apiary.apib

FORMAT: 1A
HOST: https://api-meamedica-tst.azurewebsites.net/

# meamedica API

## Scope & Status

This is an API to define and disclose methods to interact with medical data. 
This API will be continuously updated and developed to provide methods that 
can be used in several medical areas.

#### Current Business Areas
- Dental Practices

#### Current API Status
- Operating normally but may be subject to changes without prior notice.

## Ownership

Although public, this API blueprint is developed and made available 
by **[Insight Pharma Services BV](http://www.insightpharma.nl)**. It is possible 
that some of the methods here described are already developed to fullfil a 
specific client need. Any questions, comments or requests can therefore be sent 
to the contacts available in our site. You can also follow us on 
[twitter](https://twitter.com/mijnmedicijn) or [facebook](https://www.facebook.com/mijnmedicijn).

## Information Security

This API is hosted in a [Microsoft Azure](https://azure.microsoft.com/en-us/overview/what-is-azure/) 
infrastructure which is one of the most recognized cloud services available. Among 
several other technological aspects, Microsoft Azure is also known for a high security 
level and for this matter it is compliant with the ISO industry standards 
[ISO27001](https://azure.microsoft.com/en-us/support/trust-center/compliance/iso27001/) 
(Information Security Management Standards) and [ISO27018](https://azure.microsoft.com/en-us/support/trust-center/compliance/iso27018/) 
(Protection of Personally Identifiable Information in public clouds).

## Disclaimer

Absolutely nothing is granted by the direct or indirect use of the content 
hereby described. This API contains references to medical terms and/or concepts
that exist in the Netherlands. These terms and/or concepts might not apply to 
other countries.

# Group Common API

## Authentication > Get Token [/access/get?clientKey={clientKey}]

+ Parameters
    + clientKey: b2c38708d821833daf11 (required, string) - subscription client key as an encoded string

### API Definition [GET]

***Description***

This method is used to get a token based on a valid client key. Clients will 
receive their client key when they have an agreement to use this API service. 
This token must then be used in all other requests to API methods here described
(search for the `token` keyword).

***Usage***

The request must contain the `clientKey`. The response will be in the field `Token`. 
It is an authorized and encrypted string that includes a timestamp to make it valid 
during a specific time period and will be similar to:
*xe24csp34lqem662sbvyzbtz2z6pfclflpnlbm5aowrlazvhu5benfhsa64srg3e3teaka45llnue===*

***Response***

| HTTP Code  | API Code           | Found in        | Description                   |
| :--------: | :----------------- | :-------------- | :---------------------------- |
| 400        | ClientKey.Missing  | `message` field | No ClientKey was given.       |
| 401        | ClientKey.NoAccess | `message` field | ClientKey is not valid.       |
| 200        | `token`            | `Token` field   | A valid token was issued.     |
| 200        | Unexpected.Error   | `Token` field   | Contact us via [email](<mailto:info@meamedica.nl>). |

***Please note:*** in all the methods the `message` field can be found in the following 
JSON structure in the response:
```
{
  "status": <http-error-code>,
  "source": "<full-url-called>",
  "message": "ClientKey.NoAccess"
}
```

+ Response 200 (application/json)

        {
            "Token": "string"
        }

## Current Version > Get [/version]

### API Definition [GET]

***Description***

This method is used to get the current version of this API mainly for informative
purposes. Nothing is expected in the request or as an URL parameter.

***Usage and Response***

No input is necessary to call this method so the response will just show the 
current version. No other possible values can be given. No errors can occur.

+ Response 200 (application/json)

        {
            "Version": "string"
        }

# Group Practice API

## Create [/practice/create]

### API Definition [POST]

***Description***

This method should be used to create a new dental practice. Besides some basic data
about the practice we should get the practice AGB code and also an email for administrative
contact purposes. It should also be given the number of patients currently registered.

***Usage***

The request must contain the `token` and some information about the practice:
- Unique identifier - AGB code
- Identification - Name, Number of patients, Administrative email
- Geographic location - Address, Postal code, City

***Response***

| HTTP Code  | API Code           | Found in        | Description                      |
| :--------: | :----------------- | :-------------- | :------------------------------- |
| 400        | Token.Missing      | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired      | `message` field | Token is no longer valid.        |
| 400        | Missing.Parameters | `message` field | Required parameters are missing. |
| 200        | Practice.Exists    | `Result` field  | Practice AGB already exists.     |
| 200        | Practice.NotAdded  | `Result` field  | Practice was not created.        |
| 200        | Practice.Duplicate | `Result` field  | Practice already exists.         |
| 200        | OK                 | `Result` field  | Practice was created.            |
| 200        | Unexpected.Error   | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

+ Request (application/json)

        {
            "PracticeAgb": "string",
            "Name": "string",
            "Address": "string",
            "PostalCode": "string",
            "City": "string",
            "Email": "string",
            "NumberOfPatients": 0,
            "Token": "string"
        }

+ Response 200 (application/json)

        {
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

## Get [/practice/get?practiceAgb={practiceAgb}&token={token}]

+ Parameters
    + practiceAgb: 12345678 (required, number) - practice AGB code as an 8-digit number
    + token: 1g4qq30l3hffqo9za8da1zf3402xaq2ry6w2k02lfjk9w3g284kkoiw5ycdgfup13yycdat9ta (required, string) - encrypted authentication token

### API Definition [GET]

***Description***

This method is used to get detailed information about the practice identified by 
the AGB code given as parameter.

***Usage***

The request must contain the `token` and the practice `AGB code`.

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :-------------- | :------------------------------- |
| 400        | Practice.Missing      | `message` field | No practice AGB was given.       |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | OK                    | `Result` field  | Practice was found.              |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB Code** and the following 
information about the practice is returned in the proper fields.
- Name, Contact and KVK number
- Geographic location - Address, Postal code, City
- Date of creation and date when this request was issued ( *dd-mm-yyyy* )

+ Response 200 (application/json)

        {
            "InformationDate": "string",
            "Name": "string",
            "Address": "string",
            "Phone": "string",
            "Kvk": "string",
            "DateCreated": "string",
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

## Get Care Professionals [/practice/careprofessionals/get?practiceAgb={practiceAgb}&token={token}]

+ Parameters
    + practiceAgb: 12345678 (required, number) - practice AGB code as an 8-digit number
    + token: 1g4qq30l3hffqo9za8da1zf3402xaq2ry6w2k02lfjk9w3g284kkoiw5ycdgfup13yycdat9ta (required, string) - encrypted authentication token

### API Definition [GET]

***Description***

This method is used to get detailed information about the care professionals (dentists, 
assistants or others) that work in the practice identified by the AGB code given as 
parameter.

***Usage***

The request must contain the `token` and the practice `AGB code`.

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :-------------- | :------------------------------- |
| 400        | Practice.Missing      | `message` field | No practice AGB was given.       |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | OK                    | `Result` field  | Care professionals were found.   |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB Code** and the following 
information about the practice care professionals (dentists and/or assistants and/or
others) is returned in the proper fields.
- *Care Professionals*: identifier, initials, lastname and specialty
- *Care Professionals*: BIG number, KNMT number and email ( *if available* )
- Date when this request was issued ( *dd-mm-yyyy* )

+ Response 200 (application/json)

        {
            "InformationDate": "string",
            "CareProfessionals": [
                {
                    "CareProfessionalId": "string",
                    "Initials": "string",
                    "LastName": "string",
                    "Specialty": "string",
                    "BigNumber": "string",
                    "KnmtNumber": "string",
                    "Email": "string"
                }
            ],
            "Result": "string",
            "Messages": [
                "string"
            ],
        }

        
# Group Care Professional API

## Create [/careprofessional/create]

### API Definition [POST]

***Description***

This method is meant to add one or more care professionals to an existing practice. 
Each care professional must specifiy its specialty. Some of them are doctors but some
might not be. The practice AGB code is required as matching identifier. 

***Usage***

The request must contain the `token` and some information about the care professional
to create. In one request, one or more care professionals can be created.
- *Required*: care professional identifier, initials, lastname and specialty
- *Optional*: BIG number, KNMT number and email address

**Accepted specialties are**: *Tandarts, MKA-chirurg, Parodontoloog, Endodontoloog, 
Pedodontoloog, Implantoloog, Gnatholoog, Orthodontist, Revalidatie arts, Medisch 
specialist, Psycholoog, Mondhygiënist, Tandprotheticus, Tandartsassistent, 
Preventie-assistent, Stagiair, Student, Onbekend.*

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :-------------- | :------------------------------- |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 400        | Missing.Parameters    | `message` field | Required parameters are missing. |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Customer.NotAdded     | `Result` field  | Care Professional was not created.        |
| 200        | CareProfessional.NotFound    | `Result` field  | Care Professional was not found.   |
| 200        | CareProfessional.NotAdded    | `Result` field  | Care Professional was not created. |
| 200        | CareProfessional.Exists      | `Result` field  | Care Professional already exists.  |
| 200        | CareProfessional.NoSpecialty | `Result` field  | Specialty was not found.           |
| 200        | OK                    | `Result` field  | Care Professional was created.            |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB Code**.

+ Request (application/json)

        {
            "PracticeAgb": "string",
            "CareProfessionals": [
                {
                  "CareProfessionalId": "string",
                  "Initials": "string",
                  "LastName": "string",
                  "Specialty": "string",
                  "BigNumber": "string",
                  "KnmtNumber": "string",
                  "Email": "string"
                }
            ],
            "Token": "string"
        }

+ Response 200 (application/json)

        {
            "Result": "string",
            "Messages": [
                "string"
            ]
        }
        
## Get [/careprofessional/get?practiceAgb={practiceAgb}&bigNumber={bigNumber}&careprofessionalId={careprofessionalId}&token={token}]

+ Parameters
    + practiceAgb: 12345678 (required, number) - practice AGB code as an 8-digit number
    + bigNumber: 12345678901 (optional, number) - unique care professional identifier
    + careprofessionalId: 12345678 (optional, number) - client-side identifier
    + token: 1g4qq30l3hffqo9za8da1zf3402xaq2ry6w2k02lfjk9w3g284kkoiw5ycdgfup13yycdat9ta (required, string) - encrypted authentication token

### API Definition [GET]

***Description***

This method is used to get detailed information about a care professional. A care 
professional can be identified globally by its BIG number or locally to a practice by
its care professional identifier. If both values are given they must match the same
care professional to be successful. If none is given an error will occur.

***Usage***

The request must contain the `token`, the practice `AGB code` and the care professional
`BIG number` and/or care professional `identifier`.

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :-------------- | :------------------------------- |
| 400        | Practice.Missing      | `message` field | No practice AGB given.           |
| 400        | CareProfessional.Missing | `message` field | No care professional identifier given. |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Customer.NotFound     | `Result` field  | Care professional not found.     |
| 200        | CareProfessional.NotFound | `Result` field  | Care professional not found. |
| 200        | OK                    | `Result` field  | Care professional was found.     |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **care professional identifier** used 
and the following information about the care professional is returned in the proper 
fields.
- Care professional identifier, initials, lastname and specialty
- Care professional BIG number, KNMT number and email ( *if available* )
- Date when this request was issued ( *dd-mm-yyyy* )

+ Response 200 (application/json)

        {
            "InformationDate": "string",
            "CareProfessional": {
                "CareProfessionalId": "string",
                "Initials": "string",
                "LastName": "string",
                "Specialty": "string",
                "BigNumber": "string",
                "KnmtNumber": "string",
                "Email": "string"
            },
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

# Group Patient API

## Create Local [/patient/local/create]

### API Definition [POST]

***Description***

This method can be used to create one patient for a given practice. It expects to 
receive some generic data about the patient and about the practice were he is 
registered.

***Usage***

The request must contain the `token`, the practice `AGB code` and some information 
about the patient to create.
- Patient identifier, Gender ( *m/f* ) and Birthdate ( *dd-mm-yyyy* )
- Height ( *cm* ) and Weight ( *kg* ) ( *optional fields* )

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :-------------- | :------------------------------- |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 400        | Missing.Parameters    | `message` field | Required parameters are missing. |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Patient.Exists        | `Result` field  | Patient already exists.          |
| 200        | Customer.NotAdded     | `Result` field  | Patient was not created.         |
| 200        | Patient.NotAdded      | `Result` field  | Patient was not created.         |
| 200        | OK                    | `Result` field  | Patient was created.             |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB Code** and the following 
information about the patient is returned in the proper fields.
- Patient number (in the client system)
- Activation URL (only if patient is new)

+ Request (application/json)

        {
            "PracticeAgb": "string",
            "PatientNr": "string",
            "Initials": "string",
            "FirstName": "string",
            "Particle": "string",
            "LastName": "string",
            "PartnerName": "string",
            "VektisCode": "string",
            "Address": "string",
            "PostalCode": "string",
            "City": "string",
            "Country": "string",
            "Gender": "string",
            "Birthdate": "string",
            "Height": "string",
            "Weight": "string",
            "Token": "string"
        }

+ Response 200 (application/json)

        {
            "PatientNr": "string",
            "ActivationUrl": "string"
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

## Get Overview Local [/patient/local/getOverview?practiceagb={practiceagb}&patientnr={patientnr}&token={token}]

+ Parameters
    + practiceagb: 12345678 (required, number) - practice AGB code as an 8-digit number
    + patientnr: 1 (required, number) - patient identifier in client system
    + token: 1g4qq30l3hffqo9za8da1zf3402xaq2ry6w2k02lfjk9w3g284kkoiw5ycdgfup13yycdat9ta (required, string) - encrypted authentication token

### API Definition [GET]

***Description***

This method is used to get an overview of some patient information. The information
will be given only if the patient belongs to the specified practice.

***Usage***

The request must contain the `token`, the practice `AGB code` and the patient 
`identifier`.

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :---------------| :------------------------------- |
| 400        | Practice.Missing      | `message` field | No practice AGB given.           |
| 400        | Patient.Missing       | `message` field | No patient identifier given.     |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Patient.NotFound      | `Result` field  | Patient not found.               |
| 200        | OK                    | `Result` field  | Patient was found.               |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB code** and the following 
information about the patient is returned in the proper fields.
- Patient identifier
- BSN number ( *hashed if available* )
- Latest ASA score with related Questions and Answers
- Number of medicines in use and related medicine information (including the 
`PrescriptionId` if the medicine was prescribed in **meamedica|dental**)
- Number of MTI messages
- Allergic to anesthesia and list of the patient's allergies (only medical related)
- Date when this request was issued ( *dd-mm-yyyy* )

+ Response 200 (application/json)

        {
            "PatientNr": "string",
            "HashedBSN": "string",
            "AsaScore": "string",
            "AnamneseDate": "string",
            "AnamneseInfo": [
                {
                  "AsaScore": 0,
                  "Question": "string",
                  "Answer": "string",
                  "QuestionId": 0
                }
            ],
            "NrOfMedicines": "string",
            "MedicineInfo": [
                {
                  "Name": "string",
                  "GenericName": "string",
                  "Dosage": "string",
                  "UsageStartDate": "string",
                  "UsageEndDate": "string",
                  "UsageQuantity": "string",
                  "UsageUnit": "string",
                  "UsageFrequencyNrTimes": "string",
                  "UsageFrequencyPeriod": "string",
                  "PrescriptionId": "string"
                }
            ],
            "NrOfMtiMessages": "string",
            "AnesthesiaAllergy": "string",
            "AllergyInfo": [
                {
                  "Name": "string"
                }
            ],
            "InformationDate": "string",
            "PatientStatus": "string",
            "ActivationUrl": "string",
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

## Get Local [/patient/local/get?practiceagb={practiceagb}&patientnr={patientnr}&token={token}]

+ Parameters
    + practiceagb: 12345678 (required, number) - practice AGB code as an 8-digit number
    + patientnr: 1 (required, number) - patient identifier in client system
    + token: 1g4qq30l3hffqo9za8da1zf3402xaq2ry6w2k02lfjk9w3g284kkoiw5ycdgfup13yycdat9ta (required, string) - encrypted authentication token

### API Definition [GET]

***Description***

This method is used to get details about the given patient. The information
will be given only if the patient belongs to the specified practice.

***Usage***

The request must contain the `token`, the practice `AGB code` and the patient 
`identifier`.

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :---------------| :------------------------------- |
| 400        | Practice.Missing      | `message` field | No practice AGB given.           |
| 400        | Patient.Missing       | `message` field | No patient identifier given.     |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Patient.NotFound      | `Result` field  | Patient not found.               |
| 200        | OK                    | `Result` field  | Patient was found.               |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB code** and the following 
information about the patient is returned in the proper fields.
- Patient identifier, Gender ( *m/f* ) and Birthdate ( *dd-mm-yyyy* )
- BSN number ( *hashed if available* )
- Height ( *cm* ) and Weight ( *kg* ) ( *if available* )
- Patient Status (`Patient.New`, `Patient.Inactive`, `Patient.Active`)
- First Name, Last Name, Blood Group, City and Country ( *if available* )
- Date when this request was issued ( *dd-mm-yyyy* )

+ Response 200 (application/json)

        {
            "InformationDate": "string",
            "PatientNr": "string",
            "HashedBSN": "string",
            "FirstName": "string",
            "LastName": "string",
            "BirthDate": "string",
            "Gender": "string",
            "Bloodgroup": "string",
            "Length": "string",
            "Weight": "string",
            "City": "string",
            "Country": "string",
            "PatientStatus": "string",
            "ActivationUrl": "string",
            "Result": "string",
            "Messages": [
                "string"
            ]
        }
        
        
## Update Local [/patient/local/update]

### API Definition [POST]

***Description***

This method can be used to update the data of a given patient. 
The patient should already have been created via the create API method.
It expects to receive the patient data that needs to be changed. 

***Usage***

The request must contain the `token`, the practice `AGB code`, the patient `number` 
and the information that needs to be updated, namely:
- Gender ( *m/f* ) and Birthdate ( *dd-mm-yyyy* )
- Height ( *cm* ) and Weight ( *kg* ) ( *optional fields* )

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :-------------- | :------------------------------- |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 400        | Missing.Parameters    | `message` field | Required parameters are missing. |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Customer.NotFound     | `Result` field  | Patient was not found.           |
| 200        | Patient.NotFound      | `Result` field  | Patient was not found.           |
| 200        | Customer.NotUpdated   | `Result` field  | Patient was not updated.         |
| 200        | OK                    | `Result` field  | Patient was updated.             |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB Code** and the following 
information about the patient is returned in the proper fields.
- Patient number (in the client system)

+ Request (application/json)

        {
            "PracticeAgb": "string",
            "PatientNr": "string",
            "Initials": "string",
            "FirstName": "string",
            "Particle": "string",
            "LastName": "string",
            "PartnerName": "string",
            "VektisCode": "string",
            "Address": "string",
            "PostalCode": "string",
            "City": "string",
            "Country": "string",
            "Gender": "string",
            "Birthdate": "string",
            "Height": "string",
            "Weight": "string",
            "Token": "string"
        }

+ Response 200 (application/json)

        {
            "PatientNr": "string",
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

## Close Local [/patient/local/close]

### API Definition [POST]

***Description***

This method is used to close the activity of a patient inline with the client system.
The operation will be executed only if the patient belongs to the specified practice.

***Usage***

The request must contain the `token`, the practice `AGB code` and the patient 
`identifier`.

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :---------------| :------------------------------- |
| 400        | Practice.Missing      | `message` field | No practice AGB given.           |
| 400        | Patient.Missing       | `message` field | No patient identifier given.     |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Patient.NotFound      | `Result` field  | Patient not found.               |
| 200        | OK                    | `Result` field  | Patient was closed.               |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB code**.

+ Request (application/json)

        {
            "PracticeAgb": "string",
            "PatientNr": "string",
            "Token": "string"
        }
        
+ Response 200 (application/json)

        {
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

## Create with BSN [/patient/create]

### API Definition [POST]

***Description***

This method can be used to create one patient identified by the hashed BSN. 
When hashing the BSN use only numbers. It expects to receive some generic data about the patient and about the 
practice were he is registered.

***Usage***

The request must contain the `token`, the practice `AGB code` and some information 
about the patient to create.
- BSN number ( *hashed* ), Gender ( *m/f* ) and Birthdate ( *dd-mm-yyyy* )
- Height ( *cm* ) and Weight ( *kg* ) ( *optional fields* )

***NOTE*** the `BSN number` is received in a hashed format and stored that same way
in the database. This number does not exist in a readable format. For more information
about this *hashing* please check [SHA algorithm](https://en.wikipedia.org/wiki/Secure_Hash_Algorithm) and in more detail [SHA-256](https://en.wikipedia.org/wiki/SHA-2).

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :-------------- | :------------------------------- |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 400        | Missing.Parameters    | `message` field | Required parameters are missing. |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Customer.Duplicate    | `Result` field  | Patient already exists.          |
| 200        | Customer.NotFound     | `Result` field  | Patient was not found.           |
| 200        | Patient.NotFound      | `Result` field  | Patient was not found.           |
| 200        | Customer.NotAdded     | `Result` field  | Patient was not created.         |
| 200        | Patient.NotAdded      | `Result` field  | Patient was not created.         |
| 200        | OK                    | `Result` field  | Patient was created.             |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB Code** and the following 
information about the patient is returned in the proper fields.
- BSN number ( *hashed* )
- Activation URL (only if patient is new)

+ Request (application/json)

        {
            "PracticeAgb": "string",
            "BsnHashed": "string",
            "Initials": "string",
            "FirstName": "string",
            "Particle": "string",
            "LastName": "string",
            "PartnerName": "string",
            "VektisCode": "string",
            "Address": "string",
            "PostalCode": "string",
            "City": "string",
            "Country": "string",
            "Gender": "string",
            "Birthdate": "string",
            "Height": "string",
            "Weight": "string",
            "Token": "string"
        }

+ Response 200 (application/json)

        {
            "HashedBSN": "string",
            "ActivationUrl": "string",
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

## Get Overview with BSN [/patient/getOverview?practiceAgb={practiceAgb}&hashedBsn={hashedBsn}&token={token}]

+ Parameters
    + practiceAgb: 12345678 (required, number) - practice AGB code as an 8-digit number
    + hashedBsn: 8da1zf3402xaq2ry6w2 (required, string) - patient unique identifier
    + token: 1g4qq30l3hffqo9za8da1zf3402xaq2ry6w2k02lfjk9w3g284kkoiw5ycdgfup13yycdat9ta (required, string) - encrypted authentication token

### API Definition [GET]

***Description***

This method is used to get an overview of some patient information. The information
will be given for the patient identified by the hashed BSN and the practice AGB.
When hashing the BSN use only numbers. 

***Usage***

The request must contain the `token`, the practice `AGB code` and the patient unique
`BSN` ( *in hashed format* ).

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :-------------- | :------------------------------- |
| 400        | Practice.Missing      | `message` field | No practice AGB given.           |
| 400        | Patient.Missing       | `message` field | No patient identifier given.     |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Customer.NotFound     | `Result` field  | Patient not found.               |
| 200        | Patient.NotFound      | `Result` field  | Patient not found.               |
| 200        | OK                    | `Result` field  | Patient was found.               |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB code** and the following 
information about the patient is returned in the proper fields.
- BSN number ( *hashed* )
- Latest ASA score with related Questions and Answers
- Number of medicines in use and related medicine information (including the 
`PrescriptionId` if the medicine was prescribed in **meamedica|dental**)
- Number of MTI messages
- Allergic to anesthesia and list of patient's allergies (only medical related)
- Patient status and activation link (if `Patient.New` or `Patient.Inactive`)
- Date when this request was issued ( *dd-mm-yyyy* )

+ Response 200 (application/json)

        {
            "PatientNr": "string",
            "HashedBSN": "string",
            "AsaScore": "string",
            "AnamneseDate": "string",
            "AnamneseInfo": [
                {
                  "AsaScore": 0,
                  "Question": "string",
                  "Answer": "string",
                  "QuestionId": 0
                }
            ],
            "NrOfMedicines": "string",
            "MedicineInfo": [
                {
                  "Name": "string",
                  "GenericName": "string",
                  "Dosage": "string",
                  "UsageStartDate": "string",
                  "UsageEndDate": "string",
                  "UsageQuantity": "string",
                  "UsageUnit": "string",
                  "UsageFrequencyNrTimes": "string",
                  "UsageFrequencyPeriod": "string",
                  "PrescriptionId": "string"
                }
            ],
            "NrOfMtiMessages": "string",
            "AnesthesiaAllergy": "string",
            "AllergyInfo": [
                {
                  "Name": "string"
                }
            ],
            "InformationDate": "string",
            "PatientStatus": "string",
            "ActivationUrl": "string",
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

## Get with BSN [/patient/get?practiceAgb={practiceAgb}&hashedBsn={hashedBsn}&token={token}]

+ Parameters
    + practiceAgb: 12345678 (required, number) - practice AGB code as an 8-digit number
    + hashedBsn: 8da1zf3402xaq2ry6w2 (required, string) - patient unique identifier
    + token: 1g4qq30l3hffqo9za8da1zf3402xaq2ry6w2k02lfjk9w3g284kkoiw5ycdgfup13yycdat9ta (required, string) - encrypted authentication token

### API Definition [GET]

***Description***

This method is used to get details about the given patient. The information
will be given for the patient identified by the hashed BSN and the practice AGB.
When hashing the BSN use only numbers. 

***Usage***

The request must contain the `token`, the practice `AGB code` and the patient unique
`BSN` ( *in hashed format* ).

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :-------------- | :------------------------------- |
| 400        | Practice.Missing      | `message` field | No practice AGB given.           |
| 400        | Patient.Missing       | `message` field | No patient identifier given.     |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Customer.NotFound     | `Result` field  | Patient not found.               |
| 200        | Patient.NotFound      | `Result` field  | Patient not found.               |
| 200        | OK                    | `Result` field  | Patient was found.               |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB code** and the following 
information about the patient is returned in the proper fields.
- BSN number ( *hashed* )
- Gender ( *m/f* ) and Birthdate ( *dd-mm-yyyy* )
- Height ( *cm* ) and Weight ( *kg* ) ( *if available* )
- Patient status and activation link (if `Patient.New` or `Patient.Inactive`)
- First Name, Last Name, Blood Group, City and Country ( *if available* )
- Date when this request was issued ( *dd-mm-yyyy* )

+ Response 200 (application/json)

        {
            "InformationDate": "string",
            "PatientNr": "string",
            "HashedBSN": "string",
            "FirstName": "string",
            "LastName": "string",
            "BirthDate": "string",
            "Gender": "string",
            "Bloodgroup": "string",
            "Length": "string",
            "Weight": "string",
            "City": "string",
            "Country": "string",
            "PatientStatus": "string",
            "ActivationUrl": "string",
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

## Update with BSN [/patient/update]

### API Definition [POST]

***Description***

This method can be used to update the data of a given patient. 
The patient should already have been created via the create API method.
It expects to receive the patient data that needs to be changed. 

***Usage***

The request must contain the `token`, the practice `AGB code`, the patient `hashed BSN` 
and the information that needs to be updated, namely:
- Gender ( *m/f* ) and Birthdate ( *dd-mm-yyyy* )
- Height ( *cm* ) and Weight ( *kg* )

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :-------------- | :------------------------------- |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 400        | Missing.Parameters    | `message` field | Required parameters are missing. |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Customer.NotFound     | `Result` field  | Patient was not found.           |
| 200        | Patient.NotFound      | `Result` field  | Patient was not found.           |
| 200        | Customer.NotUpdated   | `Result` field  | Patient was not updated.         |
| 200        | OK                    | `Result` field  | Patient was updated.             |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB Code** and the following 
information about the patient is returned in the proper fields.
- BSN number (*hashed*)

+ Request (application/json)

        {
            "PracticeAgb": "string",
            "BsnHashed": "string",
            "Initials": "string",
            "FirstName": "string",
            "Particle": "string",
            "LastName": "string",
            "PartnerName": "string",
            "VektisCode": "string",
            "Address": "string",
            "PostalCode": "string",
            "City": "string",
            "Country": "string",
            "Gender": "string",
            "Birthdate": "string",
            "Height": "string",
            "Weight": "string",
            "Token": "string"
        }

+ Response 200 (application/json)

        {
            "HashedBSN": "string",
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

## Close with BSN [/patient/close]

### API Definition [POST]

***Description***

This method is used to close the activity of a patient inline with the client system.
The operation will be executed only for the patient identified by the hashed BSN and
in the given practice AGB. When hashing the BSN use only numbers. 

***Usage***

The request must contain the `token`, the practice `AGB code` and the patient unique 
`BSN` ( *in hashed format* ).

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :---------------| :------------------------------- |
| 400        | Practice.Missing      | `message` field | No practice AGB given.           |
| 400        | Patient.Missing       | `message` field | No patient identifier given.     |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Customer.NotFound     | `Result` field  | Patient not found.               |
| 200        | Patient.NotFound      | `Result` field  | Patient not found.               |
| 200        | OK                    | `Result` field  | Patient was closed.              |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB code**.

+ Request (application/json)

        {
            "PracticeAgb": "string",
            "HashedBsn": "string",
            "Token": "string"
        }
        
+ Response 200 (application/json)

        {
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

# Group Prescription API

## Get List Local [/prescription/local/getList?practiceagb={practiceagb}&patientnr={patientnr}&id={id}&token={token}]

+ Parameters
    + practiceagb: 12345678 (required, number) - practice AGB code as an 8-digit number
    + patientnr: 1 (required, number) - patient identifier in client system
    + id: 1 (required, number) - prescription identifier
    + token: 1g4qq30l3hffqo9za8da1zf3402xaq2ry6w2k02lfjk9w3g284kkoiw5ycdgfup13yycdat9ta (required, string) - encrypted authentication token

### API Definition [GET]

***Description***

This method is used to get details about the specified prescriptions. 
The information will be given only if the prescriptions belong to the specified patient and were created in the specified practice.

***Usage***

The request must contain the `token`, the practice `AGB code`, the patient 
`identifier` and the prescriptions `identifiers`.

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :---------------| :------------------------------- |
| 400        | Practice.Missing      | `message` field | No practice AGB given.           |
| 400        | Patient.Missing       | `message` field | No patient identifier given.     |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Patient.NotFound      | `Result` field  | Patient not found.               |
| 200        | Customer.NotFound     | `Result` field  | Equivalent to Patient not found. |
| 200        | OK                    | `Result` field  | Request processed.               |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB code** and the following 
information about the prescriptions is returned in the proper fields.
- Prescription Identifier
- Prescription Date
- Identifier (within the client system) of the care professional responsible for the prescription.

+ Response 200 (application/json)

        {
            "InformationDate": "string",
            "PatientNr": "string",
            "HashedBSN": "string",
            "Prescriptions": [
                {
                  "PrescriptionId": "string",
                  "PrescriptionDate": "string",
                  "CareProfessionalId": "string"
                }
            ],
            "Result": "string",
            "Messages": [
                "string"
            ]
        }

## Get List with BSN [/prescription/getList?practiceagb={practiceagb}&hashedbsn={hashedBsn}&id={id}&token={token}]

+ Parameters
    + practiceagb: 12345678 (required, number) - practice AGB code as an 8-digit number
    + hashedBsn: 8da1zf3402xaq2ry6w2 (required, string) - patient unique identifier
    + id: 1 (required, number) - prescription identifier
    + token: 1g4qq30l3hffqo9za8da1zf3402xaq2ry6w2k02lfjk9w3g284kkoiw5ycdgfup13yycdat9ta (required, string) - encrypted authentication token

### API Definition [GET]

***Description***

This method is used to get details about the specified prescriptions. 
The information will be given only if the prescriptions belong to the specified patient and were created in the specified practice.

***Usage***

The request must contain the `token`, the practice `AGB code`, the patient 
`identifier` and the prescriptions `identifiers`.

***Response***

| HTTP Code  | API Code              | Found in        | Description                      |
| :--------: | :-------------------- | :---------------| :------------------------------- |
| 400        | Practice.Missing      | `message` field | No practice AGB given.           |
| 400        | Patient.Missing       | `message` field | No patient identifier given.     |
| 400        | Token.Missing         | `message` field | No Token was given.              |
| 401        | ClientKey.NoAccess    | `message` field | ClientKey is not valid.          |
| 401        | Token.Expired         | `message` field | Token is no longer valid.        |
| 200        | Practice.NotFound     | `Result` field  | Practice was not found.          |
| 200        | Practice.NoAccess     | `Result` field  | Client has no access to the specified practice.|
| 200        | Subscription.NotFound | `Result` field  | Subscription was not found.      |
| 200        | Subscription.Expired  | `Result` field  | Subscription has expired.        |
| 200        | Patient.NotFound      | `Result` field  | Patient not found.               |
| 200        | Customer.NotFound     | `Result` field  | Equivalent to Patient not found. |
| 200        | OK                    | `Result` field  | Request processed.               |
| 200        | Unexpected.Error      | `Result` field  | Contact us via [email](<mailto:info@meamedica.nl>). |

In case of `OK`, the `Messages` field has the **AGB code** and the following 
information about the prescriptions is returned in the proper fields.
- Prescription Identifier
- Prescription Date
- Identifier (within the client system) of the care professional responsible for the prescription.

+ Response 200 (application/json)

        {
            "InformationDate": "string",
            "PatientNr": "string",
            "HashedBSN": "string",
            "Prescriptions": [
                {
                  "PrescriptionId": "string",
                  "PrescriptionDate": "string",
                  "CareProfessionalId": "string"
                }
            ],
            "Result": "string",
            "Messages": [
                "string"
            ]
        }


# Group Single SignOn

This API has an indirect goal which is to allow the use of [**meamedica|dental**](http://www.meamedicadental.com) 
solution in our clients dental software, integrated via a *Single SignOn* method. 
This method works by setting the URL below (with the right set of parameters) in a 
browser object contained within the referred dental software.

*Syntax*

```
https://dental.meamedica.nl/<ClientName>/sso?practiceAgb=<PracticeAGB>&careProfessionalId=<CareProfessionalId|BIGNumber>&patientId=<PatientNr|HashedBSN>&token=<Token>
```

Being each one:
- **ClientName:** a text indicating our client's name, e.g. "google"
- **PracticeAGB:** the unique practice identifier
- **CareProfessionalId|BIGNumber:** some of our clients will send an unique care professional
identifier (for a dentist, assistant or other) within a certain practice while others 
will send the unique BIG number (the preference)
- **PatientNr|HashedBSN:** some of our clients will send an unique patient identifier
within the practice while others will send the unique *hashed* BSN (the preference).
The BSN used for hashing should only contain numbers (no **.** or **-** or other symbols)

# Group Get Prescription

This method is used to get the .pdf of the specified prescription.
The information will be given only if the prescription belongs to the specified patient and was created in the specified practice.

*Syntax*

```
https://dental.meamedica.nl/prescription/get?practiceAgb=<PracticeAGB>&patientId=<PatientNr|HashedBSN>&Id=<PrescriptionId>&token=<Token>
```

Where:
- **PracticeAGB:** the unique practice identifier
- **PatientNr|HashedBSN:** some of our clients will send an unique patient identifier
within the practice while others will send the unique *hashed* BSN (the preference).
The BSN used for hashing should only contain numbers (no **.** or **-** or other symbols)
- **PrescriptionId:** The prescription identifier, retrieved from the patient.GetOverview API method.
- **Token:** encrypted authentication token

***Response***

In case of `200 - OK`, the prescription .pdf will be returned.
Otherwise an HTTP error will be returned with an aditional description 
similar to the ones used in the API:

| HTTP Code  | HTTP Reason           | Description                      |
| :--------: | :-------------------- | :------------------------------- |
| 400        | Missing.Parameters    | Missing parameters.              |
| 401        | ClientKey.NoAccess    | ClientKey is not valid.          |
| 401        | Token.Expired         | Token is no longer valid.        |
| 500        | Practice.NotFound     | Practice was not found.          |
| 500        | Subscription.NotFound | Subscription was not found.      |
| 500        | Subscription.Expired  | Subscription has expired.        |
| 500        | Subscription.NoInfo   | Subscription has missing data.   |
| 500        | Subscription.NotPaid  | Subscription was not paid.       |
| 500        | Patient.NotFound      | Patient not found.               |
| 500        | Customer.NotFound     | Equivalent to Patient not found. |
| 500        | Prescription.NotFound | Prescription not found.          |
| 200        | OK                    | Request processed.               |
| 500        | Unexpected.Error      | Contact us via [email](<mailto:info@meamedica.nl>). |


# Group Technical Reference

As a background note this API documentation is hosted at and was done using 
[Apiary](https://apiary.io) and (some of) the resources used to describe 
it can be found in the following URLs:
- **API Blueprint Tutorial** : https://docs.apiary.io/api_101/api_blueprint_tutorial/
- **API Examples** : https://github.com/apiaryio/api-blueprint/tree/master/examples
- **API Blueprint** : https://apiblueprint.org/ (detailed technical information)

As described before the **BSN number** is received *hashed* and more information about 
this process can be found in the following URLs:
- **Secure Hash Algorithm** : https://en.wikipedia.org/wiki/Secure_Hash_Algorithm
- **SHA-256** : https://en.wikipedia.org/wiki/SHA-2

# Group Hashed BSN Format

The **BSN** should be hashed in its original format ( _just numbers_) and without adding 
any kind of extra characters or symbols. This simple rule aims to maintain the hashed **BSN** as a truly 
global identifier.

**Examples:**
- 112223344 is the only valid BSN format to hash
- 11.222.33.44 is not a valid BSN format to hash
- 11222-3344 is not a valid BSN format to hash