ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Purpose

This method is designed to exchange an oAuth code Grant with requested scopes for an access token

Specification

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/oauth/exchange-oauth-code-grant-to-access-token

Resource

/oauth/tokens

Scope

List of scopes that are required in application business logic, separated by space

Components

Auth

Using Dictionaries

API paragraph not found

Using Microservices

API paragraph not found

Protocol type

REST

Request type

POST

Sync/Async

Sync

Logic

Preconditions

oAuth code Grant has been obtained

Global and configuration parameters

API paragraph not found

Input parameters

Attributes

Token:

Attribute

Values

Type

Description

Example

client_id

(required)

String

Medical Service provider ID issued after legal_entity registration. Used to identify the context of the MSP/Pharmacy

6498d88e-97fb-47e2-85a5-99e884f888aa

client_secret

(required)

String

Medical Information System secret key issued upon integration request. Used to identify application developer

msp-001-secret-key

code

(required)

String

oAuth code grant

299383828

grant_type

(required)

String

oAuth Grant Type. Currently only authorization_code is supported

authorization_code

redirect_uri

(required)

String

URL where user will be redirected after authentification. This url will receive code and state parameters in query string

https://example.com/

scope

(required)

String

List of scopes that is required in application business logic, separated by space. Different login forms will be shown based on scopes that you requested

capitation_contracts:view capitation_contracts:create patients:view patients:create

Filters

None

Request structure

See on Apiary

Example

 Request example
curl --include \
     --request POST \
     --header "Content-Type: application/json" \
     --header "X-CSRF-Token: my-csrf-token" \
     --data-binary "{
  \"token\": {
    \"client_id\": \"6498d88e-97fb-47e2-85a5-99e884f888aa\",
    \"client_secret\": \"msp-001-secret-key\",
    \"code\": \"299383828\",
    \"grant_type\": \"authorization_code\",
    \"redirect_uri\": \"https://example.com/\",
    \"scope\": \"capitation_contracts:view capitation_contracts:create patients:view patients:create\"
  }
}" \
'http://ehealth.com/oauth/tokens'

Authorize

API paragraph not found

Headers

Example

 Header example
Content-Type: application/json
X-CSRF-Token: my-csrf-token

Validate request (JSON schema)

API paragraph not found

Validation data request

API paragraph not found

Processing

API paragraph not found

Response structure

See on Apiary

Example:

{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  },
  "data": {
    "value": "SnNRdCtvU0tTOENBV2dLRUZwNmIzZz09",
    "user_id": "3ff33ced-69dc-415a-b231-c6446898335a",
    "name": "access_token",
    "id": "3ff33ced-69dc-415a-b231-c6446898335a",
    "expires_at": 1498749591,
    "details": {
      "scope": "capitation_contracts:view capitation_contracts:create patients:view patients:create",
      "refresh_token": "my-oauth-refresh-token",
      "redirect_uri": "https://example.com/",
      "grant_type": "authorization_code",
      "client_id": "d290f1ee-6c54-4b01-90e6-d701748f0851"
    }
  }
}

Post-processing processes

API paragraph not found

HTTP status codes

HTTP status code

Message

What caused the error

201

 

Backward compatibility

API paragraph not found

  • No labels