MCI Patient APIs
1. Format
The API is based on REST convention and would use JSON as the default data format.
2. Authentication
All APIs described below need authentication. The client_id and From are given when registering with the Identity Provider. The signin API of Identity Provider should be used to get the auth token(To be provided in the "X-Auth-Token" header). Refer the Identity Provider page for more information on how to use the Identity Provider APIs.
3. Validations
For Validations on the API fields below and codes used refer this page.
Described below are the various API definitions.
Create Patient API
Request :
POST https://{mci_service}/api/v1/patients
Headers :
X-Auth-Token : {auth token returned from Identity Service Provider}
client_id : {client id of requester in Identity Service Provider}
From : {email_id of requester registered in Identity Service Provider}
Content-Type : application/json
Body (example with mandatory fields) :
{ "given_name": "Sara", "sur_name": "M", "date_of_birth": "1970-11-06", "gender": "F", "present_address": { "address_line": "37, Good Street,", "division_id": "30", "district_id": "33", "upazila_id": "34" } }
Response Codes :
201 - Created
400 - Bad Request (incorrect data)
401 - Unauthorized (check X-Auth-Token, From and client_id in headers)
403 - Access Denied (check roles in identity provider service)
Response :
{ "http_status": 201, "id": "98001038192" }
The id field contains the health id of the patient.
Create Patient API can be called with or without "hid" field.
- Creating a patient without the "hid" field will automatically create a Health ID for the patient. The response returns the created Health ID.
- Creating a patient with the "hid" field. (The organization for which a Health ID was assigned, will only be able to create a patient using that Health ID)
If the organization to whom the Health ID was assigned and the organization trying to create the patient is different the create patient will fail.
In addition to the above example payload it should have field hid as well. ("hid" = "9xxxxxxxxxx")
Update Patient API :
Request :
PUT https://{mci_service}/api/v1/patients/{health_id}
Headers :
X-Auth-Token : {auth token returned from Identity Service Provider}
client_id : {client id of requester in Identity Service Provider}
From : {email_id of requester registered in Identity Service Provider}
Content-Type : application/json
Body should contain fields which are to be modified (May or may not include other feilds).
Example :
{ "given_name": "Sohel", "sur_name": "Masud" }
Response:-
{ "http_status": 202, "id": "98001023053" }
Response Codes :
202 - Updated
400 - Bad Request (incorrect data)
401 - Unauthorized (check X-Auth-Token, From and client_id in headers)
403 - Access Denied (check roles in identity provider service)
Get Patient API :
Request :
GET https://{mci_service}/api/v1/patients/{health_id}
Headers :
X-Auth-Token : {auth token returned from Identity Service Provider}
client_id : {client id of requester in Identity Service Provider}
From : {email_id of requester registered in Identity Service Provider}
Response Codes :
200 - ok
401 - Unauthorized (check X-Auth-Token, From and client_id in headers)
403 - Access Denied (check roles in identity provider service)
Errors:
Error Categories: (Application error code series)
- Validation error - 1000
- Invalid request - 2000
- Permission Error - 3000
Validation Error-
- Required - 1001
- Pattern - 1002
- DataType - 1003
- Incorrect Value - 1004 (Like registries lookup)
- Server Error - 500
- Dependency error -1005
Invalid Request-
- Invalid JSON - 2001
- Unrecognized field - 2002
Permission Error-
- Field not permitted for the request -3001
- Field update not permitted -3002
100Char, space, numbers, alphabets, special characters, all accepted.