Versions Compared

Old Version 10

changes.mady.by.user Filoretta Velica

Saved on

compared with

New Version Current

changes.mady.by.user Filoretta Velica

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Preconditions

In order to develop an application using the webservices of Abrumet, it is necessary to have the following material and information :


  1. An eID card reader and the installed software Dioss middleware (v 2.5.3.63011 minimum)
  2. A user within the Brusafe + platform.
  3. This user is important in the context of the various patient tests, without this no data can be associated during a call to a web services
  4. A validation of your access to the Abrumet company
  5. A compliant SSL security certificate


How to register on the Brusafe+ Platform


  1. Open your browser and please go to : "https://auth.qa.brusafe.be/portal/patient/index.xhtml"



  1. Click on "Register". This user registration can only be done if you have a card reader and the Dioss Middleware software installed on your machine, an error message will warn you if this is not the case.




  1. Enter the PIN code of your ID carte and click afterwards on "Ok"



  1. The user creation form is displayed



  1. Medical Provider Type: You have the opportunity to be either a patient or a practitioner. If you are a practitioner please select your specialty from the drop-down list.


Be careful, for your different tests you must be a practitioner and not just a patient. Any request for addition will have to be confirmed by Mrs Filoretta Velica (xds@abrumet.be ).


  1. Email: contact email and validation of the creation of the user
  2. Mobile Number: Your mobile phone number, this one allows the validation of your user during the creation. It should be noted that you can not use a landline number.
  3. Choose Send Code Method: Connection validation method. You have the option to validate each connection in three different ways
    1. Send Code Email: Validation by mail
    2. Send Code SMS: Validation by mobile phone
    3. Send Code Both: Validation on both previous devices.
  4. Password et Confirm Password: Your password required to connect to the Brusafe + platform
  5. Click on Register

       6. The terms and conditions related to the application are displayed.



7. Click on « Accept» if you accept the terms and conditions related to the application.



8. Enter the verification code for your previously received account on your mobile phone. Then click on « Validate phonenumber».



9. A confirmation email is sent to validate the creation of your account



10. Click on its link to validate the creation of your user




11. You are now connected to the platform



Authentication tokens

How to get your access token.

The API is secured with OAuth2.0. To access the API, the developer must have a token. This means that he must be able to retrieve an access token. In order to retrieve an access token, the developer must first be registered on the authorization server.


This request must be made in advance to Mrs. Filoretta Velica at the following address xds@abrumet.be


The following preconditions will be required for any registration with Abrumet:

The following information should appear in the mail:


  • The name of your application
  • The url of your application
  • The access request document complete
  • The type of application
    • Mobile of Application


An email of approval will be sent to you a few days after your request.

 

How to recover the access token " Bearer"

Following the approval of your request, you will be able to recover your access token

  1. Open your browser, and please go to the following address


https://auth.qa.brusafe.be/auth/realms/abrumet/protocol/openid-connect/auth?response_type=id_token%20token&client_id=<Application_Name>&redirect_uri=<Application_URL>&nonce=0


Please replace the following parameters:

  • <Application_Name> = the name of your application provided in the access request
  • <Application_URL> = the url of your application provided in the access request


It should be noted that we can use this url to have a bearer token. https://auth.qa.brusafe.be/auth/realms/abrumet/protocol/openid-connect/auth?response_type=id_token%20token&client_id=example-pablo-app&redirect_uri=http%3A%2F%2Flocalhost&nonce=0


  1. When authentication is done, please copy the generated url. This will contain all the information needed to connect the various web services of the application Abrumet.


http://localhost/#id_token=eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxSVF1ZzdJOG5uT2IzbWlNLWFtVDVQVTQ5ZHc4YmF5RW9DYWlxVWFMNVFzIn0.eyJqdGkiOiI3YjY4NDdhZC03ZjlkLTRhMzctYTlkOC1kZTM3NzAzNGZkNDkiLCJleHAiOjE1MDk2MzQyNTIsIm5iZiI6MCwiaWF0IjoxNTA5NjMwNjUyLCJpc3MiOiJodHRwczovL2F1dGgucWEuYnJ1c2FmZS5iZS9hdXRoL3JlYWxtcy9hYnJ1bWV0IiwiYXVkIjoiZXhhbXBsZS1wYWJsby1hcHAiLCJzdWIiOiIyMTJjMjdhOC0wNDQ0LTQ1YmYtYmEzMy0wY2JhM2E4YjE2ZGYiLCJ0eXAiOiJJRCIsImF6cCI6ImV4YW1wbGUtcGFibG8tYXBwIiwibm9uY2UiOiIwIiwiYXV0aF90aW1lIjoxNTA5NjMwNTkyLCJzZXNzaW9uX3N0YXRlIjoiYjdkOTEyMWQtZDZkNi00MTliLTlhZDYtNTRkZGNkZTNlZjc1IiwiYXRfaGFzaCI6InFyM3hFSm1YWHZWM2FVZXBKakhZQ2ciLCJhY3IiOiIwIiwibmFtZSI6IkZpbG9yZXR0YSBWZWxpY2EiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJmaWxvcmV0dGEudmVsaWNhQGFicnVtZXQuYmUiLCJnaXZlbl9uYW1lIjoiRmlsb3JldHRhIiwiZmFtaWx5X25hbWUiOiJWZWxpY2EiLCJlbWFpbCI6ImZpbG9yZXR0YS52ZWxpY2FAYWJydW1ldC5iZSJ9.OSOIKG7c0FPJtFqus-0vHAgS_5460l9qFznhJ0fFa3-qLpB8A8wXhvN2hm59xGGmRNpbJpLCNCLTamXmEQKSATCySr0PXH5ZaL3tb_zziJWnmRzvD40FG71ykA0_gkyDX3l4cBZpBgyI4OGg1a70byZdolTRud97Tj5ev7bKjkLSgys7x4cTJ0rQpqEdPw6jIavvoympwxclCDYmfiaMcoEPakdxiPecjcni6mhybPhC8meRC_lQKd60S5tj_dm9zzs3a6Yp1MaiIGdvQGnCOtft2E3y_tQld8MkSUeRKK8Jygh35-S_TGJiQDHl1hFphagJxtPsY0BMjv4SbvHGcQ&access_token=eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxSVF1ZzdJOG5uT2IzbWlNLWFtVDVQVTQ5ZHc4YmF5RW9DYWlxVWFMNVFzIn0.eyJqdGkiOiI1Yjk1NjE2NC0zOGE0LTQyZmMtOTBiNC1kOWI1MTBkYWQ0MTciLCJleHAiOjE1MDk2MzQyNTIsIm5iZiI6MCwiaWF0IjoxNTA5NjMwNjUyLCJpc3MiOiJodHRwczovL2F1dGgucWEuYnJ1c2FmZS5iZS9hdXRoL3JlYWxtcy9hYnJ1bWV0IiwiYXVkIjoiZXhhbXBsZS1wYWJsby1hcHAiLCJzdWIiOiIyMTJjMjdhOC0wNDQ0LTQ1YmYtYmEzMy0wY2JhM2E4YjE2ZGYiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJleGFtcGxlLXBhYmxvLWFwcCIsIm5vbmNlIjoiMCIsImF1dGhfdGltZSI6MTUwOTYzMDU5Miwic2Vzc2lvbl9zdGF0ZSI6ImI3ZDkxMjFkLWQ2ZDYtNDE5Yi05YWQ2LTU0ZGRjZGUzZWY3NSIsImFjciI6IjAiLCJjbGllbnRfc2Vzc2lvbiI6IjJlMzE0OTJmLTVhZDUtNGU0ZC1hZjc2LTgyYjgzMjc1MTI3NyIsImFsbG93ZWQtb3JpZ2lucyI6W10sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJtZWRpY2FsIiwicGF0aWVudCIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsInZpZXctcHJvZmlsZSJdfX0sIm5hbWUiOiJGaWxvcmV0dGEgVmVsaWNhIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiZmlsb3JldHRhLnZlbGljYUBhYnJ1bWV0LmJlIiwiZ2l2ZW5fbmFtZSI6IkZpbG9yZXR0YSIsImZhbWlseV9uYW1lIjoiVmVsaWNhIiwiZW1haWwiOiJmaWxvcmV0dGEudmVsaWNhQGFicnVtZXQuYmUifQ.Zefut_namx11aRYsbWY0Ej27-p-ZPTR5hDYpVpDpQF2adcTUFrbTJj2h4us8Vgn42HD7qJym9WprGJgKM-kDPppdwJAu0FIPTN2dTbtL76Y72_euaKSLuAixqSisPVj4_JUZiBQ7Lgj0r1ZpTCG4ji7LIKGnjj_ACk1H1iA_72jbJUJeGRiFOEmOf46QqTfEpWuf7YSwMvtpVmI3iXC1eFXU8t6Ui4E1nslnUiTdSQsQXPVgMDktX3TrEIVO_QjzOdZqsFHVoMSi1IL6ZR338JPMgnm4g4VBaxzwFha40mMiA0MJrwitGTw8LmWP3WysROSCosefQSwAi4Pj1tI-Kw&token_type=bearer&session_state=b7d9121d-d6d6-419b-9ad6-54ddcde3ef75&expires_in=3600&not-before-policy=0



The "access_Token" parameter contains the Bearer ID. Each access request must therefore include an Authorization header with the Bearer authentication mechanism.

Par exemple,

Autorisation: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6I

How to recover the SAML Token using the swagger editor

The SAML will manage both the XML message format, called assertion, as well as the information needed for authentication and the exchange process between two major partners:

  • Le SP (Service Provider), which protects access to requested resources (websites, applications etc.) by applying a security policy. For example, it blocks all access to an unauthenticated user and directs it to their identity provider.
  • L'IdP (Identity Provider) responds to the request of the SP. It is responsible for authenticating the user and forging the response containing the information associated with the identity (group in general) and requested by the SP.



  1. Open your browser and please go to the following address:


http://editor2.swagger.io/#!/




2.Click on "File" and select "Import URL"


3. Enter the following address in the dialog box that appears

https://auth.qa.brusafe.be/relation-api/swagger/swagger.json#/


4. Click on "Import"



5. The entire JSON code loads into the swagger editor .



6.     Edit line 16 and replace "localhost: 8080" with the following address "auth.qa.brusafe.be"





7.     Enter the bearer token in the dialog box that appears. Be careful, there must be a space between bearer and your token.

 


8.  Click on "Authenticate"


9.     Your Bearer Token is configured in order to appeal to different methods




10.  If you are a practitioner and your patient is not yet connected. Please do the steps:


  • /medical/relation/request (National Register Number of the patient is a precondition). In the request options, select the "https" protocol as scheme and select "Application / json" format as return. Then click on "Send Request".



  • /medical/relation/confirm (National Register Number of the patient is a precondition and the validation code). In the request options, select the "https" protocol as scheme and select "Application / json" format as return. Then click on "Send Request".

Attention, any relation is valid 15 months. Beyond this date, a relationship request will have to be redone in the system.


  • /medical/relation/assertion (National Register Number of the patient is a precondition). In the request options, select the "https" protocol as scheme and select "Application / json" format as return. Then click on "Send Request".



11.  If you are just a patient, go directly to the "/ patient / assertion" method. In the request options, select the protocol "https" as scheme and select an "Application / xml" format as return. Then click on "Send Request".




12.  If your Bearer Token is valid, a return code will be executed in the Swagger Editor.




You have just recovered the saml token using the Swagger Code Editor.