1 Purpose
2 Specification
3 Logic
4 Input parameters
5 Dictionaries
6 Request structure
7 Authorize
8 Headers
9 Request data validation
- 9.1 Validate User
- 9.2 Validate Patient
10 Response structure
11 HTTP status codes

Purpose

This method allows to find the active person's authentication methods. Any user with appropriate scope can read information about authentication method of the person.

Specification

Link	https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/persons/get-person-authentication-methods	Посилання на Apiary або Swagger
Resource	/api/persons/{{id}}/authentication_methods	Посилання на ресурс, наприклад: /api/persons/create
Scope	person:read	Scope для доступу
Components	Patient registry	Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription
Microservices	mpi/api fe/admin-web	Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC
Protocol type	REST	Тип протоколу, який використовується запитом, наприклад: SOAP \| REST
Request type	GET	Тип запиту API, наприклад: GET, POST, PATCH…
Sync/Async	Sync	Метод є синхронним чи асинхронним?
Public/Private/Internal	Public	Потрібно зазначити тип методу за ступенем доступності

Logic

Service returns primary authentication method for person or for confident person if type of authentication method = 'THIRD_PERSON':

Get authentication method by person_id from person_authentication_methods where updated_at is the newest

Input parameters

Input parameter	Values	Type	Description	Example

Input parameter	Values	Type	Description	Example
id		String	Required	030d5c41-a945-41ac-89d1-b7c6d1c226c7

Dictionaries

AUTHENTICATION_METHOD

Request structure

See on Apiary

Authorize

Verify the validity of access token
- Return (401, 'Invalid access token') in case of validation fails
Verify that token is not expired
- in case of error - return (401, 'Invalid access token')
Check user scopes in order to perform this action (scope = 'person:read')
- Return (403, 'Your scope does not allow to access this resource. Missing allowances: person:read ') in case of invalid scope(s)

Headers

Content-Type:application/json

Authorization:Bearer {{access_token}}

Api-key:{{secret}}

Request data validation

Validate User

Extract user_id from token.

Validate Patient

Get person_id from URL
Validate patient status is active (status = ‘active' & is_active = 'true’)
- in case of error - return 404 ('not found')

Response structure

Example:

{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": [
    {
      "id": "b94893f5-b66b-4431-b023-d5b5c037caef",
      "type": "THIRD_PERSON",
      "phone_number": "+38093*****85",
      "value": "34d4aca0-ee15-4d2d-9ab8-336e5ba1f9c7",
      "alias": "husband",
      "ended_at": "2020-01-10 18:23:34.217335"
    }
  ]
}

{
  "meta": {
    "code": 403,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "error": {
    "type": "forbidden",
    "message": "Such person not found"
  }
}

HTTP status codes

HTTP status code	Message	What caused the error

HTTP status code	Message	What caused the error
200	Response
401	Invalid access token	Validation error
403	Your scope does not allow to access this resource. Missing allowances: person:read Such person not found	Validation error
404		Validation error

E-Health

Get Person Authentication methods