/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

Properties of a REST API method document

Document type	Метод REST API
Document title	[DRAFT] Get authentication factor [API-005-010-006-0206]
Guideline ID	GUI-0011
Author	Viacheslav Tybin (SoE eHealth)
Document version	1
Document status	DRAFT
Date of creation	ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)
Date of update	ХХ.ХХ.ХХХХ (дата зміни версії)
Method API ID	API-005-010-006-0206
Microservices (namespace)	IL
Component	Patient Cabinet
Component ID	COM-005-010
Link на API-специфікацію	https://ehealthmisapi1.docs.apiary.io/#reference/public.-patient-cabinet/cabinet/get-authentication-factor
Resource	{{host}}/api/cabinet/authentication_factor
Scope	person:read
Protocol type	REST
Request type	GET
Sync/Async	Sync
Public/Private	Public

Purpose

This WS allows to see 2FA number via Cabinet.

Logic

N/A

Configuration parameters

N/A

Dictionaries

N/A

Input parameters

	Input parameter	Mandatory	Type	Description	Example
1
2

Request structure

See on API-specification

Example

Headers

Request data validation

Authorize

Request to process the request using a token in the headers.

Validate token

Check token existance
- in case error return 404 - token was not found
Check expiration date tokens.expires_at
- if tokens.expires_at < now() return 401 - access denied
Extract user_id from token
Check user scopes in order to perform this action (scope = ''person:read")
1. Return 403 in case invalid scope(s) - "Your scope does not allow to access this resource. Missing allowances: "person:read"

Validate person

Check if users.is_blocked = false
- in case error return 401 message "User blocked."
Check mpi.persons.status = 'active'
- in case error return 409 message "Person is not active"

Authentication factor

Search authentication factor by user
SELECT id, type, factor, is_active, user_id FROM authentication_factors where user_id=$user_id;

Processing

N/A

Response structure examples