Exchange oAuth Code Grant to Access Token

Purpose

This method is designed to exchange an oAuth code Grant with requested scopes for an access token

Specification

Link	https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/oauth/exchange-oauth-code-grant-to-access-token	Посилання на Apiary або Swagger
Resource	/oauth/tokens	Посилання на ресурс, наприклад: /api/persons/create
Scope	List of scopes that are required in application business logic, separated by space	Scope для доступу
Components	oAuth_system_component	Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription
Microservices	mithril/api mithril_scheduler abac/api abac_log_consumer fe/auth-web mithril/fe mithril/gatekeeper-mithril fe/admin-gatekeeper-web	Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC
Protocol type	REST	Тип протоколу, який використовується запитом, наприклад: SOAP \| REST
Request type	POST	Тип запиту API, наприклад: GET, POST, PATCH…
Sync/Async	Sync	Метод є синхронним чи асинхронним?
Public/Private/Internal	Public	Потрібно зазначити тип методу за ступенем доступності

Logic

Preconditions

API paragraph not found

Global and configuration parameters

API paragraph not found

Input parameters

Attributes

Token:

Attribute	Type	Description	Example
client_id (required)	String	Medical Service provider ID issued after legal_entity registration. Used to identify the context of the MSP/Pharmacy	6498d88e-97fb-47e2-85a5-99e884f888aa
client_secret (required)	String	Medical Information System secret key issued upon integration request. Used to identify application developer	msp-001-secret-key
code (required)	String	oAuth code grant	299383828
grant_type (required)	String	oAuth Grant Type. Currently only `authorization_code` is supported	authorization_code
redirect_uri (required)	String	URL where user will be redirected after authentification. This url will receive `code` and `state` parameters in query string	https://example.com/
scope (required)	String	List of scopes that is required in application business logic, separated by space. Different login forms will be shown based on scopes that you requested	capitation_contracts:view capitation_contracts:create patients:view patients:create

Request structure

See on Apiary

Example

Request example

{
  "token": {
    "client_id": "6498d88e-97fb-47e2-85a5-99e884f888aa",
    "client_secret": "msp-001-secret-key",
    "code": "299383828",
    "grant_type": "authorization_code",
    "redirect_uri": "https://example.com/",
    "scope": "capitation_contracts:view capitation_contracts:create patients:view patients:create"
  }
}

Authorize

Request to process the request using a token in the headers

Headers

Example:

Content-Type:application/json

X-CSRF-Token:my-csrf-token

Validation data request

API paragraph not found

Processing

API paragraph not found

Response structure

See on Apiary

Example:

{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "value": "SnNRdCtvU0tTOENBV2dLRUZwNmIzZz09",
    "user_id": "3ff33ced-69dc-415a-b231-c6446898335a",
    "name": "access_token",
    "id": "3ff33ced-69dc-415a-b231-c6446898335a",
    "expires_at": 1498749591,
    "details": {
      "scope": "capitation_contracts:view capitation_contracts:create patients:view patients:create",
      "refresh_token": "my-oauth-refresh-token",
      "redirect_uri": "https://example.com/",
      "grant_type": "authorization_code",
      "client_id": "d290f1ee-6c54-4b01-90e6-d701748f0851"
    }
  }
}

Post-processing processes

API paragraph not found

HTTP status codes

HTTP status code	Message	What caused the error
201	Response

Backward compatibility

API paragraph not found