ЕСОЗ - публічна документація

Public. Initialize Contract Request

Owned by Iryna Biiovska
Last updated: Feb 02, 2023 by Oleksandr Zhuk (SoE eHealth)
2 min read

Purpose

This web service allows to initialize the contract request creation by generating links for the contract_request documents upload.

Overview

  • Legal entity owner with  'contract_request:create' scope can initialize the contract request creation

  • WS responds with contract_request id and links that should be used for documents upload

  • After documents are uploaded, contract_request id from the response should be used for Create Contract Request WS 

Specification

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-contracts/contract-request/public.-initialize-contract-request

Посилання на Apiary або Swagger

Resource

/api/contract_requests/{{contract_type}}

Посилання на ресурс, наприклад: /api/persons/create

Scope

contract_request:create

Scope для доступу

Components

Contracts

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

API paragraph not found

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

POST

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

API paragraph not found

Метод є синхронним чи асинхронним?

Public/Private/Internal

Public

Потрібно зазначити тип методу за ступенем доступності

Input parameters

Input parameter

Values

Type

Description

Example

Input parameter

Values

Type

Description

Example

contract_type

CAPITATION or

REIMBURSEMENT

String

Required

 

Authorize

Request to process the request using a token in the headers

Headers

Наприклад:

Content-Type:application/json

Authorization:Bearer c2778f3064753ea70de870a53795f5c9

Request data validation

Validate token

  • Verify the validity of access token

    • Return 401 in case validation fails

  • Check if token is not expired

    • in case error return 401 - "Token is expired"

Validate user

extract user_id from token

extract client_id from token

  • Check if user is active

    • in case error return 403 - (user is not active)

  • check legal_entity is active

    • in case error return 403 - (Client is not active)

  • Check user role is "OWNER"

    • in case error return 403 "User is not allowed to perform this action"

Validate scopes

  • Check user scopes in order to perform this action (scope = 'contract_request:create')

    • Return 403 in case invalid scope(s) "Your scope does not allow to access this resource. Missing allowances: contract_request:create"

Response structure

Set 

field

value

field

value

$id

contract_request.id

$statute_url

link to Storage for uploading contract_request_statute

$additional_document_url

link to Storage for uploading contract_request_additional_document_url

 

Example:

{ "meta": { "code": 200, "url": "https://example.com/resource", "type": "object", "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810" }, "data": { "id": "09106b70-18b0-4726-b0ed-6bda1369fd52", "statute_url": "url://upload", "additional_document_url": "url://upload" } }

Post-processing processes

API paragraph not found

HTTP status codes

HTTP status code

Message

What caused the error

HTTP status code

Message

What caused the error

 200

 Response

 

401

  1. Error

  2. Token is expired

  1. Access token validation failed

403

  1. Error

  2. Error

  3. Your scope does not allow to access this resource. Missing allowances: contract_request:create

  4. User is not allowed to perform this action

  1. Client is not active

  2. User is not active





ЕСОЗ - публічна документація