Library

Browse and search developer information

A002: Professional Session Select Role

API

PUT /v1/ProfessionalSession/{sessionKey}

Description

Updates a Professional Session with the appropriate NHS organisation and role. This ensures the correct access rights for the user.

Input

Professional Session Resource

The base input for this endpoint should be the output from the Create Session endpoint. The consumer should then additionally populate the permission field with the permission they wish to select from those available to the user (ProfessionalSession.user.permissions).

Example

{
	"id": "pro-xapi-session_0537f534-5c9a-4240-a401-90c9b7770139",
	"token": "<token id>",
	"user": {
		"identifier": "021600556514",
		"firstName": "Tech",
		"lastName": "Support",
		"middleName": null,
		"permissions": [
		{
			"businessFunction": "REFERRING_CLINICIAN_ADMIN",
			"orgIdentifier": "R68",
			"orgName": "BTL NHS TRUST R68"
		},
		{
			"businessFunction": "REFERRING_CLINICIAN",
			"orgIdentifier": "R69",
			"orgName": "BTL NHS TRUST R69"
		},
		{
			"businessFunction": "REFERRING_CLINICIAN_ADMIN",
			"orgIdentifier": "R69",
			"orgName": "BTL NHS TRUST R69"
		}]
	},
	"permission": {
		"businessFunction": "REFERRING_CLINICIAN",
		"orgIdentifier": "R69",
		"orgName": "BTL NHS TRUST R69"
	}
}

Output

The created Professional Session Resource will be returned with the selected permission applied.

Code Sample

Code snippets are taken from the consumer example. See Code Samples for further details.

       function selectRole(permission) {
            var deferred = $q.defer();
            scope.selectedPermission = permission;

            var headersJson = {};
            headersJson[config.asidHeader] = config.asid;
            headersJson[config.sessionIdHeader] = scope.sessionData.id;

            var rest = $resource(config.baseUrl + '/v1/ProfessionalSession/' + scope.currentSessionId,
                    null,
                    {
                        'save': {method: 'PUT', headers: headersJson}
                    });
            var json = {
                id: scope.sessionData.id,
                permission: permission
            };
            rest.save(json, function (data) {
                deferred.resolve(data);
            });

            return deferred.promise;
        }

Notes

The Create Session endpoint must be called in order to create the session. This endpoint can then be used to select one of the applicable roles/permissions returned.

The ProffessionalSession.id returned from the Create Session endpoint should be included as a header (HTTP_X_SESSION_KEY) for this and all subsequent requests.