ЕСОЗ - публічна документація
RC__Resend SMS on Device request
Purpose
This WS is designed to resend sms with OTP-code to the person’s verified phone on device request in case OTP wasn’t delivered in first time.
Key points
Only authenticated and authorized user with appropriate scope can resend SMS on Device request.
SMS with OTP-code can be resend only to person with verification_type = OTP.
SMS with OTP-code can be resend only for Device request in active status
Specification
Link | Посилання на Apiary або Swagger | |
Resource | /api/patients/{{patient_id}}/device_requests/{{device_request_id}}/actions/resend | Посилання на ресурс, наприклад: /api/persons/create |
Scope |
| Scope для доступу |
Components | Devices | Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription |
Microservices |
| Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC |
Protocol type | REST | Тип протоколу, який використовується запитом, наприклад: SOAP | REST |
Request type | GET | Тип запиту API, наприклад: GET, POST, PATCH… |
Sync/Async | Sync | Метод є синхронним чи асинхронним? |
Public/Private/Internal | Public | Потрібно зазначити тип методу за ступенем доступності |
Logic
API paragraph not found
Input parameters
Input parameter | Values | Type | Description | Example |
---|---|---|---|---|
patient_id |
| String | Unique patient identifier |
|
device_request_id |
| String | Unique device request identifier |
|
Request structure
API paragraph not found
Authorize
Verify the validity of access token
in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'device_request:resend')
return 403 (“Your scope does not allow to access this resource. Missing allowances: device_request:resend”) in case of invalid scope(s)
Headers
Content-Type:application/json
Authorization:Bearer d368a4b0-4a0e-457a-b267-32359fa6288f
Request data validation
Validations
Check if device request with device_request_id from request is exist
in case of error - return 404 (“Not found”) in case of validation fails
Validate person
Check if person with patient_id from request is exist
in case of error - return 404 (“Not found”) in case of validation fails
Check if person with patient_id from request is not preperson
in case of validation fails skip all steps below
Validate legal entity
Check that legal_entity_type is included in chart variables
ME_ALLOWED_TRANSACTIONS_LE_TYPES
config parameterin case of error return 409 "Action is not allowed for the legal entity"
Check that legal_entity has status = active
in case of error return 409 "Action is not allowed for the legal entity"
Validate device_request
Check that status = ‘active'
in case of error - return 409 error ('You can not resend SMS for device request in status %status%')
Processing
Get person's authentication_method of MPI
If authentication_method == OTP:
Generate text SMS with template
TEMPLATE_SMS_FOR_CREATE_DEVICE_REQUEST
.
Call [Transferred] SMS timeout procedure to check if resending is allowed using:
- DR_MAX_ATTEMPTS_COUNT as MAX_ATTEMPTS_COUNT
- DR_SEND_TIMEOUT as SEND_TIMEOUT
- "device_request" as entity_name
- device_request_id as entity_idin case of error - return 429 ("Sending SMS timeout. Try later. Next attempt will be available at <attempts.oldest.value + SEND_TIMEOUT>")
Send SMS to a person
Response structure
See on Apiary
Example:
Post-processing processes
API paragraph not found
HTTP status codes
HTTP status code | Message | What caused the error |
---|---|---|
202 |
|
|
ЕСОЗ - публічна документація