ZorgOpOrde
/
zoo-api
2
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added security scheme and some minor changes.

Browse Source
EH/population-statistics-authorisation
Eric Hoekstra 2 years ago
parent 27db09827e
commit 03364ac0c5
2 changed files with 33 additions and 13 deletions
Show Stats Download Patch File Download Diff File

2
redocly.yaml
Unescape Escape View File

@ -8,6 +8,8 @@ rules:
no-unused-components: warn
theme:
openapi:
# No code generation in the open source version Redoc of Redocly.
generateCodeSamples:
languages:
- lang: curl
- lang: JavaScript

42
zoo-api.yaml
Unescape Escape View File

@ -2,24 +2,22 @@ openapi: 3.1.0
info:
title: Zorg op Orde API
description: |-
Copyright Zorg op Orde All rights reserved.
This documentation is also available in <a href="/zoo-api-bundle.yaml">OpenAPI 3.1.0 yaml format</a>.
This documentation is available in <a href="/zoo-api-bundle.yaml">OpenAPI 3.1.0 yaml format</a>.
Copyright by Zorg op Orde, all rights reserved.
contact:
name: Zorg op Orde
email: api@zorgoporde.nl
version: 0.1-DEV
#servers:
# - url: https://tools.zorgoporde.nl/api1
# description: Production
# - url: https://acc.zorgoporde.nl/api1
# description: Testing
version: v0.9
# In open source Redoc only for reference, only in the paid Redocly there are Try-it consoles.
servers:
- url: https://tools.zorgoporde.nl/api1
description: Production
- url: https://acc.zorgoporde.nl/api1
description: Testing
security:
-
- BearerAuth: []
tags:
- name: Core
description: |-
API for cross-cutting API concerns, such as authentication and the springboard.
- name: Patient
description: |-
API for retrieving medical dossier data and concerns based on looking up a
@ -219,3 +217,23 @@ components:
- patient
MandateMissing:
description: Indicated practice is known but has not authorized ZOO to share this information with signer.
securitySchemes:
BearerAuth:
in: header
type: http
scheme: bearer
bearerFormat: JWT
description: |-
The string "Bearer " followed by a single-use signed JWT token with the mandatory claims as stated in the table below.. The JWT must be signed, preferably with `HS256`.
<table>
<tr><th>Claim</th><th colspan="2">Description</th></tr>
<tr><td>kid</td><td>key id</td><td>A string identifying a trusted signer; agreed upon between user and Zorg op Orde beforehand.</td></tr>
<tr><td>iat</td><td>Issued at</td><td>Time when this JWT was created and signed. To make up for clock differences, up to five minutes in the future are allowed.</td></tr>
<tr><td>jti</td><td>Identifier</td><td>A unique string of 10 characters or longer, used to prevent replay. Any given identifier can not be used more than once. As a consequence a JWT can only used once.</td></tr>
<tr><td>agb</td><td>AGB of the GP</td><td>AGB code (Medical entity identifier), the lookup will be done on the medical dossier data of this practice or entity. The agb may be specified with or without prefix zeros.</td></tr>
<tr><td>exp</td><td>Expires at</td><td><i>OPTIONAL</i> If included, the request must not be received after this time. May be up to 10 minutes in the future. The difference between the exp claim and the iat must be 20 minutes or less and iat &lt; exp. </td></tr>
<tr><td>nbf</td><td>Not before</td><td><i>OPTIONAL</i> If included, the request must not be received before this time. Should not be set in the future.</td></tr>
</table>

Write Preview
Loading…
Cancel
Save