/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)
Properties of a REST API method document
Purpose
N/A
Logic
Only authenticated and authorized HR, ADMIN, OWNER employees from MSP, OUTPATIENT, PRIMARY_CARE, EMERGENCY legal entities can get the equipment by id.
Service returns only equipment related to the same legal entity as the user. User with role NHS ADMIN can get any equipment from any legal entity.
Configuration parameters
N/A
Dictionaries
N/A
Input parameters
Input parameter | Mandatory | Type | Description | Example | |
---|---|---|---|---|---|
1 | id |
| String | Equipment identifier. Required | d290f1ee-6c54-4b01-90e6-d701748f0851 |
2 |
Request structure
See on API-specification
Headers
Request data validation
Authorize
Verify the validity of access token
Return 401 in case validation fails
Check scopes in order to perform this action (scope = 'equipment:read')
Return 403 in case invalid scope(s)
Validate equipment
Check that equipment with such ID exists in the system (is_active = true)
In case of error - return 404
Check that equipment with such ID belongs to to the same legal entity as the user OR user has NHS ADMIN role.
In case of error - return 403
Processing
N/A
Response structure examples
See on API-specification
HTTP status codes
Response code | HTTP Status code | Message | Internal name | Description | |
---|---|---|---|---|---|
1 | Базові | ||||
2 | 200 | Response |
| ||
3 | 401 |
| Access token validation failed | ||
4 | 403 |
|
| ||
5 | 404 |
| Validation failed | ||
6 | Специфічні | ||||
7 |
Post-processing processes
N/A