ZorgOpOrde
/
zoo-api
2
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
live
main
EH/population-statistics-authorisation
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a57f7f4c4e'
${ noResults }
zoo-api/zoo-api.yaml

141 lines
6.9 KiB
YAML
Raw Blame History Unescape Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

openapi: 3.1.0
info:
title: Zorg op Orde API
description: |-
Copyright Zorg op Orde All rights reserved.
This documentation is available in <a href="/zoo-api-bundle.yaml">OpenAPI 3.1.0 yaml format</a>.
contact:
name: Zorg op Orde
email: api@zorgoporde.nl
version: 0.1-DEV
#servers:
# - url: https://tools.zorgoporde.nl/api1
# description: Production
# - url: https://test.zorgoporde.nl/api1
# description: Testing
tags:
- name: core
description: |-
API for cross-cutting API concerns, such as authentication and the springboard.
- name: patient
description: |-
API for retrieving medical dossier data and concerns based on looking up a
specific patient.
- name: Quality of Care
description: |-
API related to Quality of Care (QoC) features
A care program (dutch: _ketenzorg_ or _zorgprogramma_) describes a specific disease (such as Diabetes or Astma) or a more abstract concern such as elderly care or general concern about cardiovascular health. The same care program can show up multiple times, as there are different care programs and standards for the same disease or concern. For example, there could be the InEen report 'take' on how one should provide Diabetes care, and there could be some regional group's slightly different take on it; these would show up as different care programs.
Any given customer has a 'fave' status for any given care program; some care programs are enabled by default and some are disabled by default. However, a customer can explicitly select a program they wouldn't ordinarily see ('favourite' it), or explicitly deselect a program they get by default ('unfavourite' it). Most care programs will be neither favourited nor unfavourited: They should be shown based on their `defaultShow` property.
To allow favouriting/unfavouriting, the front end has 2 separate views for selecting care programs: The usual view, which shows _only_:
- Care programs that customer has explicitly favourited.
- Care programs that are shown by default to this customer which they did not explicitly unfavourite.
As well as a 'config' view where they see _all_ care programs that could possibly be relevant for that customer, where the customer can preview the report (essentially, run the report as normal), favourite something they don't get by default, or unfavourite something they get by default.
paths:
/springboard/apps:
$ref: 'paths/springboard_apps.yaml'
/patient/dossier:
$ref: 'paths/patient_dossier.yaml'
/patient/base:
$ref: 'paths/patient_base.yaml'
/qoc/careprogram:
$ref: 'paths/qoc_careprogram.yaml'
/qoc/careprogram/{careprogramKey}/fave:
$ref: 'paths/qoc_careprogram_{careprogramKey}_fave.yaml'
/qoc/indicatorset/{setKey}:
$ref: 'paths/qoc_indicatorset_{setKey}.yaml'
/qoc/indicator/{setKey}/{indicatorKey}/patients:
$ref: 'paths/qoc_indicator_{setKey}_{indicatorKey}_patients.yaml'
/qoc/indicator/{setKey}/{indicatorKey}/practices:
$ref: 'paths/qoc_indicator_{setKey}_{indicatorKey}_practices.yaml'
/qoc/list-groups:
$ref: 'paths/qoc_list-groups.yaml'
/qoc/participating-practices:
$ref: 'paths/qoc_participating-practices.yaml'
components:
parameters:
Authorization:
name: Authorization
in: header
description: |-
The string `"Bearer "` followed by a single-use signed JWT token with the following mandatory claims:
<ul>
<li><code>kid</code> <strong>key id</strong>: A string identifying a trusted signer; agreed upon between user and Zorg op Orde beforehand.</li>
<li><code>iat</code> <strong>Issued at</strong>: Time when this JWT was created and signed. Must be no more than 1 hour ago.
<li><code>jti</code> <strong>JWT ID</strong>: A unique string used to prevent replay: Any given ID can not be used more than once.
<li><code>agb</code> <strong>GP AGB</strong>: AGB code (Medical entity identifier); the lookup will be done on the medical dossier data of this practice or entity.
<li><code>exp</code> <em>OPTIONAL</em> <strong>Expires at</strong>: If included, the request must not be received after this time.
<li><code>nbf</code> <em>OPTIONAL</em> <strong>Not before</strong>: If included, the request must not be received before this time.
</ul>
The JWT must be signed, preferably with <code>HS256</code>.
required: true
schema:
type: string
example: >-
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJraWQiOiJaT08tQVBJLVBLSS1JRCIsImFnYiI6IjAxMDEyMzQ1IiwiaWF0IjoxNTE2MjM5MDIyLCJqdGkiOiJ0MTIzNC01Njc4LUFCQ0QifQ.wTesCfFTq1Mz8z7hUWU6zzKSc3dopWnpeETR7eDzFtc
responses:
ReqFailure:
description: |-
The request isn't valid; for example, it is missing a required parameter.
content:
application/json:
type: object
properties:
err:
description: A plain text explanation of what's wrong with the request
type: string
example: Either pu or bsn query parameter needs to be present and not blank.
JwtFailure:
description: |-
The JWT token isn't valid or wasn't provided.
content:
application/json:
schema:
type: object
properties:
err:
description: A plain text explanation of what's wrong with the JWT token.
type: string
enum:
- no JWT included
- Unknown signer
- Request sent before nfb
- Request sent after exp
- JWT issued too long ago
- Signature missing
- Signature invalid
- Required claim missing (agb)
- Required claim missing (iat)
- Required claim missing (kid)
- Required claim missing (jti)
- JWT already used
NoAuth:
description: User is not logged in / session expired.
NoAccess:
description: User is not allowed to access this API endpoint.
PatNotFound:
description: Provided filter does not match any patients or no medical dossiers are available for this practice.
content:
application/json:
schema:
type: object
properties:
kind:
description: |-
The 'level' of data that isn't available.<br><ul>
<li>`patient` indicates that there is medical dossier data available for this GP but the patient that is requested cannot be found.</li>
<li>`practice` No medical dossier data is available whatsoever for this practice; either that practice isn't registered or hasn't (yet) provided medical dossier data.</li>
</ul>
type: string
example: practice
enum:
- practice
- patient
Reference in New Issue View Git Blame Copy Permalink