UNPKG

openapi-directory

Version:

Building & bundling https://github.com/APIs-guru/openapi-directory for easy use from JS

github.com/httptoolkit/openapi-directory-js

httptoolkit/openapi-directory-js

1 lines 80.6 kB
1
{"openapi":"3.0.0","servers":[{"description":"Sandbox","url":"https://dev.ndhm.gov.in/gateway"}],"info":{"contact":{"name":"National Health Authority","url":"https://ndhm.gov.in/"},"description":"The following are the specifications for the APIs to be implemented at the Health Repository end if an entity is only serving the role of a HIP. The specs are essentially duplicates from the Gateway and Health Repository, but put together so as to make it clear to *HIPs* which set of APIs they should implement to participate in the network. \n","title":"Health Repository Provider Specifications for HIP","version":"0.5","x-apisguru-categories":["open_data"],"x-origin":[{"format":"openapi","url":"https://apisetu.gov.in/api_specification_v8/ndhm-hip.yaml","version":"3.0"}],"x-providerName":"ndhm.gov.in","x-serviceName":"ndhm-hip"},"tags":[{"name":"user auth"},{"name":"profile"},{"name":"discovery"},{"name":"link"},{"name":"consent flow"},{"name":"data flow"},{"name":"data transfer"},{"name":"monitoring"},{"name":"Gateway"}],"paths":{"/v0.5/.well-known/openid-configuration":{"get":{"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/OpenIdConfiguration"}},"application/xml":{"schema":{"$ref":"#/components/schemas/OpenIdConfiguration"}}},"description":"OK"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Invalid consent request id\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Get openid configuration","tags":["Gateway"]}},"/v0.5/care-contexts/discover":{"post":{"description":"Request for patient care context discover, made by Gateway intended for a specific HIP. It is expected that HIP will subsequently return either zero or one patient record with (potentially masked) associated care contexts\n 1. **At least one of the verified identifier matches**\n 2. **Name (fuzzy), gender matches**\n 3. **If YoB was given, age band(+-2) matches**\n 4. **If unverified identifiers were given, one of them matches**\n 5. **If more than one patient records would be found after aforementioned steps, then patient who matches most verified and unverified identifiers would be returned.**\n 6. **If there would be still more than one patients (after ranking) error would be returned**\n 7. **Intended HIP should be able to resolve and identify results returned in the subsequent link confirmation request via the specified transactionId**\n 8. **Intended HIP should store the discovery results with transactionId and care contexts discovered for subsequent link initiation**\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-HIP-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientDiscoveryRequest"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientDiscoveryRequest"}}},"required":true},"responses":{"202":{"description":"Request accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Empty verified identifiers.\n * Format mismatch of any of attributes.\n | type | Format/Allowed Values|\n | ------- | ---------------- |\n | gender | M/F/O/U |\n | MOBILE | valid mobile number with proper country code |\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Discover patient's accounts","tags":["discovery"]},"servers":[{"url":"https://your-hrp-server.com"}]},"/v0.5/care-contexts/on-discover":{"post":{"description":"Result of patient care-context discovery request at HIP end. If a matching patient found with zero or more care contexts associated, it is specified as result attribute. If the prior discovery request, resulted in errors then it is specified in the error attribute. Reasons of errors can be \n 1. **more than one definitive match for the given request** \n 2. **no verified identifer was specified**\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientDiscoveryResult"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientDiscoveryResult"}}},"required":true},"responses":{"202":{"description":"Request accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Format mismatch of any of attributes.\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Response to patient's account discovery request","tags":["Gateway"]}},"/v0.5/certs":{"get":{"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Certs"}},"application/xml":{"schema":{"$ref":"#/components/schemas/Certs"}}},"description":"OK"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Invalid consent request id\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Get certs for JWT verification","tags":["Gateway"]}},"/v0.5/consents/hip/notify":{"post":{"description":"Notification of consents to health information providers consent request granted, consent revoked, consent expired. Only the GRANTED and REVOKED status notifications will be sent to HIP.\n 1. If consent is granted, status=GRANTED, then consentDetail contains the consent artefact details and signature is available. \n 2. If consent is revoked, then status=REVOKED, and consentId specifes which consent artefact is revoked. \n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-HIP-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/HIPConsentNotification"}},"application/xml":{"schema":{"$ref":"#/components/schemas/HIPConsentNotification"}}},"required":true},"responses":{"202":{"description":"Request Accepted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Invalid/Expired/Empty token.\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream services are down\n"}},"summary":"Consent notification","tags":["consent flow"]},"servers":[{"url":"https://your-hrp-server.com"}]},"/v0.5/consents/hip/on-notify":{"post":{"description":"This API is called by HIP as acknowledgement to notification of consents, in cases of consent revocation and expiration. \n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/HIPConsentNotificationResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/HIPConsentNotificationResponse"}}},"required":true},"responses":{"202":{"description":"Request Accepted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Invalid/Expired/Empty token.\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream services are down\n"}},"summary":"Consent notification","tags":["Gateway"]}},"/v0.5/health-information/hip/on-request":{"post":{"description":"API called by HIP to acknowledge Health information request receipt. Either the **hiRequest** or **error** must be specified. **hiRequest** element returns the same transactionId as before with a status indicating that the request is acknowledged. \n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/HIPHealthInformationRequestAcknowledgement"}},"application/xml":{"schema":{"$ref":"#/components/schemas/HIPHealthInformationRequestAcknowledgement"}}},"required":true},"responses":{"202":{"description":"Request accepted."},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Bad request\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Token is invalid or Link has expired\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Health information data request","tags":["Gateway"]}},"/v0.5/health-information/hip/request":{"post":{"description":"API called by CM to request Health information from HIP against a validated consent artefact. The transactionId is the correlation id that HIP should use use when pushing data to the **dataPushUrl**. \n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-HIP-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/HIPHealthInformationRequest"}},"application/xml":{"schema":{"$ref":"#/components/schemas/HIPHealthInformationRequest"}}},"required":true},"responses":{"202":{"description":"Request accepted."},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Bad request\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Token is invalid or Link has expired\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Health information data request","tags":["data flow"]},"servers":[{"url":"https://your-hrp-server.com"}]},"/v0.5/health-information/notify":{"post":{"description":"API called by HIU and HIP during data-transfer. \n1. HIP on transfer of data would send **sessionStatus** - one of [TRANSFERRED, FAILED]\n2. HIP would also send **hiStatus** for each *careContextReference* - on of [DELIVERED, ERRORED]\n3. HIU on receipt of data would send **sessionStatus** - one of [TRANSFERRED, FAILED]. For example, FAILED when if data was not sent or if invalid data was sent\n4. HIU would also send **hiStatus** for each *careContextReference* - one of [OK, ERRORED] \n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/HealthInformationNotification"}},"application/xml":{"schema":{"$ref":"#/components/schemas/HealthInformationNotification"}}},"required":true},"responses":{"204":{"description":"Notification is Accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Invalid Request\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Expired/Invalid token.\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Notifications corresponding to events during data flow","tags":["Gateway"]}},"/v0.5/health-information/transfer":{"post":{"description":"**NOTE**: This API is actually the callback URL that is passed as **dataPushUrl** in the data request API - /v0.5/health-information/hip/request. This API is directly called by HIP Data Bridge and is not mediated via CM, and hence not routed through the Gateway. \n 1. This API should be implemented at HIU side. It maybe implemented by the Data Bridge representing the HIU. \n 2. Entry elements maybe ***content*** or ***link***, although for version 1, entry ***content*** is preferred. \n 3. Entry ***content*** (or even link reference content) must be encrypted by means of Elliptic-curve Diffie–Hellman Key Exchange, utilizing the HIU keymaterials that are passed through the data request API - /v0.5/health-information/hip/request. \n 4. Media contains the mimetype of content, and for v1, it is \"application/fhir+json\"\n 5. checksum is Md5 checksum of the data conent, before encryption\n 6. Please refer to the NDHM Sandbox Documentation for the format of FHIR bundle that is passed through content \n","parameters":[{"$ref":"#/components/parameters/authorization"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataNotification"}},"application/xml":{"schema":{"$ref":"#/components/schemas/DataNotification"}}},"required":true},"responses":{"202":{"description":"Data accepted."},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Invalid/Expired/Empty token.\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream services are down\n"}},"summary":"health information transfer API","tags":["data transfer"]},"servers":[{"url":"https://dev.ndhm.gov.in/patient-hiu"}]},"/v0.5/heartbeat":{"get":{"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/HeartbeatResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/HeartbeatResponse"}}},"description":"OK"}},"summary":"Get consent request status","tags":["monitoring"]},"servers":[{"url":"https://your-hrp-server.com"}]},"/v0.5/links/link/add-contexts":{"post":{"description":"API to submit care-context to CM for HIP initiated linking. The API must accompany the \"accessToken\" fetched in the users/auth process. \n 1. subsequent usage for accessToken may be invalid if it was meant for one-time usage or if it expired\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientCareContextLinkRequest"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientCareContextLinkRequest"}}},"required":true},"responses":{"202":{"description":"accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * required information not provided\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"API for HIP initiated care-context linking for patient","tags":["Gateway"]}},"/v0.5/links/link/confirm":{"post":{"description":"API to submit the token that was sent by HIP during the link request. \n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-HIP-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/LinkConfirmationRequest"}},"application/xml":{"schema":{"$ref":"#/components/schemas/LinkConfirmationRequest"}}},"required":true},"responses":{"202":{"description":"accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Token is not provided\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Token submission by Consent Manager for link confirmation","tags":["link"]},"servers":[{"url":"https://your-hrp-server.com"}]},"/v0.5/links/link/init":{"post":{"description":"Request from Gateway to links care contexts associated with only one patient\n 1. **Validate account reference number and care context reference number**\n 2. **Validate transactionId in the request with discovery request entry to check whether there was a discovery\n and were these care contexts discovered or not for a given patient**\n 3. **Before eventual link confirmation, HIP needs to authenticate the request with the patient(eg: OTP verification)**\n 4. **HIP should communicate the mode of authentication of a successful request to Consent Manager**\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-HIP-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientLinkReferenceRequest"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientLinkReferenceRequest"}}},"required":true},"responses":{"202":{"description":"Request accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Consent manager user id is not provided\n * Patient reference number is not provided\n * Care context references are not provided\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Link patient's care contexts","tags":["link"]},"servers":[{"url":"https://your-hrp-server.com"}]},"/v0.5/links/link/on-add-contexts":{"post":{"description":"If the accessToken is valid for purpose of linking, and specified details provided, CM will send \"acknoweldgement.status\" as SUCCESS. If any error occcurred, for example invalid token, or other required patient or care-context information not provided, then \"error\" attribute conveys so. \n 1. **accessToken must be valid and must be for the purpose of linking**\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-HIP-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientCareContextLinkResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientCareContextLinkResponse"}}},"required":true},"responses":{"202":{"description":"accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * resp not specified\n * atleast acknowledgement or error should be specified\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"callback API for HIP initiated patient linking /link/add-context","tags":["link"]},"servers":[{"url":"https://your-hrp-server.com"}]},"/v0.5/links/link/on-confirm":{"post":{"description":"Returns a list of linked care contexts with patient reference number.\n 1. **Validated and linked account reference number**\n 2. **Validated that the token sent from Consent Manager is same as the one generated by HIP**\n 3. **Verified that same Consent Manager which made the link request is sending the token**\n 4. **Results of unmasked linked care contexts with patient reference number**\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientLinkResult"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientLinkResult"}}},"required":true},"responses":{"202":{"description":"accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * resp not specified\n * atleast patient or error should be specified\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Token authenticated by HIP, indicating completion of linkage of care-contexts","tags":["Gateway"]}},"/v0.5/links/link/on-init":{"post":{"description":"Result of patient care-context link request from HIP end. This happens in context of previous discovery of patient found at HIP end, therefore the link requests ought to be in reference to the patient reference and care-context references previously returned by the HIP. The correlation of discovery and link request is maintained through the transactionId. HIP should have\n 1. **Validated transactionId in the request to check whether there was a discovery done previously, and the link request corresponds to returned patient care care context references**\n 2. **Before returning the response, HIP should have sent an authentication request to the patient(eg: OTP verification)**\n 3. **HIP should communicate the mode of authentication of a successful request**\n 4. **HIP subsequently should expect the token passed via /link/confirm against the link.referenceNumber passed in this call**\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \nThe error section in the body, represents the potential errors that may have occurred. Possible reasons:\n 1. **Patient reference number is invalid**\n 2. **Care context reference numbers are invalid**\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientLinkReferenceResult"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientLinkReferenceResult"}}},"required":true},"responses":{"202":{"description":"Request accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Format mismatch of any of attributes.\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Response to patient's care context link request","tags":["Gateway"]}},"/v0.5/patients/profile/on-share":{"post":{"description":"Result of patient share profile request at HIP end.\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ShareProfileResult"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ShareProfileResult"}}},"required":true},"responses":{"202":{"description":"Request accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Format mismatch of any of attributes.\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Response to patient's share profile request","tags":["Gateway"]}},"/v0.5/patients/profile/share":{"post":{"description":"Request for sharing patient's profile details to HIP\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-HIP-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ShareProfileRequest"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ShareProfileRequest"}}},"required":true},"responses":{"202":{"description":"Request accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Invalid Request\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Share patient profile details","tags":["profile"]},"servers":[{"url":"https://your-hrp-server.com"}]},"/v0.5/patients/sms/notify":{"post":{"description":"API to send SMS notifications to patient with custom deeplink.\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientSMSNotifcationRequest"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientSMSNotifcationRequest"}}},"required":true},"responses":{"202":{"description":"accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * required information not provided\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"API for HIP to send SMS notifications to patients","tags":["Gateway"]}},"/v0.5/patients/sms/on-notify":{"post":{"description":"If the SMS notification is successfully sent to patient then \"status\" will be \"ACKNOWLEDGED\" with no error.\nIf the SMS notification is failed then \"status\" will be \"ERRORED\" with error.\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-HIP-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientSMSNotifcationResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientSMSNotifcationResponse"}}},"required":true},"responses":{"202":{"description":"Request Accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"Invalid request, required attributes not provided\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Acknowledgment response for SMS notification sent to patient by HIP","tags":["patient notification"]}},"/v0.5/sessions":{"post":{"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SessionRequest"}},"application/xml":{"schema":{"$ref":"#/components/schemas/SessionRequest"}}},"required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SessionResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/SessionResponse"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Invalid client Id or secret.\n"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Invalid consent request id\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Get access token","tags":["Gateway"]}},"/v0.5/users/auth/confirm":{"post":{"description":"This API is called by HIP/HIUs to confirm authentication of users. The transactionId returned by the previous callback API /users/auth/on-init must be sent. If Authentication is successful the callback API will send an \"access token\" for subsequent purpose specific API calls. Note only **credential.authCode** or **credential.demographic** should be sent\n 1. demographic details are only required for demographic auth as of now. \n 2. demographic details are required only in MEDIATED cases and if the **auth.mode** so demands. e.g. if **auth.mode** is DEMOGRAPHICS. Usually for demographic authentication, the name, gender and DOB must be exactly as specified in User Account.\n 3. demographic.identifier is optional, however maybe required if authentication so mandates. \n 4. credential.authCode is required for other MEDIATED authentication like MOBILE_OTP, AADHAAR_OTP. \n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientAuthConfirmRequest"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientAuthConfirmRequest"}}},"required":true},"responses":{"202":{"description":"Request accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * transaction id is not provided or invalid\n * token or other auth confirmation details not provided or invalid\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Confirmation request sending token, otp or other authentication details from HIP/HIU for confirmation","tags":["Gateway"]}},"/v0.5/users/auth/fetch-modes":{"post":{"description":"This API is meant for identify supported authentication modes for a patient given a specific purpose\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientAuthModeQueryRequest"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientAuthModeQueryRequest"}}},"required":true},"responses":{"202":{"description":"Request Accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"Invalid request, required attributes not provided\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Get a patient's authentication modes relevant to specified purpose","tags":["Gateway"]}},"/v0.5/users/auth/init":{"post":{"description":"This API is called by HIPs to initiate authentication of users. A transactionId is retuned by the corresponding callback API for confirmation of user auth.\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientAuthInitRequest"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientAuthInitRequest"}}},"required":true},"responses":{"202":{"description":"Request accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * patient id is not provided\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Initialize authentication from HIP","tags":["Gateway"]}},"/v0.5/users/auth/notify":{"post":{"description":"This API is called by CM to confirm authentication of users. The transactionId returned is same as that passed in /auth/on-init. The \"auth.status\" conveys whether the request was GRANTED or DENIED.\n\n 1. **auth.accessToken** - is specific to the purpose mentioned in the /auth/init. This token needs to be used for initiating the intended action. For example for HIP initiated linking of care-contexts\n 2. **NOTE**, only one of **X-HIP-ID** or **X-HIU-ID** will be sent as part of header, not both.\n 3. The payload is conditional to the purpose of auth. If purpose specified in /auth/init is KYC or KYC_AND_LINK, then patient details are passed. **auth.accessToken** is passed only if the purpose is LINK or KYC_AND_LINK.\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-HIP-ID"},{"$ref":"#/components/parameters/X-HIU-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientAuthNotification"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientAuthNotification"}}},"required":true},"responses":{"202":{"description":"Request accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * required details not provided\n * neither auth nor error specified \n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"notification API in case of DIRECT mode of authentication by the CM","tags":["user auth"]}},"/v0.5/users/auth/on-confirm":{"post":{"description":"This API is called by CM to confirm authentication of users.\n\n 1. **auth.accessToken** - is specific to the purpose mentioned in the /auth/init. This token needs to be used for initiating the intended action. For example for HIP initiated linking of care-contexts\n 2. **NOTE**, only one of **X-HIP-ID** or **X-HIU-ID** will be sent as part of header, not both. \n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-HIP-ID"},{"$ref":"#/components/parameters/X-HIU-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientAuthConfirmResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientAuthConfirmResponse"}}},"required":true},"responses":{"202":{"description":"Request accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * transaction id is not provided or invalid\n * token or other auth confirmation details not provided or invalid\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"callback API for /auth/confirm (in case of MEDIATED auth) to confirm user authentication or not","tags":["user auth"]},"servers":[{"url":"https://your-hrp-server.com"}]},"/v0.5/users/auth/on-fetch-modes":{"post":{"description":"If a patient is found then **auth** attribute contains the supported modes for the specified purpose. \nOtherwise, error is raised for invalid requests or for non-existent id.\nNote in addition to the \"Authorization\" header, one of the following headers must be specified\n1. **X-HIU-ID** if the requester is HIU (identified from /auth/fetch-modes requester.id)\n2. **X-HIP-ID** if the requester is HIP (identified from /auth/fetch-modes requester.id)\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-HIP-ID"},{"$ref":"#/components/parameters/X-HIU-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientAuthModeQueryResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientAuthModeQueryResponse"}}},"required":true},"responses":{"202":{"description":"Request Accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"Invalid request, required attributes not provided\n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Identification result for a consent-manager user-id","tags":["user auth"]}},"/v0.5/users/auth/on-init":{"post":{"description":"If the patient's id is valid, CM will return a transactionId as initialization of user auth. If the request is valid, then 'auth.mode' will convey how the authentication should be done. The authentication can be *mediated* or *direct*. For mediated authentication modes, HIP or HIU is epected to send over relevant code (OTP/token) or demographic info via subsequent API call to /auth/confirm. for direct authentication case, CM will notify requester through/users/auth/notify API. \n\n 1. **auth.mode** conveys whats the mode of authentication is, and what is expected from HIP/HIU in the subsequent /auth/confirm API call. Possible values \n 1. MOBILE_OTP - auth via OTP to registered mobile. Mediated. \n 2. AADHAAR_OTP - auth initiated with Aadhaar with OTP. Mediated. \n 3. DEMOGRAPHICS - auth initiated with demographic verification\n 4. DIRECT - for authentication directly with the patient. e.g. Mobile App, SMS. In this case, the HIP/HIU is not expected to call subsequent /auth/confirm call. CM will do direct authentication with the User (e.g. Mobile App, SMS etc) and will notify requester\n 2. **meta.expiry** conveys the expiry time of the token and the authentication session\n 3. **NOTE**, only one of **X-HIP-ID** or **X-HIU-ID** will be sent as part of header, not both. \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \nThe error section in the body, represents the potential errors that may have occurred. Possible reasons:\n 1. Patient id is invalid\n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-HIP-ID"},{"$ref":"#/components/parameters/X-HIU-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientAuthInitResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientAuthInitResponse"}}},"required":true},"responses":{"202":{"description":"Request accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * required information not provided\n * neither authInit nor error specified \n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"Response to user authentication initialization from HIP","tags":["user auth"]},"servers":[{"url":"https://your-hrp-server.com"}]},"/v0.5/users/auth/on-notify":{"post":{"description":"This API is called by HIU/HIPs to confirm acknowledgement for receipt of auth notification is case of DIRECT authentication. \n","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/X-CM-ID"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/PatientAuthNotificationAcknowledgement"}},"application/xml":{"schema":{"$ref":"#/components/schemas/PatientAuthNotificationAcknowledgement"}}},"required":true},"responses":{"202":{"description":"Request accepted"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * required details not provided\n * neither auth nor error specified \n"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Unauthorized request\n"},"500":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}},"application/xml":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}},"description":"**Causes:**\n * Downstream system(s) is down.\n * Unhandled exceptions.\n"}},"summary":"callback API by HIU/HIPs as acknowledgement of auth notification","tags":["Gateway"]}}},"components":{"parameters":{"ConsentId":{"description":"Consent request's identifier","in":"path","name":"consentId","required":true,"schema":{"format":"uuid","type":"string"}},"ConsentRequestId":{"description":"Consent request's identifier","in":"path","name":"consentRequestId","required":true,"schema":{"format":"uuid","type":"string"}},"LinkRefNumber":{"description":"Reference number for the link request made earlier.","in":"path","name":"linkRefNumber","required":true,"schema":{"$ref":"#/components/schemas/UuidSchema"}},"X-CM-ID":{"description":"Suffix of the consent manager to which the request was intended.","in":"header","name":"X-CM-ID","required":true,"schema":{"type":"string"}},"X-HIP-ID":{"description":"Identifier of the health information provider to which the request was intended.","in":"header","name":"X-HIP-ID","required":true,"schema":{"type":"string"}},"X-HIU-ID":{"description":"Identifier of the health information user to which the request was intended.","in":"header","name":"X-HIU-ID","required":true,"schema":{"type":"string"}},"X-Origin-ID":{"description":"Identifier of the health information provider user from which the request came. (Necessity of this header depends on the authentication at the Bridge) If gateway uses JWT authentication, from access token itself originator can be identified.\n","in":"header","name":"X-Origin-ID","schema":{"type":"string"}},"authorization":{"description":"Access token which was issued after successful login with gateway auth server, which will be sent by gateway to authenticate itself with API bridge.","in":"header","name":"Authorization","required":true,"schema":{"type":"string"}}},"schemas":{"AccessTokenValidity":{"properties":{"expiry":{"$ref":"#/components/schemas/TimestampSchema"},"limit":{"description":"number of times, the token can be used","example":"1","type":"integer"},"purpose":{"$ref":"#/components/schemas/PatientAuthPurpose"},"requester":{"$r