|
|
openapi: 3.1.0
|
|
|
info:
|
|
|
title: Zorg op Orde API
|
|
|
description: |-
|
|
|
Copyright Zorg op Orde – All rights reserved.
|
|
|
|
|
|
This documentation is available in <a href="/zoo-api-bundle.yaml">OpenAPI 3.1.0 yaml format</a>.
|
|
|
contact:
|
|
|
name: Zorg op Orde
|
|
|
email: api@zorgoporde.nl
|
|
|
version: 0.1-DEV
|
|
|
#servers:
|
|
|
# - url: https://tools.zorgoporde.nl/api1
|
|
|
# description: Production
|
|
|
# - url: https://acc.zorgoporde.nl/api1
|
|
|
# description: Testing
|
|
|
security:
|
|
|
-
|
|
|
tags:
|
|
|
- name: Core
|
|
|
description: |-
|
|
|
API for cross-cutting API concerns, such as authentication and the springboard.
|
|
|
- name: Patient
|
|
|
description: |-
|
|
|
API for retrieving medical dossier data and concerns based on looking up a
|
|
|
specific patient.
|
|
|
- name: Population statistics
|
|
|
description: |-
|
|
|
Statistics of a patient population.
|
|
|
- name: Frequent users
|
|
|
description: |-
|
|
|
Gives insight and enumerates the patients who make most use of the practice. Use is defined as time needed from the doctor(s). Certain feat codes need more or less a constant time. These are used to get an approximation.
|
|
|
- name: Quality of Care
|
|
|
description: |-
|
|
|
API related to Quality of Care (QoC) features
|
|
|
|
|
|
A care program (dutch: _ketenzorg_ or _zorgprogramma_) describes a specific disease (such as Diabetes or Astma) or a more abstract concern such as elderly care or general concern about cardiovascular health. The same care program can show up multiple times, as there are different care programs and standards for the same disease or concern. For example, there could be the InEen report 'take' on how one should provide Diabetes care, and there could be some regional group's slightly different take on it; these would show up as different care programs.
|
|
|
|
|
|
Any given customer has a 'fave' status for any given care program; some care programs are enabled by default and some are disabled by default. However, a customer can explicitly select a program they wouldn't ordinarily see ('favourite' it), or explicitly deselect a program they get by default ('unfavourite' it). Most care programs will be neither favourited nor unfavourited: They should be shown based on their `defaultShow` property.
|
|
|
|
|
|
To allow favouriting/unfavouriting, the front end has 2 separate views for selecting care programs: The usual view, which shows _only_:
|
|
|
- Care programs that customer has explicitly favourited.
|
|
|
- Care programs that are shown by default to this customer which they did not explicitly unfavourite.
|
|
|
|
|
|
As well as a 'config' view where they see _all_ care programs that could possibly be relevant for that customer, where the customer can preview the report (essentially, run the report as normal), favourite something they don't get by default, or unfavourite something they get by default.
|
|
|
paths:
|
|
|
/patient/dossier:
|
|
|
$ref: 'paths/patient_dossier.yaml'
|
|
|
/patient/base:
|
|
|
$ref: 'paths/patient_base.yaml'
|
|
|
/patient/fundusByGroup:
|
|
|
$ref: 'paths/patient_fundusByGroup.yaml'
|
|
|
/population/statistics:
|
|
|
$ref: 'paths/population_statistics.yaml'
|
|
|
/population/statistics/deprivedNeighborhood:
|
|
|
$ref: 'paths/population_statistics_deprived.yaml'
|
|
|
/population/frequentUser/count:
|
|
|
$ref: 'paths/population_frequentUser_count.yaml'
|
|
|
/population/frequentUser/patients:
|
|
|
$ref: 'paths/population_frequentUser_patients.yaml'
|
|
|
/population/frequentUser/patient:
|
|
|
$ref: 'paths/population_frequentUser_patient.yaml'
|
|
|
/qoc/careprogram:
|
|
|
$ref: 'paths/qoc_careprogram.yaml'
|
|
|
/qoc/indicatorset/{setKey}:
|
|
|
$ref: 'paths/qoc_indicatorset_{setKey}.yaml'
|
|
|
/qoc/checkupList/{setKey}:
|
|
|
$ref: 'paths/qoc_checkupList_{setKey}.yaml'
|
|
|
/qoc/indicator/{setKey}/{indicatorKey}/patients:
|
|
|
$ref: 'paths/qoc_indicator_{setKey}_{indicatorKey}_patients.yaml'
|
|
|
/qoc/indicator/{setKey}/{indicatorKey}/participants:
|
|
|
$ref: 'paths/qoc_indicator_{setKey}_{indicatorKey}_participants.yaml'
|
|
|
/qoc/list-groups:
|
|
|
$ref: 'paths/qoc_list-groups.yaml'
|
|
|
/qoc/participating-practices:
|
|
|
$ref: 'paths/qoc_participating-practices.yaml'
|
|
|
components:
|
|
|
parameters:
|
|
|
Authorization:
|
|
|
name: Authorization
|
|
|
in: header
|
|
|
description: |-
|
|
|
The string `"Bearer "` followed by a single-use signed JWT token with the following mandatory claims:
|
|
|
* `kid` – **key id**: A string identifying a trusted signer; agreed upon between user and Zorg op Orde beforehand.</li>
|
|
|
* `iat` – **Issued at**: Time when this JWT was created and signed. Must be no more than 1 hour ago.
|
|
|
* `jti` – **JWT ID**: A unique string used to prevent replay: Any given ID can not be used more than once.
|
|
|
* `agb` – **GP AGB**: AGB code (Medical entity identifier); the lookup will be done on the medical dossier data of this practice or entity.
|
|
|
* `exp` – _OPTIONAL_ **Expires at**: If included, the request must not be received after this time.
|
|
|
* `nbf` – _OPTIONAL_ **Not before**: If included, the request must not be received before this time.
|
|
|
|
|
|
The JWT must be signed, preferably with `HS256`.
|
|
|
required: true
|
|
|
schema:
|
|
|
type: string
|
|
|
example: >-
|
|
|
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJraWQiOiJaT08tQVBJLVBLSS1JRCIsImFnYiI6IjAxMDEyMzQ1IiwiaWF0IjoxNTE2MjM5MDIyLCJqdGkiOiJ0MTIzNC01Njc4LUFCQ0QifQ.wTesCfFTq1Mz8z7hUWU6zzKSc3dopWnpeETR7eDzFtc
|
|
|
AgbGP:
|
|
|
name: agb
|
|
|
in: query
|
|
|
description: |-
|
|
|
The AGB code (dutch: _Algemeen Gegevens Beheer_ - unique identifier for medical professionals and GP practices) of the GP practice.
|
|
|
This value can be a claim in the JWT (preferred), or, if no `agb` claim exists in the authenticating JWT token, it must be a query parameter.
|
|
|
The JWT token must be authorized for this entity.
|
|
|
required: false
|
|
|
schema:
|
|
|
type: integer
|
|
|
minimum: 1
|
|
|
maximum: 99999999
|
|
|
AgbCareGroup:
|
|
|
name: agb
|
|
|
in: query
|
|
|
description: |-
|
|
|
The AGB code (dutch: _Algemeen Gegevens Beheer_ - unique identifier for medical professionals and GP practices) of the entity
|
|
|
that represents multiple GP practices. This value can be a claim in the JWT (preferred), or, if no `agb` claim exists in the
|
|
|
authenticating JWT token, it must be a query parameter. The JWT token must be authorized for this entity.
|
|
|
required: false
|
|
|
schema:
|
|
|
type: integer
|
|
|
minimum: 1
|
|
|
maximum: 99999999
|
|
|
Pretty:
|
|
|
name: pretty
|
|
|
in: query
|
|
|
description: If `true` the emitted JSON is pretty-printed. Use only for debugging purposes.
|
|
|
schema:
|
|
|
type: boolean
|
|
|
default: false
|
|
|
RefDateDefaultToday:
|
|
|
name: refDate
|
|
|
in: query
|
|
|
description: |-
|
|
|
If present, the date used as context (any measurements available done afterwards aren't taken into account, any expiry calculations
|
|
|
use this date as reference, and so forth).
|
|
|
Defaults to today.
|
|
|
schema:
|
|
|
type: string
|
|
|
format: date
|
|
|
example: '2024-04-01'
|
|
|
CareGroup:
|
|
|
name: group
|
|
|
in: query
|
|
|
description: |-
|
|
|
The 'key' for the care group you want to retrieve data for. Providing this parameter is pointless unless the AGB code supplied
|
|
|
via the `agb` parameter is responsible for more than one care group which is rare. A list of valid groups can be obtained via
|
|
|
the `list-groups` endpoint.
|
|
|
required: false
|
|
|
schema:
|
|
|
type: string
|
|
|
responses:
|
|
|
ReqFailure:
|
|
|
description: The request isn't valid; for example, it is missing a required parameter.
|
|
|
content:
|
|
|
application/json:
|
|
|
schema:
|
|
|
type: object
|
|
|
properties:
|
|
|
err:
|
|
|
description: A plain text explanation of what's wrong with the request
|
|
|
type: string
|
|
|
example: Either x or y query parameter needs to be present and not blank.
|
|
|
JwtFailure:
|
|
|
description: |-
|
|
|
The JWT token isn't valid or wasn't provided.
|
|
|
content:
|
|
|
application/json:
|
|
|
schema:
|
|
|
type: object
|
|
|
properties:
|
|
|
err:
|
|
|
description: A plain text explanation of what's wrong with the JWT token.
|
|
|
type: string
|
|
|
enum:
|
|
|
- no JWT included
|
|
|
- Unknown signer
|
|
|
- Request sent before nfb
|
|
|
- Request sent after exp
|
|
|
- JWT issued too long ago
|
|
|
- Signature missing
|
|
|
- Signature invalid
|
|
|
- Required claim missing (agb)
|
|
|
- Required claim missing (iat)
|
|
|
- Required claim missing (kid)
|
|
|
- Required claim missing (jti)
|
|
|
- JWT already used
|
|
|
NoAuth:
|
|
|
description: User is not logged in / session expired.
|
|
|
NoAccess:
|
|
|
description: User is not allowed to access this API endpoint.
|
|
|
PatNotFound:
|
|
|
description: Provided filter does not match any patients or no medical dossiers are available for this practice.
|
|
|
content:
|
|
|
application/json:
|
|
|
schema:
|
|
|
type: object
|
|
|
properties:
|
|
|
kind:
|
|
|
description: |-
|
|
|
The 'level' of data that isn't available.<br><ul>
|
|
|
<li>`patient` indicates that there is medical dossier data available for this GP but the patient that is requested cannot be found.</li>
|
|
|
<li>`practice` No medical dossier data is available whatsoever for this practice; either that practice isn't registered or hasn't (yet) provided medical dossier data.</li>
|
|
|
</ul>
|
|
|
type: string
|
|
|
example: practice
|
|
|
enum:
|
|
|
- practice
|
|
|
- patient
|
|
|
NotToBeShare:
|
|
|
description: "Indicated practice is known but has not authorized ZOO to share this information with signer." |