This process describes adding an additional authentication method to an existing person.
Specification
Authorize
Verify the validity of access token
Check user scope append_auth_method:write in order to perform this action
Get global parameters
Invoke Global parameters to get following parameter:
third_person_limit
In table person_auth_methods with type = third_person > N, then error 422
cURL example
curl -X GET \ {:host}/prm/api/global_parameters |
Validate request
{ "$schema": "http://json-schema.org/draft-04/schema#", "type": "object", "properties": { "auth_method_request": { "type": "object", "properties": { "type": { "enum": [ "THIRD_PERSON" ] }, "value": { "type": "string" }, "alias": { "type": "string" } }, "required": [ "type", "phone_number", "alias" ] } } }
Validate person id
Fiend value
is person.id
validate person_id UUID
in case error return 422
search person by person_id in MPI
in case error return 422, "Such person doesn't exist"
Validate
Field type
must be third_person
.
Generate verification code
Invoke Initialize OTP to generate one time password and send it to third_person number (that is added as a new auth method). At this stage, the patients receive an SMS message.
Phone_numbers: mpi.person_auth_method.value, where person_id = $.third_person.id and type = OTP
cURL example
curl -X POST \ http://localhost:4000/verifications \ -H 'content-type: application/json' \ -d '{ "phone_number": "+380936235985" }' |