The Swedish National Medication List, development branch

Page Status: updated 2022-01-2

Page index

Introduction
Examples

Introduction

Sv. Hämta dossamtycke, hämta åtkomstsamtycke.

This page describes how to fetch the resource Consent for a patient by an example.

A Consent can be fetched in different ways. See NLLAccessConsent query operations and NLLMultiDoseDispConsent query operations for information about all options.

In short, a query request is either a read, that is, a retrieval via the resource ID, or a search via a search condition. The result differs between a read and a search. A search results in a Bundle being returned containing all matching resources. If there are no hits, an empty Bundle is returned. A read results in the requested resource being returned or an error if no resource with the requested ID exists. If a system error occurs both searches and reads result in an error (i.e. an OperationOutcome).

Fetching a Consent is done by one of the following operations.

GET [base]/Consent/[id]
GET [base]/Consent?[search parameters]

A set of HTTP headers must be provided in order to fetch a consent. See HTTP Header and Authorization for more information about the various headers used by the National Medication List.

See Consent for more information about the Consent resource.

Before a Consent can be retrieved and presented to the user other information is needed from the National Medication List. For more information on different scenarios and what information is required for each scenario, see Handbok för vård- och apotekstjänster: Verksamhetsområden.

Examples

HTTP Headers

See HTTP Header and Authorization for generic information about all HTTP headers used by the National Medication List including information about authorization, purpose and access type. The authorization token is translated to an authority role. The authority role together with the purpose and type of access is used by the National Medication List to determine what actions a user may perform and what information the user may access.

Header	Comment
authorization	The users's security token
prefer	Type of returned content
x-access	The cause for the call
x-context-id	An ID to group a sequence of requests
x-org-info	Information about the users's organisation
x-patientref	The logical ID of the patient
x-provenance	A provenance resource with information about the user interacting with NLL
x-purpose	The purpose of the call
x-request-id	A random and unique ID
x-user-agent	Information about the calling system

Example 1 - Fetch a multi dose dispensing consent

This example shows the multi dose dispensing consent created in Create a multi dose dispensing consent.

The request is made as a search by the logical id of the patient, GET [base]/Consent?category=consent-dose-disp&patient._id=b00a0407-b781-43e8-983b-74fdfb8eb97d.

HTTP headers

Header	Value	Comment
authorization	`{...,"APOTEKSID":"7350046611966","LEGITIMATIONSKOD":"920007","YRKESKOD":["AP"],"loa":3}`	Selected information from the OAuth2-ticket in decoded form
prefer
x-access	`UTAN_KRAV_SAMTYCKE`
x-org-info	`{"orgenhetsOrt":"Sala"}`	Decoded value
x-patientref	`b00a0407-b781-43e8-983b-74fdfb8eb97d`
x-provenance
x-purpose	`EXPEDIERING`
x-request-id	`424b0dda-6401-43b9-8579-8b4787444b7e`
x-user-agent	`{"name":"Test system testaren","version":"0.01010101010.1 beta"}`	Decoded value

HTTP body: Fetch NLLMultiDoseDispConsent

Example 2 - Fetch an access consent

This example shows the access consent created in Create an access consent.

The request is made as a search by the logical id of the patient, GET [base]/Consent?category=INFA&patient._id=8a4b875a-fca1-42a2-87f7-21e57ae8c71f.