validate

Field type must be third_person.

Generate verification code

Invoke Initialize OTP to generate one time password and send it to third_person number (that is added as a new auth method). At this stage, the patients receive an SMS message.

Phone_numbers: mpi.person_auth_method.value, where person_id = $.third_person.id and type = OTP

cURL example

curl -X POST \
  http://localhost:4000/verifications \
  -H 'content-type: application/json' \
  -d '{
  "phone_number": "+380936235985"
}'
  • No labels