├── .gitignore ├── README.md ├── hif-spec ├── consent-manager.yaml ├── gateway.yaml └── health-repository.yaml └── spec ├── consent-manager.yaml ├── gateway.yaml └── health-repository.yaml /.gitignore: -------------------------------------------------------------------------------- 1 | node_modules/* 2 | build/* 3 | .bk/* 4 | *.DS_Store -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Healthstack 2 | 3 | [Website](https://developers.ispirt.in/#/healthstack) 4 | 5 | ## Contributions 6 | 7 | If you are interested in contributing 8 | 9 | - Raise issues in github 10 | - Fork and give a pull request 11 | 12 | -------------------------------------------------------------------------------- /hif-spec/consent-manager.yaml: -------------------------------------------------------------------------------- 1 | openapi: 3.0.0 2 | info: 3 | version: "0.5.0" 4 | title: Consent Manager 5 | description: | 6 | Entity which provides health information aggregation services to users of healthcare services. 7 | It enables customers to fetch their health information from one or more Health Information Providers 8 | (e.g., Hospitals, Diagnostic Labs, Medical Device Companies), based on their explicit Consent and to share such 9 | aggregated information with Health Information Users i.e. entities in need of such data (e.g., Insurers, 10 | Doctors, Medical Researchers). 11 | 12 | servers: 13 | # Added by API Auto Mocking Plugin 14 | - description: SwaggerHub API Auto Mocking 15 | url: https://virtserver.swaggerhub.com/health-stack/consent-manager/0.5.0 16 | - url: https://ncg-dev.projecteka.in/consent-manager 17 | description: Dev 18 | 19 | tags: 20 | - name: user auth 21 | - name: identification 22 | - name: discovery 23 | - name: link 24 | - name: consent 25 | - name: data flow 26 | 27 | paths: 28 | /v0.5/care-contexts/on-discover: 29 | post: 30 | tags: 31 | - discovery 32 | summary: Response to patient's account discovery request 33 | description: > 34 | Result of patient care-context discovery request at HIP end. If a matching patient found with zero or more care contexts associated, it is specified as result attribute. If the prior discovery request, resulted in errors then it is specified in the error attribute. Reasons of errors can be 35 | 1. **more than one definitive match for the given request** 36 | 2. **no verified identifer was specified** 37 | parameters: 38 | - $ref: "#/components/parameters/authorization" 39 | requestBody: 40 | required: true 41 | content: 42 | application/json: 43 | schema: 44 | $ref: '#/components/schemas/PatientDiscoveryResult' 45 | application/xml: 46 | schema: 47 | $ref: '#/components/schemas/PatientDiscoveryResult' 48 | responses: 49 | '202': 50 | description: Request accepted 51 | '400': 52 | description: > 53 | **Causes:** 54 | * Format mismatch of any of attributes. 55 | content: 56 | application/json: 57 | schema: 58 | $ref: '#/components/schemas/ErrorResponse' 59 | '401': 60 | description: > 61 | **Causes:** 62 | * Unauthorized request 63 | content: 64 | application/json: 65 | schema: 66 | $ref: '#/components/schemas/ErrorResponse' 67 | application/xml: 68 | schema: 69 | $ref: '#/components/schemas/ErrorResponse' 70 | '500': 71 | description: > 72 | **Causes:** 73 | * Downstream system(s) is down. 74 | * Unhandled exceptions. 75 | content: 76 | application/json: 77 | schema: 78 | $ref: '#/components/schemas/ErrorResponse' 79 | application/xml: 80 | schema: 81 | $ref: '#/components/schemas/ErrorResponse' 82 | /v0.5/links/link/on-init: 83 | post: 84 | tags: 85 | - link 86 | summary: Response to patient's care context link request 87 | description: > 88 | Result of patient care-context link request from HIP end. This happens in context of previous discovery of patient found at HIP end, therefore the link requests ought to be in reference to the patient reference and care-context references previously returned by the HIP. The correlation of discovery and link request is maintained through the transactionId. HIP should have 89 | 1. **Validated transactionId in the request to check whether there was a discovery done previously, and the link request corresponds to returned patient care care context references** 90 | 2. **Before returning the response, HIP should have sent an authentication request to the patient(eg: OTP verification)** 91 | 3. **HIP should communicate the mode of authentication of a successful request** 92 | 4. **HIP subsequently should expect the token passed via /link/confirm against the link.referenceNumber passed in this call** 93 | 94 | The error section in the body, represents the potential errors that may have occurred. Possible reasons: 95 | 1. **Patient reference number is invalid** 96 | 2. **Care context reference numbers are invalid** 97 | parameters: 98 | - $ref: "#/components/parameters/authorization" 99 | requestBody: 100 | required: true 101 | content: 102 | application/json: 103 | schema: 104 | $ref: '#/components/schemas/PatientLinkReferenceResult' 105 | application/xml: 106 | schema: 107 | $ref: '#/components/schemas/PatientLinkReferenceResult' 108 | responses: 109 | '202': 110 | description: Request accepted 111 | '400': 112 | description: > 113 | **Causes:** 114 | * Format mismatch of any of attributes. 115 | content: 116 | application/json: 117 | schema: 118 | $ref: '#/components/schemas/ErrorResponse' 119 | '401': 120 | description: > 121 | **Causes:** 122 | * Unauthorized request 123 | content: 124 | application/json: 125 | schema: 126 | $ref: '#/components/schemas/ErrorResponse' 127 | application/xml: 128 | schema: 129 | $ref: '#/components/schemas/ErrorResponse' 130 | '500': 131 | description: > 132 | **Causes:** 133 | * Downstream system(s) is down. 134 | * Unhandled exceptions. 135 | content: 136 | application/json: 137 | schema: 138 | $ref: '#/components/schemas/ErrorResponse' 139 | application/xml: 140 | schema: 141 | $ref: '#/components/schemas/ErrorResponse' 142 | /v0.5/links/link/on-confirm: 143 | post: 144 | tags: 145 | - link 146 | parameters: 147 | - $ref: "#/components/parameters/authorization" 148 | summary: Token authenticated by HIP, indicating completion of linkage of care-contexts 149 | description: > 150 | Returns a list of linked care contexts with patient reference number. 151 | 1. **Validated and linked account reference number** 152 | 2. **Validated that the token sent from Consent Manager is same as the one generated by HIP** 153 | 3. **Verified that same Consent Manager which made the link request is sending the token** 154 | 4. **Results of unmasked linked care contexts with patient reference number** 155 | requestBody: 156 | required: true 157 | content: 158 | application/json: 159 | schema: 160 | $ref: '#/components/schemas/PatientLinkResult' 161 | application/xml: 162 | schema: 163 | $ref: '#/components/schemas/PatientLinkResult' 164 | responses: 165 | '202': 166 | description: accepted 167 | '400': 168 | description: > 169 | **Causes:** 170 | * resp not specified 171 | * atleast patient or error should be specified 172 | content: 173 | application/json: 174 | schema: 175 | $ref: '#/components/schemas/ErrorResponse' 176 | application/xml: 177 | schema: 178 | $ref: '#/components/schemas/ErrorResponse' 179 | '401': 180 | description: > 181 | **Causes:** 182 | * Unauthorized request 183 | content: 184 | application/json: 185 | schema: 186 | $ref: '#/components/schemas/ErrorResponse' 187 | application/xml: 188 | schema: 189 | $ref: '#/components/schemas/ErrorResponse' 190 | '500': 191 | description: > 192 | **Causes:** 193 | * Downstream system(s) is down. 194 | * Unhandled exceptions. 195 | content: 196 | application/json: 197 | schema: 198 | $ref: '#/components/schemas/ErrorResponse' 199 | application/xml: 200 | schema: 201 | $ref: '#/components/schemas/ErrorResponse' 202 | /v0.5/links/link/add-contexts: 203 | post: 204 | tags: 205 | - link 206 | parameters: 207 | - $ref: "#/components/parameters/authorization" 208 | summary: API for HIP initiated care-context linking for patient 209 | description: > 210 | API to submit care-context to CM for HIP initiated linking. The API must accompany the "accessToken" fetched in the users/auth process. 211 | 1. subsequent usage for accessToken may be invalid if it was meant for one-time usage or if it expired 212 | requestBody: 213 | required: true 214 | content: 215 | application/json: 216 | schema: 217 | $ref: '#/components/schemas/PatientCareContextLinkRequest' 218 | application/xml: 219 | schema: 220 | $ref: '#/components/schemas/PatientCareContextLinkRequest' 221 | responses: 222 | '202': 223 | description: accepted 224 | '400': 225 | description: > 226 | **Causes:** 227 | * required information not provided 228 | content: 229 | application/json: 230 | schema: 231 | $ref: '#/components/schemas/ErrorResponse' 232 | application/xml: 233 | schema: 234 | $ref: '#/components/schemas/ErrorResponse' 235 | '401': 236 | description: > 237 | **Causes:** 238 | * Unauthorized request 239 | content: 240 | application/json: 241 | schema: 242 | $ref: '#/components/schemas/ErrorResponse' 243 | application/xml: 244 | schema: 245 | $ref: '#/components/schemas/ErrorResponse' 246 | '500': 247 | description: > 248 | **Causes:** 249 | * Downstream system(s) is down. 250 | * Unhandled exceptions. 251 | content: 252 | application/json: 253 | schema: 254 | $ref: '#/components/schemas/ErrorResponse' 255 | application/xml: 256 | schema: 257 | $ref: '#/components/schemas/ErrorResponse' 258 | # consent-service 259 | /v0.5/consent-requests/init: 260 | post: 261 | tags: 262 | - consent 263 | summary: Create consent request 264 | description: Creates a consent request to get data about a patient by HIU user. CM should call Gateway - ***/v0.5/consent-requests/on-init*** API with the consent-request-id 265 | parameters: 266 | - $ref: "#/components/parameters/authorization" 267 | requestBody: 268 | required: true 269 | content: 270 | application/json: 271 | schema: 272 | $ref: '#/components/schemas/ConsentRequest' 273 | application/xml: 274 | schema: 275 | $ref: '#/components/schemas/ConsentRequest' 276 | responses: 277 | '202': 278 | description: Request Accepted 279 | '400': 280 | description: > 281 | **Causes:** 282 | * Invalid data sent 283 | * Required attributes not mentioned 284 | content: 285 | application/json: 286 | schema: 287 | $ref: '#/components/schemas/ErrorResponse' 288 | application/xml: 289 | schema: 290 | $ref: '#/components/schemas/ErrorResponse' 291 | '401': 292 | description: > 293 | **Causes:** 294 | * Expired/Invalid token. 295 | content: 296 | application/json: 297 | schema: 298 | $ref: '#/components/schemas/ErrorResponse' 299 | application/xml: 300 | schema: 301 | $ref: '#/components/schemas/ErrorResponse' 302 | '500': 303 | description: > 304 | **Causes:** 305 | * Downstream system(s) is down. 306 | * Unhandled exceptions. 307 | content: 308 | application/json: 309 | schema: 310 | $ref: '#/components/schemas/ErrorResponse' 311 | application/xml: 312 | schema: 313 | $ref: '#/components/schemas/ErrorResponse' 314 | /v0.5/consents/fetch: 315 | post: 316 | tags: 317 | - consent 318 | summary: Get consent artefact 319 | description: This API is called when a HIU makes a request to get a consent artefact. For response please refer to the Gateway ***/v0.5/consents/on-fetch*** 320 | parameters: 321 | - $ref: "#/components/parameters/authorization" 322 | requestBody: 323 | required: true 324 | content: 325 | application/json: 326 | schema: 327 | $ref: '#/components/schemas/ConsentFetchRequest' 328 | responses: 329 | '202': 330 | description: Request Accepted 331 | '400': 332 | description: > 333 | **Causes:** 334 | * Invalid data sent 335 | content: 336 | application/json: 337 | schema: 338 | $ref: '#/components/schemas/ErrorResponse' 339 | application/xml: 340 | schema: 341 | $ref: '#/components/schemas/ErrorResponse' 342 | '401': 343 | description: > 344 | **Causes:** 345 | * Expired/Invalid token. 346 | content: 347 | application/json: 348 | schema: 349 | $ref: '#/components/schemas/ErrorResponse' 350 | application/xml: 351 | schema: 352 | $ref: '#/components/schemas/ErrorResponse' 353 | '500': 354 | description: > 355 | **Causes:** 356 | * Downstream system(s) is down. 357 | * Unhandled exceptions. 358 | content: 359 | application/json: 360 | schema: 361 | $ref: '#/components/schemas/ErrorResponse' 362 | application/xml: 363 | schema: 364 | $ref: '#/components/schemas/ErrorResponse' 365 | /v0.5/consents/hip/on-notify: 366 | post: 367 | tags: 368 | - consent 369 | summary: Consent notification 370 | description: > 371 | This API is called by HIP as acknowledgement to notification of consents, in cases of consent revocation and expiration, notified by CM earlier via Gateway API - ***/v0.5/consents/hip/notify***. 372 | parameters: 373 | - $ref: "#/components/parameters/authorization" 374 | requestBody: 375 | required: true 376 | content: 377 | application/json: 378 | schema: 379 | $ref: '#/components/schemas/HIPConsentNotificationResponse' 380 | application/xml: 381 | schema: 382 | $ref: '#/components/schemas/HIPConsentNotificationResponse' 383 | responses: 384 | '202': 385 | description: Request Accepted 386 | '401': 387 | description: > 388 | **Causes:** 389 | * Invalid/Expired/Empty token. 390 | content: 391 | application/json: 392 | schema: 393 | $ref: '#/components/schemas/ErrorResponse' 394 | application/xml: 395 | schema: 396 | $ref: '#/components/schemas/ErrorResponse' 397 | '500': 398 | description: > 399 | **Causes:** 400 | * Downstream services are down 401 | content: 402 | application/json: 403 | schema: 404 | $ref: '#/components/schemas/ErrorResponse' 405 | application/xml: 406 | schema: 407 | $ref: '#/components/schemas/ErrorResponse' 408 | /v0.5/consents/hiu/on-notify: 409 | post: 410 | tags: 411 | - consent 412 | summary: Consent notification 413 | description: | 414 | This API is called by HIU as acknowledgement to consent notifications, specifically for cases when consent is REVOKED or EXPIRED, notified by CM earlier via Gateway API - ***/v0.5/consents/hiu/notify***. 415 | parameters: 416 | - $ref: '#/components/parameters/authorization' 417 | requestBody: 418 | required: true 419 | content: 420 | application/json: 421 | schema: 422 | $ref: '#/components/schemas/HIUConsentNotificationResponse' 423 | responses: 424 | '202': 425 | description: Request Accepted. 426 | '401': 427 | description: > 428 | **Causes:** 429 | * Invalid/Expired/Empty token. 430 | content: 431 | application/json: 432 | schema: 433 | $ref: '#/components/schemas/ErrorResponse' 434 | application/xml: 435 | schema: 436 | $ref: '#/components/schemas/ErrorResponse' 437 | '500': 438 | description: > 439 | **Causes:** 440 | * Downstream services are down 441 | content: 442 | application/json: 443 | schema: 444 | $ref: '#/components/schemas/ErrorResponse' 445 | application/xml: 446 | schema: 447 | $ref: '#/components/schemas/ErrorResponse' 448 | /v0.5/consent-requests/status: 449 | post: 450 | tags: 451 | - consent 452 | summary: Get consent request status 453 | description: Get status of consent request done previously. CM responds by calling Gateway API - ***/v0.5/consent-requests/on-status*** 454 | parameters: 455 | - $ref: '#/components/parameters/authorization' 456 | requestBody: 457 | required: true 458 | content: 459 | application/json: 460 | schema: 461 | $ref: '#/components/schemas/ConsentRequestStatusRequest' 462 | application/xml: 463 | schema: 464 | $ref: '#/components/schemas/ConsentRequestStatusRequest' 465 | responses: 466 | '202': 467 | description: Request Accepted 468 | '400': 469 | description: > 470 | **Causes:** 471 | * Invalid data sent 472 | content: 473 | application/json: 474 | schema: 475 | $ref: '#/components/schemas/ErrorResponse' 476 | application/xml: 477 | schema: 478 | $ref: '#/components/schemas/ErrorResponse' 479 | '401': 480 | description: > 481 | **Causes:** 482 | * Expired/Invalid token. 483 | content: 484 | application/json: 485 | schema: 486 | $ref: '#/components/schemas/ErrorResponse' 487 | application/xml: 488 | schema: 489 | $ref: '#/components/schemas/ErrorResponse' 490 | '500': 491 | description: > 492 | **Causes:** 493 | * Downstream system(s) is down. 494 | * Unhandled exceptions. 495 | content: 496 | application/json: 497 | schema: 498 | $ref: '#/components/schemas/ErrorResponse' 499 | application/xml: 500 | schema: 501 | $ref: '#/components/schemas/ErrorResponse' 502 | /v0.5/health-information/request: 503 | post: 504 | tags: 505 | - data flow 506 | summary: Health information data request from HIU 507 | description: > 508 | HIU request for Health information against a consent id. CM would generate a transactionId against each consent and pass it as trnasaction context / correlation id to the HIP and also return the same to HIU via Gateway API - ***/v0.5/health-information/cm/on-request***. 509 | parameters: 510 | - $ref: "#/components/parameters/authorization" 511 | requestBody: 512 | required: true 513 | content: 514 | application/json: 515 | schema: 516 | $ref: '#/components/schemas/HIRequest' 517 | application/xml: 518 | schema: 519 | $ref: '#/components/schemas/HIRequest' 520 | responses: 521 | '202': 522 | description: Request Accepted 523 | '400': 524 | description: > 525 | **Causes:** 526 | * Bad request 527 | content: 528 | application/json: 529 | schema: 530 | $ref: '#/components/schemas/ErrorResponse' 531 | application/xml: 532 | schema: 533 | $ref: '#/components/schemas/ErrorResponse' 534 | '401': 535 | description: > 536 | **Causes:** 537 | * Token is invalid or Link has expired 538 | content: 539 | application/json: 540 | schema: 541 | $ref: '#/components/schemas/ErrorResponse' 542 | application/xml: 543 | schema: 544 | $ref: '#/components/schemas/ErrorResponse' 545 | '500': 546 | description: > 547 | **Causes:** 548 | * Downstream system(s) is down. 549 | * Unhandled exceptions. 550 | content: 551 | application/json: 552 | schema: 553 | $ref: '#/components/schemas/ErrorResponse' 554 | application/xml: 555 | schema: 556 | $ref: '#/components/schemas/ErrorResponse' 557 | /v0.5/health-information/on-request: 558 | post: 559 | tags: 560 | - data flow 561 | summary: Health information data request acknowledgement from HIP 562 | description: > 563 | This API is called by HIP to acknowledge Health information request receipt. When HIU requests health information, CM generates a transactionId and makes a health information request to the HIP(s). HIPs acknowledgement to the health-information request is coveyed by this API. Either the **hiRequest** or **error** must be specified. **hiRequest** element returns the same transactionId as before with a status indicating that the request is acknowledged. 564 | parameters: 565 | - $ref: '#/components/parameters/authorization' 566 | requestBody: 567 | required: true 568 | content: 569 | application/json: 570 | schema: 571 | $ref: '#/components/schemas/HIPHealthInformationRequestAcknowledgement' 572 | application/xml: 573 | schema: 574 | $ref: '#/components/schemas/HIPHealthInformationRequestAcknowledgement' 575 | responses: 576 | '202': 577 | description: Request accepted. 578 | '400': 579 | description: > 580 | **Causes:** 581 | * Bad request 582 | content: 583 | application/json: 584 | schema: 585 | $ref: '#/components/schemas/ErrorResponse' 586 | application/xml: 587 | schema: 588 | $ref: '#/components/schemas/ErrorResponse' 589 | '401': 590 | description: > 591 | **Causes:** 592 | * Token is invalid or Link has expired 593 | content: 594 | application/json: 595 | schema: 596 | $ref: '#/components/schemas/ErrorResponse' 597 | application/xml: 598 | schema: 599 | $ref: '#/components/schemas/ErrorResponse' 600 | '500': 601 | description: > 602 | **Causes:** 603 | * Downstream system(s) is down. 604 | * Unhandled exceptions. 605 | content: 606 | application/json: 607 | schema: 608 | $ref: '#/components/schemas/ErrorResponse' 609 | application/xml: 610 | schema: 611 | $ref: '#/components/schemas/ErrorResponse' 612 | /v0.5/health-information/notify: 613 | post: 614 | tags: 615 | - data flow 616 | summary: Notifications corresponding to events during data flow 617 | description: | 618 | API called by HIU and HIP during data-transfer. 619 | 1. HIP on transfer of data would send **sessionStatus** - one of [TRANSFERRED, FAILED] 620 | 2. HIP would also send **hiStatus** for each *careContextReference* - on of [DELIVERED, ERRORED] 621 | 3. HIU on receipt of data would send **sessionStatus** - one of [TRANSFERRED, FAILED]. For example, FAILED when if data was not sent or if invalid data was sent 622 | 4. HIU would also send **hiStatus** for each *careContextReference* - one of [OK, ERRORED] 623 | parameters: 624 | - $ref: '#/components/parameters/authorization' 625 | requestBody: 626 | required: true 627 | content: 628 | application/json: 629 | schema: 630 | $ref: '#/components/schemas/HealthInformationNotification' 631 | application/xml: 632 | schema: 633 | $ref: '#/components/schemas/HealthInformationNotification' 634 | responses: 635 | '204': 636 | description: Notification is Accepted 637 | '400': 638 | description: > 639 | **Causes:** 640 | * Invalid Request 641 | content: 642 | application/json: 643 | schema: 644 | $ref: '#/components/schemas/ErrorResponse' 645 | application/xml: 646 | schema: 647 | $ref: '#/components/schemas/ErrorResponse' 648 | '401': 649 | description: > 650 | **Causes:** 651 | * Expired/Invalid token. 652 | content: 653 | application/json: 654 | schema: 655 | $ref: '#/components/schemas/ErrorResponse' 656 | application/xml: 657 | schema: 658 | $ref: '#/components/schemas/ErrorResponse' 659 | '500': 660 | description: > 661 | **Causes:** 662 | * Downstream system(s) is down. 663 | * Unhandled exceptions. 664 | content: 665 | application/json: 666 | schema: 667 | $ref: '#/components/schemas/ErrorResponse' 668 | application/xml: 669 | schema: 670 | $ref: '#/components/schemas/ErrorResponse' 671 | /v0.5/heartbeat: 672 | get: 673 | tags: 674 | - monitoring 675 | summary: Get consent request status 676 | responses: 677 | '200': 678 | description: OK 679 | content: 680 | application/json: 681 | schema: 682 | $ref: '#/components/schemas/HeartbeatResponse' 683 | application/xml: 684 | schema: 685 | $ref: '#/components/schemas/HeartbeatResponse' 686 | /v0.5/patients/find: 687 | post: 688 | tags: 689 | - identification 690 | summary: Identify a patient by her consent-manager user-id 691 | description: > 692 | This API is meant for identify to patient given her consent-manager-user-id. CM subsequently makes the /on-find Gateway API call with results. 693 | parameters: 694 | - $ref: "#/components/parameters/authorization" 695 | requestBody: 696 | required: true 697 | content: 698 | application/json: 699 | schema: 700 | $ref: '#/components/schemas/PatientIdentificationRequest' 701 | application/xml: 702 | schema: 703 | $ref: '#/components/schemas/PatientIdentificationRequest' 704 | responses: 705 | '202': 706 | description: Request Accepted 707 | '400': 708 | description: > 709 | Invalid request, required attributes not provided 710 | content: 711 | application/json: 712 | schema: 713 | $ref: '#/components/schemas/ErrorResponse' 714 | '401': 715 | description: > 716 | **Causes:** 717 | * Unauthorized request 718 | content: 719 | application/json: 720 | schema: 721 | $ref: '#/components/schemas/ErrorResponse' 722 | application/xml: 723 | schema: 724 | $ref: '#/components/schemas/ErrorResponse' 725 | '500': 726 | description: > 727 | **Causes:** 728 | * Downstream system(s) is down. 729 | * Unhandled exceptions. 730 | content: 731 | application/json: 732 | schema: 733 | $ref: '#/components/schemas/ErrorResponse' 734 | application/xml: 735 | schema: 736 | $ref: '#/components/schemas/ErrorResponse' 737 | 738 | /v0.5/users/auth/fetch-modes: 739 | post: 740 | tags: 741 | - user auth 742 | - hip facing 743 | summary: Get a patient's authentication modes by her consent-manager user-id relevant to specified purpose 744 | description: > 745 | This API is meant for identify supported authentication modes for a patient given a specific purpose. For response callback API please see Gateway spec /auth/on-fetch-modes. Note that as of now, only KYC purpose is applicable for HIU, for HIP the purposes KYC, LINK, KYC_AND_LINK are applicable. 746 | parameters: 747 | - $ref: "#/components/parameters/authorization" 748 | requestBody: 749 | required: true 750 | content: 751 | application/json: 752 | schema: 753 | $ref: '#/components/schemas/PatientAuthModeQueryRequest' 754 | application/xml: 755 | schema: 756 | $ref: '#/components/schemas/PatientAuthModeQueryRequest' 757 | responses: 758 | '202': 759 | description: Request Accepted 760 | '400': 761 | description: > 762 | Invalid request, required attributes not provided 763 | content: 764 | application/json: 765 | schema: 766 | $ref: '#/components/schemas/ErrorResponse' 767 | '401': 768 | description: > 769 | **Causes:** 770 | * Unauthorized request 771 | content: 772 | application/json: 773 | schema: 774 | $ref: '#/components/schemas/ErrorResponse' 775 | application/xml: 776 | schema: 777 | $ref: '#/components/schemas/ErrorResponse' 778 | '500': 779 | description: > 780 | **Causes:** 781 | * Downstream system(s) is down. 782 | * Unhandled exceptions. 783 | content: 784 | application/json: 785 | schema: 786 | $ref: '#/components/schemas/ErrorResponse' 787 | application/xml: 788 | schema: 789 | $ref: '#/components/schemas/ErrorResponse' 790 | /v0.5/users/auth/init: 791 | post: 792 | tags: 793 | - user auth 794 | summary: Initialize authentication from HIP 795 | description: > 796 | This API is called by HIPs to initiate authentication of users. A transactionId is retuned by the corresponding callback API for confirmation of user auth. 797 | parameters: 798 | - $ref: "#/components/parameters/authorization" 799 | requestBody: 800 | required: true 801 | content: 802 | application/json: 803 | schema: 804 | $ref: '#/components/schemas/PatientAuthInitRequest' 805 | application/xml: 806 | schema: 807 | $ref: '#/components/schemas/PatientAuthInitRequest' 808 | responses: 809 | '202': 810 | description: Request accepted 811 | '400': 812 | description: > 813 | **Causes:** 814 | * patient id is not provided 815 | content: 816 | application/json: 817 | schema: 818 | $ref: '#/components/schemas/ErrorResponse' 819 | application/xml: 820 | schema: 821 | $ref: '#/components/schemas/ErrorResponse' 822 | '401': 823 | description: > 824 | **Causes:** 825 | * Unauthorized request 826 | content: 827 | application/json: 828 | schema: 829 | $ref: '#/components/schemas/ErrorResponse' 830 | application/xml: 831 | schema: 832 | $ref: '#/components/schemas/ErrorResponse' 833 | '500': 834 | description: > 835 | **Causes:** 836 | * Downstream system(s) is down. 837 | * Unhandled exceptions. 838 | content: 839 | application/json: 840 | schema: 841 | $ref: '#/components/schemas/ErrorResponse' 842 | application/xml: 843 | schema: 844 | $ref: '#/components/schemas/ErrorResponse' 845 | /v0.5/users/auth/confirm: 846 | post: 847 | tags: 848 | - user auth 849 | summary: Confirmation request sending token, otp or other authentication details from HIP for confirmation 850 | description: > 851 | This API is called by HIP/HIUs to confirm authentication of users. The transactionId returned by the previous callback API /users/auth/on-init must be sent. If Authentication is successful the callback API will send an "access token" for subsequent purpose specific API calls. Note only **credential.authCode** or **credential.demographic** should be sent 852 | 1. demographic details are only required for demographic auth as of now. 853 | 2. demographic details are required only in MEDIATED cases and if the **auth.mode** so demands. e.g. if **auth.mode** is DEMOGRAPHICS. Usually for demographic authentication, the name, gender and DOB must be exactly as specified in User Account. 854 | 3. demographic.identifier is optional, however maybe required if authentication so mandates. 855 | 4. credential.authCode is required for other MEDIATED authentication like MOBILE_OTP, AADHAAR_OTP. 856 | parameters: 857 | - $ref: "#/components/parameters/authorization" 858 | requestBody: 859 | required: true 860 | content: 861 | application/json: 862 | schema: 863 | $ref: '#/components/schemas/PatientAuthConfirmRequest' 864 | application/xml: 865 | schema: 866 | $ref: '#/components/schemas/PatientAuthConfirmRequest' 867 | responses: 868 | '202': 869 | description: Request accepted 870 | '400': 871 | description: > 872 | **Causes:** 873 | * transaction id is not provided or invalid 874 | * token or other auth confirmation details not provided or invalid 875 | content: 876 | application/json: 877 | schema: 878 | $ref: '#/components/schemas/ErrorResponse' 879 | application/xml: 880 | schema: 881 | $ref: '#/components/schemas/ErrorResponse' 882 | '401': 883 | description: > 884 | **Causes:** 885 | * Unauthorized request 886 | content: 887 | application/json: 888 | schema: 889 | $ref: '#/components/schemas/ErrorResponse' 890 | application/xml: 891 | schema: 892 | $ref: '#/components/schemas/ErrorResponse' 893 | '500': 894 | description: > 895 | **Causes:** 896 | * Downstream system(s) is down. 897 | * Unhandled exceptions. 898 | content: 899 | application/json: 900 | schema: 901 | $ref: '#/components/schemas/ErrorResponse' 902 | application/xml: 903 | schema: 904 | $ref: '#/components/schemas/ErrorResponse' 905 | components: 906 | parameters: 907 | authorization: 908 | name: Authorization 909 | in: header 910 | required: true 911 | description: Access token which was issued after successful login with gateway auth server. 912 | schema: 913 | type: string 914 | LinkRefNumber: 915 | name: linkRefNumber 916 | in: path 917 | required: true 918 | description: Reference number for the link request made earlier. 919 | schema: 920 | $ref: '#/components/schemas/UuidSchema' 921 | ConsentRequestId: 922 | name: consentRequestId 923 | in: path 924 | required: true 925 | description: Consent request's identifier 926 | schema: 927 | type: string 928 | format: uuid 929 | ConsentId: 930 | name: consentId 931 | in: path 932 | required: true 933 | description: Consent request's identifier 934 | schema: 935 | type: string 936 | format: uuid 937 | schemas: 938 | TimestampSchema: 939 | type: string 940 | format: date-time 941 | description: Date time format in UTC, includes miliseconds YYYY-MM-DDThh:mm:ss.vZ 942 | UuidSchema: 943 | type: string 944 | format: uuid 945 | example: a1s2c932-2f70-3ds3-a3b5-2sfd46b12a18d 946 | PatientDiscoveryResult: 947 | type: object 948 | required: 949 | - requestId 950 | - timestamp 951 | - transactionId 952 | - resp 953 | properties: 954 | requestId: 955 | type: string 956 | format: uuid 957 | description: a nonce, unique for each HTTP request 958 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 959 | timestamp: 960 | $ref: '#/components/schemas/TimestampSchema' 961 | transactionId: 962 | type: string 963 | format: uuid 964 | patient: 965 | $ref: '#/components/schemas/PatientRepresentation' 966 | error: 967 | $ref: '#/components/schemas/Error' 968 | resp: 969 | $ref: '#/components/schemas/RequestReference' 970 | xml: 971 | name: PatientDiscoveryResult 972 | ErrorResponse: 973 | type: object 974 | properties: 975 | error: 976 | $ref: '#/components/schemas/Error' 977 | xml: 978 | name: ErrorResponse 979 | IdentifierType: 980 | type: string 981 | enum: [MOBILE, MR] 982 | PatientRepresentation: 983 | type: object 984 | required: 985 | - referenceNumber 986 | - display 987 | - careContexts 988 | properties: 989 | referenceNumber: 990 | type: string 991 | display: 992 | type: string 993 | careContexts: 994 | type: array 995 | items: 996 | $ref: '#/components/schemas/CareContextRepresentation' 997 | matchedBy: 998 | type: array 999 | items: 1000 | $ref: '#/components/schemas/IdentifierType' 1001 | xml: 1002 | name: Patient 1003 | CareContextRepresentation: 1004 | type: object 1005 | required: 1006 | - referenceNumber 1007 | - display 1008 | properties: 1009 | referenceNumber: 1010 | type: string 1011 | display: 1012 | type: string 1013 | xml: 1014 | name: Tag 1015 | PatientLinkReferenceResult: 1016 | type: object 1017 | required: 1018 | - requestId 1019 | - timestamp 1020 | - transactionId 1021 | - resp 1022 | properties: 1023 | requestId: 1024 | type: string 1025 | format: uuid 1026 | description: a nonce, unique for each HTTP request 1027 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1028 | timestamp: 1029 | $ref: '#/components/schemas/TimestampSchema' 1030 | transactionId: 1031 | $ref: '#/components/schemas/UuidSchema' 1032 | link: 1033 | type: object 1034 | required: 1035 | - referenceNumber 1036 | - authenticationType 1037 | properties: 1038 | referenceNumber: 1039 | type: string 1040 | authenticationType: 1041 | type: string 1042 | enum: ['DIRECT', 'MEDIATED'] 1043 | meta: 1044 | $ref: '#/components/schemas/Meta' 1045 | error: 1046 | $ref: '#/components/schemas/Error' 1047 | resp: 1048 | $ref: '#/components/schemas/RequestReference' 1049 | Meta: 1050 | type: object 1051 | required: 1052 | - communicationMedium 1053 | properties: 1054 | communicationMedium: 1055 | type: string 1056 | enum: ['M0BILE', 'EMAIL'] 1057 | communicationHint: 1058 | type: string 1059 | communicationExpiry: 1060 | type: string 1061 | example: "2019-12-30T12:01:55Z" 1062 | xml: 1063 | name: Meta 1064 | Error: 1065 | type: object 1066 | required: 1067 | - code 1068 | - message 1069 | properties: 1070 | code: 1071 | type: integer 1072 | enum: [1000, 10001] 1073 | message: 1074 | type: string 1075 | xml: 1076 | name: Error 1077 | PatientLinkResult: 1078 | type: object 1079 | required: 1080 | - requestId 1081 | - timestamp 1082 | - resp 1083 | properties: 1084 | requestId: 1085 | type: string 1086 | format: uuid 1087 | description: a nonce, unique for each HTTP request 1088 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1089 | timestamp: 1090 | $ref: '#/components/schemas/TimestampSchema' 1091 | patient: 1092 | type: object 1093 | required: 1094 | - referenceNumber 1095 | - display 1096 | - careContexts 1097 | properties: 1098 | referenceNumber: 1099 | type: string 1100 | display: 1101 | type: string 1102 | careContexts: 1103 | type: array 1104 | items: 1105 | $ref: '#/components/schemas/CareContextRepresentation' 1106 | error: 1107 | $ref: '#/components/schemas/Error' 1108 | resp: 1109 | $ref: '#/components/schemas/RequestReference' 1110 | HIRequest: 1111 | type: object 1112 | required: 1113 | - requestId 1114 | - timestamp 1115 | - hiRequest 1116 | properties: 1117 | requestId: 1118 | $ref: '#/components/schemas/UuidSchema' 1119 | timestamp: 1120 | $ref: '#/components/schemas/TimestampSchema' 1121 | hiRequest: 1122 | type: object 1123 | required: 1124 | - consent 1125 | - dataPushUrl 1126 | - keyMaterial 1127 | - dateRange 1128 | properties: 1129 | consent: 1130 | $ref: '#/components/schemas/consent' 1131 | dateRange: 1132 | $ref: '#/components/schemas/DateRange' 1133 | dataPushUrl: 1134 | type: string 1135 | keyMaterial: 1136 | $ref: '#/components/schemas/KeyMaterial' 1137 | consent: 1138 | type: object 1139 | required: 1140 | - id 1141 | properties: 1142 | id: 1143 | type: string 1144 | DateRange: 1145 | type: object 1146 | required: 1147 | - from 1148 | - to 1149 | properties: 1150 | from: 1151 | type: string 1152 | format: date-time 1153 | to: 1154 | type: string 1155 | format: date-time 1156 | HITypeEnum: 1157 | type: string 1158 | enum: 1159 | - OPConsultation 1160 | - Prescription 1161 | - DischargeSummary 1162 | - DiagnosticReport 1163 | xml: 1164 | name: HIType 1165 | ConsentManagerPatientID: 1166 | type: object 1167 | required: 1168 | - id 1169 | properties: 1170 | id: 1171 | type: string 1172 | xml: 1173 | attribute: true 1174 | format: @ 1175 | example: batman@ncg 1176 | UsePurpose: 1177 | type: object 1178 | required: 1179 | - text 1180 | - code 1181 | properties: 1182 | text: 1183 | type: string 1184 | code: 1185 | type: string 1186 | description: From the fixed set, documented at refUri 1187 | refUri: 1188 | type: string 1189 | format: uri 1190 | Permission: 1191 | type: object 1192 | required: 1193 | - accessMode 1194 | - dateRange 1195 | - dataEraseAt 1196 | - frequency 1197 | properties: 1198 | accessMode: 1199 | type: string 1200 | enum: [VIEW, STORE, QUERY, STREAM] 1201 | dateRange: 1202 | type: object 1203 | required: 1204 | - from 1205 | - to 1206 | properties: 1207 | from: 1208 | type: string 1209 | format: date-time 1210 | to: 1211 | type: string 1212 | format: date-time 1213 | dataEraseAt: 1214 | type: string 1215 | format: date-time 1216 | frequency: 1217 | type: object 1218 | properties: 1219 | unit: 1220 | type: string 1221 | enum: [HOUR, WEEK, DAY, MONTH, YEAR] 1222 | value: 1223 | type: integer 1224 | repeats: 1225 | type: integer 1226 | xml: 1227 | name: Permission 1228 | OrganizationRepresentation: 1229 | type: object 1230 | required: 1231 | - id 1232 | properties: 1233 | id: 1234 | type: string 1235 | xml: 1236 | attribute: true 1237 | xml: 1238 | name: OrganizationResponse 1239 | KeyMaterial: 1240 | type: object 1241 | required: 1242 | - cryptoAlg 1243 | - curve 1244 | - dhPublicKey 1245 | - nonce 1246 | properties: 1247 | cryptoAlg: 1248 | type: string 1249 | format: string 1250 | example: ECDH 1251 | curve: 1252 | type: string 1253 | format: string 1254 | example: Curve25519 1255 | dhPublicKey: 1256 | $ref: '#/components/schemas/keyObject' 1257 | nonce: 1258 | type: string 1259 | format: 32 byte string 1260 | example: 3fa85f64-5717-4562-b3fc-2c963f66afa6 1261 | keyObject: 1262 | type: object 1263 | required: 1264 | - expiry 1265 | - parameters 1266 | - keyValue 1267 | properties: 1268 | expiry: 1269 | type: string 1270 | format: date-time 1271 | parameters: 1272 | type: string 1273 | format: string 1274 | example: Curve25519/32byte random key 1275 | keyValue: 1276 | type: string 1277 | format: string 1278 | ConsentRequest: 1279 | type: object 1280 | required: 1281 | - requestId 1282 | - timestamp 1283 | - consent 1284 | properties: 1285 | requestId: 1286 | type: string 1287 | format: uuid 1288 | description: a nonce, unique for each HTTP request. 1289 | example: "499a5a4a-7dda-4f20-9b67-e24589627061" 1290 | timestamp: 1291 | $ref: '#/components/schemas/TimestampSchema' 1292 | consent: 1293 | type: object 1294 | required: 1295 | - purpose 1296 | - patient 1297 | - hiu 1298 | - requester 1299 | - hiTypes 1300 | - permission 1301 | - consentNotificationUrl 1302 | properties: 1303 | purpose: 1304 | $ref: '#/components/schemas/UsePurpose' 1305 | patient: 1306 | type: object 1307 | allOf: 1308 | - $ref: '#/components/schemas/ConsentManagerPatientID' 1309 | - xml: 1310 | name: patient 1311 | hip: 1312 | type: object 1313 | allOf: 1314 | - $ref: '#/components/schemas/OrganizationRepresentation' 1315 | - xml: 1316 | name: hip 1317 | hiu: 1318 | type: object 1319 | allOf: 1320 | - $ref: '#/components/schemas/OrganizationRepresentation' 1321 | - xml: 1322 | name: hiu 1323 | requester: 1324 | $ref: '#/components/schemas/Requester' 1325 | hiTypes: 1326 | type: array 1327 | items: 1328 | $ref: '#/components/schemas/HITypeEnum' 1329 | permission: 1330 | $ref: '#/components/schemas/Permission' 1331 | Requester: 1332 | type: object 1333 | required: 1334 | - name 1335 | properties: 1336 | name: 1337 | type: string 1338 | example: Dr. Manju 1339 | identifier: 1340 | type: object 1341 | required: 1342 | - type 1343 | - value 1344 | properties: 1345 | type: 1346 | type: string 1347 | example: REGNO 1348 | value: 1349 | type: string 1350 | example: "MH1001" 1351 | system: 1352 | type: string 1353 | example: https://www.mciindia.org 1354 | HealthInformationNotification: 1355 | type: object 1356 | required: 1357 | - requestId 1358 | - timestamp 1359 | - notification 1360 | properties: 1361 | requestId: 1362 | type: string 1363 | format: uuid 1364 | description: a nonce, unique for each HTTP request. 1365 | example: "499a5a4a-7dda-4f20-9b67-e24589627061" 1366 | timestamp: 1367 | $ref: '#/components/schemas/TimestampSchema' 1368 | notification: 1369 | type: object 1370 | required: 1371 | - consentId 1372 | - transactionId 1373 | - doneAt 1374 | - notifier 1375 | - statusNotification 1376 | properties: 1377 | consentId: 1378 | $ref: '#/components/schemas/UuidSchema' 1379 | transactionId: 1380 | $ref: '#/components/schemas/UuidSchema' 1381 | doneAt: 1382 | type: string 1383 | format: date-time 1384 | notifier: 1385 | type: object 1386 | required: 1387 | - type 1388 | - id 1389 | properties: 1390 | type: 1391 | type: string 1392 | enum: [HIU, HIP] 1393 | id: 1394 | type: string 1395 | example: 100005 1396 | statusNotification: 1397 | type: object 1398 | required: 1399 | - sessionStatus 1400 | - hipId 1401 | properties: 1402 | sessionStatus: 1403 | type: string 1404 | enum: [TRANSFERRED, FAILED] 1405 | hipId: 1406 | type: string 1407 | example: max 1408 | statusResponses: 1409 | type: array 1410 | items: 1411 | type: object 1412 | required: 1413 | - careContextReference 1414 | - hiStatus 1415 | properties: 1416 | careContextReference: 1417 | type: string 1418 | hiStatus: 1419 | type: string 1420 | enum: [DELIVERED, OK, ERRORED] 1421 | example: OK 1422 | description: 1423 | type: string 1424 | RequestReference: 1425 | type: object 1426 | required: 1427 | - requestId 1428 | properties: 1429 | requestId: 1430 | type: string 1431 | format: uuid 1432 | description: the requestId that was passed 1433 | ConsentFetchRequest: 1434 | type: object 1435 | required: 1436 | - consentId 1437 | - requestId 1438 | - timestamp 1439 | properties: 1440 | requestId: 1441 | type: string 1442 | format: uuid 1443 | description: a nonce, unique for each HTTP request 1444 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1445 | timestamp: 1446 | $ref: '#/components/schemas/TimestampSchema' 1447 | consentId: 1448 | type: string 1449 | ConsentRequestStatusRequest: 1450 | type: object 1451 | required: 1452 | - consentRequestId 1453 | - requestId 1454 | - timestamp 1455 | properties: 1456 | requestId: 1457 | type: string 1458 | format: uuid 1459 | description: a nonce, unique for each HTTP request 1460 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1461 | timestamp: 1462 | $ref: '#/components/schemas/TimestampSchema' 1463 | consentRequestId: 1464 | type: string 1465 | HIPHealthInformationRequestAcknowledgement: 1466 | type: object 1467 | required: 1468 | - requestId 1469 | - timestamp 1470 | - resp 1471 | properties: 1472 | requestId: 1473 | type: string 1474 | format: uuid 1475 | description: a nonce, unique for each HTTP request 1476 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1477 | timestamp: 1478 | $ref: '#/components/schemas/TimestampSchema' 1479 | hiRequest: 1480 | type: object 1481 | required: 1482 | - transactionId 1483 | - sessionStatus 1484 | properties: 1485 | transactionId: 1486 | type: string 1487 | format: uuid 1488 | sessionStatus: 1489 | type: string 1490 | enum: 1491 | - ACKNOWLEDGED 1492 | error: 1493 | $ref: '#/components/schemas/Error' 1494 | resp: 1495 | $ref: '#/components/schemas/RequestReference' 1496 | HIPConsentNotificationResponse: 1497 | type: object 1498 | required: 1499 | - requestId 1500 | - timestamp 1501 | - resp 1502 | properties: 1503 | requestId: 1504 | type: string 1505 | format: uuid 1506 | description: a nonce, unique for each HTTP request 1507 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1508 | timestamp: 1509 | $ref: '#/components/schemas/TimestampSchema' 1510 | acknowledgement: 1511 | $ref: '#/components/schemas/ConsentAcknowledgement' 1512 | error: 1513 | $ref: '#/components/schemas/Error' 1514 | resp: 1515 | $ref: '#/components/schemas/RequestReference' 1516 | HIUConsentNotificationResponse: 1517 | type: object 1518 | required: 1519 | - requestId 1520 | - timestamp 1521 | - resp 1522 | properties: 1523 | requestId: 1524 | type: string 1525 | format: uuid 1526 | description: a nonce, unique for each HTTP request 1527 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1528 | timestamp: 1529 | $ref: '#/components/schemas/TimestampSchema' 1530 | acknowledgement: 1531 | type: array 1532 | items: 1533 | $ref: '#/components/schemas/ConsentAcknowledgement' 1534 | error: 1535 | $ref: '#/components/schemas/Error' 1536 | resp: 1537 | $ref: '#/components/schemas/RequestReference' 1538 | ConsentAcknowledgement: 1539 | type: object 1540 | required: 1541 | - status 1542 | - consentId 1543 | properties: 1544 | status: 1545 | type: string 1546 | enum: 1547 | - OK 1548 | - UNKNOWN 1549 | consentId: 1550 | type: string 1551 | example: 1552 | HeartbeatResponse: 1553 | type: object 1554 | properties: 1555 | timestamp: 1556 | $ref: '#/components/schemas/TimestampSchema' 1557 | status: 1558 | type: string 1559 | enum: 1560 | - UP 1561 | - DOWN 1562 | error: 1563 | $ref: '#/components/schemas/Error' 1564 | xml: 1565 | name: HeartbeatResponse 1566 | PatientIdentificationRequest: 1567 | type: object 1568 | required: 1569 | - requestId 1570 | - timestamp 1571 | - query 1572 | properties: 1573 | requestId: 1574 | type: string 1575 | format: uuid 1576 | description: a nonce, unique for each HTTP request 1577 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1578 | timestamp: 1579 | $ref: '#/components/schemas/TimestampSchema' 1580 | query: 1581 | type: object 1582 | required: 1583 | - patient 1584 | - requester 1585 | properties: 1586 | patient: 1587 | type: object 1588 | required: 1589 | - id 1590 | properties: 1591 | id: 1592 | type: string 1593 | example: hinapatel79@ncg 1594 | requester: 1595 | type: object 1596 | required: 1597 | - type 1598 | - id 1599 | properties: 1600 | type: 1601 | type: string 1602 | enum: [HIU, HIP] 1603 | id: 1604 | type: string 1605 | example: 100005 1606 | PatientAuthInitRequest: 1607 | type: object 1608 | required: 1609 | - requestId 1610 | - timestamp 1611 | - query 1612 | properties: 1613 | requestId: 1614 | type: string 1615 | format: uuid 1616 | description: a nonce, unique for each HTTP request 1617 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1618 | timestamp: 1619 | $ref: '#/components/schemas/TimestampSchema' 1620 | query: 1621 | type: object 1622 | required: 1623 | - purpose 1624 | - requester 1625 | - id 1626 | properties: 1627 | id: 1628 | type: string 1629 | example: "hinapatel@ncg" 1630 | description: id of the patient understood by the CM 1631 | purpose: 1632 | $ref: '#/components/schemas/PatientAuthPurpose' 1633 | authMode: 1634 | $ref: '#/components/schemas/AuthenticationMode' 1635 | requester: 1636 | type: object 1637 | required: 1638 | - type 1639 | - id 1640 | description: identification of requester 1641 | properties: 1642 | type: 1643 | type: string 1644 | enum: [HIP, HIU] 1645 | id: 1646 | type: string 1647 | example: 100005 1648 | PatientAuthConfirmRequest: 1649 | type: object 1650 | required: 1651 | - requestId 1652 | - timestamp 1653 | - transactionId 1654 | - credential 1655 | properties: 1656 | requestId: 1657 | type: string 1658 | format: uuid 1659 | description: a nonce, unique for each HTTP request 1660 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1661 | timestamp: 1662 | $ref: '#/components/schemas/TimestampSchema' 1663 | transactionId: 1664 | type: string 1665 | credential: 1666 | type: object 1667 | properties: 1668 | authCode: 1669 | type: string 1670 | demographic: 1671 | $ref: '#/components/schemas/PatientDemographic' 1672 | 1673 | PatientDemographic: 1674 | type: object 1675 | required: 1676 | - name 1677 | - gender 1678 | - dateOfBirth 1679 | description: demographic details are only required for demographic auth at this point. 1680 | properties: 1681 | name: 1682 | type: string 1683 | example: "janki das" 1684 | gender: 1685 | $ref: '#/components/schemas/PatientGender' 1686 | dateOfBirth: 1687 | type: string 1688 | example: "1972-02-29" 1689 | description: date of birth in YYYY-MM-DD format. 1690 | identifier: 1691 | $ref: '#/components/schemas/Identifier' 1692 | Identifier: 1693 | type: object 1694 | required: 1695 | - type 1696 | - value 1697 | properties: 1698 | type: 1699 | $ref: '#/components/schemas/IdentifierType' 1700 | value: 1701 | type: string 1702 | example: "+919800083232" 1703 | xml: 1704 | name: Identifier 1705 | PatientGender: 1706 | type: string 1707 | enum: [M, F, O, U] 1708 | PatientCareContextLinkRequest: 1709 | type: object 1710 | required: 1711 | - requestId 1712 | - timestamp 1713 | - link 1714 | properties: 1715 | requestId: 1716 | type: string 1717 | format: uuid 1718 | description: a nonce, unique for each HTTP request 1719 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1720 | timestamp: 1721 | $ref: '#/components/schemas/TimestampSchema' 1722 | link: 1723 | $ref: '#/components/schemas/PatientCareContextLink' 1724 | PatientCareContextLink: 1725 | type: object 1726 | required: 1727 | - accessToken 1728 | - patient 1729 | properties: 1730 | accessToken: 1731 | type: string 1732 | description: AccessToken fetched in the user auth process for the purpose specified 1733 | patient: 1734 | type: object 1735 | required: 1736 | - referenceNumber 1737 | - display 1738 | - careContexts 1739 | properties: 1740 | referenceNumber: 1741 | type: string 1742 | example: TMH-PUID-001 1743 | description: patient reference id at HIP 1744 | display: 1745 | type: string 1746 | careContexts: 1747 | type: array 1748 | items: 1749 | $ref: '#/components/schemas/CareContextRepresentation' 1750 | xml: 1751 | name: careContexts 1752 | wrapped: true 1753 | AuthenticationMode: 1754 | type: string 1755 | enum: ['M0BILE_OTP', 'DIRECT', 'AADHAAR_OTP', 'DEMOGRAPHICS'] 1756 | description: > 1757 | Subjected to CM specific capability 1758 | 1. MOBILE_OTP - for SMS OTP 1759 | 2. DIRECT - for auth through apps (usually direct) 1760 | 3. AADHAAR_OTP - for auth using OTP sent to Aadhaar number 1761 | 4. DEMOGRAPHICS - for auth using demographic. 1762 | 1763 | PatientAuthPurpose: 1764 | type: string 1765 | enum: [LINK, KYC, KYC_AND_LINK] 1766 | description: what is the purpose of user auth 1767 | PatientAuthModeQueryRequest: 1768 | type: object 1769 | required: 1770 | - requestId 1771 | - timestamp 1772 | - query 1773 | properties: 1774 | requestId: 1775 | type: string 1776 | format: uuid 1777 | description: a nonce, unique for each HTTP request 1778 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1779 | timestamp: 1780 | $ref: '#/components/schemas/TimestampSchema' 1781 | query: 1782 | type: object 1783 | required: 1784 | - id 1785 | - purpose 1786 | - requester 1787 | properties: 1788 | id: 1789 | type: string 1790 | example: hinapatel79@ncg 1791 | purpose: 1792 | $ref: '#/components/schemas/PatientAuthPurpose' 1793 | requester: 1794 | type: object 1795 | required: 1796 | - id 1797 | - type 1798 | properties: 1799 | type: 1800 | type: string 1801 | enum: [HIP, HIU] 1802 | id: 1803 | type: string 1804 | example: 100005 -------------------------------------------------------------------------------- /hif-spec/health-repository.yaml: -------------------------------------------------------------------------------- 1 | openapi: 3.0.0 2 | info: 3 | version: 0.5.0 4 | title: Health Repository 5 | description: > 6 | Health repository where health information providers and health information users are connected. 7 | servers: 8 | # Added by API Auto Mocking Plugin 9 | - description: SwaggerHub API Auto Mocking 10 | url: https://virtserver.swaggerhub.com/health-stack/heatlh-repository/0.5.0 11 | - url: https://ncg-dev.projecteka.in/api-bridge1 12 | description: Dev 13 | tags: 14 | - name: discovery 15 | - name: link 16 | - name: consent flow 17 | - name: data flow 18 | - name: identification 19 | - name: user auth 20 | - name: monitoring 21 | - name: hiu side 22 | - name: hip side 23 | paths: 24 | /v0.5/care-contexts/discover: 25 | post: 26 | tags: 27 | - discovery 28 | - hip side 29 | summary: Discover patient's accounts 30 | description: > 31 | Request for patient care context discover, made by Gateway intended for a specific HIP. It is expected that HIP will subsequently return either zero or one patient record with (potentially masked) associated care contexts 32 | 1. **At least one of the verified identifier matches** 33 | 2. **Name (fuzzy), gender matches** 34 | 3. **If YoB was given, age band(+-2) matches** 35 | 4. **If unverified identifiers were given, one of them matches** 36 | 5. **If more than one patient records would be found after aforementioned steps, then patient who matches most verified and unverified identifiers would be returned.** 37 | 6. **If there would be still more than one patients (after ranking) error would be returned** 38 | 7. **Intended HIP should be able to resolve and identify results returned in the subsequent link confirmation request via the specified transactionId** 39 | 8. **Intended HIP should store the discovery results with transactionId and care contexts discovered for subsequent link initiation** 40 | 41 | parameters: 42 | - $ref: "#/components/parameters/authorization" 43 | - $ref: "#/components/parameters/X-HIP-ID" 44 | requestBody: 45 | required: true 46 | content: 47 | application/json: 48 | schema: 49 | $ref: '#/components/schemas/PatientDiscoveryRequest' 50 | application/xml: 51 | schema: 52 | $ref: '#/components/schemas/PatientDiscoveryRequest' 53 | responses: 54 | '202': 55 | description: Request accepted 56 | '400': 57 | description: > 58 | **Causes:** 59 | * Empty verified identifiers. 60 | * Format mismatch of any of attributes. 61 | | type | Format/Allowed Values| 62 | | ------- | ---------------- | 63 | | gender | M/F/O/U | 64 | | MOBILE | valid mobile number with proper country code | 65 | content: 66 | application/json: 67 | schema: 68 | $ref: '#/components/schemas/ErrorResponse' 69 | '401': 70 | description: > 71 | **Causes:** 72 | * Unauthorized request 73 | content: 74 | application/json: 75 | schema: 76 | $ref: '#/components/schemas/ErrorResponse' 77 | application/xml: 78 | schema: 79 | $ref: '#/components/schemas/ErrorResponse' 80 | '500': 81 | description: > 82 | **Causes:** 83 | * Downstream system(s) is down. 84 | * Unhandled exceptions. 85 | content: 86 | application/json: 87 | schema: 88 | $ref: '#/components/schemas/ErrorResponse' 89 | application/xml: 90 | schema: 91 | $ref: '#/components/schemas/ErrorResponse' 92 | /v0.5/links/link/init: 93 | post: 94 | tags: 95 | - link 96 | - hip side 97 | summary: Link patient's care contexts 98 | description: > 99 | Request from Gateway to links care contexts associated with only one patient 100 | 1. **Validate account reference number and care context reference number** 101 | 2. **Validate transactionId in the request with discovery request entry to check whether there was a discovery 102 | and were these care contexts discovered or not for a given patient** 103 | 3. **Before eventual link confirmation, HIP needs to authenticate the request with the patient(eg: OTP verification)** 104 | 4. **HIP should communicate the mode of authentication of a successful request to Consent Manager** 105 | parameters: 106 | - $ref: "#/components/parameters/authorization" 107 | - $ref: "#/components/parameters/X-HIP-ID" 108 | requestBody: 109 | required: true 110 | content: 111 | application/json: 112 | schema: 113 | $ref: '#/components/schemas/PatientLinkReferenceRequest' 114 | application/xml: 115 | schema: 116 | $ref: '#/components/schemas/PatientLinkReferenceRequest' 117 | responses: 118 | '202': 119 | description: Request accepted 120 | '400': 121 | description: > 122 | **Causes:** 123 | * Consent manager user id is not provided 124 | * Patient reference number is not provided 125 | * Care context references are not provided 126 | content: 127 | application/json: 128 | schema: 129 | $ref: '#/components/schemas/ErrorResponse' 130 | application/xml: 131 | schema: 132 | $ref: '#/components/schemas/ErrorResponse' 133 | '401': 134 | description: > 135 | **Causes:** 136 | * Unauthorized request 137 | content: 138 | application/json: 139 | schema: 140 | $ref: '#/components/schemas/ErrorResponse' 141 | application/xml: 142 | schema: 143 | $ref: '#/components/schemas/ErrorResponse' 144 | '500': 145 | description: > 146 | **Causes:** 147 | * Downstream system(s) is down. 148 | * Unhandled exceptions. 149 | content: 150 | application/json: 151 | schema: 152 | $ref: '#/components/schemas/ErrorResponse' 153 | application/xml: 154 | schema: 155 | $ref: '#/components/schemas/ErrorResponse' 156 | /v0.5/links/link/confirm: 157 | post: 158 | tags: 159 | - link 160 | - hip side 161 | parameters: 162 | - $ref: "#/components/parameters/authorization" 163 | - $ref: "#/components/parameters/X-HIP-ID" 164 | summary: Token submission by Consent Manager for link confirmation 165 | description: > 166 | API to submit the token that was sent by HIP during the link request. 167 | requestBody: 168 | required: true 169 | content: 170 | application/json: 171 | schema: 172 | $ref: '#/components/schemas/LinkConfirmationRequest' 173 | application/xml: 174 | schema: 175 | $ref: '#/components/schemas/LinkConfirmationRequest' 176 | responses: 177 | '202': 178 | description: accepted 179 | '400': 180 | description: > 181 | **Causes:** 182 | * Token is not provided 183 | content: 184 | application/json: 185 | schema: 186 | $ref: '#/components/schemas/ErrorResponse' 187 | application/xml: 188 | schema: 189 | $ref: '#/components/schemas/ErrorResponse' 190 | '401': 191 | description: > 192 | **Causes:** 193 | * Unauthorized request 194 | content: 195 | application/json: 196 | schema: 197 | $ref: '#/components/schemas/ErrorResponse' 198 | application/xml: 199 | schema: 200 | $ref: '#/components/schemas/ErrorResponse' 201 | '500': 202 | description: > 203 | **Causes:** 204 | * Downstream system(s) is down. 205 | * Unhandled exceptions. 206 | content: 207 | application/json: 208 | schema: 209 | $ref: '#/components/schemas/ErrorResponse' 210 | application/xml: 211 | schema: 212 | $ref: '#/components/schemas/ErrorResponse' 213 | /v0.5/health-information/hiu/on-request: 214 | post: 215 | tags: 216 | - data flow 217 | - hiu side 218 | summary: Health information data request 219 | description: > 220 | Callback API for acknowledgement of Health information request made by HIU. Gateway calls this API when request has validated for the specified consent id. Either the **hiRequest** or **error** would be specified. If the health info request was valid, then the ***hiRequest.transactionId*** specifies the transaction context against which HIP would send over the data. 221 | Possible cases of errors are 222 | 1. **Invalid consent artefact id** 223 | 2. **Consent has expired** 224 | 3. **Date ranges are invalid** 225 | parameters: 226 | - $ref: "#/components/parameters/authorization" 227 | - $ref: "#/components/parameters/X-HIU-ID" 228 | requestBody: 229 | required: true 230 | content: 231 | application/json: 232 | schema: 233 | $ref: '#/components/schemas/HIUHealthInformationRequestResponse' 234 | application/xml: 235 | schema: 236 | $ref: '#/components/schemas/HIUHealthInformationRequestResponse' 237 | responses: 238 | '202': 239 | description: Request Accepted 240 | '400': 241 | description: > 242 | **Causes:** 243 | * Bad request 244 | content: 245 | application/json: 246 | schema: 247 | $ref: '#/components/schemas/ErrorResponse' 248 | application/xml: 249 | schema: 250 | $ref: '#/components/schemas/ErrorResponse' 251 | '401': 252 | description: > 253 | **Causes:** 254 | * Token is invalid or Link has expired 255 | content: 256 | application/json: 257 | schema: 258 | $ref: '#/components/schemas/ErrorResponse' 259 | application/xml: 260 | schema: 261 | $ref: '#/components/schemas/ErrorResponse' 262 | '500': 263 | description: > 264 | **Causes:** 265 | * Downstream system(s) is down. 266 | * Unhandled exceptions. 267 | content: 268 | application/json: 269 | schema: 270 | $ref: '#/components/schemas/ErrorResponse' 271 | application/xml: 272 | schema: 273 | $ref: '#/components/schemas/ErrorResponse' 274 | /v0.5/health-information/hip/request: 275 | post: 276 | tags: 277 | - data flow 278 | - hip side 279 | summary: Health information data request 280 | description: > 281 | API called by CM to request Health information from HIP against a validated consent artefact. The transactionId is the correlation id that HIP should use use when pushing data to the **dataPushUrl**. 282 | parameters: 283 | - $ref: '#/components/parameters/authorization' 284 | - $ref: '#/components/parameters/X-HIP-ID' 285 | requestBody: 286 | required: true 287 | content: 288 | application/json: 289 | schema: 290 | $ref: '#/components/schemas/HIPHealthInformationRequest' 291 | application/xml: 292 | schema: 293 | $ref: '#/components/schemas/HIPHealthInformationRequest' 294 | responses: 295 | '202': 296 | description: Request accepted. 297 | '400': 298 | description: > 299 | **Causes:** 300 | * Bad request 301 | content: 302 | application/json: 303 | schema: 304 | $ref: '#/components/schemas/ErrorResponse' 305 | application/xml: 306 | schema: 307 | $ref: '#/components/schemas/ErrorResponse' 308 | '401': 309 | description: > 310 | **Causes:** 311 | * Token is invalid or Link has expired 312 | content: 313 | application/json: 314 | schema: 315 | $ref: '#/components/schemas/ErrorResponse' 316 | application/xml: 317 | schema: 318 | $ref: '#/components/schemas/ErrorResponse' 319 | '500': 320 | description: > 321 | **Causes:** 322 | * Downstream system(s) is down. 323 | * Unhandled exceptions. 324 | content: 325 | application/json: 326 | schema: 327 | $ref: '#/components/schemas/ErrorResponse' 328 | application/xml: 329 | schema: 330 | $ref: '#/components/schemas/ErrorResponse' 331 | /v0.5/health-information/transfer: 332 | post: 333 | tags: 334 | - data flow 335 | - hiu side 336 | summary: health information transfer API 337 | description: > 338 | **NOTE**: This API is actually the callback URL that is passed as **dataPushUrl** in the data request API - /v0.5/health-information/hip/request. This API is directly called by HIP Data Bridge and is not mediated via CM, and hence not routed through the Gateway. 339 | 1. This API should be implemented at HIU side. It maybe implemented by the Data Bridge representing the HIU. 340 | 2. Entry elements maybe ***content*** or ***link***, although for version 1, entry ***content*** is preferred. 341 | 3. Entry ***content*** (or even link reference content) must be encrypted by means of Diffie Hellman Key Exchange, utilizing the HIU keymaterials that are passed through the data request API - /v0.5/health-information/hip/request. 342 | 4. Media contains the mimetype of content, and for v1, it is "application/fhir+json" 343 | 5. checksum is Md5 checksum of the data conent, before encryption 344 | 6. Please refer to the ProjectEKA WIKI for the format of FHIR bundle that is passed through content 345 | parameters: 346 | - $ref: '#/components/parameters/authorization' 347 | requestBody: 348 | required: true 349 | content: 350 | application/json: 351 | schema: 352 | $ref: '#/components/schemas/DataNotification' 353 | application/xml: 354 | schema: 355 | $ref: '#/components/schemas/DataNotification' 356 | responses: 357 | '202': 358 | description: Data accepted. 359 | '401': 360 | description: > 361 | **Causes:** 362 | * Invalid/Expired/Empty token. 363 | content: 364 | application/json: 365 | schema: 366 | $ref: '#/components/schemas/ErrorResponse' 367 | application/xml: 368 | schema: 369 | $ref: '#/components/schemas/ErrorResponse' 370 | '500': 371 | description: > 372 | **Causes:** 373 | * Downstream services are down 374 | content: 375 | application/json: 376 | schema: 377 | $ref: '#/components/schemas/ErrorResponse' 378 | application/xml: 379 | schema: 380 | $ref: '#/components/schemas/ErrorResponse' 381 | /v0.5/consent-requests/on-init: 382 | post: 383 | tags: 384 | - consent flow 385 | - hiu side 386 | summary: Response to consent request 387 | description: | 388 | Result of consent request creation for a patient. **id** represents the consentrequest id created by CM. The result must contain either **id** or the **error** caused.
389 | Reasons for error may be 390 | * Invalid references (e.g patient id, hiu id), purpose, hiTypes, ranges, persmission 391 | parameters: 392 | - $ref: "#/components/parameters/authorization" 393 | - $ref: "#/components/parameters/X-HIU-ID" 394 | requestBody: 395 | required: true 396 | content: 397 | application/json: 398 | schema: 399 | $ref: '#/components/schemas/ConsentRequestInitResponse' 400 | application/xml: 401 | schema: 402 | $ref: '#/components/schemas/ConsentRequestInitResponse' 403 | responses: 404 | '202': 405 | description: Request Accepted 406 | '400': 407 | description: > 408 | **Causes:** 409 | * Invalid data sent 410 | content: 411 | application/json: 412 | schema: 413 | $ref: '#/components/schemas/ErrorResponse' 414 | application/xml: 415 | schema: 416 | $ref: '#/components/schemas/ErrorResponse' 417 | '401': 418 | description: > 419 | **Causes:** 420 | * Expired/Invalid token. 421 | content: 422 | application/json: 423 | schema: 424 | $ref: '#/components/schemas/ErrorResponse' 425 | application/xml: 426 | schema: 427 | $ref: '#/components/schemas/ErrorResponse' 428 | '500': 429 | description: > 430 | **Causes:** 431 | * Downstream system(s) is down. 432 | * Unhandled exceptions. 433 | content: 434 | application/json: 435 | schema: 436 | $ref: '#/components/schemas/ErrorResponse' 437 | application/xml: 438 | schema: 439 | $ref: '#/components/schemas/ErrorResponse' 440 | /v0.5/consent-requests/on-status: 441 | post: 442 | tags: 443 | - consent flow 444 | - hiu side 445 | summary: Result of consent request status 446 | description: | 447 | Result of consent request done previously. Status of request can be GRANTED, DENIED, EXPIRED. If the request was GRANTED, then 448 | parameters: 449 | - $ref: '#/components/parameters/authorization' 450 | - $ref: "#/components/parameters/X-HIU-ID" 451 | requestBody: 452 | required: true 453 | content: 454 | application/json: 455 | schema: 456 | $ref: '#/components/schemas/HIUConsentRequestStatus' 457 | application/xml: 458 | schema: 459 | $ref: '#/components/schemas/HIUConsentRequestStatus' 460 | responses: 461 | '202': 462 | description: Request Accepted 463 | '400': 464 | description: > 465 | **Causes:** 466 | * Invalid data sent 467 | content: 468 | application/json: 469 | schema: 470 | $ref: '#/components/schemas/ErrorResponse' 471 | application/xml: 472 | schema: 473 | $ref: '#/components/schemas/ErrorResponse' 474 | '401': 475 | description: > 476 | **Causes:** 477 | * Expired/Invalid token. 478 | content: 479 | application/json: 480 | schema: 481 | $ref: '#/components/schemas/ErrorResponse' 482 | application/xml: 483 | schema: 484 | $ref: '#/components/schemas/ErrorResponse' 485 | '500': 486 | description: > 487 | **Causes:** 488 | * Downstream system(s) is down. 489 | * Unhandled exceptions. 490 | content: 491 | application/json: 492 | schema: 493 | $ref: '#/components/schemas/ErrorResponse' 494 | application/xml: 495 | schema: 496 | $ref: '#/components/schemas/ErrorResponse' 497 | /v0.5/consents/hiu/notify: 498 | post: 499 | tags: 500 | - consent flow 501 | - hiu side 502 | summary: Consent notification 503 | description: | 504 | Health information user will get notified about the consent request granted or denied, consent revoked, consent expired. 505 | 1. For consent request grant, status=GRANTED, consentRequestId=, and consentArtefacts is an array of generated consent artefact Ids. 506 | 2. For consent request expiry, status=EXPIRED, consentRequestId= 507 | 3. For consent request denied, status=DENIED, consentRequestId= 508 | 4. For consent revocation, status=REVOKED, consentArtefacts is an array of revoked consent artefact ids 509 | parameters: 510 | - $ref: '#/components/parameters/authorization' 511 | - $ref: '#/components/parameters/X-HIU-ID' 512 | requestBody: 513 | required: true 514 | content: 515 | application/json: 516 | schema: 517 | $ref: '#/components/schemas/HIUConsentNotificationEvent' 518 | responses: 519 | '202': 520 | description: Request Accepted. 521 | '401': 522 | description: > 523 | **Causes:** 524 | * Invalid/Expired/Empty token. 525 | content: 526 | application/json: 527 | schema: 528 | $ref: '#/components/schemas/ErrorResponse' 529 | application/xml: 530 | schema: 531 | $ref: '#/components/schemas/ErrorResponse' 532 | '500': 533 | description: > 534 | **Causes:** 535 | * Downstream services are down 536 | content: 537 | application/json: 538 | schema: 539 | $ref: '#/components/schemas/ErrorResponse' 540 | application/xml: 541 | schema: 542 | $ref: '#/components/schemas/ErrorResponse' 543 | /v0.5/consents/hip/notify: 544 | post: 545 | tags: 546 | - consent flow 547 | - hip side 548 | summary: Consent notification 549 | description: | 550 | Notification of consents to health information providers consent request granted, consent revoked, consent expired. Only the GRANTED and REVOKED status notifications will be sent to HIP. 551 | 1. If consent is granted, status=GRANTED, then consentDetail contains the consent artefact details and signature is available. 552 | 2. If consent is revoked, then status=REVOKED, and consentId specifes which consent artefact is revoked. 553 | parameters: 554 | - $ref: "#/components/parameters/authorization" 555 | - $ref: "#/components/parameters/X-HIP-ID" 556 | requestBody: 557 | required: true 558 | content: 559 | application/json: 560 | schema: 561 | $ref: '#/components/schemas/HIPConsentNotification' 562 | application/xml: 563 | schema: 564 | $ref: '#/components/schemas/HIPConsentNotification' 565 | responses: 566 | '202': 567 | description: Request Accepted 568 | '401': 569 | description: > 570 | **Causes:** 571 | * Invalid/Expired/Empty token. 572 | content: 573 | application/json: 574 | schema: 575 | $ref: '#/components/schemas/ErrorResponse' 576 | application/xml: 577 | schema: 578 | $ref: '#/components/schemas/ErrorResponse' 579 | '500': 580 | description: > 581 | **Causes:** 582 | * Downstream services are down 583 | content: 584 | application/json: 585 | schema: 586 | $ref: '#/components/schemas/ErrorResponse' 587 | application/xml: 588 | schema: 589 | $ref: '#/components/schemas/ErrorResponse' 590 | /v0.5/consents/on-fetch: 591 | post: 592 | tags: 593 | - consent flow 594 | - hiu side 595 | summary: Result of fetch request for a consent artefact 596 | description: | 597 | Must contain either consent or error. Possible reason of errors are 598 | 1. consentId passed through /fetch is invalid 599 | parameters: 600 | - $ref: "#/components/parameters/authorization" 601 | - $ref: "#/components/parameters/X-HIU-ID" 602 | requestBody: 603 | required: true 604 | content: 605 | application/json: 606 | schema: 607 | $ref: '#/components/schemas/ConsentArtefactResponse' 608 | application/xml: 609 | schema: 610 | $ref: '#/components/schemas/ConsentArtefactResponse' 611 | responses: 612 | '202': 613 | description: Request Accepted 614 | '400': 615 | description: > 616 | **Causes:** 617 | * Invalid data sent 618 | content: 619 | application/json: 620 | schema: 621 | $ref: '#/components/schemas/ErrorResponse' 622 | application/xml: 623 | schema: 624 | $ref: '#/components/schemas/ErrorResponse' 625 | '401': 626 | description: > 627 | **Causes:** 628 | * Expired/Invalid token. 629 | content: 630 | application/json: 631 | schema: 632 | $ref: '#/components/schemas/ErrorResponse' 633 | application/xml: 634 | schema: 635 | $ref: '#/components/schemas/ErrorResponse' 636 | '500': 637 | description: > 638 | **Causes:** 639 | * Downstream system(s) is down. 640 | * Unhandled exceptions. 641 | content: 642 | application/json: 643 | schema: 644 | $ref: '#/components/schemas/ErrorResponse' 645 | application/xml: 646 | schema: 647 | $ref: '#/components/schemas/ErrorResponse' 648 | /v0.5/heartbeat: 649 | get: 650 | tags: 651 | - monitoring 652 | - hiu side 653 | - hip side 654 | summary: Get consent request status 655 | responses: 656 | '200': 657 | description: OK 658 | content: 659 | application/json: 660 | schema: 661 | $ref: '#/components/schemas/HeartbeatResponse' 662 | application/xml: 663 | schema: 664 | $ref: '#/components/schemas/HeartbeatResponse' 665 | /v0.5/patients/on-find: 666 | post: 667 | tags: 668 | - identification 669 | - hiu side 670 | summary: Identification result for a consent-manager user-id 671 | description: | 672 | If a patient is found then patient.name contains the patients name. 673 | Otherwise, patient is not provided, and possibly error is raised for invalid requests 674 | Note in addition to the "Authorization" header, one of the following headers must be specified 675 | 1. specify **X-HIU-ID** if the requester is HIU (identified from /find requester.id) 676 | 2. specify **X-HIP-ID** if the requester is HIP (identified from /find requester.id) 677 | parameters: 678 | - $ref: "#/components/parameters/authorization" 679 | requestBody: 680 | required: true 681 | content: 682 | application/json: 683 | schema: 684 | $ref: '#/components/schemas/PatientIdentificationResponse' 685 | application/xml: 686 | schema: 687 | $ref: '#/components/schemas/PatientIdentificationResponse' 688 | responses: 689 | '202': 690 | description: Request Accepted 691 | '400': 692 | description: > 693 | Invalid request, required attributes not provided 694 | content: 695 | application/json: 696 | schema: 697 | $ref: '#/components/schemas/ErrorResponse' 698 | '401': 699 | description: > 700 | **Causes:** 701 | * Unauthorized request 702 | content: 703 | application/json: 704 | schema: 705 | $ref: '#/components/schemas/ErrorResponse' 706 | application/xml: 707 | schema: 708 | $ref: '#/components/schemas/ErrorResponse' 709 | '500': 710 | description: > 711 | **Causes:** 712 | * Downstream system(s) is down. 713 | * Unhandled exceptions. 714 | content: 715 | application/json: 716 | schema: 717 | $ref: '#/components/schemas/ErrorResponse' 718 | application/xml: 719 | schema: 720 | $ref: '#/components/schemas/ErrorResponse' 721 | /v0.5/links/link/on-add-contexts: 722 | post: 723 | tags: 724 | - link 725 | - hip side 726 | parameters: 727 | - $ref: "#/components/parameters/authorization" 728 | - $ref: "#/components/parameters/X-HIP-ID" 729 | summary: callback API for HIP initiated patient linking /link/add-context 730 | description: > 731 | If the accessToken is valid for purpose of linking, and specified details provided, CM will send "acknoweldgement.status" as SUCCESS. If any error occcurred, for example invalid token, or other required patient or care-context information not provided, then "error" attribute conveys so. 732 | 1. **accessToken must be valid and must be for the purpose of linking** 733 | requestBody: 734 | required: true 735 | content: 736 | application/json: 737 | schema: 738 | $ref: '#/components/schemas/PatientCareContextLinkResponse' 739 | application/xml: 740 | schema: 741 | $ref: '#/components/schemas/PatientCareContextLinkResponse' 742 | responses: 743 | '202': 744 | description: accepted 745 | '400': 746 | description: > 747 | **Causes:** 748 | * resp not specified 749 | * atleast acknowledgement or error should be specified 750 | content: 751 | application/json: 752 | schema: 753 | $ref: '#/components/schemas/ErrorResponse' 754 | application/xml: 755 | schema: 756 | $ref: '#/components/schemas/ErrorResponse' 757 | '401': 758 | description: > 759 | **Causes:** 760 | * Unauthorized request 761 | content: 762 | application/json: 763 | schema: 764 | $ref: '#/components/schemas/ErrorResponse' 765 | application/xml: 766 | schema: 767 | $ref: '#/components/schemas/ErrorResponse' 768 | '500': 769 | description: > 770 | **Causes:** 771 | * Downstream system(s) is down. 772 | * Unhandled exceptions. 773 | content: 774 | application/json: 775 | schema: 776 | $ref: '#/components/schemas/ErrorResponse' 777 | application/xml: 778 | schema: 779 | $ref: '#/components/schemas/ErrorResponse' 780 | 781 | /v0.5/users/auth/on-fetch-modes: 782 | post: 783 | tags: 784 | - user auth 785 | - hiu side 786 | - hip side 787 | summary: Identification result for a consent-manager user-id. 788 | description: | 789 | This is the callback API for /auth/fetch-modes. If a patient is found then **auth** attribute contains the supported modes for the specified purpose. 790 | Otherwise, error is raised for invalid requests or for non-existent id. 791 | Note in addition to the "Authorization" header, one of the following headers must be specified 792 | 1. **X-HIU-ID** if the requester is HIU (identified from /auth/fetch-modes requester.id) 793 | 2. **X-HIP-ID** if the requester is HIP (identified from /auth/fetch-modes requester.id) 794 | parameters: 795 | - $ref: "#/components/parameters/authorization" 796 | - $ref: "#/components/parameters/X-HIP-ID" 797 | - $ref: "#/components/parameters/X-HIU-ID" 798 | requestBody: 799 | required: true 800 | content: 801 | application/json: 802 | schema: 803 | $ref: '#/components/schemas/PatientAuthModeQueryResponse' 804 | application/xml: 805 | schema: 806 | $ref: '#/components/schemas/PatientAuthModeQueryResponse' 807 | responses: 808 | '202': 809 | description: Request Accepted 810 | '400': 811 | description: > 812 | Invalid request, required attributes not provided 813 | content: 814 | application/json: 815 | schema: 816 | $ref: '#/components/schemas/ErrorResponse' 817 | '401': 818 | description: > 819 | **Causes:** 820 | * Unauthorized request 821 | content: 822 | application/json: 823 | schema: 824 | $ref: '#/components/schemas/ErrorResponse' 825 | application/xml: 826 | schema: 827 | $ref: '#/components/schemas/ErrorResponse' 828 | '500': 829 | description: > 830 | **Causes:** 831 | * Downstream system(s) is down. 832 | * Unhandled exceptions. 833 | content: 834 | application/json: 835 | schema: 836 | $ref: '#/components/schemas/ErrorResponse' 837 | application/xml: 838 | schema: 839 | $ref: '#/components/schemas/ErrorResponse' 840 | 841 | /v0.5/users/auth/on-init: 842 | post: 843 | tags: 844 | - user auth 845 | - hip side 846 | - hiu side 847 | summary: Response to user authentication initialization from HIP 848 | description: > 849 | If the patient's id is valid, CM will return a transactionId as initialization of user auth. If the request is valid, then 'auth.mode' will convey how the authentication should be done. The authentication can be mediated or direct. For example, if the auth.modeis DIRECT, then HIP/HIU is not expected to send over anything as part of /auth/confirm, rather way for CM to notify them when patient approves so. For other mediated authentication modes, HIP or HIU is epected to send over eiter codes (OTP or similar) or demographic info as part of the /users/auth/confirm request accompanied with the transactionId. Note, for DIRECT authentication, CM will subsequently call /users/auth/notify call (Not spec'd yet) 850 | 851 | 1. **auth.mode** conveys whats the mode of authentication is, and what is expected from HIP/HIU in the subsequent /auth/confirm API call. Possible values, MOBILE_OTP - for OTP sent to mobile, AADHAAR_OTP - if an OTP was sent as part of Aadhaar authentication. DEMOGRAPHICS - If it is expected that the HIP/HIU sends over demographi details in the /auth/confirm API call. 852 | 2. **meta.expiry** conveys the expiry time of the token and the authentication session 853 | 3. **NOTE**, only one of **X-HIP-ID** or **X-HIU-ID** will be sent as part of header, not both. 854 | 855 | The error section in the body, represents the potential errors that may have occurred. Possible reasons: 856 | 1. **Patient id is invalid** 857 | parameters: 858 | - $ref: "#/components/parameters/authorization" 859 | - $ref: "#/components/parameters/X-HIP-ID" 860 | - $ref: "#/components/parameters/X-HIU-ID" 861 | requestBody: 862 | required: true 863 | content: 864 | application/json: 865 | schema: 866 | $ref: '#/components/schemas/PatientAuthInitResponse' 867 | application/xml: 868 | schema: 869 | $ref: '#/components/schemas/PatientAuthInitResponse' 870 | responses: 871 | '202': 872 | description: Request accepted 873 | '400': 874 | description: > 875 | **Causes:** 876 | * required information not provided 877 | * neither authInit nor error specified 878 | content: 879 | application/json: 880 | schema: 881 | $ref: '#/components/schemas/ErrorResponse' 882 | application/xml: 883 | schema: 884 | $ref: '#/components/schemas/ErrorResponse' 885 | '401': 886 | description: > 887 | **Causes:** 888 | * Unauthorized request 889 | content: 890 | application/json: 891 | schema: 892 | $ref: '#/components/schemas/ErrorResponse' 893 | application/xml: 894 | schema: 895 | $ref: '#/components/schemas/ErrorResponse' 896 | '500': 897 | description: > 898 | **Causes:** 899 | * Downstream system(s) is down. 900 | * Unhandled exceptions. 901 | content: 902 | application/json: 903 | schema: 904 | $ref: '#/components/schemas/ErrorResponse' 905 | application/xml: 906 | schema: 907 | $ref: '#/components/schemas/ErrorResponse' 908 | 909 | /v0.5/users/auth/on-confirm: 910 | post: 911 | tags: 912 | - user auth 913 | - hip side 914 | - hiu side 915 | summary: Request sending token, otp or other authentication details from HIP for confirmation 916 | description: > 917 | This API is called by CMs to confirm authentication of users. 918 | 1. **auth.accessToken** - is specific to the purpose mentioned in the /auth/init. This token needs to be used for initiating the intended action. For example for HIP initiated linking 919 | 2. **NOTE**, only one of **X-HIP-ID** or **X-HIU-ID** will be sent as part of header, not both. 920 | parameters: 921 | - $ref: "#/components/parameters/authorization" 922 | - $ref: "#/components/parameters/X-HIP-ID" 923 | - $ref: "#/components/parameters/X-HIU-ID" 924 | requestBody: 925 | required: true 926 | content: 927 | application/json: 928 | schema: 929 | $ref: '#/components/schemas/PatientAuthConfirmResponse' 930 | application/xml: 931 | schema: 932 | $ref: '#/components/schemas/PatientAuthConfirmResponse' 933 | responses: 934 | '202': 935 | description: Request accepted 936 | '400': 937 | description: > 938 | **Causes:** 939 | * required details not provided 940 | * neither auth nor error specified 941 | content: 942 | application/json: 943 | schema: 944 | $ref: '#/components/schemas/ErrorResponse' 945 | application/xml: 946 | schema: 947 | $ref: '#/components/schemas/ErrorResponse' 948 | '401': 949 | description: > 950 | **Causes:** 951 | * Unauthorized request 952 | content: 953 | application/json: 954 | schema: 955 | $ref: '#/components/schemas/ErrorResponse' 956 | application/xml: 957 | schema: 958 | $ref: '#/components/schemas/ErrorResponse' 959 | '500': 960 | description: > 961 | **Causes:** 962 | * Downstream system(s) is down. 963 | * Unhandled exceptions. 964 | content: 965 | application/json: 966 | schema: 967 | $ref: '#/components/schemas/ErrorResponse' 968 | application/xml: 969 | schema: 970 | $ref: '#/components/schemas/ErrorResponse' 971 | 972 | components: 973 | parameters: 974 | authorization: 975 | name: Authorization 976 | in: header 977 | required: true 978 | description: Access token which was issued after successful login with gateway auth server, which will be sent by gateway to authenticate itself with API bridge. 979 | schema: 980 | type: string 981 | X-Origin-ID: 982 | name: X-Origin-ID 983 | in: header 984 | description: > 985 | Identifier of the health information provider user from which the request came. 986 | (Necessity of this header depends on the authentication at the Bridge) 987 | If gateway uses JWT authentication, from access token itself originator can be identified. 988 | schema: 989 | type: string 990 | X-HIP-ID: 991 | name: X-HIP-ID 992 | in: header 993 | required: true 994 | description: Identifier of the health information provider to which the request was intended. 995 | schema: 996 | type: string 997 | X-HIU-ID: 998 | name: X-HIU-ID 999 | in: header 1000 | required: true 1001 | description: Identifier of the health information user to which the request was intended. 1002 | schema: 1003 | type: string 1004 | X-CM-ID: 1005 | name: X-CM-ID 1006 | in: header 1007 | required: true 1008 | description: Suffix of the consent manager to which the request was intended. 1009 | schema: 1010 | type: string 1011 | LinkRefNumber: 1012 | name: linkRefNumber 1013 | in: path 1014 | required: true 1015 | description: Reference number for the link request made earlier. 1016 | schema: 1017 | $ref: '#/components/schemas/UuidSchema' 1018 | ConsentRequestId: 1019 | name: consentRequestId 1020 | in: path 1021 | required: true 1022 | description: Consent request's identifier 1023 | schema: 1024 | type: string 1025 | format: uuid 1026 | ConsentId: 1027 | name: consentId 1028 | in: path 1029 | required: true 1030 | description: Consent request's identifier 1031 | schema: 1032 | type: string 1033 | format: uuid 1034 | schemas: 1035 | UuidSchema: 1036 | type: string 1037 | format: uuid 1038 | example: a1s2c932-2f70-3ds3-a3b5-2sfd46b12a18d 1039 | PatientDiscoveryRequest: 1040 | type: object 1041 | required: 1042 | - requestId 1043 | - timestamp 1044 | - transactionId 1045 | - patient 1046 | properties: 1047 | requestId: 1048 | type: string 1049 | format: uuid 1050 | description: a nonce, unique for each HTTP request. 1051 | example: "499a5a4a-7dda-4f20-9b67-e24589627061" 1052 | timestamp: 1053 | $ref: '#/components/schemas/TimestampSchema' 1054 | transactionId: 1055 | type: string 1056 | format: uuid 1057 | description: correlation-Id for patient discovery and subsequent care context linkage 1058 | patient: 1059 | type: object 1060 | required: 1061 | - id 1062 | - verifiedIdentifiers 1063 | - name 1064 | - gender 1065 | - yearOfBirth 1066 | properties: 1067 | id: 1068 | type: string 1069 | example: @ 1070 | description: Identifier of patient at consent manager 1071 | verifiedIdentifiers: 1072 | type: array 1073 | items: 1074 | $ref: '#/components/schemas/Identifier' 1075 | xml: 1076 | name: verifiedIdentifiers 1077 | wrapped: true 1078 | unverifiedIdentifiers: 1079 | type: array 1080 | items: 1081 | $ref: '#/components/schemas/Identifier' 1082 | xml: 1083 | name: unverifiedIdentifiers 1084 | wrapped: true 1085 | name: 1086 | type: string 1087 | example: "chandler bing" 1088 | gender: 1089 | $ref: '#/components/schemas/PatientGender' 1090 | yearOfBirth: 1091 | type: integer 1092 | example: 2000 1093 | xml: 1094 | name: PatientDiscoveryRequest 1095 | ErrorResponse: 1096 | type: object 1097 | properties: 1098 | error: 1099 | $ref: '#/components/schemas/Error' 1100 | Identifier: 1101 | type: object 1102 | required: 1103 | - type 1104 | - value 1105 | properties: 1106 | type: 1107 | $ref: '#/components/schemas/IdentifierType' 1108 | value: 1109 | type: string 1110 | example: "+919800083232" 1111 | xml: 1112 | name: Identifier 1113 | IdentifierType: 1114 | type: string 1115 | enum: [MOBILE, MR] 1116 | CareContext: 1117 | type: object 1118 | required: 1119 | - referenceNumber 1120 | properties: 1121 | referenceNumber: 1122 | type: string 1123 | xml: 1124 | name: Tag 1125 | PatientLinkReferenceRequest: 1126 | type: object 1127 | required: 1128 | - requestId 1129 | - timestamp 1130 | - transactionId 1131 | - patient 1132 | properties: 1133 | requestId: 1134 | type: string 1135 | format: uuid 1136 | timestamp: 1137 | $ref: '#/components/schemas/TimestampSchema' 1138 | transactionId: 1139 | type: string 1140 | format: uuid 1141 | patient: 1142 | type: object 1143 | required: 1144 | - id 1145 | - referenceNumber 1146 | - careContexts 1147 | properties: 1148 | id: 1149 | type: string 1150 | example: hinapatel79@ncg 1151 | referenceNumber: 1152 | type: string 1153 | example: TMH-PUID-001 1154 | careContexts: 1155 | type: array 1156 | items: 1157 | $ref: '#/components/schemas/CareContext' 1158 | xml: 1159 | name: careContexts 1160 | wrapped: true 1161 | xml: 1162 | name: PatientLinkReferenceRequest 1163 | LinkConfirmationRequest: 1164 | type: object 1165 | required: 1166 | - requestId 1167 | - timestamp 1168 | - confirmation 1169 | properties: 1170 | requestId: 1171 | type: string 1172 | format: uuid 1173 | timestamp: 1174 | $ref: '#/components/schemas/TimestampSchema' 1175 | confirmation: 1176 | type: object 1177 | required: 1178 | - linkRefNumber 1179 | - token 1180 | properties: 1181 | linkRefNumber: 1182 | type: string 1183 | token: 1184 | type: string 1185 | Error: 1186 | type: object 1187 | required: 1188 | - code 1189 | - message 1190 | properties: 1191 | code: 1192 | type: integer 1193 | enum: [1000, 10001] 1194 | description: a numeric code for the error. 1195 | message: 1196 | type: string 1197 | xml: 1198 | name: Error 1199 | consent: 1200 | type: object 1201 | required: 1202 | - id 1203 | properties: 1204 | id: 1205 | type: string 1206 | DateRange: 1207 | type: object 1208 | required: 1209 | - from 1210 | - to 1211 | properties: 1212 | from: 1213 | type: string 1214 | format: date-time 1215 | to: 1216 | type: string 1217 | format: date-time 1218 | HIPConsentNotification: 1219 | type: object 1220 | required: 1221 | - requestId 1222 | - timestamp 1223 | - notification 1224 | properties: 1225 | requestId: 1226 | type: string 1227 | format: uuid 1228 | description: a nonce, unique for each HTTP request 1229 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1230 | timestamp: 1231 | $ref: '#/components/schemas/TimestampSchema' 1232 | notification: 1233 | type: object 1234 | required: 1235 | - status 1236 | - consentId 1237 | - signature 1238 | - consentDetail 1239 | properties: 1240 | status: 1241 | $ref: '#/components/schemas/ConsentStatus' 1242 | consentId: 1243 | type: string 1244 | format: uuid 1245 | consentDetail: 1246 | type: object 1247 | required: 1248 | - consentId 1249 | - createdAt 1250 | - patient 1251 | - careContexts 1252 | - purpose 1253 | - hip 1254 | - consentManager 1255 | - hiTypes 1256 | - permission 1257 | properties: 1258 | schemaVersion: 1259 | type: string 1260 | format: string 1261 | consentId: 1262 | type: string 1263 | format: uuid 1264 | createdAt: 1265 | type: string 1266 | format: date-time 1267 | patient: 1268 | $ref: '#/components/schemas/ConsentManagerPatientID' 1269 | careContexts: 1270 | type: array 1271 | items: 1272 | type: object 1273 | required: 1274 | - patientReference 1275 | - careContextReference 1276 | properties: 1277 | patientReference: 1278 | type: string 1279 | example: batman@tmh 1280 | careContextReference: 1281 | type: string 1282 | example: Episode1 1283 | purpose: 1284 | $ref: '#/components/schemas/UsePurpose' 1285 | hip: 1286 | type: object 1287 | allOf: 1288 | - $ref: '#/components/schemas/OrganizationRepresentation' 1289 | - xml: 1290 | name: hip 1291 | consentManager: 1292 | type: object 1293 | allOf: 1294 | - $ref: '#/components/schemas/OrganizationReference' 1295 | - xml: 1296 | name: consentManager 1297 | hiTypes: 1298 | type: array 1299 | items: 1300 | $ref: '#/components/schemas/HITypeEnum' 1301 | permission: 1302 | $ref: '#/components/schemas/Permission' 1303 | signature: 1304 | type: string 1305 | example: Signature of CM as defined in W3C standards; Base64 encoded 1306 | HITypeEnum: 1307 | type: string 1308 | enum: 1309 | - OPConsultation 1310 | - Prescription 1311 | - DischargeSummary 1312 | - DiagnosticReport 1313 | xml: 1314 | name: HIType 1315 | ConsentStatus: 1316 | type: string 1317 | enum: 1318 | - GRANTED 1319 | - EXPIRED 1320 | - DENIED 1321 | - REQUESTED 1322 | - REVOKED 1323 | ConsentManagerPatientID: 1324 | type: object 1325 | required: 1326 | - id 1327 | properties: 1328 | id: 1329 | type: string 1330 | xml: 1331 | attribute: true 1332 | format: @ 1333 | example: batman@ncg 1334 | UsePurpose: 1335 | type: object 1336 | required: 1337 | - text 1338 | - code 1339 | properties: 1340 | text: 1341 | type: string 1342 | code: 1343 | type: string 1344 | description: From the fixed set, documented at refUri 1345 | refUri: 1346 | type: string 1347 | format: uri 1348 | Permission: 1349 | type: object 1350 | required: 1351 | - accessMode 1352 | - dateRange 1353 | - dataEraseAt 1354 | - frequency 1355 | properties: 1356 | accessMode: 1357 | type: string 1358 | enum: [VIEW, STORE, QUERY, STREAM] 1359 | dateRange: 1360 | type: object 1361 | required: 1362 | - from 1363 | - to 1364 | properties: 1365 | from: 1366 | type: string 1367 | format: date-time 1368 | to: 1369 | type: string 1370 | format: date-time 1371 | dataEraseAt: 1372 | type: string 1373 | format: date-time 1374 | frequency: 1375 | type: object 1376 | properties: 1377 | unit: 1378 | type: string 1379 | enum: [HOUR, WEEK, DAY, MONTH, YEAR] 1380 | value: 1381 | type: integer 1382 | repeats: 1383 | type: integer 1384 | xml: 1385 | name: Permission 1386 | OrganizationRepresentation: 1387 | type: object 1388 | required: 1389 | - id 1390 | properties: 1391 | id: 1392 | type: string 1393 | xml: 1394 | attribute: true 1395 | xml: 1396 | name: OrganizationResponse 1397 | OrganizationReference: 1398 | type: object 1399 | required: 1400 | - id 1401 | properties: 1402 | id: 1403 | type: string 1404 | xml: 1405 | attribute: true 1406 | xml: 1407 | name: OrganizationReference 1408 | KeyMaterial: 1409 | type: object 1410 | required: 1411 | - cryptoAlg 1412 | - curve 1413 | - dhPublicKey 1414 | - nonce 1415 | properties: 1416 | cryptoAlg: 1417 | type: string 1418 | format: string 1419 | example: ECDH 1420 | curve: 1421 | type: string 1422 | format: string 1423 | example: Curve25519 1424 | dhPublicKey: 1425 | $ref: '#/components/schemas/keyObject' 1426 | nonce: 1427 | type: string 1428 | format: 32 byte string 1429 | example: 3fa85f64-5717-4562-b3fc-2c963f66afa6 1430 | keyObject: 1431 | type: object 1432 | required: 1433 | - expiry 1434 | - parameters 1435 | - keyValue 1436 | properties: 1437 | expiry: 1438 | type: string 1439 | format: date-time 1440 | parameters: 1441 | type: string 1442 | format: string 1443 | example: Curve25519/32byte random key 1444 | keyValue: 1445 | type: string 1446 | format: string 1447 | ConsentArtefactReference: 1448 | type: object 1449 | required: 1450 | - id 1451 | properties: 1452 | id: 1453 | type: string 1454 | example: '' 1455 | HIUConsentNotificationEvent: 1456 | type: object 1457 | required: 1458 | - requestId 1459 | - timestamp 1460 | - notification 1461 | properties: 1462 | requestId: 1463 | type: string 1464 | format: uuid 1465 | description: a nonce, unique for each HTTP request 1466 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1467 | timestamp: 1468 | $ref: '#/components/schemas/TimestampSchema' 1469 | notification: 1470 | type: object 1471 | required: 1472 | - status 1473 | - consentRequestId 1474 | properties: 1475 | consentRequestId: 1476 | type: string 1477 | example: '' 1478 | status: 1479 | $ref: '#/components/schemas/ConsentStatus' 1480 | consentArtefacts: 1481 | type: array 1482 | items: 1483 | $ref: '#/components/schemas/ConsentArtefactReference' 1484 | description: if the status is GRANTED or REVOKED, then the consentArtefact references (Ids) must be specified. 1485 | ConsentRequestInitResponse: 1486 | type: object 1487 | required: 1488 | - requestId 1489 | - timestamp 1490 | - resp 1491 | properties: 1492 | requestId: 1493 | type: string 1494 | format: uuid 1495 | description: a nonce, unique for each HTTP request 1496 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1497 | timestamp: 1498 | $ref: '#/components/schemas/TimestampSchema' 1499 | consentRequest: 1500 | type: object 1501 | required: 1502 | - id 1503 | properties: 1504 | id: 1505 | type: string 1506 | format: uuid 1507 | description: id of the consent-request created 1508 | example: f29f0e59-8388-4698-9fe6-05db67aeac46 1509 | error: 1510 | $ref: '#/components/schemas/Error' 1511 | resp: 1512 | $ref: '#/components/schemas/RequestReference' 1513 | xml: 1514 | name: ConsentRequestInitResponse 1515 | TimestampSchema: 1516 | type: string 1517 | format: date-time 1518 | description: Date time format in UTC, includes miliseconds YYYY-MM-DDThh:mm:ss.vZ 1519 | RequestReference: 1520 | type: object 1521 | required: 1522 | - requestId 1523 | properties: 1524 | requestId: 1525 | type: string 1526 | format: uuid 1527 | description: the requestId that was passed 1528 | HeartbeatResponse: 1529 | type: object 1530 | required: 1531 | - timestamp 1532 | - status 1533 | properties: 1534 | timestamp: 1535 | $ref: '#/components/schemas/TimestampSchema' 1536 | status: 1537 | type: string 1538 | enum: 1539 | - UP 1540 | - DOWN 1541 | error: 1542 | $ref: '#/components/schemas/Error' 1543 | xml: 1544 | name: HeartbeatResponse 1545 | HIUConsentRequestStatus: 1546 | type: object 1547 | required: 1548 | - requestId 1549 | - timestamp 1550 | - resp 1551 | properties: 1552 | requestId: 1553 | type: string 1554 | format: uuid 1555 | description: a nonce, unique for each HTTP request 1556 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1557 | timestamp: 1558 | $ref: '#/components/schemas/TimestampSchema' 1559 | consentRequest: 1560 | type: object 1561 | required: 1562 | - id 1563 | - status 1564 | properties: 1565 | id: 1566 | type: string 1567 | example: '' 1568 | status: 1569 | $ref: '#/components/schemas/ConsentStatus' 1570 | consentArtefacts: 1571 | type: array 1572 | items: 1573 | $ref: '#/components/schemas/ConsentArtefactReference' 1574 | error: 1575 | $ref: '#/components/schemas/Error' 1576 | resp: 1577 | $ref: '#/components/schemas/RequestReference' 1578 | ConsentArtefactResponse: 1579 | type: object 1580 | required: 1581 | - requestId 1582 | - timestamp 1583 | - resp 1584 | properties: 1585 | requestId: 1586 | type: string 1587 | format: uuid 1588 | description: a nonce, unique for each HTTP request 1589 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1590 | timestamp: 1591 | $ref: '#/components/schemas/TimestampSchema' 1592 | consent: 1593 | type: object 1594 | required: 1595 | - status 1596 | - consentDetail 1597 | - signature 1598 | properties: 1599 | status: 1600 | $ref: '#/components/schemas/ConsentStatus' 1601 | consentDetail: 1602 | type: object 1603 | required: 1604 | - consentId 1605 | - createdAt 1606 | - patient 1607 | - careContexts 1608 | - purpose 1609 | - hip 1610 | - hiu 1611 | - hiTypes 1612 | - permission 1613 | properties: 1614 | schemaVersion: 1615 | type: string 1616 | format: string 1617 | consentId: 1618 | type: string 1619 | format: uuid 1620 | createdAt: 1621 | type: string 1622 | format: date-time 1623 | patient: 1624 | $ref: '#/components/schemas/ConsentManagerPatientID' 1625 | careContexts: 1626 | type: array 1627 | items: 1628 | type: object 1629 | required: 1630 | - patientReference 1631 | - careContextReference 1632 | properties: 1633 | patientReference: 1634 | type: string 1635 | example: batman@tmh 1636 | careContextReference: 1637 | type: string 1638 | example: Episode1 1639 | purpose: 1640 | $ref: '#/components/schemas/UsePurpose' 1641 | hip: 1642 | type: object 1643 | allOf: 1644 | - $ref: '#/components/schemas/OrganizationRepresentation' 1645 | - xml: 1646 | name: hip 1647 | hiu: 1648 | type: object 1649 | allOf: 1650 | - $ref: '#/components/schemas/OrganizationRepresentation' 1651 | - xml: 1652 | name: hiu 1653 | consentManager: 1654 | type: object 1655 | allOf: 1656 | - $ref: '#/components/schemas/OrganizationRepresentation' 1657 | - xml: 1658 | name: consentManager 1659 | requester: 1660 | $ref: '#/components/schemas/Requester' 1661 | hiTypes: 1662 | type: array 1663 | items: 1664 | $ref: '#/components/schemas/HITypeEnum' 1665 | permission: 1666 | $ref: '#/components/schemas/Permission' 1667 | signature: 1668 | type: string 1669 | example: Signature of CM as defined in W3C standards; Base64 encoded 1670 | error: 1671 | $ref: '#/components/schemas/Error' 1672 | resp: 1673 | $ref: '#/components/schemas/RequestReference' 1674 | Requester: 1675 | type: object 1676 | required: 1677 | - name 1678 | properties: 1679 | name: 1680 | type: string 1681 | example: Dr. Manju 1682 | identifier: 1683 | type: object 1684 | properties: 1685 | type: 1686 | type: string 1687 | example: REGNO 1688 | value: 1689 | type: string 1690 | example: "MH1001" 1691 | system: 1692 | type: string 1693 | example: https://www.mciindia.org 1694 | HIPHealthInformationRequest: 1695 | type: object 1696 | required: 1697 | - requestId 1698 | - timestamp 1699 | - transactionId 1700 | - hiRequest 1701 | properties: 1702 | requestId: 1703 | $ref: '#/components/schemas/UuidSchema' 1704 | timestamp: 1705 | $ref: '#/components/schemas/TimestampSchema' 1706 | transactionId: 1707 | $ref: '#/components/schemas/UuidSchema' 1708 | hiRequest: 1709 | type: object 1710 | required: 1711 | - consent 1712 | - dataPushUrl 1713 | - keyMaterial 1714 | - dateRange 1715 | properties: 1716 | consent: 1717 | $ref: '#/components/schemas/consent' 1718 | dateRange: 1719 | $ref: '#/components/schemas/DateRange' 1720 | dataPushUrl: 1721 | type: string 1722 | keyMaterial: 1723 | $ref: '#/components/schemas/KeyMaterial' 1724 | HIUHealthInformationRequestResponse: 1725 | type: object 1726 | required: 1727 | - requestId 1728 | - timestamp 1729 | - resp 1730 | properties: 1731 | requestId: 1732 | $ref: '#/components/schemas/UuidSchema' 1733 | timestamp: 1734 | $ref: '#/components/schemas/TimestampSchema' 1735 | hiRequest: 1736 | type: object 1737 | required: 1738 | - transactionId 1739 | - sessionStatus 1740 | properties: 1741 | transactionId: 1742 | $ref: '#/components/schemas/UuidSchema' 1743 | sessionStatus: 1744 | type: string 1745 | enum: 1746 | - REQUESTED 1747 | - ACKNOWLEDGED 1748 | error: 1749 | $ref: '#/components/schemas/Error' 1750 | resp: 1751 | $ref: '#/components/schemas/RequestReference' 1752 | PatientIdentificationResponse: 1753 | type: object 1754 | required: 1755 | - requestId 1756 | - timestamp 1757 | - resp 1758 | properties: 1759 | requestId: 1760 | type: string 1761 | format: uuid 1762 | description: a nonce, unique for each HTTP request 1763 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1764 | timestamp: 1765 | $ref: '#/components/schemas/TimestampSchema' 1766 | patient: 1767 | type: object 1768 | required: 1769 | - id 1770 | - name 1771 | properties: 1772 | id: 1773 | type: string 1774 | example: hinapatel79@ncg 1775 | name: 1776 | type: string 1777 | example: Hina Patel 1778 | error: 1779 | $ref: '#/components/schemas/Error' 1780 | resp: 1781 | $ref: '#/components/schemas/RequestReference' 1782 | xml: 1783 | name: PatientIdentificationResponse 1784 | DataNotification: 1785 | type: object 1786 | required: 1787 | - transactionId 1788 | - entries 1789 | - keyMaterial 1790 | - pageNumber 1791 | - pageCount 1792 | properties: 1793 | pageNumber: 1794 | type: integer 1795 | description: Current page number. 1796 | pageCount: 1797 | type: integer 1798 | description: Total number of pages. 1799 | transactionId: 1800 | type: string 1801 | format: uuid 1802 | description: Transaction Id issued when data requested. 1803 | entries: 1804 | type: array 1805 | items: 1806 | anyOf: 1807 | - $ref: '#/components/schemas/EntryContent' 1808 | - $ref: '#/components/schemas/EntryLink' 1809 | keyMaterial: 1810 | $ref: '#/components/schemas/KeyMaterial' 1811 | EntryContent: 1812 | type: object 1813 | required: 1814 | - content 1815 | - media 1816 | - checksum 1817 | - careContextReference 1818 | properties: 1819 | content: 1820 | type: string 1821 | description: Encrypted content 1822 | example: Encrypted content of data packaged in FHIR bundle 1823 | media: 1824 | type: string 1825 | enum: ['application/fhir+json'] 1826 | description: mimetype of the content. 1827 | checksum: 1828 | type: string 1829 | description: Md5 checksum of the content before encryption 1830 | careContextReference: 1831 | type: string 1832 | example: RVH1008 1833 | description: care context reference number. 1834 | EntryLink: 1835 | type: object 1836 | required: 1837 | - link 1838 | - media 1839 | - checksum 1840 | - careContextReference 1841 | properties: 1842 | link: 1843 | type: string 1844 | description: Encrypted content 1845 | example: https://data-from.net/sa2321afaf12e13 1846 | media: 1847 | type: string 1848 | enum: ['application/fhir+json'] 1849 | description: mimetype of the content. 1850 | checksum: 1851 | type: string 1852 | description: Md5 checksum of the content before encryption 1853 | careContextReference: 1854 | type: string 1855 | example: NCC1701 1856 | description: care context reference number. 1857 | 1858 | PatientAuthInitResponse: 1859 | type: object 1860 | required: 1861 | - requestId 1862 | - timestamp 1863 | - resp 1864 | properties: 1865 | requestId: 1866 | type: string 1867 | format: uuid 1868 | description: a nonce, unique for each HTTP request 1869 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1870 | timestamp: 1871 | $ref: '#/components/schemas/TimestampSchema' 1872 | auth: 1873 | type: object 1874 | required: 1875 | - transactionId 1876 | - mode 1877 | properties: 1878 | transactionId: 1879 | type: string 1880 | mode: 1881 | $ref: '#/components/schemas/AuthenticationMode' 1882 | meta: 1883 | $ref: '#/components/schemas/AuthMeta' 1884 | error: 1885 | $ref: '#/components/schemas/Error' 1886 | resp: 1887 | $ref: '#/components/schemas/RequestReference' 1888 | 1889 | AuthenticationMode: 1890 | type: string 1891 | enum: ['M0BILE_OTP', 'DIRECT', 'DEMOGRAPHICS', 'AADHAAR_OTP'] 1892 | description: > 1893 | Subjected to CM specific capability 1894 | 1. MOBILE_OTP - for SMS OTP 1895 | 2. DIRECT - for auth through apps (usually direct) 1896 | 3. AADHAAR_OTP - for auth using OTP sent to Aadhaar number 1897 | 4. DEMOGRAPHICS - for auth using demographic. 1898 | 1899 | AuthMeta: 1900 | type: object 1901 | properties: 1902 | hint: 1903 | type: string 1904 | expiry: 1905 | type: string 1906 | example: "2019-12-30T12:01:55Z" 1907 | xml: 1908 | name: Meta 1909 | 1910 | PatientAuthConfirmResponse: 1911 | type: object 1912 | required: 1913 | - requestId 1914 | - timestamp 1915 | - resp 1916 | properties: 1917 | requestId: 1918 | type: string 1919 | format: uuid 1920 | description: a nonce, unique for each HTTP request 1921 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1922 | timestamp: 1923 | $ref: '#/components/schemas/TimestampSchema' 1924 | auth: 1925 | type: object 1926 | description: > 1927 | depending on the purpose of auth, as specified in /auth/init, the response may include the following 1928 | 1. LINK - only returns **accessToken** 1929 | 2. KYC - only returns **patient** 1930 | 3. KYC_AND_LINK - returns both **accessToken** and **patient** 1931 | properties: 1932 | accessToken : 1933 | type: string 1934 | description: access token for initialization of subsequent action. 1935 | patient: 1936 | $ref: '#/components/schemas/PatientDemographicResponse' 1937 | error: 1938 | $ref: '#/components/schemas/Error' 1939 | resp: 1940 | $ref: '#/components/schemas/RequestReference' 1941 | 1942 | PatientAddress: 1943 | type: object 1944 | properties: 1945 | line: 1946 | type: string 1947 | district: 1948 | type: string 1949 | state: 1950 | type: string 1951 | pincode: 1952 | type: string 1953 | 1954 | PatientGender: 1955 | type: string 1956 | enum: [M, F, O, U] 1957 | 1958 | PatientDemographicResponse: 1959 | type: object 1960 | required: 1961 | - id 1962 | - name 1963 | - gender 1964 | - yearOfBirth 1965 | properties: 1966 | id: 1967 | type: string 1968 | example: @ 1969 | description: PHR Identifier of patient at consent manager 1970 | name: 1971 | type: string 1972 | example: "Hina Patel" 1973 | gender: 1974 | $ref: '#/components/schemas/PatientGender' 1975 | yearOfBirth: 1976 | type: integer 1977 | example: 2000 1978 | address: 1979 | $ref: '#/components/schemas/PatientAddress' 1980 | identifiers: 1981 | type: array 1982 | items: 1983 | $ref: '#/components/schemas/Identifier' 1984 | xml: 1985 | name: identifiers 1986 | wrapped: true 1987 | 1988 | PatientCareContextLinkResponse: 1989 | type: object 1990 | required: 1991 | - requestId 1992 | - timestamp 1993 | - resp 1994 | properties: 1995 | requestId: 1996 | type: string 1997 | format: uuid 1998 | description: a nonce, unique for each HTTP request 1999 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 2000 | timestamp: 2001 | $ref: '#/components/schemas/TimestampSchema' 2002 | acknowledgement: 2003 | type: object 2004 | required: 2005 | - status 2006 | properties: 2007 | status: 2008 | type: string 2009 | enum: 2010 | - SUCCESS 2011 | error: 2012 | $ref: '#/components/schemas/Error' 2013 | resp: 2014 | $ref: '#/components/schemas/RequestReference' 2015 | 2016 | PatientAuthPurpose: 2017 | type: string 2018 | enum: [LINK, KYC, KYC_AND_LINK] 2019 | description: what is the purpose of user auth 2020 | 2021 | PatientAuthModeQueryResponse: 2022 | type: object 2023 | required: 2024 | - requestId 2025 | - timestamp 2026 | - resp 2027 | properties: 2028 | requestId: 2029 | type: string 2030 | format: uuid 2031 | description: a nonce, unique for each HTTP request 2032 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 2033 | timestamp: 2034 | $ref: '#/components/schemas/TimestampSchema' 2035 | auth: 2036 | type: object 2037 | required: 2038 | - purpose 2039 | - modes 2040 | properties: 2041 | purpose: 2042 | $ref: '#/components/schemas/PatientAuthPurpose' 2043 | modes: 2044 | type: array 2045 | items: 2046 | $ref: '#/components/schemas/AuthenticationMode' 2047 | error: 2048 | $ref: '#/components/schemas/Error' 2049 | resp: 2050 | $ref: '#/components/schemas/RequestReference' -------------------------------------------------------------------------------- /spec/consent-manager.yaml: -------------------------------------------------------------------------------- 1 | openapi: 3.0.0 2 | info: 3 | version: "0.5.0" 4 | title: Consent Manager 5 | description: | 6 | Entity which provides health information aggregation services to users of healthcare services. 7 | It enables customers to fetch their health information from one or more Health Information Providers 8 | (e.g., Hospitals, Diagnostic Labs, Medical Device Companies), based on their explicit Consent and to share such 9 | aggregated information with Health Information Users i.e. entities in need of such data (e.g., Insurers, 10 | Doctors, Medical Researchers). 11 | 12 | servers: 13 | # Added by API Auto Mocking Plugin 14 | - description: SwaggerHub API Auto Mocking 15 | url: https://virtserver.swaggerhub.com/health-stack/consent-manager/0.5.0 16 | - url: https://ncg-dev.projecteka.in/consent-manager 17 | description: Dev 18 | 19 | tags: 20 | - name: user auth 21 | - name: identification 22 | - name: discovery 23 | - name: link 24 | - name: consent 25 | - name: data flow 26 | 27 | paths: 28 | /v0.5/care-contexts/on-discover: 29 | post: 30 | tags: 31 | - discovery 32 | summary: Response to patient's account discovery request 33 | description: > 34 | Result of patient care-context discovery request at HIP end. If a matching patient found with zero or more care contexts associated, it is specified as result attribute. If the prior discovery request, resulted in errors then it is specified in the error attribute. Reasons of errors can be 35 | 1. **more than one definitive match for the given request** 36 | 2. **no verified identifer was specified** 37 | parameters: 38 | - $ref: "#/components/parameters/authorization" 39 | requestBody: 40 | required: true 41 | content: 42 | application/json: 43 | schema: 44 | $ref: '#/components/schemas/PatientDiscoveryResult' 45 | application/xml: 46 | schema: 47 | $ref: '#/components/schemas/PatientDiscoveryResult' 48 | responses: 49 | '202': 50 | description: Request accepted 51 | '400': 52 | description: > 53 | **Causes:** 54 | * Format mismatch of any of attributes. 55 | content: 56 | application/json: 57 | schema: 58 | $ref: '#/components/schemas/ErrorResponse' 59 | '401': 60 | description: > 61 | **Causes:** 62 | * Unauthorized request 63 | content: 64 | application/json: 65 | schema: 66 | $ref: '#/components/schemas/ErrorResponse' 67 | application/xml: 68 | schema: 69 | $ref: '#/components/schemas/ErrorResponse' 70 | '500': 71 | description: > 72 | **Causes:** 73 | * Downstream system(s) is down. 74 | * Unhandled exceptions. 75 | content: 76 | application/json: 77 | schema: 78 | $ref: '#/components/schemas/ErrorResponse' 79 | application/xml: 80 | schema: 81 | $ref: '#/components/schemas/ErrorResponse' 82 | /v0.5/links/link/on-init: 83 | post: 84 | tags: 85 | - link 86 | summary: Response to patient's care context link request 87 | description: > 88 | Result of patient care-context link request from HIP end. This happens in context of previous discovery of patient found at HIP end, therefore the link requests ought to be in reference to the patient reference and care-context references previously returned by the HIP. The correlation of discovery and link request is maintained through the transactionId. HIP should have 89 | 1. **Validated transactionId in the request to check whether there was a discovery done previously, and the link request corresponds to returned patient care care context references** 90 | 2. **Before returning the response, HIP should have sent an authentication request to the patient(eg: OTP verification)** 91 | 3. **HIP should communicate the mode of authentication of a successful request** 92 | 4. **HIP subsequently should expect the token passed via /link/confirm against the link.referenceNumber passed in this call** 93 | 94 | The error section in the body, represents the potential errors that may have occurred. Possible reasons: 95 | 1. **Patient reference number is invalid** 96 | 2. **Care context reference numbers are invalid** 97 | parameters: 98 | - $ref: "#/components/parameters/authorization" 99 | requestBody: 100 | required: true 101 | content: 102 | application/json: 103 | schema: 104 | $ref: '#/components/schemas/PatientLinkReferenceResult' 105 | application/xml: 106 | schema: 107 | $ref: '#/components/schemas/PatientLinkReferenceResult' 108 | responses: 109 | '202': 110 | description: Request accepted 111 | '400': 112 | description: > 113 | **Causes:** 114 | * Format mismatch of any of attributes. 115 | content: 116 | application/json: 117 | schema: 118 | $ref: '#/components/schemas/ErrorResponse' 119 | '401': 120 | description: > 121 | **Causes:** 122 | * Unauthorized request 123 | content: 124 | application/json: 125 | schema: 126 | $ref: '#/components/schemas/ErrorResponse' 127 | application/xml: 128 | schema: 129 | $ref: '#/components/schemas/ErrorResponse' 130 | '500': 131 | description: > 132 | **Causes:** 133 | * Downstream system(s) is down. 134 | * Unhandled exceptions. 135 | content: 136 | application/json: 137 | schema: 138 | $ref: '#/components/schemas/ErrorResponse' 139 | application/xml: 140 | schema: 141 | $ref: '#/components/schemas/ErrorResponse' 142 | /v0.5/links/link/on-confirm: 143 | post: 144 | tags: 145 | - link 146 | parameters: 147 | - $ref: "#/components/parameters/authorization" 148 | summary: Token authenticated by HIP, indicating completion of linkage of care-contexts 149 | description: > 150 | Returns a list of linked care contexts with patient reference number. 151 | 1. **Validated and linked account reference number** 152 | 2. **Validated that the token sent from Consent Manager is same as the one generated by HIP** 153 | 3. **Verified that same Consent Manager which made the link request is sending the token** 154 | 4. **Results of unmasked linked care contexts with patient reference number** 155 | requestBody: 156 | required: true 157 | content: 158 | application/json: 159 | schema: 160 | $ref: '#/components/schemas/PatientLinkResult' 161 | application/xml: 162 | schema: 163 | $ref: '#/components/schemas/PatientLinkResult' 164 | responses: 165 | '202': 166 | description: accepted 167 | '400': 168 | description: > 169 | **Causes:** 170 | * resp not specified 171 | * atleast patient or error should be specified 172 | content: 173 | application/json: 174 | schema: 175 | $ref: '#/components/schemas/ErrorResponse' 176 | application/xml: 177 | schema: 178 | $ref: '#/components/schemas/ErrorResponse' 179 | '401': 180 | description: > 181 | **Causes:** 182 | * Unauthorized request 183 | content: 184 | application/json: 185 | schema: 186 | $ref: '#/components/schemas/ErrorResponse' 187 | application/xml: 188 | schema: 189 | $ref: '#/components/schemas/ErrorResponse' 190 | '500': 191 | description: > 192 | **Causes:** 193 | * Downstream system(s) is down. 194 | * Unhandled exceptions. 195 | content: 196 | application/json: 197 | schema: 198 | $ref: '#/components/schemas/ErrorResponse' 199 | application/xml: 200 | schema: 201 | $ref: '#/components/schemas/ErrorResponse' 202 | /v0.5/links/link/add-contexts: 203 | post: 204 | tags: 205 | - link 206 | parameters: 207 | - $ref: "#/components/parameters/authorization" 208 | summary: API for HIP initiated care-context linking for patient 209 | description: > 210 | API to submit care-context to CM for HIP initiated linking. The API must accompany the "accessToken" fetched in the users/auth process. 211 | 1. subsequent usage for accessToken may be invalid if it was meant for one-time usage or if it expired 212 | requestBody: 213 | required: true 214 | content: 215 | application/json: 216 | schema: 217 | $ref: '#/components/schemas/PatientCareContextLinkRequest' 218 | application/xml: 219 | schema: 220 | $ref: '#/components/schemas/PatientCareContextLinkRequest' 221 | responses: 222 | '202': 223 | description: accepted 224 | '400': 225 | description: > 226 | **Causes:** 227 | * required information not provided 228 | content: 229 | application/json: 230 | schema: 231 | $ref: '#/components/schemas/ErrorResponse' 232 | application/xml: 233 | schema: 234 | $ref: '#/components/schemas/ErrorResponse' 235 | '401': 236 | description: > 237 | **Causes:** 238 | * Unauthorized request 239 | content: 240 | application/json: 241 | schema: 242 | $ref: '#/components/schemas/ErrorResponse' 243 | application/xml: 244 | schema: 245 | $ref: '#/components/schemas/ErrorResponse' 246 | '500': 247 | description: > 248 | **Causes:** 249 | * Downstream system(s) is down. 250 | * Unhandled exceptions. 251 | content: 252 | application/json: 253 | schema: 254 | $ref: '#/components/schemas/ErrorResponse' 255 | application/xml: 256 | schema: 257 | $ref: '#/components/schemas/ErrorResponse' 258 | # consent-service 259 | /v0.5/consent-requests/init: 260 | post: 261 | tags: 262 | - consent 263 | summary: Create consent request 264 | description: Creates a consent request to get data about a patient by HIU user. CM should call Gateway - ***/v0.5/consent-requests/on-init*** API with the consent-request-id 265 | parameters: 266 | - $ref: "#/components/parameters/authorization" 267 | requestBody: 268 | required: true 269 | content: 270 | application/json: 271 | schema: 272 | $ref: '#/components/schemas/ConsentRequest' 273 | application/xml: 274 | schema: 275 | $ref: '#/components/schemas/ConsentRequest' 276 | responses: 277 | '202': 278 | description: Request Accepted 279 | '400': 280 | description: > 281 | **Causes:** 282 | * Invalid data sent 283 | * Required attributes not mentioned 284 | content: 285 | application/json: 286 | schema: 287 | $ref: '#/components/schemas/ErrorResponse' 288 | application/xml: 289 | schema: 290 | $ref: '#/components/schemas/ErrorResponse' 291 | '401': 292 | description: > 293 | **Causes:** 294 | * Expired/Invalid token. 295 | content: 296 | application/json: 297 | schema: 298 | $ref: '#/components/schemas/ErrorResponse' 299 | application/xml: 300 | schema: 301 | $ref: '#/components/schemas/ErrorResponse' 302 | '500': 303 | description: > 304 | **Causes:** 305 | * Downstream system(s) is down. 306 | * Unhandled exceptions. 307 | content: 308 | application/json: 309 | schema: 310 | $ref: '#/components/schemas/ErrorResponse' 311 | application/xml: 312 | schema: 313 | $ref: '#/components/schemas/ErrorResponse' 314 | /v0.5/consents/fetch: 315 | post: 316 | tags: 317 | - consent 318 | summary: Get consent artefact 319 | description: This API is called when a HIU makes a request to get a consent artefact. For response please refer to the Gateway ***/v0.5/consents/on-fetch*** 320 | parameters: 321 | - $ref: "#/components/parameters/authorization" 322 | requestBody: 323 | required: true 324 | content: 325 | application/json: 326 | schema: 327 | $ref: '#/components/schemas/ConsentFetchRequest' 328 | responses: 329 | '202': 330 | description: Request Accepted 331 | '400': 332 | description: > 333 | **Causes:** 334 | * Invalid data sent 335 | content: 336 | application/json: 337 | schema: 338 | $ref: '#/components/schemas/ErrorResponse' 339 | application/xml: 340 | schema: 341 | $ref: '#/components/schemas/ErrorResponse' 342 | '401': 343 | description: > 344 | **Causes:** 345 | * Expired/Invalid token. 346 | content: 347 | application/json: 348 | schema: 349 | $ref: '#/components/schemas/ErrorResponse' 350 | application/xml: 351 | schema: 352 | $ref: '#/components/schemas/ErrorResponse' 353 | '500': 354 | description: > 355 | **Causes:** 356 | * Downstream system(s) is down. 357 | * Unhandled exceptions. 358 | content: 359 | application/json: 360 | schema: 361 | $ref: '#/components/schemas/ErrorResponse' 362 | application/xml: 363 | schema: 364 | $ref: '#/components/schemas/ErrorResponse' 365 | /v0.5/consents/hip/on-notify: 366 | post: 367 | tags: 368 | - consent 369 | summary: Consent notification 370 | description: > 371 | This API is called by HIP as acknowledgement to notification of consents, in cases of consent revocation and expiration, notified by CM earlier via Gateway API - ***/v0.5/consents/hip/notify***. 372 | parameters: 373 | - $ref: "#/components/parameters/authorization" 374 | requestBody: 375 | required: true 376 | content: 377 | application/json: 378 | schema: 379 | $ref: '#/components/schemas/HIPConsentNotificationResponse' 380 | application/xml: 381 | schema: 382 | $ref: '#/components/schemas/HIPConsentNotificationResponse' 383 | responses: 384 | '202': 385 | description: Request Accepted 386 | '401': 387 | description: > 388 | **Causes:** 389 | * Invalid/Expired/Empty token. 390 | content: 391 | application/json: 392 | schema: 393 | $ref: '#/components/schemas/ErrorResponse' 394 | application/xml: 395 | schema: 396 | $ref: '#/components/schemas/ErrorResponse' 397 | '500': 398 | description: > 399 | **Causes:** 400 | * Downstream services are down 401 | content: 402 | application/json: 403 | schema: 404 | $ref: '#/components/schemas/ErrorResponse' 405 | application/xml: 406 | schema: 407 | $ref: '#/components/schemas/ErrorResponse' 408 | /v0.5/consents/hiu/on-notify: 409 | post: 410 | tags: 411 | - consent 412 | summary: Consent notification 413 | description: | 414 | This API is called by HIU as acknowledgement to consent notifications, specifically for cases when consent is REVOKED or EXPIRED, notified by CM earlier via Gateway API - ***/v0.5/consents/hiu/notify***. 415 | parameters: 416 | - $ref: '#/components/parameters/authorization' 417 | requestBody: 418 | required: true 419 | content: 420 | application/json: 421 | schema: 422 | $ref: '#/components/schemas/HIUConsentNotificationResponse' 423 | responses: 424 | '202': 425 | description: Request Accepted. 426 | '401': 427 | description: > 428 | **Causes:** 429 | * Invalid/Expired/Empty token. 430 | content: 431 | application/json: 432 | schema: 433 | $ref: '#/components/schemas/ErrorResponse' 434 | application/xml: 435 | schema: 436 | $ref: '#/components/schemas/ErrorResponse' 437 | '500': 438 | description: > 439 | **Causes:** 440 | * Downstream services are down 441 | content: 442 | application/json: 443 | schema: 444 | $ref: '#/components/schemas/ErrorResponse' 445 | application/xml: 446 | schema: 447 | $ref: '#/components/schemas/ErrorResponse' 448 | /v0.5/consent-requests/status: 449 | post: 450 | tags: 451 | - consent 452 | summary: Get consent request status 453 | description: Get status of consent request done previously. CM responds by calling Gateway API - ***/v0.5/consent-requests/on-status*** 454 | parameters: 455 | - $ref: '#/components/parameters/authorization' 456 | requestBody: 457 | required: true 458 | content: 459 | application/json: 460 | schema: 461 | $ref: '#/components/schemas/ConsentRequestStatusRequest' 462 | application/xml: 463 | schema: 464 | $ref: '#/components/schemas/ConsentRequestStatusRequest' 465 | responses: 466 | '202': 467 | description: Request Accepted 468 | '400': 469 | description: > 470 | **Causes:** 471 | * Invalid data sent 472 | content: 473 | application/json: 474 | schema: 475 | $ref: '#/components/schemas/ErrorResponse' 476 | application/xml: 477 | schema: 478 | $ref: '#/components/schemas/ErrorResponse' 479 | '401': 480 | description: > 481 | **Causes:** 482 | * Expired/Invalid token. 483 | content: 484 | application/json: 485 | schema: 486 | $ref: '#/components/schemas/ErrorResponse' 487 | application/xml: 488 | schema: 489 | $ref: '#/components/schemas/ErrorResponse' 490 | '500': 491 | description: > 492 | **Causes:** 493 | * Downstream system(s) is down. 494 | * Unhandled exceptions. 495 | content: 496 | application/json: 497 | schema: 498 | $ref: '#/components/schemas/ErrorResponse' 499 | application/xml: 500 | schema: 501 | $ref: '#/components/schemas/ErrorResponse' 502 | /v0.5/health-information/request: 503 | post: 504 | tags: 505 | - data flow 506 | summary: Health information data request from HIU 507 | description: > 508 | HIU request for Health information against a consent id. CM would generate a transactionId against each consent and pass it as trnasaction context / correlation id to the HIP and also return the same to HIU via Gateway API - ***/v0.5/health-information/cm/on-request***. 509 | parameters: 510 | - $ref: "#/components/parameters/authorization" 511 | requestBody: 512 | required: true 513 | content: 514 | application/json: 515 | schema: 516 | $ref: '#/components/schemas/HIRequest' 517 | application/xml: 518 | schema: 519 | $ref: '#/components/schemas/HIRequest' 520 | responses: 521 | '202': 522 | description: Request Accepted 523 | '400': 524 | description: > 525 | **Causes:** 526 | * Bad request 527 | content: 528 | application/json: 529 | schema: 530 | $ref: '#/components/schemas/ErrorResponse' 531 | application/xml: 532 | schema: 533 | $ref: '#/components/schemas/ErrorResponse' 534 | '401': 535 | description: > 536 | **Causes:** 537 | * Token is invalid or Link has expired 538 | content: 539 | application/json: 540 | schema: 541 | $ref: '#/components/schemas/ErrorResponse' 542 | application/xml: 543 | schema: 544 | $ref: '#/components/schemas/ErrorResponse' 545 | '500': 546 | description: > 547 | **Causes:** 548 | * Downstream system(s) is down. 549 | * Unhandled exceptions. 550 | content: 551 | application/json: 552 | schema: 553 | $ref: '#/components/schemas/ErrorResponse' 554 | application/xml: 555 | schema: 556 | $ref: '#/components/schemas/ErrorResponse' 557 | /v0.5/health-information/on-request: 558 | post: 559 | tags: 560 | - data flow 561 | summary: Health information data request acknowledgement from HIP 562 | description: > 563 | This API is called by HIP to acknowledge Health information request receipt. When HIU requests health information, CM generates a transactionId and makes a health information request to the HIP(s). HIPs acknowledgement to the health-information request is coveyed by this API. Either the **hiRequest** or **error** must be specified. **hiRequest** element returns the same transactionId as before with a status indicating that the request is acknowledged. 564 | parameters: 565 | - $ref: '#/components/parameters/authorization' 566 | requestBody: 567 | required: true 568 | content: 569 | application/json: 570 | schema: 571 | $ref: '#/components/schemas/HIPHealthInformationRequestAcknowledgement' 572 | application/xml: 573 | schema: 574 | $ref: '#/components/schemas/HIPHealthInformationRequestAcknowledgement' 575 | responses: 576 | '202': 577 | description: Request accepted. 578 | '400': 579 | description: > 580 | **Causes:** 581 | * Bad request 582 | content: 583 | application/json: 584 | schema: 585 | $ref: '#/components/schemas/ErrorResponse' 586 | application/xml: 587 | schema: 588 | $ref: '#/components/schemas/ErrorResponse' 589 | '401': 590 | description: > 591 | **Causes:** 592 | * Token is invalid or Link has expired 593 | content: 594 | application/json: 595 | schema: 596 | $ref: '#/components/schemas/ErrorResponse' 597 | application/xml: 598 | schema: 599 | $ref: '#/components/schemas/ErrorResponse' 600 | '500': 601 | description: > 602 | **Causes:** 603 | * Downstream system(s) is down. 604 | * Unhandled exceptions. 605 | content: 606 | application/json: 607 | schema: 608 | $ref: '#/components/schemas/ErrorResponse' 609 | application/xml: 610 | schema: 611 | $ref: '#/components/schemas/ErrorResponse' 612 | /v0.5/health-information/notify: 613 | post: 614 | tags: 615 | - data flow 616 | summary: Notifications corresponding to events during data flow 617 | description: | 618 | API called by HIU and HIP during data-transfer. 619 | 1. HIP on transfer of data would send **sessionStatus** - one of [TRANSFERRED, FAILED] 620 | 2. HIP would also send **hiStatus** for each *careContextReference* - on of [DELIVERED, ERRORED] 621 | 3. HIU on receipt of data would send **sessionStatus** - one of [TRANSFERRED, FAILED]. For example, FAILED when if data was not sent or if invalid data was sent 622 | 4. HIU would also send **hiStatus** for each *careContextReference* - one of [OK, ERRORED] 623 | parameters: 624 | - $ref: '#/components/parameters/authorization' 625 | requestBody: 626 | required: true 627 | content: 628 | application/json: 629 | schema: 630 | $ref: '#/components/schemas/HealthInformationNotification' 631 | application/xml: 632 | schema: 633 | $ref: '#/components/schemas/HealthInformationNotification' 634 | responses: 635 | '204': 636 | description: Notification is Accepted 637 | '400': 638 | description: > 639 | **Causes:** 640 | * Invalid Request 641 | content: 642 | application/json: 643 | schema: 644 | $ref: '#/components/schemas/ErrorResponse' 645 | application/xml: 646 | schema: 647 | $ref: '#/components/schemas/ErrorResponse' 648 | '401': 649 | description: > 650 | **Causes:** 651 | * Expired/Invalid token. 652 | content: 653 | application/json: 654 | schema: 655 | $ref: '#/components/schemas/ErrorResponse' 656 | application/xml: 657 | schema: 658 | $ref: '#/components/schemas/ErrorResponse' 659 | '500': 660 | description: > 661 | **Causes:** 662 | * Downstream system(s) is down. 663 | * Unhandled exceptions. 664 | content: 665 | application/json: 666 | schema: 667 | $ref: '#/components/schemas/ErrorResponse' 668 | application/xml: 669 | schema: 670 | $ref: '#/components/schemas/ErrorResponse' 671 | /v0.5/heartbeat: 672 | get: 673 | tags: 674 | - monitoring 675 | summary: Get consent request status 676 | responses: 677 | '200': 678 | description: OK 679 | content: 680 | application/json: 681 | schema: 682 | $ref: '#/components/schemas/HeartbeatResponse' 683 | application/xml: 684 | schema: 685 | $ref: '#/components/schemas/HeartbeatResponse' 686 | /v0.5/patients/find: 687 | post: 688 | tags: 689 | - identification 690 | summary: Identify a patient by her consent-manager user-id 691 | description: > 692 | This API is meant for identify to patient given her consent-manager-user-id. CM subsequently makes the /on-find Gateway API call with results. 693 | parameters: 694 | - $ref: "#/components/parameters/authorization" 695 | requestBody: 696 | required: true 697 | content: 698 | application/json: 699 | schema: 700 | $ref: '#/components/schemas/PatientIdentificationRequest' 701 | application/xml: 702 | schema: 703 | $ref: '#/components/schemas/PatientIdentificationRequest' 704 | responses: 705 | '202': 706 | description: Request Accepted 707 | '400': 708 | description: > 709 | Invalid request, required attributes not provided 710 | content: 711 | application/json: 712 | schema: 713 | $ref: '#/components/schemas/ErrorResponse' 714 | '401': 715 | description: > 716 | **Causes:** 717 | * Unauthorized request 718 | content: 719 | application/json: 720 | schema: 721 | $ref: '#/components/schemas/ErrorResponse' 722 | application/xml: 723 | schema: 724 | $ref: '#/components/schemas/ErrorResponse' 725 | '500': 726 | description: > 727 | **Causes:** 728 | * Downstream system(s) is down. 729 | * Unhandled exceptions. 730 | content: 731 | application/json: 732 | schema: 733 | $ref: '#/components/schemas/ErrorResponse' 734 | application/xml: 735 | schema: 736 | $ref: '#/components/schemas/ErrorResponse' 737 | 738 | /v0.5/users/auth/fetch-modes: 739 | post: 740 | tags: 741 | - user auth 742 | - hip facing 743 | summary: Get a patient's authentication modes by her consent-manager user-id relevant to specified purpose 744 | description: > 745 | This API is meant for identify supported authentication modes for a patient given a specific purpose. For response callback API please see Gateway spec /auth/on-fetch-modes. Note that as of now, only KYC purpose is applicable for HIU, for HIP the purposes KYC, LINK, KYC_AND_LINK are applicable. 746 | parameters: 747 | - $ref: "#/components/parameters/authorization" 748 | requestBody: 749 | required: true 750 | content: 751 | application/json: 752 | schema: 753 | $ref: '#/components/schemas/PatientAuthModeQueryRequest' 754 | application/xml: 755 | schema: 756 | $ref: '#/components/schemas/PatientAuthModeQueryRequest' 757 | responses: 758 | '202': 759 | description: Request Accepted 760 | '400': 761 | description: > 762 | Invalid request, required attributes not provided 763 | content: 764 | application/json: 765 | schema: 766 | $ref: '#/components/schemas/ErrorResponse' 767 | '401': 768 | description: > 769 | **Causes:** 770 | * Unauthorized request 771 | content: 772 | application/json: 773 | schema: 774 | $ref: '#/components/schemas/ErrorResponse' 775 | application/xml: 776 | schema: 777 | $ref: '#/components/schemas/ErrorResponse' 778 | '500': 779 | description: > 780 | **Causes:** 781 | * Downstream system(s) is down. 782 | * Unhandled exceptions. 783 | content: 784 | application/json: 785 | schema: 786 | $ref: '#/components/schemas/ErrorResponse' 787 | application/xml: 788 | schema: 789 | $ref: '#/components/schemas/ErrorResponse' 790 | /v0.5/users/auth/init: 791 | post: 792 | tags: 793 | - user auth 794 | summary: Initialize authentication from HIP 795 | description: > 796 | This API is called by HIPs to initiate authentication of users. A transactionId is retuned by the corresponding callback API for confirmation of user auth. 797 | parameters: 798 | - $ref: "#/components/parameters/authorization" 799 | requestBody: 800 | required: true 801 | content: 802 | application/json: 803 | schema: 804 | $ref: '#/components/schemas/PatientAuthInitRequest' 805 | application/xml: 806 | schema: 807 | $ref: '#/components/schemas/PatientAuthInitRequest' 808 | responses: 809 | '202': 810 | description: Request accepted 811 | '400': 812 | description: > 813 | **Causes:** 814 | * patient id is not provided 815 | content: 816 | application/json: 817 | schema: 818 | $ref: '#/components/schemas/ErrorResponse' 819 | application/xml: 820 | schema: 821 | $ref: '#/components/schemas/ErrorResponse' 822 | '401': 823 | description: > 824 | **Causes:** 825 | * Unauthorized request 826 | content: 827 | application/json: 828 | schema: 829 | $ref: '#/components/schemas/ErrorResponse' 830 | application/xml: 831 | schema: 832 | $ref: '#/components/schemas/ErrorResponse' 833 | '500': 834 | description: > 835 | **Causes:** 836 | * Downstream system(s) is down. 837 | * Unhandled exceptions. 838 | content: 839 | application/json: 840 | schema: 841 | $ref: '#/components/schemas/ErrorResponse' 842 | application/xml: 843 | schema: 844 | $ref: '#/components/schemas/ErrorResponse' 845 | /v0.5/users/auth/confirm: 846 | post: 847 | tags: 848 | - user auth 849 | summary: Confirmation request sending token, otp or other authentication details from HIP for confirmation 850 | description: > 851 | This API is called by HIP/HIUs to confirm authentication of users. The transactionId returned by the previous callback API /users/auth/on-init must be sent. If Authentication is successful the callback API will send an "access token" for subsequent purpose specific API calls. Note only **credential.authCode** or **credential.demographic** should be sent 852 | 1. demographic details are only required for demographic auth as of now. 853 | 2. demographic details are required only in MEDIATED cases and if the **auth.mode** so demands. e.g. if **auth.mode** is DEMOGRAPHICS. Usually for demographic authentication, the name, gender and DOB must be exactly as specified in User Account. 854 | 3. demographic.identifier is optional, however maybe required if authentication so mandates. 855 | 4. credential.authCode is required for other MEDIATED authentication like MOBILE_OTP, AADHAAR_OTP. 856 | parameters: 857 | - $ref: "#/components/parameters/authorization" 858 | requestBody: 859 | required: true 860 | content: 861 | application/json: 862 | schema: 863 | $ref: '#/components/schemas/PatientAuthConfirmRequest' 864 | application/xml: 865 | schema: 866 | $ref: '#/components/schemas/PatientAuthConfirmRequest' 867 | responses: 868 | '202': 869 | description: Request accepted 870 | '400': 871 | description: > 872 | **Causes:** 873 | * transaction id is not provided or invalid 874 | * token or other auth confirmation details not provided or invalid 875 | content: 876 | application/json: 877 | schema: 878 | $ref: '#/components/schemas/ErrorResponse' 879 | application/xml: 880 | schema: 881 | $ref: '#/components/schemas/ErrorResponse' 882 | '401': 883 | description: > 884 | **Causes:** 885 | * Unauthorized request 886 | content: 887 | application/json: 888 | schema: 889 | $ref: '#/components/schemas/ErrorResponse' 890 | application/xml: 891 | schema: 892 | $ref: '#/components/schemas/ErrorResponse' 893 | '500': 894 | description: > 895 | **Causes:** 896 | * Downstream system(s) is down. 897 | * Unhandled exceptions. 898 | content: 899 | application/json: 900 | schema: 901 | $ref: '#/components/schemas/ErrorResponse' 902 | application/xml: 903 | schema: 904 | $ref: '#/components/schemas/ErrorResponse' 905 | components: 906 | parameters: 907 | authorization: 908 | name: Authorization 909 | in: header 910 | required: true 911 | description: Access token which was issued after successful login with gateway auth server. 912 | schema: 913 | type: string 914 | LinkRefNumber: 915 | name: linkRefNumber 916 | in: path 917 | required: true 918 | description: Reference number for the link request made earlier. 919 | schema: 920 | $ref: '#/components/schemas/UuidSchema' 921 | ConsentRequestId: 922 | name: consentRequestId 923 | in: path 924 | required: true 925 | description: Consent request's identifier 926 | schema: 927 | type: string 928 | format: uuid 929 | ConsentId: 930 | name: consentId 931 | in: path 932 | required: true 933 | description: Consent request's identifier 934 | schema: 935 | type: string 936 | format: uuid 937 | schemas: 938 | TimestampSchema: 939 | type: string 940 | format: date-time 941 | description: Date time format in UTC, includes miliseconds YYYY-MM-DDThh:mm:ss.vZ 942 | UuidSchema: 943 | type: string 944 | format: uuid 945 | example: a1s2c932-2f70-3ds3-a3b5-2sfd46b12a18d 946 | PatientDiscoveryResult: 947 | type: object 948 | required: 949 | - requestId 950 | - timestamp 951 | - transactionId 952 | - resp 953 | properties: 954 | requestId: 955 | type: string 956 | format: uuid 957 | description: a nonce, unique for each HTTP request 958 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 959 | timestamp: 960 | $ref: '#/components/schemas/TimestampSchema' 961 | transactionId: 962 | type: string 963 | format: uuid 964 | patient: 965 | $ref: '#/components/schemas/PatientRepresentation' 966 | error: 967 | $ref: '#/components/schemas/Error' 968 | resp: 969 | $ref: '#/components/schemas/RequestReference' 970 | xml: 971 | name: PatientDiscoveryResult 972 | ErrorResponse: 973 | type: object 974 | properties: 975 | error: 976 | $ref: '#/components/schemas/Error' 977 | xml: 978 | name: ErrorResponse 979 | IdentifierType: 980 | type: string 981 | enum: [MOBILE, MR] 982 | PatientRepresentation: 983 | type: object 984 | required: 985 | - referenceNumber 986 | - display 987 | - careContexts 988 | properties: 989 | referenceNumber: 990 | type: string 991 | display: 992 | type: string 993 | careContexts: 994 | type: array 995 | items: 996 | $ref: '#/components/schemas/CareContextRepresentation' 997 | matchedBy: 998 | type: array 999 | items: 1000 | $ref: '#/components/schemas/IdentifierType' 1001 | xml: 1002 | name: Patient 1003 | CareContextRepresentation: 1004 | type: object 1005 | required: 1006 | - referenceNumber 1007 | - display 1008 | properties: 1009 | referenceNumber: 1010 | type: string 1011 | display: 1012 | type: string 1013 | xml: 1014 | name: Tag 1015 | PatientLinkReferenceResult: 1016 | type: object 1017 | required: 1018 | - requestId 1019 | - timestamp 1020 | - transactionId 1021 | - resp 1022 | properties: 1023 | requestId: 1024 | type: string 1025 | format: uuid 1026 | description: a nonce, unique for each HTTP request 1027 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1028 | timestamp: 1029 | $ref: '#/components/schemas/TimestampSchema' 1030 | transactionId: 1031 | $ref: '#/components/schemas/UuidSchema' 1032 | link: 1033 | type: object 1034 | required: 1035 | - referenceNumber 1036 | - authenticationType 1037 | properties: 1038 | referenceNumber: 1039 | type: string 1040 | authenticationType: 1041 | type: string 1042 | enum: ['DIRECT', 'MEDIATED'] 1043 | meta: 1044 | $ref: '#/components/schemas/Meta' 1045 | error: 1046 | $ref: '#/components/schemas/Error' 1047 | resp: 1048 | $ref: '#/components/schemas/RequestReference' 1049 | Meta: 1050 | type: object 1051 | required: 1052 | - communicationMedium 1053 | properties: 1054 | communicationMedium: 1055 | type: string 1056 | enum: ['MOBILE', 'EMAIL'] 1057 | communicationHint: 1058 | type: string 1059 | communicationExpiry: 1060 | type: string 1061 | example: "2019-12-30T12:01:55Z" 1062 | xml: 1063 | name: Meta 1064 | Error: 1065 | type: object 1066 | required: 1067 | - code 1068 | - message 1069 | properties: 1070 | code: 1071 | type: integer 1072 | enum: [1000, 10001] 1073 | message: 1074 | type: string 1075 | xml: 1076 | name: Error 1077 | PatientLinkResult: 1078 | type: object 1079 | required: 1080 | - requestId 1081 | - timestamp 1082 | - resp 1083 | properties: 1084 | requestId: 1085 | type: string 1086 | format: uuid 1087 | description: a nonce, unique for each HTTP request 1088 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1089 | timestamp: 1090 | $ref: '#/components/schemas/TimestampSchema' 1091 | patient: 1092 | type: object 1093 | required: 1094 | - referenceNumber 1095 | - display 1096 | - careContexts 1097 | properties: 1098 | referenceNumber: 1099 | type: string 1100 | display: 1101 | type: string 1102 | careContexts: 1103 | type: array 1104 | items: 1105 | $ref: '#/components/schemas/CareContextRepresentation' 1106 | error: 1107 | $ref: '#/components/schemas/Error' 1108 | resp: 1109 | $ref: '#/components/schemas/RequestReference' 1110 | HIRequest: 1111 | type: object 1112 | required: 1113 | - requestId 1114 | - timestamp 1115 | - hiRequest 1116 | properties: 1117 | requestId: 1118 | $ref: '#/components/schemas/UuidSchema' 1119 | timestamp: 1120 | $ref: '#/components/schemas/TimestampSchema' 1121 | hiRequest: 1122 | type: object 1123 | required: 1124 | - consent 1125 | - dataPushUrl 1126 | - keyMaterial 1127 | - dateRange 1128 | properties: 1129 | consent: 1130 | $ref: '#/components/schemas/consent' 1131 | dateRange: 1132 | $ref: '#/components/schemas/DateRange' 1133 | dataPushUrl: 1134 | type: string 1135 | keyMaterial: 1136 | $ref: '#/components/schemas/KeyMaterial' 1137 | consent: 1138 | type: object 1139 | required: 1140 | - id 1141 | properties: 1142 | id: 1143 | type: string 1144 | DateRange: 1145 | type: object 1146 | required: 1147 | - from 1148 | - to 1149 | properties: 1150 | from: 1151 | type: string 1152 | format: date-time 1153 | to: 1154 | type: string 1155 | format: date-time 1156 | HITypeEnum: 1157 | type: string 1158 | enum: 1159 | - OPConsultation 1160 | - Prescription 1161 | - DischargeSummary 1162 | - DiagnosticReport 1163 | xml: 1164 | name: HIType 1165 | ConsentManagerPatientID: 1166 | type: object 1167 | required: 1168 | - id 1169 | properties: 1170 | id: 1171 | type: string 1172 | xml: 1173 | attribute: true 1174 | format: @ 1175 | example: batman@ncg 1176 | UsePurpose: 1177 | type: object 1178 | required: 1179 | - text 1180 | - code 1181 | properties: 1182 | text: 1183 | type: string 1184 | code: 1185 | type: string 1186 | description: From the fixed set, documented at refUri 1187 | refUri: 1188 | type: string 1189 | format: uri 1190 | Permission: 1191 | type: object 1192 | required: 1193 | - accessMode 1194 | - dateRange 1195 | - dataEraseAt 1196 | - frequency 1197 | properties: 1198 | accessMode: 1199 | type: string 1200 | enum: [VIEW, STORE, QUERY, STREAM] 1201 | dateRange: 1202 | type: object 1203 | required: 1204 | - from 1205 | - to 1206 | properties: 1207 | from: 1208 | type: string 1209 | format: date-time 1210 | to: 1211 | type: string 1212 | format: date-time 1213 | dataEraseAt: 1214 | type: string 1215 | format: date-time 1216 | frequency: 1217 | type: object 1218 | properties: 1219 | unit: 1220 | type: string 1221 | enum: [HOUR, WEEK, DAY, MONTH, YEAR] 1222 | value: 1223 | type: integer 1224 | repeats: 1225 | type: integer 1226 | xml: 1227 | name: Permission 1228 | OrganizationRepresentation: 1229 | type: object 1230 | required: 1231 | - id 1232 | properties: 1233 | id: 1234 | type: string 1235 | xml: 1236 | attribute: true 1237 | xml: 1238 | name: OrganizationResponse 1239 | KeyMaterial: 1240 | type: object 1241 | required: 1242 | - cryptoAlg 1243 | - curve 1244 | - dhPublicKey 1245 | - nonce 1246 | properties: 1247 | cryptoAlg: 1248 | type: string 1249 | format: string 1250 | example: ECDH 1251 | curve: 1252 | type: string 1253 | format: string 1254 | example: Curve25519 1255 | dhPublicKey: 1256 | $ref: '#/components/schemas/keyObject' 1257 | nonce: 1258 | type: string 1259 | format: 32 byte string 1260 | example: 3fa85f64-5717-4562-b3fc-2c963f66afa6 1261 | keyObject: 1262 | type: object 1263 | required: 1264 | - expiry 1265 | - parameters 1266 | - keyValue 1267 | properties: 1268 | expiry: 1269 | type: string 1270 | format: date-time 1271 | parameters: 1272 | type: string 1273 | format: string 1274 | example: Curve25519/32byte random key 1275 | keyValue: 1276 | type: string 1277 | format: string 1278 | ConsentRequest: 1279 | type: object 1280 | required: 1281 | - requestId 1282 | - timestamp 1283 | - consent 1284 | properties: 1285 | requestId: 1286 | type: string 1287 | format: uuid 1288 | description: a nonce, unique for each HTTP request. 1289 | example: "499a5a4a-7dda-4f20-9b67-e24589627061" 1290 | timestamp: 1291 | $ref: '#/components/schemas/TimestampSchema' 1292 | consent: 1293 | type: object 1294 | required: 1295 | - purpose 1296 | - patient 1297 | - hiu 1298 | - requester 1299 | - hiTypes 1300 | - permission 1301 | - consentNotificationUrl 1302 | properties: 1303 | purpose: 1304 | $ref: '#/components/schemas/UsePurpose' 1305 | patient: 1306 | type: object 1307 | allOf: 1308 | - $ref: '#/components/schemas/ConsentManagerPatientID' 1309 | - xml: 1310 | name: patient 1311 | hip: 1312 | type: object 1313 | allOf: 1314 | - $ref: '#/components/schemas/OrganizationRepresentation' 1315 | - xml: 1316 | name: hip 1317 | hiu: 1318 | type: object 1319 | allOf: 1320 | - $ref: '#/components/schemas/OrganizationRepresentation' 1321 | - xml: 1322 | name: hiu 1323 | requester: 1324 | $ref: '#/components/schemas/Requester' 1325 | hiTypes: 1326 | type: array 1327 | items: 1328 | $ref: '#/components/schemas/HITypeEnum' 1329 | permission: 1330 | $ref: '#/components/schemas/Permission' 1331 | Requester: 1332 | type: object 1333 | required: 1334 | - name 1335 | properties: 1336 | name: 1337 | type: string 1338 | example: Dr. Manju 1339 | identifier: 1340 | type: object 1341 | required: 1342 | - type 1343 | - value 1344 | properties: 1345 | type: 1346 | type: string 1347 | example: REGNO 1348 | value: 1349 | type: string 1350 | example: "MH1001" 1351 | system: 1352 | type: string 1353 | example: https://www.mciindia.org 1354 | HealthInformationNotification: 1355 | type: object 1356 | required: 1357 | - requestId 1358 | - timestamp 1359 | - notification 1360 | properties: 1361 | requestId: 1362 | type: string 1363 | format: uuid 1364 | description: a nonce, unique for each HTTP request. 1365 | example: "499a5a4a-7dda-4f20-9b67-e24589627061" 1366 | timestamp: 1367 | $ref: '#/components/schemas/TimestampSchema' 1368 | notification: 1369 | type: object 1370 | required: 1371 | - consentId 1372 | - transactionId 1373 | - doneAt 1374 | - notifier 1375 | - statusNotification 1376 | properties: 1377 | consentId: 1378 | $ref: '#/components/schemas/UuidSchema' 1379 | transactionId: 1380 | $ref: '#/components/schemas/UuidSchema' 1381 | doneAt: 1382 | type: string 1383 | format: date-time 1384 | notifier: 1385 | type: object 1386 | required: 1387 | - type 1388 | - id 1389 | properties: 1390 | type: 1391 | type: string 1392 | enum: [HIU, HIP] 1393 | id: 1394 | type: string 1395 | example: 100005 1396 | statusNotification: 1397 | type: object 1398 | required: 1399 | - sessionStatus 1400 | - hipId 1401 | properties: 1402 | sessionStatus: 1403 | type: string 1404 | enum: [TRANSFERRED, FAILED] 1405 | hipId: 1406 | type: string 1407 | example: max 1408 | statusResponses: 1409 | type: array 1410 | items: 1411 | type: object 1412 | required: 1413 | - careContextReference 1414 | - hiStatus 1415 | properties: 1416 | careContextReference: 1417 | type: string 1418 | hiStatus: 1419 | type: string 1420 | enum: [DELIVERED, OK, ERRORED] 1421 | example: OK 1422 | description: 1423 | type: string 1424 | RequestReference: 1425 | type: object 1426 | required: 1427 | - requestId 1428 | properties: 1429 | requestId: 1430 | type: string 1431 | format: uuid 1432 | description: the requestId that was passed 1433 | ConsentFetchRequest: 1434 | type: object 1435 | required: 1436 | - consentId 1437 | - requestId 1438 | - timestamp 1439 | properties: 1440 | requestId: 1441 | type: string 1442 | format: uuid 1443 | description: a nonce, unique for each HTTP request 1444 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1445 | timestamp: 1446 | $ref: '#/components/schemas/TimestampSchema' 1447 | consentId: 1448 | type: string 1449 | ConsentRequestStatusRequest: 1450 | type: object 1451 | required: 1452 | - consentRequestId 1453 | - requestId 1454 | - timestamp 1455 | properties: 1456 | requestId: 1457 | type: string 1458 | format: uuid 1459 | description: a nonce, unique for each HTTP request 1460 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1461 | timestamp: 1462 | $ref: '#/components/schemas/TimestampSchema' 1463 | consentRequestId: 1464 | type: string 1465 | HIPHealthInformationRequestAcknowledgement: 1466 | type: object 1467 | required: 1468 | - requestId 1469 | - timestamp 1470 | - resp 1471 | properties: 1472 | requestId: 1473 | type: string 1474 | format: uuid 1475 | description: a nonce, unique for each HTTP request 1476 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1477 | timestamp: 1478 | $ref: '#/components/schemas/TimestampSchema' 1479 | hiRequest: 1480 | type: object 1481 | required: 1482 | - transactionId 1483 | - sessionStatus 1484 | properties: 1485 | transactionId: 1486 | type: string 1487 | format: uuid 1488 | sessionStatus: 1489 | type: string 1490 | enum: 1491 | - ACKNOWLEDGED 1492 | error: 1493 | $ref: '#/components/schemas/Error' 1494 | resp: 1495 | $ref: '#/components/schemas/RequestReference' 1496 | HIPConsentNotificationResponse: 1497 | type: object 1498 | required: 1499 | - requestId 1500 | - timestamp 1501 | - resp 1502 | properties: 1503 | requestId: 1504 | type: string 1505 | format: uuid 1506 | description: a nonce, unique for each HTTP request 1507 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1508 | timestamp: 1509 | $ref: '#/components/schemas/TimestampSchema' 1510 | acknowledgement: 1511 | $ref: '#/components/schemas/ConsentAcknowledgement' 1512 | error: 1513 | $ref: '#/components/schemas/Error' 1514 | resp: 1515 | $ref: '#/components/schemas/RequestReference' 1516 | HIUConsentNotificationResponse: 1517 | type: object 1518 | required: 1519 | - requestId 1520 | - timestamp 1521 | - resp 1522 | properties: 1523 | requestId: 1524 | type: string 1525 | format: uuid 1526 | description: a nonce, unique for each HTTP request 1527 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1528 | timestamp: 1529 | $ref: '#/components/schemas/TimestampSchema' 1530 | acknowledgement: 1531 | type: array 1532 | items: 1533 | $ref: '#/components/schemas/ConsentAcknowledgement' 1534 | error: 1535 | $ref: '#/components/schemas/Error' 1536 | resp: 1537 | $ref: '#/components/schemas/RequestReference' 1538 | ConsentAcknowledgement: 1539 | type: object 1540 | required: 1541 | - status 1542 | - consentId 1543 | properties: 1544 | status: 1545 | type: string 1546 | enum: 1547 | - OK 1548 | - UNKNOWN 1549 | consentId: 1550 | type: string 1551 | example: 1552 | HeartbeatResponse: 1553 | type: object 1554 | properties: 1555 | timestamp: 1556 | $ref: '#/components/schemas/TimestampSchema' 1557 | status: 1558 | type: string 1559 | enum: 1560 | - UP 1561 | - DOWN 1562 | error: 1563 | $ref: '#/components/schemas/Error' 1564 | xml: 1565 | name: HeartbeatResponse 1566 | PatientIdentificationRequest: 1567 | type: object 1568 | required: 1569 | - requestId 1570 | - timestamp 1571 | - query 1572 | properties: 1573 | requestId: 1574 | type: string 1575 | format: uuid 1576 | description: a nonce, unique for each HTTP request 1577 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1578 | timestamp: 1579 | $ref: '#/components/schemas/TimestampSchema' 1580 | query: 1581 | type: object 1582 | required: 1583 | - patient 1584 | - requester 1585 | properties: 1586 | patient: 1587 | type: object 1588 | required: 1589 | - id 1590 | properties: 1591 | id: 1592 | type: string 1593 | example: hinapatel79@ncg 1594 | requester: 1595 | type: object 1596 | required: 1597 | - type 1598 | - id 1599 | properties: 1600 | type: 1601 | type: string 1602 | enum: [HIU, HIP] 1603 | id: 1604 | type: string 1605 | example: 100005 1606 | PatientAuthInitRequest: 1607 | type: object 1608 | required: 1609 | - requestId 1610 | - timestamp 1611 | - query 1612 | properties: 1613 | requestId: 1614 | type: string 1615 | format: uuid 1616 | description: a nonce, unique for each HTTP request 1617 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1618 | timestamp: 1619 | $ref: '#/components/schemas/TimestampSchema' 1620 | query: 1621 | type: object 1622 | required: 1623 | - purpose 1624 | - requester 1625 | - id 1626 | properties: 1627 | id: 1628 | type: string 1629 | example: "hinapatel@ncg" 1630 | description: id of the patient understood by the CM 1631 | purpose: 1632 | $ref: '#/components/schemas/PatientAuthPurpose' 1633 | authMode: 1634 | $ref: '#/components/schemas/AuthenticationMode' 1635 | requester: 1636 | type: object 1637 | required: 1638 | - type 1639 | - id 1640 | description: identification of requester 1641 | properties: 1642 | type: 1643 | type: string 1644 | enum: [HIP, HIU] 1645 | id: 1646 | type: string 1647 | example: 100005 1648 | PatientAuthConfirmRequest: 1649 | type: object 1650 | required: 1651 | - requestId 1652 | - timestamp 1653 | - transactionId 1654 | - credential 1655 | properties: 1656 | requestId: 1657 | type: string 1658 | format: uuid 1659 | description: a nonce, unique for each HTTP request 1660 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1661 | timestamp: 1662 | $ref: '#/components/schemas/TimestampSchema' 1663 | transactionId: 1664 | type: string 1665 | credential: 1666 | type: object 1667 | properties: 1668 | authCode: 1669 | type: string 1670 | demographic: 1671 | $ref: '#/components/schemas/PatientDemographic' 1672 | 1673 | PatientDemographic: 1674 | type: object 1675 | required: 1676 | - name 1677 | - gender 1678 | - dateOfBirth 1679 | description: demographic details are only required for demographic auth at this point. 1680 | properties: 1681 | name: 1682 | type: string 1683 | example: "janki das" 1684 | gender: 1685 | $ref: '#/components/schemas/PatientGender' 1686 | dateOfBirth: 1687 | type: string 1688 | example: "1972-02-29" 1689 | description: date of birth in YYYY-MM-DD format. 1690 | identifier: 1691 | $ref: '#/components/schemas/Identifier' 1692 | Identifier: 1693 | type: object 1694 | required: 1695 | - type 1696 | - value 1697 | properties: 1698 | type: 1699 | $ref: '#/components/schemas/IdentifierType' 1700 | value: 1701 | type: string 1702 | example: "+919800083232" 1703 | xml: 1704 | name: Identifier 1705 | PatientGender: 1706 | type: string 1707 | enum: [M, F, O, U] 1708 | PatientCareContextLinkRequest: 1709 | type: object 1710 | required: 1711 | - requestId 1712 | - timestamp 1713 | - link 1714 | properties: 1715 | requestId: 1716 | type: string 1717 | format: uuid 1718 | description: a nonce, unique for each HTTP request 1719 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1720 | timestamp: 1721 | $ref: '#/components/schemas/TimestampSchema' 1722 | link: 1723 | $ref: '#/components/schemas/PatientCareContextLink' 1724 | PatientCareContextLink: 1725 | type: object 1726 | required: 1727 | - accessToken 1728 | - patient 1729 | properties: 1730 | accessToken: 1731 | type: string 1732 | description: AccessToken fetched in the user auth process for the purpose specified 1733 | patient: 1734 | type: object 1735 | required: 1736 | - referenceNumber 1737 | - display 1738 | - careContexts 1739 | properties: 1740 | referenceNumber: 1741 | type: string 1742 | example: TMH-PUID-001 1743 | description: patient reference id at HIP 1744 | display: 1745 | type: string 1746 | careContexts: 1747 | type: array 1748 | items: 1749 | $ref: '#/components/schemas/CareContextRepresentation' 1750 | xml: 1751 | name: careContexts 1752 | wrapped: true 1753 | AuthenticationMode: 1754 | type: string 1755 | enum: ['MOBILE_OTP', 'DIRECT', 'AADHAAR_OTP', 'DEMOGRAPHICS'] 1756 | description: > 1757 | Subjected to CM specific capability 1758 | 1. MOBILE_OTP - for SMS OTP 1759 | 2. DIRECT - for auth through apps (usually direct) 1760 | 3. AADHAAR_OTP - for auth using OTP sent to Aadhaar number 1761 | 4. DEMOGRAPHICS - for auth using demographic. 1762 | 1763 | PatientAuthPurpose: 1764 | type: string 1765 | enum: [LINK, KYC, KYC_AND_LINK] 1766 | description: what is the purpose of user auth 1767 | PatientAuthModeQueryRequest: 1768 | type: object 1769 | required: 1770 | - requestId 1771 | - timestamp 1772 | - query 1773 | properties: 1774 | requestId: 1775 | type: string 1776 | format: uuid 1777 | description: a nonce, unique for each HTTP request 1778 | example: 5f7a535d-a3fd-416b-b069-c97d021fbacd 1779 | timestamp: 1780 | $ref: '#/components/schemas/TimestampSchema' 1781 | query: 1782 | type: object 1783 | required: 1784 | - id 1785 | - purpose 1786 | - requester 1787 | properties: 1788 | id: 1789 | type: string 1790 | example: hinapatel79@ncg 1791 | purpose: 1792 | $ref: '#/components/schemas/PatientAuthPurpose' 1793 | requester: 1794 | type: object 1795 | required: 1796 | - id 1797 | - type 1798 | properties: 1799 | type: 1800 | type: string 1801 | enum: [HIP, HIU] 1802 | id: 1803 | type: string 1804 | example: 100005 --------------------------------------------------------------------------------