Mock sample for your project: Health Data Consent Manager API
Integrate with "Health Data Consent Manager API" from ndhm.gov.in in no time with Mockoon's ready to use mock sample
Health Data Consent Manager
Version: 0.5
Integrate third-party APIs faster by using "Health Data Consent Manager API" ready-to-use mock sample. Mocking this API will help you accelerate your development lifecycles and improves your integration tests' quality and reliability by accounting for random failures, slow response time, etc.
It also helps reduce your dependency on third-party APIs: no more accounts to create, API keys to provision, accesses to configure, unplanned downtime, etc.
Description
Entity which provides health information aggregation services to customers of health care services.
It enables customers to fetch their health information from one or more Health Information Providers
(e.g., Hospitals, Diagnostic Labs, Medical Device Companies), based on their explicit Consent and to share such
aggregated information with Health Information Users i.e. entities in need of such data (e.g., Insurers,
Doctors, Medical Researchers).
Specifications
This document maintains only the Health Information Gateway relevant APIs.
Other APIs by ndhm.gov.in
Gateway
Gateway is the hub that routes/orchestrates the interaction between consent managers and API bridges. There are 5 categories of APIs; discovery, link, consent flow, data flow and monitoring. To reflect the consumers of APIs, the above apis are also categorized under cm facing, hiu facing and hip facing
Health ID Service
It is important to standardize the process of identification of an individual across healthcare providers, to ensure that the created medical records are issued to the right individual or accessed by a Health Information User through appropriate consent.
In order to issue a Health ID to an individual, one only needs basic demographic details like Name, Year of Birth, Gender. In addition, citizens should be able to update contact information easily.
In order to issue a Health ID to an individual, one only needs basic demographic details like Name, Year of Birth, Gender. In addition, citizens should be able to update contact information easily.
Health Repository Provider Specifications for HIU
The following are the specifications for the APIs to be implemented at the Health Repository end if an entity is only serving the role of a HIU. The specs are essentially duplicates from the Gateway and Bridge, but put together so as to make it clear to HIUs which set of APIs they should implement to participate in the network.
The APIs are organized by the flows - identification, consent flow, data flow and monitoring. They represent the APIs that are expected to be available at the HIU end by the Gateway.
For majority of the APIs, if Gateway has initiated a call, there are corresponding callback APIs on the Gateway. e.g for /consents/hiu/notify API on HIU end, its expected that a corresponding callback API /consents/hiu/on-notify on Gateway is called. Such APIs are organized under the Gateway label.
Gateway relevant APIs for HIUs are grouped under Gateway label. These include the APIs that HIPs are required to call on the Gateway. For example, to request a CM for consent, HIU would call /consent-requests/init API on gateway.
NOTE, in some of the API documentations below, X-HIP-ID is mentioned in header (for example in /auth/on-init). These are the cases, when a particular API is applicable for both HIU and HIP (e.g an entity is playing the role of HRP representing both HIU and HIP). If you are only playing the role of HIP, then only X-HIU-ID header will be sent
The APIs are organized by the flows - identification, consent flow, data flow and monitoring. They represent the APIs that are expected to be available at the HIU end by the Gateway.
For majority of the APIs, if Gateway has initiated a call, there are corresponding callback APIs on the Gateway. e.g for /consents/hiu/notify API on HIU end, its expected that a corresponding callback API /consents/hiu/on-notify on Gateway is called. Such APIs are organized under the Gateway label.
Gateway relevant APIs for HIUs are grouped under Gateway label. These include the APIs that HIPs are required to call on the Gateway. For example, to request a CM for consent, HIU would call /consent-requests/init API on gateway.
NOTE, in some of the API documentations below, X-HIP-ID is mentioned in header (for example in /auth/on-init). These are the cases, when a particular API is applicable for both HIU and HIP (e.g an entity is playing the role of HRP representing both HIU and HIP). If you are only playing the role of HIP, then only X-HIU-ID header will be sent
Health Repository Provider Specifications for HIP
The following are the specifications for the APIs to be implemented at the Health Repository end if an entity is only serving the role of a HIP. The specs are essentially duplicates from the Gateway and Health Repository, but put together so as to make it clear to HIPs which set of APIs they should implement to participate in the network.
Other APIs in the same category
Motor Vehicle Department, Nagaland
apisetu.gov.in
Driving License (DL) and Vehicle Registration Certificate (RC) of the State, as available on Parivahan Sewa (http://parivahan.co.in/) of Ministry of Road Transport and Highways, are available on DigiLocker. Citizens can pull these documents into their DigiLocker accounts.
Transport Department, Sikkim
apisetu.gov.in
Driving License (DL) and Vehicle Registration Certificate (RC) of the State, as available on Parivahan Sewa (http://parivahan.co.in/) of Ministry of Road Transport and Highways, are available on DigiLocker. Citizens can pull these documents into their DigiLocker accounts.
Transport Department, Mizoram
apisetu.gov.in
Driving License (DL) and Vehicle Registration Certificate (RC) of the State, as available on Parivahan Sewa (http://parivahan.co.in/) of Ministry of Road Transport and Highways, are available on DigiLocker. Citizens can pull these documents into their DigiLocker accounts.
FRC Events
firstinspires.org
Overview
FIRST /FMS FRC Events API is a service to return relevant information about the FIRST Robotics Competition (FRC). Information is made available from events operating around the world.
For FRC, information is made available by the Field Management System (FMS) server operating at each event site. The FMS will attempt to sync all data from the event to "the cloud" as long as internet is available at the venue. If internet is unavailable, or "goes down" during the event, the FMS will automatically sync all data from the time the system was offline as soon as the connection is restored. The API will provide data as soon as it has synced, and we do not add any artificial delays. If you are receiving "stale" data, it may be because of connectivity problems at the venue. We recommend you try again later, and post on the FIRST FMS TeamForge site if the problem persists. (Note: FMS does not sync while a match is running, so data that has to do with a particular match should become available once the score has been revealed to the audience at the event.)
Migration and Program Notes:
Pay close attention to the addresses for calling the various endpoints- as well as the notes regarding endpoints with multiple possible responses (i.e. score details and rankings).
Documentation Notes
All times are listed in the local time to the event venue. HTTP-date values will show their timezone.
If you specify a parameter, but no value for that parameter, it will be ignored. For example, if you request URL?teamNumber= the teamNumber parameter would be ignored.
We will continue to support the current version of the API plus one version older. Old APIs are depricated once a version "two times newer" is available, at minimum 6 months. For example, version 2.0 and 1.0 are supported right now, but 1.0 will not be supported once 2.1 (or 3.0) is available. Versions may also be retired earlier with prior notice here in the documentation.
The full host address of the API is needed in all calls. The version number is required in each call in order to ensure your requests are made (and responses are returned) in the formats you anticipate. The version number for this documentation is found on the top of the page, in the title. If you call this version number, the API responses will match the formats listed below.
All of the APIs are capable of accepting the Accept HTTP header with either application/xml or application/json based on the desired return type. Any API call that results in an HTTP Status Code other than 200 (OK) will only be shown here as an application/json response to save space, but the content is the same regardless of the request type. All response will have a Content-Length and Date response header, but those are not shown in the documentaiton.
For all APIs that accept a query string in addition to the URI base, the order of parameters do not matter, but the name shown in the documentation must match exactly, as does the associated value format as described in details.
For response codes that are not HTTP 200 (OK), the documentation will show a body message that represents a possible response value. While the "title" of the HTTP Status Code will match those shown in the response codes documentation section exactly, the body of the response will be a more detailed explanation of why that status code is being returned and may not always be exactly as shown in the examples.
None of the APIs will show possible return here in the documentation of HTTP 401 (Unauthorized), but that code applies to all APIs as a possible response if the request is made without a valid token.
Last-Modified, FMS-OnlyModifiedSince, and If-Modified-Since Headers
The FRC Events API utilizes the Last-Modified and If-Modified-Since Headers to communicate with consumers regarding the age of the data they are requesting. With a couple of exceptions, all calls will return a Last-Modified Header set with the time at which the data at that endpoint was last modified. The Header will always be set in the HTTP-date format, as described in the HTTP Protocol. There are two exceptions: the Last-Modified Header is not set if the endpoint returns no results (such as a request for a schedule with no matches) and will also not be set if the request was an HTTP DELETE.
Consumers should keep track of the Last-Modified Header, and return it on subsequent calls to the same endpoint as the If-Modified-Since. The server will recognize this request, and will only return a result if the data has been modified since the last request. If no changes have been made, an HTTP 304 will be returned. If data has been modified, ALL data on that call will be returned (for "only modified" data, see below).
The FRC Events API also allows a custom header used to filter the return data to a specific subset. This is done by specifying a FMS-OnlyModifiedSince header with each call. As with the If-Modified-Since header, consumers should keep track of the Last-Modified Header, and return it on subsequent calls to the same endpoint as the FMS-OnlyModifiedSince Header. The server will recognize this request, and will only return a result if the data has been modified since the last request, and, if returned, the data will only be those portions modified since the included date. If no changes, have been made, an HTTP 304 will be returned. Using this method, the server and consumer save processing time by only receiving modified data that is in need of update on the consumer side.
If the Headers are improperly passed (such as the wrong Day of Week for the matching date, or a date in the future), the endpoint will simply ignore the Header and return all results. If both headers are specified, the request will be denied.
Response Codes
The FRC Events API HTTP Status Codes correspond with the common codes, but occasionally with different "titles". The "title" used by the API is shown next to each of the below possible response HTTP Status Codes. Throughout the documentation, Apiary may automatically show the common "title" in example returns (like "Not Found" for 404) but on the production server, the "title" will instead match those listed below.
HTTP 200 - "OK"
The request has succeeded. An entity corresponding to the requested resource is sent in the response. This will be returned as the HTTP Status Code for all request that succeed, even if the body is empty (such as an event that has no rankings, but with a valid season and event code were used)
HTTP 304 - "Not Modified"
When utilizing a Header that allows filtered data returns, such as If-Modified-Since, this response indicates that no data meets the request.
HTTP 400 - "Invalid Season Requested"/"Malformed Parameter Format In Request"/"Missing Parameter In Request"/"Invalid API Version Requested":
The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications. Specifically for this API, a 400 response indicates that the requested URI matches with a valid API, but one or more required parameter was malformed or invalid. Examples include an event code that is too short or team number that contains a letter.
HTTP 401 - "Unauthorized"
All requests against the API require authentication via a valid user token. Failing to provide one, or providing an invalid one, will warrant a 401 response. The client MAY repeat the request with a suitable Authorization header field.
HTTP 404 - "Invalid Event Requested"
Even though the 404 code usually indicates any not found status, a 404 will only be issued in this API when an event cannot be found for the requested season and event code. If the request didn't match a valid API or there were malformed parameters, the response would not receive a 404 but rather a 400 or 501. If this HTTP code is received, the season was a valid season and the event code matched the acceptable style of an event code, but there were no records of an event matching the combination of that season and event code. For example, HTTP 404 would be issued when the event had a different code in the requested season (the codes can change year to year based on event location).
HTTP 500 - "Internal Server Error"
The server encountered an unexpected condition which prevented it from fulfilling the request. This is a code sent directly by the server, and has no special alternate definition specific to this API.
HTTP 501 - "Request Did Not Match Any Current API Pattern"
The server does not support the functionality required to fulfill the request. Specifically, the request pattern did not match any of the possible APIs, and thus processing was discontinued. This code is also issued when too many optional parameters were included in a single request and fulfilling it would make the result confusing or misleading. Each API will specify which parameters or combination of parameters can be used at the same time.
HTTP 503 - "Service Unavailable"
The server is currently unable to handle the request due to a temporary overloading or maintenance of the server. The implication is that this is a temporary condition which will be alleviated after some delay. If known, the length of the delay MAY be indicated in a Retry-After header. This code will not always appear, sometimes the server may outright refuse the connection instead. This is a code sent directly by the server, and has no special alternate definition specific to this API.
See the notes at the top of this documentation for important information about HTTP Status Codes.
Authorization
In order to make calls against the FRC Events API, you must include an HTTP Header called Authorization with the value set as specified below. If a request is made without this header, processing stops and an HTTP 401 is issued. All Authorization headers follow the same format:
Authorization: Basic 000000000000000000000000000000000000000000000000000000000000
Where the Zeros are replaced by your Token. The Token can be formed by taking your username and your AuthorizationKey and adding a colon. For example, if your username is sampleuser and your AuthorizationKey is 7eaa6338-a097-4221-ac04-b6120fcc4d49 you would have this string:
sampleuser:7eaa6338-a097-4221-ac04-b6120fcc4d49
This string must then be encoded using Base64 Encoded to form the Token, which will be the same length as the example above, but include letters and numbers. For our example, we would have:
c2FtcGxldXNlcjo3ZWFhNjMzOC1hMDk3LTQyMjEtYWMwNC1iNjEyMGZjYzRkNDk=
NOTICE : Publicly distributing an application, code snippet, etc, that has your username and token in it, encoded or not, WILL result in your token being blocked from the API. Each user should apply for their own token.
If you wish to acquire a token for your development, you may do so by requesting a token through our automated system on this website.
AUTOMATED REMOVAL : If you do not activate your account within 72 hours of making your request for a token, or if you do not make at least one API request every twelve (12) months, your account/token will be marked as disabled for inactivity and subject to being deleted. (This policy does not apply to accounts with special operating agreements with FIRST)
HTTP401 and Authorization
Each Token can be individually enabled and disabled by FIRST. As such, a normally valid combination of username and AuthorizationToken could still be rejected. The possible return messages you may see in these instances are:
Incorrect Token (You supplied an AuthorizationToken, but it wasn't correct)
Account Disabled, Contact Support (You have been disabled for excessive traffic or abuse. Contact support)
Username Not Found (A username was found, but didn't match any on file)
Unable To Determine Authorization Token (The format of the Authorization header was incorrect)
FIRST /FMS FRC Events API is a service to return relevant information about the FIRST Robotics Competition (FRC). Information is made available from events operating around the world.
For FRC, information is made available by the Field Management System (FMS) server operating at each event site. The FMS will attempt to sync all data from the event to "the cloud" as long as internet is available at the venue. If internet is unavailable, or "goes down" during the event, the FMS will automatically sync all data from the time the system was offline as soon as the connection is restored. The API will provide data as soon as it has synced, and we do not add any artificial delays. If you are receiving "stale" data, it may be because of connectivity problems at the venue. We recommend you try again later, and post on the FIRST FMS TeamForge site if the problem persists. (Note: FMS does not sync while a match is running, so data that has to do with a particular match should become available once the score has been revealed to the audience at the event.)
Migration and Program Notes:
Pay close attention to the addresses for calling the various endpoints- as well as the notes regarding endpoints with multiple possible responses (i.e. score details and rankings).
Documentation Notes
All times are listed in the local time to the event venue. HTTP-date values will show their timezone.
If you specify a parameter, but no value for that parameter, it will be ignored. For example, if you request URL?teamNumber= the teamNumber parameter would be ignored.
We will continue to support the current version of the API plus one version older. Old APIs are depricated once a version "two times newer" is available, at minimum 6 months. For example, version 2.0 and 1.0 are supported right now, but 1.0 will not be supported once 2.1 (or 3.0) is available. Versions may also be retired earlier with prior notice here in the documentation.
The full host address of the API is needed in all calls. The version number is required in each call in order to ensure your requests are made (and responses are returned) in the formats you anticipate. The version number for this documentation is found on the top of the page, in the title. If you call this version number, the API responses will match the formats listed below.
All of the APIs are capable of accepting the Accept HTTP header with either application/xml or application/json based on the desired return type. Any API call that results in an HTTP Status Code other than 200 (OK) will only be shown here as an application/json response to save space, but the content is the same regardless of the request type. All response will have a Content-Length and Date response header, but those are not shown in the documentaiton.
For all APIs that accept a query string in addition to the URI base, the order of parameters do not matter, but the name shown in the documentation must match exactly, as does the associated value format as described in details.
For response codes that are not HTTP 200 (OK), the documentation will show a body message that represents a possible response value. While the "title" of the HTTP Status Code will match those shown in the response codes documentation section exactly, the body of the response will be a more detailed explanation of why that status code is being returned and may not always be exactly as shown in the examples.
None of the APIs will show possible return here in the documentation of HTTP 401 (Unauthorized), but that code applies to all APIs as a possible response if the request is made without a valid token.
Last-Modified, FMS-OnlyModifiedSince, and If-Modified-Since Headers
The FRC Events API utilizes the Last-Modified and If-Modified-Since Headers to communicate with consumers regarding the age of the data they are requesting. With a couple of exceptions, all calls will return a Last-Modified Header set with the time at which the data at that endpoint was last modified. The Header will always be set in the HTTP-date format, as described in the HTTP Protocol. There are two exceptions: the Last-Modified Header is not set if the endpoint returns no results (such as a request for a schedule with no matches) and will also not be set if the request was an HTTP DELETE.
Consumers should keep track of the Last-Modified Header, and return it on subsequent calls to the same endpoint as the If-Modified-Since. The server will recognize this request, and will only return a result if the data has been modified since the last request. If no changes have been made, an HTTP 304 will be returned. If data has been modified, ALL data on that call will be returned (for "only modified" data, see below).
The FRC Events API also allows a custom header used to filter the return data to a specific subset. This is done by specifying a FMS-OnlyModifiedSince header with each call. As with the If-Modified-Since header, consumers should keep track of the Last-Modified Header, and return it on subsequent calls to the same endpoint as the FMS-OnlyModifiedSince Header. The server will recognize this request, and will only return a result if the data has been modified since the last request, and, if returned, the data will only be those portions modified since the included date. If no changes, have been made, an HTTP 304 will be returned. Using this method, the server and consumer save processing time by only receiving modified data that is in need of update on the consumer side.
If the Headers are improperly passed (such as the wrong Day of Week for the matching date, or a date in the future), the endpoint will simply ignore the Header and return all results. If both headers are specified, the request will be denied.
Response Codes
The FRC Events API HTTP Status Codes correspond with the common codes, but occasionally with different "titles". The "title" used by the API is shown next to each of the below possible response HTTP Status Codes. Throughout the documentation, Apiary may automatically show the common "title" in example returns (like "Not Found" for 404) but on the production server, the "title" will instead match those listed below.
HTTP 200 - "OK"
The request has succeeded. An entity corresponding to the requested resource is sent in the response. This will be returned as the HTTP Status Code for all request that succeed, even if the body is empty (such as an event that has no rankings, but with a valid season and event code were used)
HTTP 304 - "Not Modified"
When utilizing a Header that allows filtered data returns, such as If-Modified-Since, this response indicates that no data meets the request.
HTTP 400 - "Invalid Season Requested"/"Malformed Parameter Format In Request"/"Missing Parameter In Request"/"Invalid API Version Requested":
The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications. Specifically for this API, a 400 response indicates that the requested URI matches with a valid API, but one or more required parameter was malformed or invalid. Examples include an event code that is too short or team number that contains a letter.
HTTP 401 - "Unauthorized"
All requests against the API require authentication via a valid user token. Failing to provide one, or providing an invalid one, will warrant a 401 response. The client MAY repeat the request with a suitable Authorization header field.
HTTP 404 - "Invalid Event Requested"
Even though the 404 code usually indicates any not found status, a 404 will only be issued in this API when an event cannot be found for the requested season and event code. If the request didn't match a valid API or there were malformed parameters, the response would not receive a 404 but rather a 400 or 501. If this HTTP code is received, the season was a valid season and the event code matched the acceptable style of an event code, but there were no records of an event matching the combination of that season and event code. For example, HTTP 404 would be issued when the event had a different code in the requested season (the codes can change year to year based on event location).
HTTP 500 - "Internal Server Error"
The server encountered an unexpected condition which prevented it from fulfilling the request. This is a code sent directly by the server, and has no special alternate definition specific to this API.
HTTP 501 - "Request Did Not Match Any Current API Pattern"
The server does not support the functionality required to fulfill the request. Specifically, the request pattern did not match any of the possible APIs, and thus processing was discontinued. This code is also issued when too many optional parameters were included in a single request and fulfilling it would make the result confusing or misleading. Each API will specify which parameters or combination of parameters can be used at the same time.
HTTP 503 - "Service Unavailable"
The server is currently unable to handle the request due to a temporary overloading or maintenance of the server. The implication is that this is a temporary condition which will be alleviated after some delay. If known, the length of the delay MAY be indicated in a Retry-After header. This code will not always appear, sometimes the server may outright refuse the connection instead. This is a code sent directly by the server, and has no special alternate definition specific to this API.
See the notes at the top of this documentation for important information about HTTP Status Codes.
Authorization
In order to make calls against the FRC Events API, you must include an HTTP Header called Authorization with the value set as specified below. If a request is made without this header, processing stops and an HTTP 401 is issued. All Authorization headers follow the same format:
Authorization: Basic 000000000000000000000000000000000000000000000000000000000000
Where the Zeros are replaced by your Token. The Token can be formed by taking your username and your AuthorizationKey and adding a colon. For example, if your username is sampleuser and your AuthorizationKey is 7eaa6338-a097-4221-ac04-b6120fcc4d49 you would have this string:
sampleuser:7eaa6338-a097-4221-ac04-b6120fcc4d49
This string must then be encoded using Base64 Encoded to form the Token, which will be the same length as the example above, but include letters and numbers. For our example, we would have:
c2FtcGxldXNlcjo3ZWFhNjMzOC1hMDk3LTQyMjEtYWMwNC1iNjEyMGZjYzRkNDk=
NOTICE : Publicly distributing an application, code snippet, etc, that has your username and token in it, encoded or not, WILL result in your token being blocked from the API. Each user should apply for their own token.
If you wish to acquire a token for your development, you may do so by requesting a token through our automated system on this website.
AUTOMATED REMOVAL : If you do not activate your account within 72 hours of making your request for a token, or if you do not make at least one API request every twelve (12) months, your account/token will be marked as disabled for inactivity and subject to being deleted. (This policy does not apply to accounts with special operating agreements with FIRST)
HTTP401 and Authorization
Each Token can be individually enabled and disabled by FIRST. As such, a normally valid combination of username and AuthorizationToken could still be rejected. The possible return messages you may see in these instances are:
Incorrect Token (You supplied an AuthorizationToken, but it wasn't correct)
Account Disabled, Contact Support (You have been disabled for excessive traffic or abuse. Contact support)
Username Not Found (A username was found, but didn't match any on file)
Unable To Determine Authorization Token (The format of the Authorization header was incorrect)
Reisezentren-API
deutschebahn.com
This REST-API enables you to query information about travel centers in Germany.
Transport Department, Lakshadweep
apisetu.gov.in
Driving License (DL) and Vehicle Registration Certificate (RC) of the State, as available on Parivahan Sewa (http://parivahan.co.in/) of Ministry of Road Transport and Highways, are available on DigiLocker. Citizens can pull these documents into their DigiLocker accounts.
Board of Vocational Higher Secondary Examinations, Kerala
apisetu.gov.in
Board of Vocational Higher Secondary Examinations, Directorate of General Education, Government of Kerala has made available VHSE Marklist of MARCH 2020, which can be pulled by students into their Digilocker accounts
Motor Vehicle Department, Kerala
apisetu.gov.in
Driving License (DL) and Vehicle Registration Certificate (RC) of the State, as available on Parivahan Sewa (http://parivahan.co.in/) of Ministry of Road Transport and Highways, are available on DigiLocker. Citizens can pull these documents into their DigiLocker accounts.
Bhagavad Gita API
bhagavadgita.io
BikeWise API v2
This is an API for accessing information about bicycling related incidents. You can find the source code on GitHub.
Transport Department, Uttarakhand
apisetu.gov.in
Driving License (DL) and Vehicle Registration Certificate (RC) of the State, as available on Parivahan Sewa (http://parivahan.co.in/) of Ministry of Road Transport and Highways, are available on DigiLocker. Citizens can pull these documents into their DigiLocker accounts.
Auckland Museum API
This is technical documentation for the Auckland Museum API