Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 82 Next »

References

Public endpoints


IMPLEMENTED: GET /access-code/valid

Determines whether an access code is valid and if it can be used to perform an /upload API call.

See SPL Token ExchangeMVP1: App to SPL Flow

Parameters

No parameters

Request body

{
  "accessCode": "123456"
}

Responses

Code

Description

200

Successful Request

application/json

  • Example Value

{
  "valid": true
}

403

Invalid Access Code

404

Not Found

500

Internal Server error


IMPLEMENTED: POST /consent

Logs user consent to health authority’s terms of service. Invalidates the accessCode that is passed in the payload if consent is false.

See MVP1: App to SPL Flow

Parameters

No parameters

Request body

{
  "consent": true/false,
  "accessCode": "123456"
}

Responses

Code

Description

200

Successful Request

403

Invalid Access Code

404

Not Found

500

Internal Server error


IMPLEMENTED: POST /upload

Accepts SAFE PATHS data upload from the user. Access code sent in body must match an access code created in a POST /access-code call. The uploadId returned may be used by clients to purge data from this upload at a later time.

see https://pathcheck.atlassian.net/wiki/spaces/TEST/pages/61112371/Design%2Bfor%2BMVP1%2BHA%2BJSON%2BChanges SPL Token ExchangeMVP1: App to SPL Flow

Parameters

No parameters

Request body

application/json

  • Example Value

{
  "accessCode": "123456",
  "concernPoints": [
    {
      "longitude": 14.91328448,
      "latitude": 41.24060321,
      "time": 1589117739000,
      "hash": "87e916850d4def3c"
    }
  ]
}

Responses

Code

Description

201

Created

application/json

  • Example Value

{
  "uploadId": "42963a2f-9bd8-4ade-a713-3106020c1942"
}

400

Invalid Input

403

Invalid Access Code

404

Not Found

451

Consent Not Granted

500

Internal Server error


Private endpoints


IMPLEMENTED: POST /login

Authenticates the user and responds with a JWT that can be used to access protected endpoints.

See SPL Token Exchange.

Parameters

No parameters

Request body

application/json

  • Example Value

{
  "username": "admin",
  "password": "admin"
}

Responses

Code

Description

Response

200

The user was found and the password matched.

{
  "token": "eyABCD4321JIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhZG1pbiIsImlhdCI6MTU5MDE1MjIzMCwiZXhwIjoxNTkwMTU1ODMwfQ.QUK4ybt971yQiqUT-HTVPh6VsRkxM2wEKTpTYifY3Uw"
}

401

There is no user with the username or the password does not match.

{
  "message": "Invalid credentials."
}

500

Internal server error.

 

CONFIRMED: POST /access-code

Returns a new access code that clients can use to upload data via the public endpoints above. The code should remain valid for 1 hour.

See SPL Token Exchange.

Parameters

No parameters

Request body

No body

Responses

Code

Description

201

OK

application/json

  • Example Value

{
  "accessCode": "123456"
}

400

Invalid request

401

Unauthorized Client

500

Internal Server error


IMPLEMENTED: GET /organization

Returns information about the organization associated with the requesting user.

Parameters

No parameters

Request body

No body

Responses

Code

Description

200

OK

application/json

  • Example Value

{
  "organizationId": 777,
  "name": "Same Health Authority",
  "completedOnBoarding": true
}

400

Invalid request

403

Lacks sufficient authority for operation

500

Internal Server error

IMPLEMENTED: GET /organization/configuration

Returns the configuration of the organization associated with the requesting user.

See SPL UI Protype (Figma)

Parameters

No parameters

Request body

No Body

Responses

Code

Description

200

OK

application/json

  • Example Value

{
  "name": "Same Health Authority",
  "notificationThresholdPercent": 66,
  "notificationThresholdCount": 6,
  "daysToRetainRecords": 14,
  "regionCoordinates": { 
    "ne": { "latitude": 20.312764055951195, "longitude": -70.45445121262883}, 
    "sw": { "latitude": 17.766025040122642, "longitude": -75.49442923997258}
  },
  "apiEndpointUrl": "https://s3.aws.com/bucket_name/safepaths.json",
  "referenceWebsiteUrl": "http://cdc.gov",
  "infoWebsiteUrl": "http://cdc.gov"
}

400

Invalid request

403

Lacks sufficient authority for operation

500

Internal Server error


IMPLEMENTED: PUT /organization/configuration

Updates the configuration of the organization.

See SPL UI Protype (Figma)

Parameters

No parameters

Request body

application/JSON

  • Example Value

{
  "organizationId": 73,
  "name": "Same Health Authority",
  "notificationThresholdPercent": 66,
  "notificationThresholdCount": 6,
  "daysToRetainRecords": 14,
  "regionCoordinates": { 
    "ne": { "latitude": 20.312764055951195, "longitude": -70.45445121262883}, 
    "sw": { "latitude": 17.766025040122642, "longitude": -75.49442923997258}
  },
  "apiEndpointUrl": "https://s3.aws.com/bucket_name/safepaths.json",
  "referenceWebsiteUrl": "http://cdc.gov",
  "infoWebsiteUrl": "http://cdc.gov"
}

Responses

Code

Description

200

OK

application/json

  • Example Value

{
  "organizationId": 73,
  "name": "Same Health Authority",
  "notificationThresholdPercent": 66,
  "notificationThresholdCount": 6,
  "daysToRetainRecords": 14,
  "regionCoordinates": { 
    "ne": { "latitude": 20.312764055951195, "longitude": -70.45445121262883}, 
    "sw": { "latitude": 17.766025040122642, "longitude": -75.49442923997258}
  },
  "apiEndpointUrl": "https://s3.aws.com/bucket_name/safepaths.json",
  "referenceWebsiteUrl": "http://cdc.gov",
  "infoWebsiteUrl": "http://cdc.gov"
}

400

Invalid request

403

Lacks sufficient authority for operation

500

Internal Server error


IMPLEMENTED: GET /organization/cases

Gets a list of case records for the organization

See SPL UI Protype (Figma), SPL Data States (For MVP1)

Parameters

No parameters

Request body

No body

Responses

Code

Description

200

OK

application/json

  • Example Value

{
  "cases": [
    {
      "caseId": 12,
      "state": "unpublished",
      "externalId": "an_external_id",
      "updatedAt": "2020-05-21T18:25:43.511Z",
      "expiresAt": "2020-05-30T18:25:43.511Z"
    },
    {
      "caseId": 13,
      "state": "staging",
      "externalId": "an_external_id",
      "updatedAt": "2020-05-21T18:25:43.511Z",
      "expiresAt": "2020-05-30T18:25:43.511Z"
    },
    {
      "caseId": 14,
      "state": "published",
      "externalId": "an_external_id",
      "updatedAt": "2020-05-21T18:25:43.511Z",
      "expiresAt": "2020-05-30T18:25:43.511Z"
    }
  ]
}

400

Invalid request

403

Lacks sufficient authority for operation

500

Internal Server error


CONFIRMED: POST /organization/case

Creates a new case, and associates it with the organization.

See MVP1: App to SPL Flow, SPL Data States (For MVP1)

Parameters

No parameters

Request body

application/JSON

  • Example Value

{
      "organizationId" : 777
}

Responses

Code

Description

200

Created

application/json

  • Example Value

{
  "caseId": 1,
  "state": "unpublished",
  "externalId": "an_external_id",
  "expiresAt": "2020-05-30T18:25:43.511Z",
  "updatedAt": "2020-05-21T18:25:43.511Z",
}

400

Invalid request

403

Lacks sufficient authority for operation

500

Internal Server error


CONFIRMED: PUT /case

Updates a case (currently only supports updating of case’s extern id)/

Parameters

No parameters

Request body

application/JSON

  • Example Value

{
      "caseId" : 23,
      "externalId": "an_external_id"
}

Responses

Code

Description

200

Created

application/json

  • Example Value

{
  "caseId": 23,
  "state": "unpublished",
  "externalId": "an_external_id",
  "expiresAt": "2020-05-30T18:25:43.511Z",
  "updatedAt": "2020-05-21T18:25:43.511Z",
}

400

Invalid request

403

Lacks sufficient authority for operation

500

Internal Server error


IMPLEMENTED: DELETE /case

Delete case record

See SPL UI Protype (Figma)

Parameters

No parameters

Request body

application/JSON

  • Example Value

{
      "caseId" : 12
}

Responses

Code

Description

200

Case deleted

400

Invalid request

403

Lacks sufficient authority for operation

500

Internal Server error


IMPLEMENTED: GET /case/points

Returns all points of concern for the provided case.

See SPL UI Protype (Figma)

Parameters

No parameters

Request body

application/JSON

  • Example Value

{
      "caseId": 12
}

Responses

Code

Description

200

Return points of concern associated with the case.

application/json

  • Example Value

{
  "concernPoints": [
    {
      "pointId": 232,
      "longitude": 14.91328448,
      "latitude": 41.24060321,
      "time": "2020-05-30T18:25:43.511Z"
    }
  ]
}

400

Invalid request

403

Lacks sufficient authority for operation

500

Internal Server error


CONFIRMED: POST /case/points

Associates the results of a previous upload with a case. accessCode should match a code returned from POST /access-code, and caseId should be from a call to POST /organization/cases.

See SPL UI Protype (Figma)

Parameters

No parameters

Request body

application/JSON

  • Example Value

{
  "accessCode": "123456",
  "caseId": 12
}

Responses

Code

Description

200

Returns the points of concern now associated with the case.

application/json

  • Example Value

{
  "concernPoints": [
    {
      "pointId": 232,
      "longitude": 14.91328448,
      "latitude": 41.24060321,
      "time": "2020-05-30T18:25:43.511Z"
    }
  ]
}

202

Upload In Progress

400

Invalid request

401

Unauthorized Client

403

Invalid Access Code

451

Consent Not Granted

500

Internal Server error


IMPLEMENTED: POST /case/point

Creates a new point of concern to be associated with the case.

See SPL UI Protype (Figma)

Parameters

No parameters

Request body

application/JSON

  • Example Value

{
      "caseId": 12,
      "point": {
        "longitude": 14.91328448,
        "latitude": 41.24060321,
        "time": "2020-05-30T18:25:43.511Z"
        }
}

Responses

Code

Description

200

Returns the created point of concern

application/json

  • Example Value

{
  concernPoint: {
    pointId: 280,
    longitude: 14.91328448,
    latitude: 41.24060321,
    time: '2020-05-01T18:25:43.511Z'
  }
}

400

Invalid request

403

Lacks sufficient authority for operation

500

Internal Server error


CONFIRMED: POST /case/consent-to-publishing

Captures user consent to having their data published in the aggregated anonymized JSON file that is available to public.

Parameters

No parameters

Request body

application/JSON

  • Example Value

{
      "caseId" : 12
}

Responses

Code

Description

200

{
  "caseId": 14,
  "updatedAt": "2020-05-21T18:25:43.511Z",
  "state": "staging",
  "externalId": "an_external_id",
  "expiresAt": "2020-05-30T18:25:43.511Z"
}

400

Invalid request

403

Lacks sufficient authority for operation

500

Server Error


IMPLEMENTED: POST /case/stage

Updates the state of the case from unpublished to staging.

See SPL Data States (For MVP1)

Parameters

No parameters

Request body

application/JSON

  • Example Value

{
      "caseId" : 14
}

Responses

Code

Description

200

{
  "case": {
    "caseId": 14,
    "state": "staging",
    "externalId": "an_external_id",
    "updatedAt": "2020-05-21T18:25:43.511Z",
    "expiresAt": "2020-05-30T18:25:43.511Z"
  }
}

400

Invalid request

403

Lacks sufficient authority for operation

500

Server Error


IMPLEMENTED: POST /cases/publish

Moves the state of the cases from staging to published and generates JSON file containing aggregated anonymized points of concern data. JSON file is then pushed to the endpoint responsible for hosting the published data (this functionality is implemented by HA).

See SPL Data States (For MVP1)

Parameters

No parameters

Request body

application/JSON

  • Example Value

{
      "caseIds" : [12, 13, 14]
}

Responses

Code

Description

200

{
  cases: {
      {
      "caseId": 14,
      "updatedAt": "2020-05-21T18:25:43.511Z",
      "state": "published",
      "externalId": "an_external_id",
      "expiresAt": "2020-05-30T18:25:43.511Z"
    },
    {
      "caseId": 15,
      "updatedAt": "2020-05-21T18:25:43.511Z",
      "externalId": "an_external_id",
      "state": "published",
      "expiresAt": "2020-06-30T18:25:43.511Z"
    },
    {
      "caseId": 16,
      "updatedAt": "2020-05-21T18:25:43.511Z",
      "state": "published",
      "externalId": "an_external_id",
      "expiresAt": "2020-07-30T18:25:43.511Z"
    }
  }
}

400

Invalid request

403

Lacks sufficient authority for operation

500

Server Error


IMPLEMENTED: PUT /point

Updates an existing point of concern

See SPL UI Protype (Figma)

Parameters

No parameters

Request body

application/JSON

  • Example Value

{
      "pointId" : 123,
      "longitude": 12.91328448,
      "latitude": 39.24060321,
      "time": "2020-05-21T18:25:43.511Z"
}

Responses

Code

Description

200

Point was updated

application/json

  • Example Value

{
  "point": {
    "pointId": 123,
    "longitude": 12.91328448,
    "latitude": 39.24060321,
    "time": "2020-05-21T18:25:43.511Z"
  }
}

400

Invalid request

403

Lacks sufficient authority for operation

500

Server Error


IMPLEMENTED: DELETE /point

Deletes the point of concern having the ID corresponding with the pointID param.

See SPL UI Protype (Figma)

Parameters

No parameters

Request body

application/JSON

  • Example Value

{
      "pointId" : 123
}

Responses

Code

Description

200

Point was deleted

400

Invalid request

403

Lacks sufficient authority for operation

500

Internal Server error


  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.