ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 5 Next »

Specification

Apiary

Authorize user

  1. Verify the validity of access token

    1. Return 401 in case validation fails

  2. Check scopes in order to perform this action (scope = 'append_auth_method:write')

    1. Return 403 in case invalid scope(s)

Logic

  • If IL_DB.authentication_method_request.status = NEW:

  1. Verificate sms - from third_person. Invoke verification module to verify OTP (OTP Verification) or verificate documents, if third_person.auth_method.type = OFFLINE

  2. Invoke Initialize OTP to generate one time password and send it to person number( Phone_number: mpi.person_auth_method.phone_number, where person_id = $.person_id and default=True). At this stage, the patients receive an SMS message.

  3. At response return massive of person’s auth_method

  4. Update authentication method request

    1. Change entity status in IL_DB.authentication_method_request to APPROVED

    2. Set updated_at - now() (Get current date-time)

    3. Set updated_by - user_id (Extract user from token)

  • If IL_DB.authentication_method_request.status = APPROVED:

  1. Verificate sms - from person. Invoke verification module to verify OTP (OTP Verification)

  2. Update mpi

    1. Add to table person_auth_methods row with type = third_person

  • No labels

ЕСОЗ - публічна документація