ЕСОЗ - публічна документація

Approve authentication method request

Owned by Aleksandra Novokhatnia (Unlicensed)
Last updated: Mar 20, 2023 by Dmytro Omelchenko (SoE eHealth)
3 min read

Purpose

Use this method to approve previously created Authentication method Request.

Specification

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/persons/approve-authentication-method-request

Resource

/api/persons/{{id}}/authentication_method_requests/{{request_id}}/actions/approve

Scope

authentication_method_request:write

Components

Patient registry

Microservices

mpi/api

fe/admin-web

Protocol type

REST

Request type

PATCH

Sync/Async

Sync

Public/Private/Internal

Public

Preconditions

Authentication method Request must be created.

Logic

Use this method to approve previously created Authentication method Request.

In case if person's or third person's authent authentication_method is OTP, request example:

{ "verification_code": 7590 }

In case if authentication_method is OFFLINE, request body should be empty. Before approve patient's scanned documents should be uploaded to the (Signed URL's). All links are generated for one one-page document in jpeg format. Document should be no more than 10MB.

Input parameters

Input parameter

Values

Type

Description

Example

Input parameter

Values

Type

Description

Example

id

 

String

Person identifier

b075f148-7f93-4fc2-b2ec-2d81b19a9b7b

request_id

 

String

Request identifier

1096f147-7f93-3fc6-bddc-9d71b198fb7f

Request structure

See on Apiary

Example:

{ "verification_code": 7489 }

Authorize

  1. Verify the validity of access token

    1. Return 401 in case validation fails

  2. Check scopes in order to perform this action (scope = 'authentication_method_request:write')

    1. Return 403 in case invalid scope(s)

Request to process the request using a token in the headers

Headers

  • Content-Type:application/json

  • Authorization:Bearer {{access_token}}

  • Api-key:{{secret}}

Request data validation

Check if Person should be sent for verification*

  • - please note,

(GraphQL) Create auth method refers to this validation.

Rules for validation of Persons

  1. Person has OFFLINE auth method (check in Request)

  2. Person's age >= no_self_auth_age and no_tax_id = true (check in DB)

  3. Person's age >= no_self_auth_age and Person’s tax_id is invalid: not match with birth date and gender (check in DB)

  4. Person’s age < no_self_auth_age and has document with type BIRTH_CERTIFICATE_FOREIGN (check in DB)

  5. Person’s age >= no_self_auth_age and has document with type PERMANENT_RESIDENCE_PERMIT (check in DB)

action = deactivate

  1. validate auth_method_request.auth_method_current:

    1. If auth_method_request.auth_method_current = OTP - Verificate sms (Invoke verification module to verify OTP (OTP Verification))

    2. If auth_method_request.auth_method_current = OFFLINE - verificate download documents ( Media Content Storage)

  2. Update authentication method request

    1. Change entity status in IL_DB.authentication_method_request to COMPLETED

    2. Set updated_at - now() (Get current date-time)

    3. Set updated_by - user_id (Extract user from token)

  3. Update mpi.person_authentication_method:

    1. set ended_at = now() (Get current date-time)

action = update

  1. validate auth_method_request.auth_method_current:

    • If auth_method_request.auth_method_current = OTP - Verificate sms (Invoke verification module to verify OTP (OTP Verification))

    • If auth_method_request.auth_method_current = OFFLINE - verificate download documents

  2. Update authentication method request

    1. Change entity status in IL_DB.authentication_method_request to COMPLETED

    2. Set updated_at - now() (Get current date-time)

    3. Set updated_by - user_id (Extract user from token)

  3. Update mpi.person_authentication_method:

    1. set alias (if it passed in request)

action = insert

  1. validate auth_method_request.auth_method_current:

    1. If auth_method_request.auth_method_current = OTP - Verificate sms (Invoke verification module to verify OTP (OTP Verification))

    2. If auth_method_request.auth_method_current = OFFLINE - verificate download documents

  2. If il.authentication_method_request.authentication_method.type = OFFLINE

    1. verificate download documents

  3. if type = THIRD_PERSON, set

    1. value = il.authentication_method_request.authentication_method.value

    2. alias = il.authentication_method_request.authentication_method.alias

    3. Start date: start_date = Current_date()

    4. End date:

      if (person.age < 14) { end_date =birth_date + no_self_auth_age - 1d;} else {  end_date = start_date + third_person_term;}

       

  4. Update authentication method request

    1. Change entity status in IL_DB.authentication_method_request to COMPLETED

    2. Set updated_at - now() (Get current date-time)

    3. Set updated_by - user_id (Extract user from token)

  5. Update mpi.person_asuthentication_methods

    1. If active il.authentication_method_request.authentication_method.type = OTP or OFFLINE or NA,

      1. person’s auth method that was before becomes inactive - set ended_at = now() (Get current date-time)

      2. set new auth_method in person_auth_methods. Set fields - type,phone_numer, alias(if it is in request)

  6. If il.authentication_method_request.authentication_method.type = THIRD_PERSON

    1. Add to table person_auth_methods row with type = third_person. Set fields - type,value, alias, ended_at,started_at

Processing

Send Person to verification process

checking Rule 01

  • If $.authenticationMethod.type = OFFLINE and action = insert then (
    verification is needed

    • Set MPI.persons.verification_status = VERIFICATION_NEEDED and

    • Set MPI.persons.verification_reason = AUTO and

    • Create StateChangeEvent in event manager with new verification status )

  • elseif $.authenticationMethod.type = OTP and action = insert and MPI.persons.verification_status != VERIFIED
    then (
    checking Rule 02-05

    • if (Person's age >= no_self_auth_age and no_tax_id = true) or
      (Person's age >= no_self_auth_age and Person’s tax_id is invalid: not match with birth date or gender or checksum) or
      (Person’s age < no_self_auth_age and has document with type BIRTH_CERTIFICATE_FOREIGN) or (Person’s age >= no_self_auth_age and has document with type PERMANENT_RESIDENCE_PERMIT) then
      manual verification is needed

      • Set MPI.persons.verification_status = VERIFICATION_NEEDED and

      • Set MPI.persons.verification_reason = RULES_TRIGGERED and

      • Create StateChangeEvent in event manager with new verification status

    • else
      person will be verified with Registers

      • Set MPI.persons.verification_status = VERIFICATION_NEEDED and

      • Set MPI.persons.verification_reason = RULES_PASSED and

      • Set MPI.persons.verification_comment = NULL and

      • Create StateChangeEvent in event manager with new verification status

)

Response structure

See on Apiary

Example:

{ "meta": { "code": 201, "url": "https://example.com/resource", "type": "object", "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810" }, "data": { "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b", "status": "COMPLETED", "channel": "MIS" } }

 

 

 

HTTP status codes

HTTP status code

Message

What caused the error

HTTP status code

Message

What caused the error

 201

 

Completed

 422

 This doctor has X declarations and could not sign more

  Request is malformed

 

 

 

ЕСОЗ - публічна документація