apiary.apib

FORMAT: 1A
HOST: http://ehealth.nebo15.com/

# eHealth API

This is a API documentation for Ukrainian Health Services government institution back-end, that should provide:

* Master Patients Index (MPI)
* Global Medical Institutions and Doctors Registries
* Partnership Relation Management (PRM) module that describes business relations between this 3 entities.

Project development is fully transparent, you can find it's source code on GitHub:

* [eHealth API and issue tracker](https://github.com/Nebo15/ehealth.api)
* [Master Patient Index](https://github.com/Nebo15/mpi.api)
* [Partnership Relation Management](https://github.com/Nebo15/prm.api)

<!-- * [Reference Implementation of Hospital Information System UI](https://github.com/Nebo15/prm.web) -->

This API design in based on [Nebo #15 API Design Manifest](http://docs.apimanifest.apiary.io/).

## Docs Structure

This document contains both internal and public (usually `/api/..`) API specifications. If you plan to use it as outside API consumer - please refer only to sections that marked as `Public`.

<!--
## Patination

We apply cursor based pagination..

## Autentification

We use three-legged oAuth authentication, RFC..
-->

## Context Switching for end-users

Since Doctor may have multiple work-places, you MUST fetch list of possible work-contexts and apply `legal_entity_id` filter on each request, where this parameter is available.

Thus you will make sure that end-user understand from which context entities are managed.

If our API returns only one work context, you are free to hide context picker.

## Contribution Guidelines

TODO.

## Submitting Issues

To submit issues you should use [Issue Tracking Repo](https://github.com/Nebo15/ehealth.api), issues in all other repositories are used to plan backlog and non-related issued will be closed.

# Group Internal. Authorization Provider

For security purposes eHealth doesn't allow proxying passwords or to perform any sort back-end authorization. You should always redirect your customers (eg. doctors, we call them "consumers") to the Login UI.

After obtaining `access_token` all subsequent requests should be made with `Authorization: Bearer base64(access_token:)` header.

## Login UI [/oauth]

### Show Login UI [GET /oauth/ui{?client_id,redirect_url,scope,response_type}]

This method renders response login page. It's structure can differ by required scopes and security measures enabled by project (they can change).

For security purposes, we will set `X-Frame-Options: deny` header that will disallow opening this page in an iframe.

+ Parameters
    + client_id: `mis-001` (string, required) - Medical Information System ID issued upon integration request. Used to identify application developer.
    + redirect_url: http://example.com/ (string, required) - URL where user will be redirected after authentification. This url will receive `code` and `state` parameters in query string.
    + scope: `capitation_contracts:view capitation_contracts:create patients:view patients:create` (string, required) - List of scopes that is required in application business logic, separated by space. Different login forms will be shown based on scopes that you requested.
    + response_type: code (enum, required) - Response type, only `code` is supported.

+ Response 200 (text/html; charset=UTF-8)

    + Headers

            X-CSRF-Token: my-csrf-token

## oAuth Codes [/oauth/codes]

### Issues oAuth Code Grant [POST /oauth/codes]

API consumer **back-end** should use this method exchange Code Grant to Access Token.

+ Request (application/json)

    + Headers

            X-CSRF-Token: `my-csrf-token`

    + Attributes (object)
        + client_id: `mis-001` (string, required) - Medical Information System ID issued upon integration request. Used to identify application developer.
        + login: gandalf (string, required) - Consumer login.
        + password: secret (string, required) - Consumer password.
        + timestamp: 1489583714 (number, optional) - Timestamp when request was made. If timestamp was made more than 15 minutes ago, corresponding error will be returned. Required only if `signature` is present.
        + signature: signature (string, optional) - `login + bcrypt(password) + timestamp` string signed with a consumer's private key. Required for some scopes.

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (object)
            + code: 299383828 (string, required) - oAuth code grant

## oAuth Tokens [/oauth/tokens]

### Exchange oAuth Code Grant to Access Token [POST]

+ Request (application/json)

    + Headers

            X-CSRF-Token: my-csrf-token

    + Attributes (object)
        + client_id: `mis-001` (string, required) - Medical Information System ID issued upon integration request. Used to identify application developer.
        + client_secret: `mis-001-secret-key` (string, required) - Medical Information System secret key issued upon integration request. Used to identify application developer.
        + code: 299383828 (string, required) - oAuth code grant.
        + `grant_type`: authorization_code (string, fixed) - oAuth Grant Type. Currently only `authorization_code` is supported.

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (Access_Token)
            + msp_id: null (string, optional)

### Get oAuth Access Token details [GET /oauth/tokens/{access_token}]

This method is designed to be used only by eHealth API gateway.

+ Parameters
    + access_token: `my-oauth-token` (string, required) - oAuth access token.

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (Access_Token)

### Set an oAuth Access Token MSP Context [PATCH /oauth/tokens/{access_token}]

This method is designed to be used only by eHealth API gateway.

+ Parameters
    + access_token: `my-oauth-token` (string, required) - oAuth access token.

+ Request (application/json)
    + Attributes
        + msp_id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, optional)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (Access_Token)
            + msp_id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)


# Group Internal. Master Patients Index

## Persons [/persons]

To make sure that records will be de-duplicated, please make sure to send search request before creating a new record.

### Check that Patient exists by ID [HEAD /persons/{id}]

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer YW5WcFkyVnFkV2xqWldwMWFXTmxDZzpjY1hwWTR0cWRZbGVjNHAxYUdsMXVJ

+ Response 200 (application/json)

### Get Patient by ID [GET /persons/{id}]

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer YW5WcFkyVnFkV2xqWldwMWFXTmxDZzpjY1hwWTR0cWRZbGVjNHAxYUdsMXVJ

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`Person_Full`)


### Create Patient [POST]

+ Request (application/json)

    + Headers

            Authorization: Bearer YW5WcFkyVnFkV2xqWldwMWFXTmxDZzpjY1hwWTR0cWRZbGVjNHAxYUdsMXVJ

    + Attributes (Person)

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (`Person_Full`)

### Update Patient [PATCH /persons/{id}]

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer YW5WcFkyVnFkV2xqWldwMWFXTmxDZzpjY1hwWTR0cWRZbGVjNHAxYUdsMXVJ

    + Attributes (Person)
        + is_active: true (boolean, required)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`Person_Full`)


### Search for a Person [GET /api/persons{?first_name,last_name,second_name,birth_date,tax_id,phone_number,birth_place,starting_after,ending_before,limit}]

This method allows to search for a Person (MPI) without disclosing personal data.

Method returns only **requested** parameters, birth place and second name in addition for manual identification on MSP side.

+ Parameters
    + first_name: Петро (string, required)
    + last_name: Іванов (string, required)
    + second_name: Миколайович (string, optional)
    + birth_date: `1991-08-19T00:00:00.000Z` (string, required) - ISO Datetime.
    + tax_id: 3126509816 (string, optional)
    + phone_number: `+380508887700` (string, optional)
    + limit: 20 (number, optional) - A limit on the number of objects to be returned, between 1 and 100. Default: 50.
    + starting_after: 56c31536a60ad644060041af (string, optional) - A cursor to fetch next page. Taken from collection response.
    + ending_before: 56c31536a60ad644060041aa (string, optional) - A cursor to fetch previous page. Taken from collection response.

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array[`Person_Short`])

+ Response 403 (application/json)
    + Attributes (Response_Error)
        + meta (Response__Meta, fixed-type)
            + code: 403 (number)
        + error (Response__Error, fixed-type)
            + type: `too_many_results`
            + message: `This API method returns only exact match results, please retry with more specific search result` (string)

## Confident Persons [/persons/{id}/confident_persons]

### Add Confidant Person [POST /persons/{id}/confident_persons]

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required) - Person ID

+ Request (application/json)

    + Headers

            Authorization: Bearer YW5WcFkyVnFkV2xqWldwMWFXTmxDZzpjY1hwWTR0cWRZbGVjNHAxYUdsMXVJ

    + Attributes (object)
        + person_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, optional) - Confident Person ID

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (Person_Full)

### Remove Confident Person [DELETE /persons/{id}/confident_persons/{confident_person_id}]

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required) - Person ID
    + confident_person_id: `d290f1ee-6c54-4b01-90e6-d701748f0852` (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer YW5WcFkyVnFkV2xqWldwMWFXTmxDZzpjY1hwWTR0cWRZbGVjNHAxYUdsMXVJ

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (Person_Full)

# Group Internal. Partner Relationship Management

## Declarations [/declarations]

### Create Declaration [POST]

Method to register new declaration record

+ Request (application/json)
    + Attributes (Declaration)

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (`crud_Declaration_get`)

### Update declaration [PATCH /declaration/{id}]

This method to update the declaration status.


+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)


+ Request (application/json)
    + Attributes (crud_Declaration_patch)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`crud_Declaration_get`)

### Get Declaration Details by ID [GET /declarations/{id}]

+ Parameters
    + id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)

+ Request (application/json)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`crud_Declaration_get`)

### Get Declarations List [GET /declarations{?person_id,employee_id,legal_entity_id,division_id,status,starting_after,ending_before,limit}]

Methods returns list of declarations by combination of patient_id, doctor_id, msp_id.

Response will contain only records that you have access to.

+ Parameters
    + person_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, optional) - MPI ID of a patient.
    + employee_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, optional) - MPI ID of a doctor.
    + `legal_entity_id`: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, optional) - MSP ID.
    + division_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, optional) - MSP ID.
    + status: active (text, optional) - Search only for active or disabled declarations.
    + limit: 20 (number) - A limit on the number of objects to be returned, between 1 and 100. Default: 50.
    + starting_after: 56c31536a60ad644060041af (string, optional) - A cursor to fetch next page. Taken from collection response.
    + ending_before: 56c31536a60ad644060041aa (string, optional) - A cursor to fetch previous page. Taken from collection response.

+ Request (application/json)

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array[`crud_Declaration_get`])


## Party [/party]

### Create new party [POST]

Method to create new party record.

+ Request (application/json)
    + Attributes (`crud_party_post`)

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (`crud_party_get`)


### Update party [PATCH /party/{id}]

This method to update the employee info by ID.


+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)


+ Request (application/json)
    + Attributes (crud_party_post)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (crud_party_get)


### Search for party [GET /party{?first_name,last_name,second_name,birth_date,tax_id,phone_number,starting_after,ending_before,limit}]

Methods returns list of parties.

+ Parameters
    + first_name: Петро (string, required)
    + last_name: Іванов (string, required)
    + second_name: Миколайович (string, optional)
    + birth_date: `1991-08-19T00:00:00.000Z` (string, required) - ISO Datetime.
    + tax_id: 3126509816 (string, optional)
    + phone_number: `+380508887700` (string, optional)
    + limit: 20 (number) - A limit on the number of objects to be returned, between 1 and 100. Default: 50.
    + starting_after: 56c31536a60ad644060041af (string, optional) - A cursor to fetch next page. Taken from collection response.
    + ending_before: 56c31536a60ad644060041aa (string, optional) - A cursor to fetch previous page. Taken from collection response.

+ Request (application/json)

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array[`crud_party_get`])

### Get party details [GET /party/{id}]

Methods returns party details by ID.

+ Parameters
    + id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)

+ Request (application/json)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`crud_party_get`)


## Employees [/employees]

### Create new employee [POST]

Method to create new employee record for the MSP.
`party_id`, `devision_id` and msp_id should already exist.

+ Request (application/json)
    + Attributes (crud_employee_post)

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (crud_employee_get)


### Update employee [PUT /employees/{id}]

This method to update the employee info by ID.


+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)


+ Request (application/json)
    + Attributes (crud_employee_post)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (crud_employee_get)


### Search for an Employee [GET /employees{?party_id,msp_id,division_id,employee_type,is_active,status,starting_after,ending_before,limit}]

Methods returns list of employees.

+ Parameters
    + `party_id`: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, optional) - user_id of a doctor.
    + msp_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, optional) - MSP ID.
    + division_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, optional) - division ID.    
    + employee_type: doctor (enum)
        - doctor
        - hr
        - admin
        - owner
        - accountant
    + is_active: true (boolean, required)
    + status: approved (enum)
        - approved
        - pending_approval
        - closed
    + limit: 20 (number) - A limit on the number of objects to be returned, between 1 and 100. Default: 50.
    + starting_after: 56c31536a60ad644060041af (string, optional) - A cursor to fetch next page. Taken from collection response.
    + ending_before: 56c31536a60ad644060041aa (string, optional) - A cursor to fetch previous page. Taken from collection response.

+ Request (application/json)

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array[crud_employee_get])

### Get Employee details [GET /employees/{id}]

Methods returns employee details by ID.

+ Parameters
    + id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)

+ Request (application/json)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (crud_employee_get)

### Get Employee Request by ID [GET /employee_requests/{id}]

This service should be used with `access_token` authetification method.

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required) 


+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (Employee_Request_Details)

### Get Employee Request by ID and Token [GET /employee_requests/{id}{?token}]

This service should be used by invitation recipient that does not have `access_token`.

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required) 
    + `token`: `5241744750e8c2df4897c0d35775d9a2` (string, optional) - the secret token to ensure the resolving is made by the User


+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (Employee_Request_Details)

### Approve the Employee Request [PATCH /employee_requests/{id}/actions/approve]

Expected that this end-point will be called from the eHealth invitations UI.

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)

+ Request (application/json)

    + Headers

            X-CSRF-Token: my-csrf-token

    + Attributes (object)
        + `user` (object, optional) - User that should be created (if invitation recipient doesn't have account in eHealth)
            + login: me@example.com (string, required)
            + password: notasecret (string, required)
        + `token`: `5241744750e8c2df4897c0d35775d9a2` (string, optional) - the secret token to ensure the resolving is made by the User.

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (Employee_Request_Short)

### Decline the Employee Request [PATCH /employee_requests/{id}/actions/decline]

Expected that this end-point will be called from the Invitations UI.

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)

+ Request (application/json)

    + Headers

            X-CSRF-Token: my-csrf-token

    + Attributes (object)
        + `token`: `5241744750e8c2df4897c0d35775d9a2` (string, optional) - the secret token to ensure the resolving is made by the User.

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (Employee_Request_Short)
        

## Doctors [/doctors]

### Create new doctor [POST]

Method to create new record in the employee_doctor table

Limitations:
* only one doctor can be registered for one employee record

+ Request (application/json)
    + Attributes (DoctorNew)

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (`crud_DoctorNew_get`)

### Get Doctor Details by ID [GET /doctors/{id}]

This method allows to fetch doctor record details by ID.

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)

+ Request (application/json)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`crud_DoctorNew_get`)

### Update Doctor [PATCH /doctors/{id}]

This method to update the Doctor related information.

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)

+ Request (application/json)
    + Attributes (DoctorNew)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`crud_DoctorNew_get`)


## Legal Entities [/legal_entities]

### Get Legal Entities List [GET /legal_entities{?edrpou,type,status,legal_form,owner_property_type}]

+ Parameters
    + edrpou: 5432345432 (string, optional)
    + type (enum, optional)
        - MSP
        - MIS
    + status: VERIFIED (enum, optional)
        - VERIFIED
        - NOT_VERIFIED
    + owner_property_type: state (enum, optional)
        - STATE
        - PRIVATE
    + legal_form: `ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА` (enum, optional)
        - ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА
        - АКЦІОНЕРНЕ ТОВАРИСТВО
        - ВІДКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
        - ЗАКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
        - РЕЛІГІЙНА ОРГАНІЗАЦІЯ
        - ІНШІ ОРГАНІЗАЦІЙНО-ПРАВОВІ ФОРМИ

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array[crud_legal_entity_get])

### Get Legal Entity Details by ID [GET /legal_entities/{id}]

+ Parameters
    + id: `1341234` (string)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`crud_legal_entity_get`)

### Create Legal Entity [POST]

+ Request (application/json)
    + Attributes (crud_legal_entity_post)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`crud_legal_entity_get`)

### Update Legal Entity [PATCH /legal_entities/{id}]

+ Parameters
    + id: `24352342` (string, required)

+ Request (application/json)
    + Attributes (crud_legal_entity_patch)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`crud_legal_entity_get`)


## Divisions [/divisions]

### Create new division [POST]

Method to create new division record.

+ Request (application/json)
    + Attributes (`Division`)

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (`crud_division_get`)


### Update division [PATCH /divisions/{id}]

This method to update the division info by ID.


+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)


+ Request (application/json)
    + Attributes (`Division`)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`crud_division_get`)


### Search Divisions [GET /divisions/{?type,legal_entity_id}]

Methods returns list of legal entity divisions.

+ Parameters
    + type: clinic (string, optional)
    + `legal_entity_id`: 314083428 (string, optional)

+ Request (application/json)

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array[`crud_division_get`])

### Get division details [GET /divisions/{id}]

Methods returns Division details by ID.

+ Parameters
    + id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)

+ Request (application/json)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`crud_division_get`)

## Medical Service Providers [/msp]

### Create new msp [POST]

Method to create new record in the msp table


+ Request (application/json)
    + Attributes (`crud_msp_post`)

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (`crud_msp_get`)

### Get MSP Details by ID [GET /msp/{legal_entity_id}]

This method allows to fetch msp record details by ID.

+ Parameters
    + legal_entity_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)

+ Request (application/json)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`crud_msp_get`)

### Update MSP [PATCH /msp/{legal_entity_id}]

This method to update the MSP related information.

+ Parameters
    + legal_entity_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)

+ Request (application/json)
    + Attributes (`crud_msp_patch`)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (`crud_msp_get`)

# Group Internal. Reports

## Declarations [/reports/declarations]

### Get Declarations Histogram stats [GET /reports/declarations{?start_date,end_date,doctor_id,msp_id}]

Methods returns agregated numbers of declarations.

+ Parameters
    + start_date: 2017-01-28 (string, required)
    + end_date: 2017-02-28 (string, required)
    + doctor_id: b075f148-7f93-4fc2-b2ec-2d81b19a9b7b (string, optional)
    + msp_id: b075f148-7f93-4fc2-b2ec-2d81b19a9b7b (string, optional)

+ Request (application/json)

    + Headers

            Authorization: Bearer YW5WcFkyVnFkV2xqWldwMWFXTmxDZzpjY1hwWTR0cWRZbGVjNHAxYUdsMXVJ

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (array [Declaration_Report])

# Group Internal. Global parameters and Products

## Global parameters [/global_parameters]

### Get Global Parameters [GET]

Methods returns global parameters for declarations.

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (Global_Parameters)


# Group Public. Medical Service Provider Integration Layer

## oAuth [/api/oauth]

### Show Login UI [GET /api/oauth/ui{?client_id,redirect_url,scope,response_type}]

You MUST redirect your users to this URL to obtain oAuth Code Grant (which is later exchanged to Access Token).

User will see rendered login page, which structure differ by a list of requested scopes and security measures applied by DevOps team.

For security purposes, we will set `X-Frame-Options: deny` header that will disallow opening this page in an iframe.

+ Parameters
    + client_id: `mis-001` (string, required) - Medical Information System ID issued upon integration request. Used to identify application developer.
    + redirect_url: http://example.com/ (string, required) - URL where user will be redirected after authentification. This url will receive `code` and `state` parameters in query string.
    + scope: `capitation_contracts:view capitation_contracts:create patients:view patients:create` (string, required) - List of scopes that is required in application business logic, separated by space. Different login forms will be shown based on scopes that you requested.
    + response_type: code (enum, required) - Response type, only `code` is supported.

+ Response 200 (text/html; charset=UTF-8)

    + Headers

            X-CSRF-Token: my-csrf-token

### Exchange oAuth Code Grant to Access Token [POST /api/oauth/tokens]

After obtaining oAuth Code Grant, it should be exchanged to an `access_token` **on your back-end**. 

General recommendations:

- Never expose `client_secret` to your front-end.
- Also we recommend to avoid pushing it to the application source code, to limit number of developers that have access to it.

Exposed client credentials may be blocked for a security reasons, you will need to contact administrator to receive a new credentials.

+ Request (application/json)

    + Headers

            X-CSRF-Token: my-csrf-token

    + Attributes (object)
        + client_id: `mis-001` (string, required) - Medical Information System ID issued upon integration request. Used to identify application developer.
        + client_secret: `mis-001-secret-key` (string, required) - Medical Information System secret key issued upon integration request. Used to identify application developer.
        + code: 299383828 (string, required) - oAuth code grant.
        + `grant_type`: authorization_code (string, fixed) - oAuth Grant Type. Currently only `authorization_code` is supported.

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (Access_Token)
            + msp_id: null (string, optional)

### Use Refresh Token for Access Token extension [POST /api/oauth/tokens]

Currently `access_token` and `refresh_token` are configured to have same lifetime, so we don't expect you to refresh it. 

In future, you will be able to refresh access tokens to extend `access_token` lifetime.

+ Request (application/json)

    + Headers

            X-CSRF-Token: my-csrf-token
            Authorization: Bearer mF_9.B5f-4.1JqM

    + Attributes (object)
        + client_id: `mis-001` (string, required) - Medical Information System ID issued upon integration request. Used to identify application developer.
        + client_secret: `mis-001-secret-key` (string, required) - Medical Information System secret key issued upon integration request. Used to identify application developer.
        + refresh_token: `my-oauth-refresh-token` (string, required) - oAuth refresh token.
        + `grant_type`: refresh_token (string, fixed) - oAuth Grant Type. Currently only `authorization_code` is supported.

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (Access_Token)
            + msp_id: null (string, optional)

### Set an oAuth Access Token Context [PATCH /api/oauth/tokens/{access_token}]

Set a `:msp_id` context for user `:access_token`.

+ Parameters
    + access_token: `my-oauth-token` (string, required) - oAuth access token.

+ Request (application/json)
    + Attributes
        + msp_id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, optional)

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (Access_Token)
            + msp_id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)

## OTP Verification [/api/otp_verifications]

Method is used to verify that provided in declarartion request phone number is valid and is in service

### Initialize OTP Verification [POST]

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM
    
    + Attributes (object)
        + `phone_number`: `+380508887700` (string, required)

+ Response 200 (application/json)
    + Attributes (Response__Process_OK)
        + data (OTP)

### Complete OTP Verification [PATCH /api/otp_verifications/{phone_number}/actions/complete]

+ Parameters
    + `phone_number`: `+380508887700` (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM
    
    + Attributes (object)
        + code: 395105 (number)

+ Response 200 (application/json)
    + Attributes (Response__Process_OK)
        + data (OTP)

### Find Verifications by Phone Number [GET /api/otp_verifications/{phone_number}]

+ Parameters
    + `phone_number`: `+380508887700` (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (OTP)

## Declaration Requests [/api/declaration_requests]

[Declaration Request]() is a life-cycle entity that is used to perform operations on [Declarations]().

After declaration request is signed and/or verified (depends on verification logic) it will be automatically moved to [Declarations]().

### Get Declaration Requests List [GET /api/declaration_requests{?employee_id,legal_entity_id,status,starting_after,ending_before,limit}]

Use this method to obrain list of Declaration Requests for an `empolee_id`. If you want to reduce amount of data that is going trough your application, use `status` filter and show only requests that Doctor is interested in current UI section.

Also we suggest use `employee_id` and `legal_entity_id` to make sure that end-user understands context of actions that he or she will perform.

Method returns shortened details, to obtain full information - get Declaration Request it by it's ID.

+ Parameters
    + `employee_id`: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, optional) - user_id of a doctor.
    + `legal_entity_id`: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, optional) - MSP ID.
    + status: new (enum, optional)
        - new
        - pending
    + limit: 20 (number) - A limit on the number of objects to be returned, between 1 and 100. Default: 50.
    + starting_after: 56c31536a60ad644060041af (string, optional) - A cursor to fetch next page. Taken from collection response.
    + ending_before: 56c31536a60ad644060041aa (string, optional) - A cursor to fetch previous page. Taken from collection response.

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array[`Declaration_Request_Short`])

### Get Declaration Request by ID [GET /api/declaration_requests/{id}]

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required) - request identifier

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (object)
            + id: b075f148-7f93-4fc2-b2ec-2d81b19a9b7b (string, required)
            + include `Declaration_Request_Details_Public`
            + content: `Declaration content` (string, required)
            + active: false (boolean, required)
            + status: pending_verification (string, required)
            + last_chain_hash: hash (string) - Hash of previous "block chain" element

### Create Declaration Request [POST]

This method is used to create Declaration Request (as part of Declaration creation process). Fields descriptions are listed in request Example view.

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

    + Attributes (object)
        + `declaration_request` (Declaration_Request_Public)

+ Response 201 (application/json)
    + Attributes (Response__Process_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (object)
            + id: b075f148-7f93-4fc2-b2ec-2d81b19a9b7b (string, required)
            + include `Declaration_Request_Public`
            + content: `Declaration content` (string, required) - HTML document that MUST be shown to a  - Should be defined on the client side.end-user and signed by hes key.
            + `authentication_method` (`Authentication_Method`) - 
                
                Currently we support two authentifciation methods:
                
                * **OTP** - Preffered. One-time-password (usually sent via SMS). Masked phone number will be returned. By using this verification method you MUST approve Declaration Request by a OTP token that is sent to a patient mobile phone.
                * **OFFLINE** - For patients that is not able to pass OTP verification method. By using this verification method you MUST upload required documents to links returned in response and approve Declaration Request after upload is completed.

+ Response 422 (application/json)
    + Attributes (Response_Error)
        + meta (Response__Meta)
            + code: 422
        + error
            + type: unverified (string, required)
            + message: `Unverified phone number` (string, required)

### Approve Declaration Request [PATCH /api/declaration_requests/{id}/actions/approve]

Use this method to approve previously created Declaration Request.

This method expects one of verification methods as it's parameters. Verification method is determined on Declaration Request creation stage. (See `authentication_method` field description.)

+ Parameters
    + id: b075f148-7f93-4fc2-b2ec-2d81b19a9b7b (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

    + Attributes (object)
        + verification_code: 354276 (string, required)

+ Response 201 (application/json)
    + Attributes (Response__Process_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (object)
            + id: b075f148-7f93-4fc2-b2ec-2d81b19a9b7b (string, required)
            + include `Declaration_Request_Public`
            + content: `Declaration content` (string, required) - Same as returned on creation stage.
            + active: false (boolean, required)
            + status: pending_verification (string, required)

### Reject Declaration Request [PATCH /api/declaration_requests/{id}/actions/reject]

Use this method to reject previously created Declaration Request.

+ Parameters
    + id: b075f148-7f93-4fc2-b2ec-2d81b19a9b7b (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 201 (application/json)
    + Attributes (Response__Process_OK)
        + meta (Response__Meta)
            + code: 200 (number)

### Resend Authorization OTP on Declaration Request [POST /api/declaration_requests/{id}/actions/resend_otp]

Use this method to resend sms on previously created Declaration Request.

+ Parameters
    + id: b075f148-7f93-4fc2-b2ec-2d81b19a9b7b (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response__Process_OK)

### Sign Declaration Request [PATCH /api/declaration_requests/{id}/actions/sign]

This method is used to sign Declaration Request. Method receives signed message (pkcs7) including signed content, digital signature and signer public key in `signed_content` property. 
All signature fields will be validated (including signer certificate authority).

This service will store signed copy of Declaration Request in Media Content Storage, created or update MPI records and create declaration if signature is all checks is passed.

Signed content MUST consists of JSON object with Declaration Request data and printout template returned on creation stage.

**Signed object example:**
```
{
   "id":"b075f148",
   "start_date":"2017-03-02T10:45:16.000Z",
   "end_date":"2017-03-02T10:45:16.000Z",
   "person":{
      "first_name":"Петро",
      "last_name":"Іванов",
      "second_name":"Миколайович",
      "birth_date":"1991-08-19T00:00:00.000Z",
      "birth_place":"Вінниця, Україна",
      "gender":"MALE",
      "email":"email@example.com",
      "tax_id":"3126509816",
      "secret":"secret",
      "documents":[
         {
            "type":"PASSPORT",
            "number":"120518"
         },
         {
            "type":"NATIONAL_ID",
            "number":"D736810"
         }
      ],
      "addresses":[
         {
            "type":"RESIDENCE",
            "country":"UA",
            "area":"Житомирська",
            "region":"Бердичівський",
            "city":"Київ",
            "city_type":"CITY",
            "street":"вул. Ніжинська",
            "building":"15",
            "apartment":"23",
            "zip":"02090"
         }
      ],
      "phones":[
         {
            "type":"MOBILE",
            "number":"+380503410870"
         }
      ],
      "authentication_methods":[
         {
            "type":"OTP",
            "phone_number":"+380508887700"
         }
      ],
      "emergency_contact":{
         "first_name":"Петро",
         "last_name":"Іванов",
         "second_name":"Миколайович",
         "phones":[
            {
               "type":"MOBILE",
               "number":"+380503410870"
            }
         ]
      },
      "confidant_person":{
         "relation_type":"trustee",
         "first_name":"Петро",
         "last_name":"Іванов",
         "second_name":"Миколайович",
         "birth_date":"1991-08-19T00:00:00.000Z",
         "birth_place":"Вінниця, Україна",
         "gender":"MALE",
         "tax_id":"3126509816",
         "documents":[
            {
                "type":"PASSPORT",
                "number":"120518"
            },
            {
                "type":"NATIONAL_ID",
                "number":"D736810"
            }
        ],
         "phones":[
            {
               "type":"MOBILE",
               "number":"+380503410870"
            }
         ]
      },
      "renewal_consent":true,
      "patient_signed":true,
      "disclosure_consent":true,
      "process_data_consent":true
   },
   "employee":{
      "id":"d290f1ee-6c54-4b01-90e6-d701748f0851",
      "title":"лікар",
      "party":{
         "id":"b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
         "first_name":"Петро",
         "last_name":"Іванов",
         "second_name":"Миколайович",
         "email":"email@example.com",
         "phones":[
            {
               "type":"MOBILE",
               "number":"+380503410870"
            }
         ]
      }
   },
   "msp":{
      "name":"Клініка Борис",
      "short_Name":"Борис",
      "type":"ФОП",
      "edrpou":"5432345432",
      "services":[
         {
            "id":"",
            "name":""
         }
      ],
      "licenses":[
         {
            "license_number":"fd123443",
            "kved":[

            ],
            "issued_by":"Кваліфікацйна комісія",
            "issued_date":"2017",
            "expiry_date":"2017"
         }
      ],
      "accreditation":[
         {
            "certificate_number":"fd123443",
            "issued_by":"Кваліфікацйна комісія",
            "issued_date":"2017",
            "expiry_date":"2017"
         }
      ],
      "addresses":[
         {
            "type":"RESIDENCE",
            "country":"UA",
            "area":"Житомирська",
            "region":"Бердичівський",
            "city":"Київ",
            "city_type":"CITY",
            "street":"вул. Ніжинська",
            "building":"15",
            "apartment":"23",
            "zip":"02090"
         }
      ],
      "phones":[
         {
            "type":"MOBILE",
            "number":"+380503410870"
         }
      ],
      "email":"email@example.com",
      "id":"d290f1ee-6c54-4b01-90e6-d701748f0851"
   },
   "scope":"family doctor",
   "content":"Declaration content"
}
```

+ Parameters
    + id: b075f148-7f93-4fc2-b2ec-2d81b19a9b7b (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

    + Attributes (object)
        + `signed_content`: `MIIWmAYJKoZIhvcNAQcCoIIWiTCCFoUCAQExCzAJBgUrDgMCGgUAMIISuwYJKoZIhvcNAQcBoIISrASCEqh7XHJ0ZjFcYW5zaVxhbnNpY3BnMTI1Mlxjb2NvYXJ0ZjE1MDRcY29jb2FzdWJydGY4MTANCntcZm9udHRibFxmMFxmc3dpc3NcZmNoYXJzZXQwIEhlbHZldGljYTt9DQp7XGNvbG9ydGJsO1xyZWQyNTVcZ3JlZW4yNTVcYmx1ZTI1NTtccmVkNzBcZ3JlZW41M1xibHVlOTY7XHJlZDI0OVxncmVlbjI0OVxibHVlMjUxO30NCntcKlxleHBhbmRlZGNvbG9ydGJsOztcY3NzcmdiXGMzNDUxMFxjMjc4NDNcYzQ1MDk4O1xjc3NyZ2JcYzk4MDM5XGM5ODAzOVxjOTg4MjQ7fQ0KXG1hcmdsMTQ0MFxtYXJncjE0NDBcdmlld3cxMDgwMFx2aWV3aDg0MDBcdmlld2tpbmQwDQpcZGVmdGFiNzIwDQpccGFyZFxwYXJkZWZ0YWI3MjBccGFydGlnaHRlbmZhY3RvcjANCg0KXGYwXGZzMjggXGNmMiBcY2IzIFxleHBuZDBcZXhwbmR0dzBca2VybmluZzANClx7XA0KICAgImlkIjoiYjA3NWYxNDgiLFwNCiAgICJzdGFydF9kYXRlIjoiMjAxNy0wMy0wMlQxMDo0NToxNi4wMDBaIixcDQogICAiZW5kX2RhdGUiOiIyMDE3LTAzLTAyVDEwOjQ1OjE2LjAwMFoiLFwNCiAgICJwZXJzb24iOlx7XA0KICAgICAgImZpcnN0X25hbWUiOiJcdWMwXHUxMDU1IFx1MTA3NyBcdTEwOTAgXHUxMDg4IFx1MTA4NiAiLFwNCiAgICAgICJsYXN0X25hbWUiOiJcdWMwXHUxMDMwIFx1MTA3NCBcdTEwNzIgXHUxMDg1IFx1MTA4NiBcdTEwNzQgIixcDQogICAgICAic2blic Vjb25kX25hbWUiOiJcdWMwXHUxMDUyIFx1MTA4MCBcdTEwODIgXHUxMDg2IFx1MTA4MyBcdTEwNzIgXHUxMDgxIFx1MTA4NiBcdTEwNzQgXHUxMDgwIFx1MTA5NSAiLFwNCiAgICAgICJiaXJ0aF9kYXRlIjoiMTk5MS0wOC0xOVQwMDowMDowMC4wMDBaIixcDQogICAgICAiYmlydGhfcGxhY2UiOiJcdWMwXHUxMDQyIFx1MTExMCBcdTEwODUgXHUxMDg1IFx1MTA4MCBcdTEwOTQgXHUxMTAzICwgXHUxMDU5IFx1MTA4MiBcdTEwODggXHUxMDcyIFx1MTExMSBcdTEwODUgXHUxMDcyICIsXA0KICAgICAgImdlbmRlciI6Ik1BTEUiLFwNCiAgICAgICJlbWFpbCI6ImVtYWlsQGV4YW1wbGUuY29tIixcDQogICAgICAidGF4X2lkIjoiMzEyNjUwOTgxNiIsXA0KICAgICAgIm5hdGlvbmFsX2lkIjoiQ0M3MTUwOTg1MjQzIixcDQogICAgICAic2VjcmV0Ijoic2VjcmV0IixcDQogICAgICAiZG9jdW1lbnRzIjpbXA0KICAgICAgICAgXHtcDQogICAgICAgICAgICAidHlwZSI6IlBBU1NQT1JUIixcDQogICAgICAgICAgICAibnVtYmVyIjoiMTIwNTE4IixcDQogICAgICAgICAgICAiaXNzdWVfZGF0ZSI6IjIwMTUtMDQtMDdUMDA6MDA6MDAuMDAwWiIsXA0KICAgICAgICAgICAgImV4cGlyeV9kYXRlIjoiMjAxNS0wNC0wN1QwMDowMDowMC4wMDBaIixcDQogICAgICAgICAgICAiaXNzdWVkX2J5IjoiRE1TVSJcDQogICAgICAgICBcfVwNCiAgICAgIF0sXA0KICAgICAgImFkZHJlc3NlcyI6W1wNCiAgICAgICAgIFx7XA0KICAgICAgICAgICAgInR5cGUiOiJSRVNJREVOQ0UiLFwNCiAgICAgICAgICAgICJjb3VudHJ5IjoiVUEiLFwNCiAgICAgICAgICAgICJhcmVhIjoiXHVjMFx1MTA0NiBcdTEwODAgXHUxMDkwIFx1MTA4NiBcdTEwODQgXHUxMDgwIFx1MTA4OCBcdTEwODkgXHUxMTAwIFx1MTA4MiBcdTEwNzIgIixcDQogICAgICAgICAgICAicmVnaW9uIjoiXHVjMFx1MTA0MSBcdTEwNzcgXHUxMDg4IFx1MTA3NiBcdTEwODAgXHUxMDk1IFx1MTExMCBcdTEwNzQgXHUxMDg5IFx1MTEwMCBcdTEwODIgXHUxMDgwIFx1MTA4MSAiLFwNCiAgICAgICAgICAgICJjaXR5IjoiXHVjMFx1MTA1MCBcdTEwODAgXHUxMTExIFx1MTA3NCAiLFwNCiAgICAgICAgICAgICJjaXR5X3R5cGUiOiJDSVRZIixcDQogICAgICAgICAgICAic3RyZWV0IjoiXHVjMFx1MTA3NCBcdTEwOTEgXHUxMDgzIC4gXHUxMDUzIFx1MTExMCBcdTEwNzggXHUxMDgwIFx1MTA4NSBcdTEwODkgXHUxMTAwIFx1MTA4MiBcdTEwNzIgIixcDQogICAgICAgICAgICAiYnVpbGRpbmciOiIxNSIsXA0KICAgICAgICAgICAgImFwYXJ0bWVudCI6IjIzIixcDQogICAgICAgICAgICAiemlwIjoiMDIwOTAiXA0KICAgICAgICAgXH1cDQogICAgICBdLFwNCiAgICAgICJwaG9uZXMiOltcDQogICAgICAgICBce1wNCiAgICAgICAgICAgICJ0eXBlIjoiTU9CSUxFIixcDQogICAgICAgICAgICAibnVtYmVyIjoiKzM4MDUwMzQxMDg3MCJcDQogICAgICAgICBcfVwNCiAgICAgIF0sXA0KICAgICAgImF1dGhlbnRpY2F0aW9uX21ldGhvZHMiOltcDQogICAgICAgICBce1wNCiAgICAgICAgICAgICJ0eXBlIjoiU01TIixcDQogICAgICAgICAgICAicGhvbmVfbnVtYmVyIjoiKzM4MDUwODg4NzcwMCJcDQogICAgICAgICBcfVwNCiAgICAgIF0sXA0KICAgICAgImVtZXJnZW5jeV9jb250YWN0Ijpce1wNCiAgICAgICAgICJmaXJzdF9uYW1lIjoiXHVjMFx1MTA1NSBcdTEwNzcgXHUxMDkwIFx1MTA4OCBcdTEwODYgIixcDQogICAgICAgICAibGFzdF9uYW1lIjoiXHVjMFx1MTAzMCBcdTEwNzQgXHUxMDcyIFx1MTA4NSBcdTEwODYgXHUxMDc0ICIsXA0KICAgICAgICAgInNlY29uZF9uYW1lIjoiXHVjMFx1MTA1MiBcdTEwODAgXHUxMDgyIFx1MTA4NiBcdTEwODMgXHUxMDcyIFx1MTA4MSBcdTEwODYgXHUxMDc0IFx1MTA4MCBcdTEwOTUgIixcDQogICAgICAgICAicGhvbmVzIjpbXA0KICAgICAgICAgICAgXHtcDQogICAgICAgICAgICAgICAidHlwZSI6Ik1PQklMRSIsXA0KICAgICAgICAgICAgICAgIm51bWJlciI6IiszODA1MDM0MTA4NzAiXA0KICAgICAgICAgICAgXH1cDQogICAgICAgICBdXA0KICAgICAgXH0sXA0KICAgICAgImNvbmZpZGFudF9wZXJzb24iOlx7XA0KICAgICAgICAgInJlbGF0aW9uX3R5cGUiOiJ0cnVzdGVlIixcDQogICAgICAgICAiZmlyc3RfbmFtZSI6Ilx1YzBcdTEwNTUgXHUxMDc3IFx1MTA5MCBcdTEwODggXHUxMDg2ICIsXA0KICAgICAgICAgImxhc3RfbmFtZSI6Ilx1YzBcdTEwMzAgXHUxMDc0IFx1MTA3MiBcdTEwODUgXHUxMDg2IFx1MTA3NCAiLFwNCiAgICAgICAgICJzZWNvbmRfbmFtZSI6Ilx1YzBcdTEwNTIgXHUxMDgwIFx1MTA4MiBcdTEwODYgXHUxMDgzIFx1MTA3MiBcdTEwODEgXHUxMDg2IFx1MTA3NCBcdTEwODAgXHUxMDk1ICIsXA0KICAgICAgICAgImJpcnRoX2RhdGUiOiIxOTkxLTA4LTE5VDAwOjAwOjAwLjAwMFoiLFwNCiAgICAgICAgICJiaXJ0aF9wbGFjZSI6Ilx1YzBcdTEwNDIgXHUxMTEwIFx1MTA4NSBcdTEwODUgXHUxMDgwIFx1MTA5NCBcdTExMDMgLCBcdTEwNTkgXHUxMDgyIFx1MTA4OCBcdTEwNzIgXHUxMTExIFx1MTA4NSBcdTEwNzIgIixcDQogICAgICAgICAiZ2VuZGVyIjoiTUFMRSIsXA0KICAgICAgICAgInRheF9pZCI6IjMxMjY1MDk4MTYiLFwNCiAgICAgICAgICJkb2N1bWVudHMiOltcDQogICAgICAgICAgICBce1wNCiAgICAgICAgICAgICAgICJ0eXBlIjoiUEFTU1BPUlQiLFwNCiAgICAgICAgICAgICAgICJudW1iZXIiOiIxMjA1MTgiLFwNCiAgICAgICAgICAgICAgICJpc3N1ZV9kYXRlIjoiMjAxNS0wNC0wN1QwMDowMDowMC4wMDBaIixcDQogICAgICAgICAgICAgICAiZXhwaXJ5X2RhdGUiOiIyMDE1LTA0LTA3VDAwOjAwOjAwLjAwMFoiLFwNCiAgICAgICAgICAgICAgICJpc3N1ZWRfYnkiOiJETVNVIlwNCiAgICAgICAgICAgIFx9XA0KICAgICAgICAgXSxcDQogICAgICAgICAicGhvbmVzIjpbXA0KICAgICAgICAgICAgXHtcDQogICAgICAgICAgICAgICAidHlwZSI6Ik1PQklMRSIsXA0KICAgICAgICAgICAgICAgIm51bWJlciI6IiszODA1MDM0MTA4NzAiXA0KICAgICAgICAgICAgXH1cDQogICAgICAgICBdXA0KICAgICAgXH0sXA0KICAgICAgInJlbmV3YWxfY29uc2VudCI6dHJ1ZSxcDQogICAgICAicGF0aWVudF9zaWduZWQiOnRydWUsXA0KICAgICAgImRpc2Nsb3N1cmVfY29uc2VudCI6dHJ1ZSxcDQogICAgICAicHJvY2Vzc19kYXRhX2NvbnNlbnQiOnRydWVcDQogICBcfSxcDQogICAiZW1wbG95ZWUiOlx7XA0KICAgICAgImlkIjoiZDI5MGYxZWUtNmM1NC00YjAxLTkwZTYtZDcwMTc0OGYwODUxIixcDQogICAgICAidGl0bGUiOiJcdWMwXHUxMDgzIFx1MTExMCBcdTEwODIgXHUxMDcyIFx1MTA4OCAiLFwNCiAgICAgICJwYXJ0eSI6XHtcDQogICAgICAgICAiaWQiOiJiMDc1ZjE0OC03ZjkzLTRmYzItYjJlYy0yZDgxYjE5YTliN2IiLFwNCiAgICAgICAgICJmaXJzdF9uYW1lIjoiXHVjMFx1MTA1NSBcdTEwNzcgXHUxMDkwIFx1MTA4OCBcdTEwODYgIixcDQogICAgICAgICAibGFzdF9uYW1lIjoiXHVjMFx1MTAzMCBcdTEwNzQgXHUxMDcyIFx1MTA4NSBcdTEwODYgXHUxMDc0ICIsXA0KICAgICAgICAgInNlY29uZF9uYW1lIjoiXHVjMFx1MTA1MiBcdTEwODAgXHUxMDgyIFx1MTA4NiBcdTEwODMgXHUxMDcyIFx1MTA4MSBcdTEwODYgXHUxMDc0IFx1MTA4MCBcdTEwOTUgIlwNCiAgICAgIFx9XA0KICAgXH0sXA0KICAgIm1zcCI6XHtcDQogICAgICAiaWQiOiJkMjkwZjFlZSIsXA0KICAgICAgIm5hbWUiOiJcdWMwXHUxMDUwIFx1MTA4MyBcdTExMTAgXHUxMDg1IFx1MTExMCBcdTEwODIgXHUxMDcyICBcdTEwNDEgXHUxMDg2IFx1MTA4OCBcdTEwODAgXHUxMDg5ICIsXA0KICAgICAgInNob3J0X05hbWUiOiJcdWMwXHUxMDQxIFx1MTA4NiBcdTEwODggXHUxMDgwIFx1MTA4OSAiLFwNCiAgICAgICJ0eXBlIjoiXHVjMFx1MTA2MCBcdTEwNTQgXHUxMDU1ICIsXA0KICAgICAgImVkcnBvdSI6IjU0MzIzNDU0MzIiXA0KICAgXH0sXA0KICAgInNjb3BlIjoiZmFtaWx5IGRvY3RvciIsXA0KICAgInBsYWludGV4dF9jb250ZW50IjoiRGVjbGFyYXRpb24gY29udGVudCJcDQpcfX2gggIuMIICKjCCAZOgAwIBAgIJANj0sC/v0hWYMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNVBAMUDlBLQ1MjNyBleGFtcGxlMB4XDTE3MDMyNzE0NTczM1oXDTE3MDQyNjE0NTczM1owGTEXMBUGA1UEAxQOUEtDUyM3IGV4YW1wbGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMuqrxE/0txT+ZVRKU1O85a8eaaUAOkbcAIy1mMoxQ+UBwcBeXt07Oxu32+p51HSY93Pp5AlDLKE48sjSNvMbTk5vtZ6g8sqMpZxlBVqHLkXLXYBMf2rmtE4hfV6yTP5YUJEs+a9cotsPN0r5KlI9g8aSpIj9Ie8mML5Vh1taQHNAgMBAAGjejB4MB0GA1UdDgQWBBTET2SwL5UfUMKDyhuBGCA+CaflnzBJBgNVHSMEQjBAgBTET2SwL5UfUMKDyhuBGCA+Cafln6EdpBswGTEXMBUGA1UEAxQOUEtDUyM3IGV4YW1wbGWCCQDY9LAv79IVmDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAF1uOGjUb6IVS28UqZ2qLc/kd2oNU2hOEuAp1YeaKRL2OaG4bTubJO1ejoxCJNfVj0FFw5PXIgjnw87JzkAy5KLDTiotQl8eknkd1bR3nIWINemck3GeGYkR8giG3gkNxz6ky1+63ZcoJkEiS46aneDhmS6BdH0V2G/3delos8+ZMYIBgDCCAXwCAQEwJjAZMRcwFQYDVQQDFA5QS0NTIzcgZXhhbXBsZQIJANj0sC/v0hWYMAkGBSsOAwIaBQCggbEwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTcwMzI4MTE1NDEwWjAjBgkqhkiG9w0BCQQxFgQU5NSvVRVYHz5tG1GW8gXrjHSnLj8wUgYJKoZIhvcNAQkPMUUwQzAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEgYCdqnN8gGXw9OUmtxOvQQgHK5Ni/4/2WQWj7rxERh5AI6rhXs/hh3DNS5Z5mN6wO8z47SQuedbsMQ5hf6+9BbKhXD7WKeU+DtGyfa1ner5/ubz6BeVvuT98D4PrzHlqNSpe/7AirrA70QVO9kPoFSmGtBG6JjaqaCZBYbvF9InPRw==` (string, required)
        + `signed_content_encoding`: base64 (string, required)

+ Response 200 (application/json)
    + Attributes (Response__Process_OK)
        + data (`Declaration_Request_Public`)
            + id: b075f148-7f93-4fc2-b2ec-2d81b19a9b7b (string, required)
            + active: true (boolean, required) - Should be defined on the client side.
            + status: active (string, required)

### Upload document copies for a Declaration Request [POST /media_content_storage/msp/declaration_requests/{id}/{filename}]

This method is used in offline patient verification process.

Service returns verification code in exchange for uploaded file.

+ Parameters
    + id: b075f148-7f93-4fc2-b2ec-2d81b19a9b7b (string, required)
    + filename: SzFxGfAg_Zj.pdf

+ Request (application/pdf)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM
            Content-Length: 150
            Content-Range: bytes
    
    + Body

            PDF CONTENT

+ Response 201 (application/json)
    + Attributes (Response_OK)
        + data
          + `verification_code`: SzFxGfAg_Zj

## Declarations [/api/declarations]

### Get Declarations List [GET /api/declarations{?employee_id,legal_entity_id,active,starting_after,ending_before,limit}]

Use this method to obrain list of Declarations for an `empolee_id` and legal_entity_id. If you want to reduce amount of data that is going trough your application, use `status` filter and show only requests that Doctor is interested in current UI section.

Method returns shortened details, to obtain full information - get Declaration Details by it's ID.

+ Parameters
    + `employee_id`: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, optional) - `user_id` of a Doctor.
    + `legal_entity_id`: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required) - MSP ID.
    + active: true (boolean, optional)
        + Default: true
    + limit: 20 (number, optional) - A limit on the number of objects to be returned, between 1 and 100. Default: 50.
        + Default: 50
    + starting_after: 56c31536a60ad644060041af (string, optional) - A cursor to fetch next page. Taken from collection response.
    + ending_before: 56c31536a60ad644060041aa (string, optional) - A cursor to fetch previous page. Taken from collection response.

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array[`Declaration_Request_Short`])

### Get Declaration by ID [GET /api/declarations/{id}]

+ Parameters
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required) - request identifier

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (object)
            + id: b075f148-7f93-4fc2-b2ec-2d81b19a9b7b (string, required)
            + include `Declaration_Request_Details_Public`
            + active: true (boolean, required)

## Employees [/api/employees]

The set of the end-points may be used to manage `Doctors`, `HR's` and `Accountants` that
are employed by legal entity (such as Medical Service Provider).

According to the strong binding of the Employees to the Employer (legal entity)
all GET-endpoints returning Employee info are mounted through the
`/legal_entities/{legal_entity_id}` path.

### Get Employees List [GET /employees{?legal_entity_id,division_id,status,type,limit,starting_after,ending_before}]

Use this end-point to obtain all Employees of the legal entity specified by the `legal_entity_id`. 

We suggest to use `status` filter to limit response size. Eg. you MAY want to list only active employees for everyones except HR's. Also it's a good idea to filter list by employee `type`.

Method returns shortened details, to obtain full information - get Employee it by ID.

+ Parameters
    + `legal_entity_id`: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
    + division_id: `d290f1ee-6c54-4b01-90e6-d701748f0152` (string, optional)
    + status: ACTIVE (enum, optional)
        - ACTIVE
        - INACTIVE
        + Default: ACTIVE
    + type: DOCTOR (enum, optional)
        - DOCTOR
        - HR
        - ACCOUNTANT
    + limit: 20 (number, optional) - A limit on the number of objects to be returned, between 1 and 100. Default: 50.
    + starting_after: 56c31536a60ad644060041af (string, optional) - A cursor to fetch next page. Taken from collection response.
    + ending_before: 56c31536a60ad644060041aa (string, optional) - A cursor to fetch previous page. Taken from collection response.

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array[`Employee_Short`])

### Get Employee Details [GET /employees/{employee_id}]

Response structure differs depending on employee type:

**For HR, ADMIN or ACCOUNTANT:**

* Person info
* Employee info
* User Info

**For DOCTOR:**

* Person info
* Employee info
* User Info
* Doctor info

+ Parameters
    + employee_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (Employee_Request)
            + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
            + division (Division_Short)
            + `legal_entity` (`Legal_Entity_Short`)

### Update Employee [PATCH /employees/{employee_id}]

Use this method change employee status or to update:
* Person info
* Employee info
* Doctor Info

This method does not require changes confirmation by the employee and should be limit by scopes

The following fields can't be changed:
* employee_type
* tax_id
* email

+ Parameters
    + employee_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM
    
    + Attributes (`Employee_Update`)
    
+ Response 200 (application/json)
    + Attributes (Response_OK)
        + data (Employee_Request)
            + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)

## Employee Requests [/api/employee_requests]

### Create or Update Employee via Employee Request [POST]

Employee_Request consist of the three mandatory parts:
* Person info
* Employee info
* User Info

Additionally to register/update Physician the `Doctor info` should be passed.

When the `Employee_Request` will be posted the Invitation e-mail with a request
secret token will be sent to the User specified in the request.

User may accept or decline Invitation.

For changes to take effect employee must confirm the changes

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

    + Attributes (object)
        + `employee_request` (Employee_Request)


+ Response 200 (application/json)
    + Attributes (Response__Process_OK)
        + meta (Response__Meta)
            + code: 201 (number)
        + data (Employee_Request_Short)

### Get Employee Requests List [GET /api/employee_requests{?legal_entity_id,status,limit,starting_after,ending_before}]

+ Parameters
    + `legal_entity_id`: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
    + status: VERIFICATION_EXP (enum, optional)
        - DECLINED
        - VERIFICATION_EXP
        + Default: VERIFICATION_EXP
    + limit: 20 (number) - A limit on the number of objects to be returned, between 1 and 100. Default: 50.
    + starting_after: 56c31536a60ad644060041af (string, optional) - A cursor to fetch next page. Taken from collection response.
    + ending_before: 56c31536a60ad644060041aa (string, optional) - A cursor to fetch previous page. Taken from collection response.

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array[`Employee_Request_Short`])

### Get Employee Request by ID [GET /api/employee_requests/{id}]

This service should be used with `access_token` authetification method.

+ Parameters

    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required) 

+ Request

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM (string, optional) -- the Authorization is optional if `token` is passed


+ Response 200 (application/json)
    + Attributes (Response__Process_OK)
        + data (Employee_Request_Details)

## Persons [/api/persons]

### Search for a Person [GET /api/persons{?first_name,last_name,second_name,birth_date,tax_id,phone_number,birth_place,starting_after,ending_before,limit}]

This method allows to search for a Person (MPI) without disclosing personal data.

Method returns only **requested** parameters, birth place and second name in addition for manual identification on MSP side.

+ Parameters
    + first_name: Петро (string, required)
    + last_name: Іванов (string, required)
    + second_name: Миколайович (string, optional)
    + birth_date: `1991-08-19T00:00:00.000Z` (string, required) - ISO Datetime.
    + tax_id: 3126509816 (string, optional)
    + phone_number: `+380508887700` (string, optional)
    + limit: 20 (number, optional) - A limit on the number of objects to be returned, between 1 and 100. Default: 50.
    + starting_after: 56c31536a60ad644060041af (string, optional) - A cursor to fetch next page. Taken from collection response.
    + ending_before: 56c31536a60ad644060041aa (string, optional) - A cursor to fetch previous page. Taken from collection response.

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array[`Person_Short`])

+ Response 403 (application/json)
    + Attributes (Response_Error)
        + meta (Response__Meta, fixed-type)
            + code: 403 (number)
        + error (Response__Error, fixed-type)
            + type: `too_many_results`
            + message: `This API method returns only exact match results, please retry with more specific search result` (string)

### Get Person Declaration [GET /api/persons/{id}/declaration]

This method allows to receive active person declarations issued by current legal entity (based on access_token). It can be used to check if Patient has active declarations in other Legal Entities.

It returns:
1. Short declaration info if **active declaration found** AND issued by legal entity that is available for `access_token` scope.
2. 404 error if **active declaration not found**.
3. 403 if **active declaration found** issued by **other** (not available by access scopes) legal entity.

+ Parameters
    + id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array[Declaration_Details])

+ Response 403 (application/json)
    + Attributes (Response_Error)
        + meta (Response__Meta, fixed-type)
            + code: 403 (number)
        + error (Response__Error, fixed-type)
            + type: `forbidden`
            + message: `Active declaration belongs to another msp` (string)

## Legal Entities [/api/legal_entities]

### Get Legal Entities [GET /api/legal_entities{?edrpou,type,owner_property,status,starting_after,ending_before,limit}]

+ Parameters
    + `edrpou`: `341086` (string, optional)
    + type: MSP (enum, optional)
        - MSP
        - MIS
        + Default: MSP
    + owner_property: state (enum, optional)
        - state
        - private
    + status: VERIFIED (enum, required)
        - VERIFIED
        - DECLINED
        - VERIFICATION_EXP
    + limit: 20 (number, optional) - A limit on the number of objects to be returned, between 1 and 100. Default: 50.
        + Default: 50
    + starting_after: 56c31536a60ad644060041af (string, optional) - A cursor to fetch next page. Taken from collection response.
    + ending_before: 56c31536a60ad644060041aa (string, optional) - A cursor to fetch previous page. Taken from collection response.

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response_Collection)
        + data (array)
            + (object)
                + include `Legal_Entity_Short`

### Get Legal Entity by ID [GET /api/legal_entities/{id}]

+ Parameters
    + id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

+ Response 200 (application/json)
    + Attributes (Response__Process_OK)
        + data (object)
            + id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
            + include `Legal_Entity_Request_Public`
            + status: VERIFIED (enum, required)
                - VERIFIED
                - DECLINED
                - VERIFICATION_EXP

### Create/Update Legal Entity [PUT]

Use this method to register a new Legal Entity.

Method receives signed message (pkcs7) including signed content, digital signature and signer public key. 
All signature fields will be validated (including signer certificate authority).

Signed content MUST consists of JSON object with Legal Entity data:

* Legal info
* Founders
* Owner

Optional:
* Divisions - may be used if Legal Entity has multiple service locations.

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM

    + Attributes (object)
        + `signed_legal_entity_request`: `...` (string, required)
        + `signed_content_encoding`: base64 (string, required)

+ Response 200 (application/json)
    + Attributes (Response__Process_OK)
        + data (object)
            + id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
            + include `Legal_Entity_Request_Public`
            + status: VERIFIED (enum, required)
                - VERIFIED
                - DECLINED
                - VERIFICATION_EXP

+ Response 201 (application/json)
    + Attributes (Response__Process_OK)
        + data (object)
            + id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
            + include `Legal_Entity_Request_Public`
            + status: VERIFIED (enum, required)
                - VERIFIED
                - DECLINED
                - VERIFICATION_EXP

### Update Legal Entity status [PATCH /api/legal_entities/{id}]

+ Parameters
    + id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)

+ Request (application/json)

    + Headers

            Authorization: Bearer mF_9.B5f-4.1JqM
    
    + Attributes (object)
        + status: VERIFIED (enum, required)
            - VERIFIED
            - DECLINED
            - VERIFICATION_EXP

+ Response 200 (application/json)
    + Attributes (Response__Process_OK)
        + data (object)
            + include `Legal_Entity_Short`

# Data Structures
## Responses
### `Response_Collection`
+ meta (Response__Meta, fixed-type)
+ data (array[], fixed-type)
+ paging (Response__Pagination, fixed-type)

### `Response_OK`
+ meta (Response__Meta, fixed-type)
+ data (object, fixed-type)

### `Response__Process_OK`
+ meta (Response__Meta, fixed-type)
+ data (object, fixed-type)
    + affordances (array[Affordance], required) - List of available affordances and their URLs

### `Response_Error`
+ meta (Response__Meta, fixed-type)
    + code: 400 (number)
+ error (Response__Error, fixed-type)

### `Response__Meta`
+ code: 200 (number) - HTTP response code.
+ url: http://example.com/resource (string) - URL to requested resource.
+ type (enum) - Type of data that is located in `data` attribute.
    - object (string) - `data` attribute is a JSON object.
    - list (string) - `data` attribute is a list.
+ code: 200 (number) - HTTP response code.
+ `idempotency_key`: `idemp-ssjssdjoa8308u0us0` (string, optional) - [Idempotency key](http://docs.apimanifest.apiary.io/#introduction/optional-features/idempotent-requests). Send it trough `X-Idempotency-Key` header.
+ `request_id`: `req-adasdoijasdojsda` (string) - [Request ID](http://docs.apimanifest.apiary.io/#introduction/interacting-with-api/request-id). Send it with `X-Request-ID` header.

### `Response__Error`
+ type: type_atom (string) - Atom that represents error type.
+ message: Error description (string) - Human-readable error message. This is for developers, not end-users.

### `Response__Error_DuplicateEntity`
+ type: `object_already_exists` (string) - Atom that represents error type.
+ message: This API already exists (string) - Human-readable error message. This is for developers, not end-users.

### `Response__Error_ValidationFailed`
+ type: validation_failed (string) - type of an error.
+ message: Validation failed. You can find validators description at our API Manifest: http://docs.apimanifest.apiary.io/#introduction/interacting-with-api/errors. (string)
+ invalid (array)
    + `entry_type`: `json_data_proprty` (string) - Type of error.
    + entry: $.cvv (string) - JSON Path to an invalid property.
    + rules (array)
        + rule: required (string) - String constant that represents validation rule type. List of all types can be found in [API Manifest](http://docs.apimanifest.apiary.io/#introduction/interacting-with-api/errors).
        + params (array) - Validation Parameters.

### `Response__Pagination`
+ limit: 20 (number) - A limit on the number of objects to be returned, between 1 and 100. Default: 50.
+ cursors (object)
    + `starting_after`: 56c31536a60ad644060041af (string) - A cursor for use in pagination. An object ID that defines your place in the list. For instance, if you make a list request and receive 100 objects, ending with `obj_foo`, your subsequent call can include `starting_after=obj_foo` in order to fetch the next page of the list.
    + `ending_before`: 56c31536a60ad644060041aa (string) - A cursor for use in pagination. An object ID that defines your place in the list. For instance, if you make a list request and receive 100 objects, starting with `obj_bar`, your subsequent call can include `ending_before=obj_bar` in order to fetch the previous page of the list.
+ size: 1000 (number) - Total number of objects in collection.
+ has_more: false (boolean) - Is this collection have more data to load in the same style as last request loaded it.

## Persons
### `Person`
+ first_name: Петро (string, required)
+ last_name: Іванов (string, required)
+ second_name: Миколайович (string, optional)
+ birth_date: `1991-08-19T00:00:00.000Z` (string, required)
+ birth_place: `Вінниця, Україна` (string, required)
+ gender: MALE, FEMALE (enum[string], required)
+ email: email@example.com (string, optional)
+ tax_id: 3126509816 (string, optional)
+ secret: secret (string, required)
+ documents (array[Document], optional)
+ addresses (array[Address], optional)
+ phones (array[Phone], optional)
+ `authentication_methods` (array[Authentication_Method], optional)

### `Confidant_Person`
+ first_name: Петро (string, required)
+ last_name: Іванов (string, required)
+ second_name: Миколайович (string, optional)
+ birth_date: `1991-08-19T00:00:00.000Z` (string, required)
+ birth_place: `Вінниця, Україна` (string, required)
+ gender: MALE, FEMALE (enum[string], required)
+ tax_id: 3126509816 (string, optional)
+ documents (array[Document], optional)
+ phones (array[Phone], optional)

### `Emergency_Contact`
+ first_name: Петро (string, required)
+ last_name: Іванов (string, required)
+ second_name: Миколайович (string, optional)
+ phones (array[Phone], optional)

### `Person_Request`
+ include `Person`
+ emergency_contact (object)
    + include `Emergency_Contact`
+ confidant_person (object) - Should be set if this Person is disabled, underage, etc.
    + relation_type: trustee (enum)
        - trustee
    + include `Confidant_Person`

### `Person_Full`
+ id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
+ Include Person
+ death_date: `2015-04-07T00:00:00.000Z` (string, optional)
+ confident_persons (array[Person])  - Should be set if this Person is disabled, underage, etc.
+ is_active: true (boolean, required)
+ history (array)
    + (object)
        + id: `7bca069f-21e4-4546-90cf-b65e3f39d93d` (string, required)
+ inserted_at: `2017-03-02T10:45:16.000Z` (string, optional)
+ updated_at: `2017-03-02T10:45:16.000Z` (string, optional)

### `Person_Minimal`
+ id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
+ first_name: Петро (string, required)
+ last_name: Іванов (string, required)
+ second_name: Миколайович (string, optional)

### `Person_Short`
+ id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
+ first_name: Петро (string, required)
+ last_name: Іванов (string, required)
+ second_name: Миколайович (string, optional)
+ birth_date: `1991-08-19T00:00:00.000Z` (string, required) - ISO Datetime.
+ tax_id: 3126509816 (string, optional)
+ phone_number: `+380508887700` (string, optional)
+ birth_place: Вінниця (string, required)
+ merged_ids (array)
    + (object)
        + id: `7bca069f-21e4-4546-90cf-b65e3f39d93d` (string, required)

### `Authentication_Method`
+ type (enum, required)
    - OTP
    - OFFLINE
+ phone_number: `+380508887700` (string, optional)

## Doctors
### Doctor
+ certificates (array[Medical_Certificate], optional)
+ licenses (array[Medical_License], required)
+ education (array[Medical_Education], required)

## Declarations
### Declaration
+ id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required) - id of the signed document stored on the Media content storage
+ person_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
+ employee_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
+ division_id: `d290f1ee-6c54-4b01-90e6-d701748f0851`m (string, required)
+ `legal_entity_id`: `d290f1ee-6c54-4b01-90e6-d701748f0851`m (string, required)
+ scope (enum, required)
    - family_doctor
+ start_date: `2017-03-02T10:45:16.000Z` (string, required)
+ end_date: `2017-03-02T10:45:16.000Z` (string, required)
+ signed_at: `2017-03-02T10:45:16.000Z` (string, required)
+ status (enum, optional)
    - active
    - closed

### `crud_Declaration_patch`
+ status (enum, optional)
    - active
    - closed

### `crud_Declaration_get`
+ include `Declaration`
+ inserted_at: `1991-08-19T00:00:00.000Z` (string, required)
+ inserted_by: `userid` (string, required)
+ updated_at: `1991-08-19T00:00:00.000Z` (string, required)
+ updated_by: `userid` (string, required)

### `Declaration_Request_Public`
+ start_date: `2017-03-02T10:45:16.000Z` (string, required) - Should be defined on the client side.
+ end_date: `2017-03-02T10:45:16.000Z` (string, optional) - Will be defined on eHealth side if it's not set.
+ person(`Person_Request`, required) - Object that described a Patient. Confidant person should be set for disabled persons, underage persons, etc.
    + renewal_consent: true (boolean)
    + patient_signed: true (boolean)
    + disclosure_consent: true (boolean)
    + process_data_consent: true (boolean)
+ `employee_id`: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required) - Employee ID with `type=DOCTOR` selected from available Employees as a third contract party.
+ division_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required) - Registered Medical Service Provider Division identifier.
+ `legal_entity_id`: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required) - Registered Medical Service Provider Division identifier.
+ scope (enum, required)
    - family doctor

### `Declaration_Request_Details_Public`
+ start_date: `2017-03-02T10:45:16.000Z` (string, required)
+ end_date: `2017-03-02T10:45:16.000Z` (string, required)
+ person(`Person_Request`, required)
    + renewal_consent: true (boolean)
    + patient_signed: true (boolean)
    + disclosure_consent: true (boolean)
    + process_data_consent: true (boolean)
+ employee (Employee_Minimal)
+ `legal_entity` (`Medical_Service_Provider`)
    + id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
+ division (`Division_Details`)
+ scope (enum, required)
    - family doctor


### `Declaration_Request_Short`
+ id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
+ start_date: `2017-03-02T10:45:16.000Z` (string, required)
+ end_date: `2017-03-02T10:45:16.000Z` (string, required)
+ person (Person_Minimal)
+ employee (Employee_Minimal)
+ `legal_entity` (`MSP_Short`)
+ division (`Division_Short`)

### `Declaration_Details`
+ id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
+ start_date: `2017-03-02T10:45:16.000Z` (string, required)
+ end_date: `2017-03-02T10:45:16.000Z` (string, required)
+ person(`Person_Short`)
+ employee (`Employee_Short`)
+ division (`Division_Short`)
+ `legal_entity` (MSP_Details)
+ created_at: `2017-03-02T10:45:16.000Z` (string, optional)
+ modified_at: `2017-03-02T10:45:16.000Z` (string, optional)


### `Declaration_Report`
+ date: `2017-03-02` (string, required)
+ declarations_total: 100 (number, required)
+ declarations_created: 10 (number, required)
+ declarations_closed: 2 (number, required)

## Party
### `Party_Short`
+ first_name: Петро (string, required)
+ last_name: Іванов (string, required)
+ second_name: Миколайович (string, optional)

### `Party_Request`
+ include `Party_Short`
+ birth_date: `1991-08-19T00:00:00.000Z` (string, required)
+ gender: MALE, FEMALE (enum[string], required)
+ tax_id: 3126509816 (string, optional)
+ email: email@example.com (string, optional)
+ documents (array[Document], optional)
+ phones (array[Phone], optional)

### `Party_Update`
+ include `Party_Short`
+ birth_date: `1991-08-19T00:00:00.000Z` (string, required)
+ gender: MALE, FEMALE (enum[string], required)
+ documents (array[Document], optional)
+ phones (array[Phone], optional)

### `crud_party`
+ first_name: Петро (string, required)
+ last_name: Іванов (string, required)
+ second_name: Миколайович (string, optional)
+ birth_date: `1991-08-19T00:00:00.000Z` (string, required)
+ gender: MALE, FEMALE (enum[string], required)
+ tax_id: 3126509816 (string, required)
+ documents (array[Document], optional)
+ phones (array[Phone], optional)


### `crud_party_post`
+ include `crud_party`

### `crud_party_get`
+ id: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ include `crud_party`
+ inserted_at: `1991-08-19T00:00:00.000Z` (string, required)
+ inserted_by: `userid` (string, required)
+ updated_at: `1991-08-19T00:00:00.000Z` (string, required)
+ updated_by: `userid` (string, required)

## Employees
### `crud_employee`
+ party_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
+ legal_entity_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
+ division_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
+ employee_type: doctor (enum)
    - doctor
    - hr
    - admin
    - owner
    - accountant
+ position (key_value, required)
+ start_date: 2017-02-28 (string, required)
+ end_date: 2017-02-28 (string, optional)
+ active: true (boolean, required)
+ status: pending_verification (enum, required)

### `crud_employee_get`
+ id: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ include `crud_employee`
+ inserted_at: `1991-08-19T00:00:00.000Z` (string, required)
+ inserted_by: `userid` (string, required)
+ updated_at: `1991-08-19T00:00:00.000Z` (string, required)
+ updated_by: `userid` (string, required)

### `crud_employee_post`
+ include `crud_employee`

### `Employee`
+ user_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
+ msp_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
+ employee_type: doctor (enum)
    - doctor
    - hr
    - admin
    - owner
    - accountant
+ position: лікар (string, required)
+ speciality: Педіатр (enum)
    - Сімейний лікар
    - Педіатр
    - Терапевт
+ employee_details (DoctorNew, optional)
+ start_date: 2017-02-28 (string, required)
+ expiry_date: 2017-02-28 (string, optional)

### `Employee_Minimal`
+ id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
+ position: лікар (string, required)
+ party (object)
    + id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
    + include `Party_Short`
    + email: email@example.com (string, optional)
    + phones (array[Phone], optional)

### `Employee_Request`
+ legal_entity_id: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ division_id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
+ position: лікар (string, required)
+ start_date: `2017-03-02T10:45:16.000Z` (string, required)
+ end_date: `2018-03-02T10:45:16.000Z` (string, optional)
+ active: true (boolean, required)
+ status: pending_verification (enum, required)
+ employee_type: doctor (enum)
    - doctor
    - hr
    - admin
    - accountant
+ party (Party_Request)
+ doctor (DoctorNew, optional)

### `Employee_Update`
+ legal_entity_id: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ division_id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
+ position: лікар (string, required)
+ start_date: `2017-03-02T10:45:16.000Z` (string, required)
+ end_date: `2018-03-02T10:45:16.000Z` (string, optional)
+ active: true (boolean, required)
+ status: pending_verification (enum, required)
+ party (Party_Update)
+ doctor (DoctorNew, optional)

### `Employee_Request_Short`
+ id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
+ status: pending_verification (enum, required)
+ inserted_at: `2018-03-02T10:45:16.000Z` (string, required)

### `Employee_Request_Details`
+ include `Employee_Request`
+ division (`Division_Short`)
+ `legal_entity` (`Legal_Entity_Short`)

### `Employee_Short`
+ id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required)
+ position: лікар (string, required)
+ employee_type: doctor (enum)
    - doctor
    - hr
    - admin
    - owner
    - accountant
+ active: true (boolean, required)
+ start_date: `2017-03-02T10:45:16.000Z` (string, required)
+ end_date: `2018-03-02T10:45:16.000Z` (string, optional)
+ party (object)
    + id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
    + include `Party_Short`
+ division (`Division_Short`)
+ `legal_entity` (`Legal_Entity_Short`)
+ doctor (DoctorNew_Short)

## `Legal_Entities`

### `crud_legal_entity`
+ name: Клініка Борис (string, required)
+ short_name: Борис (string, required)
+ type (enum, required)
    - MSP
    - MIS
+ edrpou: 5432345432 (string, required)
+ addresses (array[Address], required)
+ phones (array[Phone], required)
+ email: email@example.com (array[Email], required)
+ active: true (boolean)
+ public_name: Клініка Борис (string, required)
+ kved: 86.1 (array, required)
+ status: VERIFIED (enum, required)
    - VERIFIED
    - NOT_VERIFIED
+ owner_property_type: state (enum, required)
    - STATE
    - PRIVATE
+ legal_form: `ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА` (enum, required)
    - ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА
    - АКЦІОНЕРНЕ ТОВАРИСТВО
    - ВІДКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - ЗАКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - РЕЛІГІЙНА ОРГАНІЗАЦІЯ
    - ІНШІ ОРГАНІЗАЦІЙНО-ПРАВОВІ ФОРМИ

### `crud_legal_entity_get`
+ id: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ include `crud_legal_entity`
+ inserted_at: `1991-08-19T00:00:00.000Z` (string, required)
+ inserted_by: `userid` (string, required)
+ updated_at: `1991-08-19T00:00:00.000Z` (string, required)
+ updated_by: `userid` (string, required)

### `crud_legal_entity_post`
+ include `crud_legal_entity`

### `crud_legal_entity_patch`
+ name: Клініка Борис (string, optional)
+ short_name: Борис (string, optional)
+ type (enum, optional)
    - MSP
    - MIS
+ addresses (array[Address], optional)
+ phones (array[Phone], optional)
+ email: email@example.com (array[Email], optional)
+ active: true (boolean)
+ public_name: Клініка Борис (string, optional)
+ status: VERIFIED (enum, optional)
    - VERIFIED
    - NOT_VERIFIED
+ owner_property_type: state (enum, optional)
    - STATE
    - PRIVATE
+ legal_form: `ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА` (enum, optional)
    - ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА
    - АКЦІОНЕРНЕ ТОВАРИСТВО
    - ВІДКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - ЗАКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - РЕЛІГІЙНА ОРГАНІЗАЦІЯ
    - ІНШІ ОРГАНІЗАЦІЙНО-ПРАВОВІ ФОРМИ

### `Legal_Entity_Short`
+ id: `b075f148-7f93-4fc2-b2ec-2d81b19a9b7b` (string, required)
+ name: Клініка Борис (string, required)
+ short_name: Борис (string, required)
+ type (enum, required)
    - MSP
    - MIS
+ edrpou: 5432345432 (string, required)
+ status: VERIFIED (enum, required)
    - VERIFIED
    - DECLINED
    - VERIFICATION_EXP
+ owner_property_type: state (enum, required)
    - state
    - private
+ legal_form: `ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА` (enum, required)
    - ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА
    - АКЦІОНЕРНЕ ТОВАРИСТВО
    - ВІДКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - ЗАКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - РЕЛІГІЙНА ОРГАНІЗАЦІЯ
    - ІНШІ ОРГАНІЗАЦІЙНО-ПРАВОВІ ФОРМИ

## `Legal_Entity_Requests`

### `Legal_Entity_Request_Public`
+ name: Клініка Борис (string, required)
+ short_name: Борис (string, optional)
+ public_name: Борис (string, optional)
+ legal_form (enum, required)
+ type (enum, required)
    - MIS
    - MSP
+ `owner_property_type`: state (enum, required)
    - state
    - private
+ legal_form: `ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА` (enum, required)
    - ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА
    - АКЦІОНЕРНЕ ТОВАРИСТВО
    - ВІДКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - ЗАКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - РЕЛІГІЙНА ОРГАНІЗАЦІЯ
    - ІНШІ ОРГАНІЗАЦІЙНО-ПРАВОВІ ФОРМИ
+ edrpou: 5432345432 (string, required)
+ kved: 86.1 (array, required)
+ services (array[Medical_Service], required)
+ addresses (array[Address], required)
+ phones (array[Phone], required)
+ email: email@example.com (string, required)
+ owner (Owner)
+ divisions (array[`crud_division_get`])
+ `medical_service_provider` (MSP)

## `Divisions`
### `Division`
+ name: Бориспільське відділення Клініки Борис (string, required)
+ addresses (array[Address], required)
+ phones (array[Phone], required)
+ email: email@example.com (string, required)
+ type: clinic (enum, required)
    - clinic
    - ambulant_clinic
    - fap

### `Division_Details`
+ id: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ `legal_entity_id`: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ include Division

### `Division_Short`
+ id: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ `legal_entity_id`: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ type: clinic (enum, required)
    - clinic
    - ambulant_clinic
    - fap
+ mountain_group: `group1` (string, optional)

### `crud_division_get`
+ id: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ `legal_entity_id`: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ include `Division`
+ mountain_group: `group1` (string, optional)
+ active: true (boolean, required)

## `Owners`
### `Owner`
+ first_name: Петро (string, required)
+ last_name: Іванов (string, required)
+ second_name: Миколайович (string, optional)
+ tax_id: 3015492563 (string, required)
+ birth_date: `1991-08-19T00:00:00.000Z` (string, required)
+ birth_place: `Вінниця, Україна` (string, required)
+ gender: MALE, FEMALE (enum[string], required)
+ email: `email@example.com` (string, required)
+ documents (array[Document], optional)
+ phones (array[Phone], optional)

## `Medical_Service_Providers`

### `crud_msp`
+ `legal_entity_id`: 5432345432 (string, required)
+ accreditation (MSP_Accreditation, required)
+ licenses (array[MSP_License], optional)

### `crud_msp_get`
+ include `crud_msp`

### `crud_msp_post`
+ include `crud_msp`

### `crud_msp_patch`
+ accreditation (MSP_Accreditation, required)
+ licenses (array[MSP_License], optional)

### `Medical_Service_Provider`
+ name: Клініка Борис (string, required)
+ short_name: Борис (string, required)
+ legal_form: `ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА` (enum, required)
    - ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА
    - АКЦІОНЕРНЕ ТОВАРИСТВО
    - ВІДКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - ЗАКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - РЕЛІГІЙНА ОРГАНІЗАЦІЯ
    - ІНШІ ОРГАНІЗАЦІЙНО-ПРАВОВІ ФОРМИ
+ public_name: ЦПМСД №1 (string, optional)
+ edrpou: 5432345432 (string, required)
+ licenses (array[MSP_License], optional)
+ accreditation (MSP_Accreditation, required)
+ addresses (array[Address], required)
+ phones (array[Phone], required)
+ email: `email@example.com` (string, required)

### `MSP_Short`
+ id: d290f1ee-6c54-4b01-90e6-d701748f0851
+ name: Клініка Борис (string, required)
+ short_name: Борис (string, required)
+ legal_form: `ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА` (enum, required)
    - ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА
    - АКЦІОНЕРНЕ ТОВАРИСТВО
    - ВІДКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - ЗАКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - РЕЛІГІЙНА ОРГАНІЗАЦІЯ
    - ІНШІ ОРГАНІЗАЦІЙНО-ПРАВОВІ ФОРМИ
+ edrpou: 5432345432 (string, required)

### `MSP_Details`
+ id: d290f1ee-6c54-4b01-90e6-d701748f0851
+ name: Клініка ЦПМСД №1 (string, required)
+ short_Name: ЦПМСД №1 (string, required)
+ legal_form: `ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА` (enum, required)
    - ПІДПРИЄМЕЦЬ-ФІЗИЧНА ОСОБА
    - АКЦІОНЕРНЕ ТОВАРИСТВО
    - ВІДКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - ЗАКРИТЕ АКЦІОНЕРНЕ ТОВАРИСТВО
    - РЕЛІГІЙНА ОРГАНІЗАЦІЯ
    - ІНШІ ОРГАНІЗАЦІЙНО-ПРАВОВІ ФОРМИ
+ public_name: ЦПМСД №1 (string, optional)
+ edrpou: 5432345432 (string, required)
+ addresses (array[Address], optional
+ created_at: `2017-02-28T15:12:54.000Z` (string, optional)
+ modified_at: `2017-02-28T15:12:54.000Z` (string, optional)

### `MSP`
+ licenses (array[MSP_License], optional)
+ accreditation (MSP_Accreditation, required)

## `Medical_Services`
### `Medical_Service`
+ id
+ name

## `Access_Tokens`
### `Access_Token`
+ access_token: `my-oauth-token` (string, required) - oAuth access token.
+ refresh_token: `my-oauth-refresh-token` (string, required) - oAuth refresh token.
+ expires_in: 76000 (number, required) - seconds until token expiration.
+ person_id: `d290f1ee-6c54-4b01-90e6-d701748f0851` (string, required) - Person ID of authorized user.
+ scopes: `capitation_contracts:view capitation_contracts:create patients:view patients:create` (string, required) - scopes that assigned to access token

## Shared
### `user`
+ first_name: Петро (string, required)
+ last_name: Іванов (string, required)
+ second_name: Миколайович (string, optional)
+ birth_date: `1991-08-19T00:00:00.000Z` (string, required)
+ gender: MALE, FEMALE (enum[string], required)
+ email: email@example.com (string, required)
+ tax_id: 3126509816 (string, optional)
+ documents (array[Document], optional)
+ phones (array[Phone], optional)
+ public_key:FDSAF768ASD6F78A6FD87ADS6FA8DS7F678A678DF (string, required)

### Address
+ type: RESIDENCE, REGISTRATION (enum[string], required)
+ country: UA (enum[string], required)
+ area: Житомирська (string, optional)
+ region: Бердичівський (string, optional)
+ settlement: Київ (string, optional)
+ settlement_type: CITY (enum[string], optional)
+ settlement_id: 43432432 (string, required)
+ street_type: STREET, BOULEVARD, AVENUE (enum[string], optional)
+ street: `вул. Ніжинська` (string, optional)
+ building: 15 (string, required)
+ apartment: 23 (string, optional)
+ zip: 02090 (string, optional)

### Phone
+ type: MOBILE, LANDLINE (enum[string], required)
+ number: `+380503410870` (string, required)

### Email
+ type: PERSONAL, PUBLIC (enum[string], required)
+ email: `email@example.com` (string, required)

### Document
+ type: PASSPORT (enum[string], required)
    - PASSPORT
    - NATIONAL_ID
    - BIRTH_CERTIFICATE
    - TEMPORARY_CERTIFICATE
+ number: 120518 (string, required)

### `Medical_Certificate`
+ name: Диплом доктора медицини (string, required)
+ number: AA1234BC (string, required)
+ degree: `Doctor of Medicine (MD, Dr.MuD, Dr.Med)` (string, required)
+ issue_date: 2017-02-28 (string, required)
+ issued_by: Національний медичний університет імені О.О. Богомольця (string, required)
+ started_date: 2016-08-29T09:12:33.001Z (string, optional)
+ expiration_date: 2016-08-29T09:12:33.001Z (string, optional)

### `Medical_License`
+ category (enum, required)
    - Атестація на визначення знань і практичних навиків
+ type (enum, required)
    - диплом
+ issued_by: Кваліфікацйна комісія (string, required)
+ order_no: DV4312324 (string, required)
+ issued_date: 2017-02-28 (string, required)
+ expiry_date: 2017-02-28 (string, required)

### `Medical_Education`
+ institution_name: Академія Богомольця (string, required)
+ certificate_Number: DD123543 (string, required)
+ degree (enum, required)
    - Doctor of Medicine
    - Bachelor of Medicine
    - Bachelor of Surgery
    - Doctor of Osteopathic Medicine
    - Master of Clinical Medicine
+ start_date: 2017-02-28 (string, required)
+ finished_date: 2017-02-28 (string, required)
+ speciality (enum, required)
    - Загальна практика - сімейна медицина
    - Педіатрія
    - Підліткова терапія
    - Терапія

### `MSP_Accreditation`
+ category: друга (enum, required)
    - друга
    - перша
    - не акредитований
+ issued_date: 2017-02-28 (string, required) - дата видачі
+ expiry_date: 2017-02-28 (string, optional)
+ order_no: fd123443 (string, required) - номер наказу МОЗ
+ order_date: 2017-02-28 (string, required) - дата наказу МОЗ


### `MSP_License`
+ license_number: fd123443 (string, required)
+ issued_by: Кваліфікацйна комісія (string, optional)
+ issued_date: 2017-02-28 (string, required)
+ expiry_date: 2017-02-28 (string, optional)
+ kved: 86.1 (string, optional)
+ what_licensed: реалізація наркотичних засобів (string, optional)

### `key_value`
+ id
+ name

## OTPs
### OTP
+ id: 4 (string, required)
+ `phone_number`: `+380508887700` (string, required)
+ `check_digit`: 5 (number, required) - Check digit that will be first in sent OTP code. Can be validated as checksum by [Verhoeff algorithm](https://en.wikipedia.org/wiki/Verhoeff_algorithm).


## DoctorsNew
### DoctorNew
+ education (array[Education], required)  - освіта
+ qualification (array[Qualification], optional) - підвищення кваліфікації
+ speciality (array[Speciality], required)
+ science_degree (ScienceDegree, optional)

### `DoctorNew_Short`
+ id: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ speciality (array[Speciality], required)

### `crud_DoctorNew_get`
+ id: d290f1ee-6c54-4b01-90e6-d701748f0851 (string, required)
+ include (DoctorNew)

### Education
+ country: UA (enum[string], required)
+ city: Київ (string, required)
+ institution_name: Академія Богомольця (string, required)
+ finished_date: 2017-02-28 (string, required)
+ diploma_number: DD123543 (string, required)
+ degree (enum, required)
    - Молодший спеціаліст
    - Бакалавр
    - Спеціаліст
    - Магістр
+ speciality: Педіатр (string, required)


### ScienceDegree
+ country: UA (enum[string], required)
+ city: Київ (string, required)
+ degree (enum, required)
    - Доктор філософії
    - Кандидат наук
    - Доктор наук
+ institution_name: Академія Богомольця (string, required)
+ diploma_number: DD123543 (string, required)
+ speciality: Педіатр (string, required)
+ issued_date: 2017-02-28 (string, required)

### Qualification
+ type (enum, required)
    - Інтернатура
    - Спеціалізація
    - Передатестаційний цикл
    - Тематичне вдосконалення
    - Курси інформації
    - Стажування
+ institution_name: Академія Богомольця (string, required)
+ speciality: Педіатр (string, required)
+ issued_date: 2017-02-28 (string, required) - дата отримання сертифікату
+ certificate_number: 2017-02-28 (string, required)

### Speciality
+ speciality: Педіатрія (enum, required) - спеціальність
    - Терапевт
    - Педіатр
    - Сімейний лікар
+ speciality_officio: true (boolean, required) - спеціальність за посадою
+ level: Перша категорія (enum, required) - кваліфікаційна категорія
    - Друга категорія
    - Перша категорія
    - Вища категорія
+ qualification_type (enum, required)
    - Присвоєння
    - Підтвердження
+ attestation_name: Академія Богомольця (string, required) - орган що видав
+ attestation_date: 2017-02-28 (string, required) - дата отримання
+ valid_to_date: 2020-02-28 (string, required) - дата дії до
+ certificate_number: AB/21331 (string, required)

### Affordance
+ action (string, required) - Affordance action.
+ url (string, required)

## Global Parameters and Products 
### `Global_Parameters`
+ term: 30 (string, required) - термін дії декларації
+ term_unit: DAYS (enum, required) - одиниця виміру терміну дії
+ adult_age: 18 (string, required) - вік повноліття