Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.

https://e-health-ua.atlassian.net/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

1 Properties of a REST API method document
2 Purpose
3 Logic
4 Configuration parameters
5 Dictionaries
6 Input parameters
7 Request structure
8 Headers
9 Request data validation
- 9.1 Authorize
- 9.2 Validate token
- 9.3 Validate user
- 9.4 Validate scopes
10 Processing
11 Response structure examples
12 HTTP status codes
13 Post-processing processes
14 Technical modules where the method is used

Properties of a REST API method document

Document type	Метод REST API
Document title	[Document status] REST API [Назва методу] [ID методу]
Guideline ID	GUI-0011
Author	@
Document version	1
Document status	DRAFT
Date of creation	ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)
Date of update	ХХ.ХХ.ХХХХ (дата зміни версії)
Method API ID	API-005-002-002-0040
Microservices (namespace)	IL
Component	Contracts
Component ID	COM-005-002
Link на API-специфікацію	https://ehealthmisapi1.docs.apiary.io/#reference/public.-contracts/contract-request/public.-initialize-contract-request
Resource	{{host}}/api/contract_requests/{{contract_type}}
Scope	contract_request:create
Protocol type	REST
Request type	POST
Sync/Async	Sync
Public/Private	Public

Purpose

This web service allows to initialize the contract request creation by generating links for the contract_request documents upload.

Logic

Description of the working algorithm of the API method and the interaction of services with each other add Service logic (if necessary)

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

	Input parameter	Mandatory	Type	Description	Example

Input parameter

Mandatory

Type

Description

Example

1

contract_type

CAPITATION or

REIMBURSEMENT

String

Required

2

Request structure

See on API-specification

Headers

	Key	Value	Mandatory	Description	Example

	Key	Value	Mandatory	Description	Example
1	Content-Type	application/json	M	Тип контенту	Content-Type:application/json
2	Authorization	Bearer c2778f3064753ea70de870a53795f5c9	M	Перевірка користувача	Authorization:Bearer c2778f3064753ea70de870a53795f5c9
3

Request data validation

Authorize

Request to process the request using a token in the headers

Validate token

Verify the validity of access token
- Return 401 in case validation fails
Check if token is not expired
- in case error return 401 - "Token is expired"

Validate user

extract user_id from token

extract client_id from token

Check if user is active
- in case error return 403 - (user is not active)
check legal_entity is active
- in case error return 403 - (Client is not active)
Check user role is "OWNER"
- in case error return 403 "User is not allowed to perform this action"

Validate scopes

Check user scopes in order to perform this action (scope = 'contract_request:create')
- Return 403 in case invalid scope(s) "Your scope does not allow to access this resource. Missing allowances: contract_request:create"

Processing

A list of processes related to receiving, changing or transmitting data according to the logic defined in the REST API

Response structure examples

Set

field	value

field	value
$id	contract_request.id
$statute_url	link to Storage for uploading contract_request_statute
$additional_document_url	link to Storage for uploading contract_request_additional_document_url