Note
Users granted “full site access” will have access to all sites, regardless of whether the instructions on this page are used to grant or revoke access to a specific site for the user
To grant access to a site, issue a PATCH for the api/sites/{site_uuid}/users/{patient_uuid}/ endpoint -e.g:
curl \ -X PATCH https://ap.ua.painchek.com/api/sites/e302ab84-9366-4136-8eca-480b8bffd990/users/e9c57efe-f3e1-48c9-af90-15bf8ff8bde2/
A typical response looks like this:
{ "uuid": "2ba3a270-1aa3-44b9-a7eb-07506dd63120", "site": "e302ab84-9366-4136-8eca-480b8bffd990", "active": true, "audit": [{ "user": "e9c57efe-f3e1-48c9-af90-15bf8ff8bde2", "site": "e302ab84-9366-4136-8eca-480b8bffd990", "active": false, "changed_by": "c5fff8fd-e022-4ba4-a35d-ddee6b9fa276", "changed_at": "2020-10-01 05:02:39.339036+00:00" }], "user": "e9c57efe-f3e1-48c9-af90-15bf8ff8bde2", "created_by": "c5fff8fd-e022-4ba4-a35d-ddee6b9fa276", "created_at": "2020-10-01T05:02:39.337651Z", "modified_by": "c5fff8fd-e022-4ba4-a35d-ddee6b9fa276", "modified_at": "2020-10-01T05:02:39.349607Z" }
If the user already has access to the site, the command is effectively ignored - the call will still return a status of 200 in this case.
To revoke access to a site, issue a DELETE for the api/sites/{site_uuid}/users/{patient_uuid}/ endpoint. e.g.:
curl \ -X DELETE https://ap.ua.painchek.com/api/sites/e302ab84-9366-4136-8eca-480b8bffd990/users/e9c57efe-f3e1-48c9-af90-15bf8ff8bde2/
A typical response looks like this:
{ "uuid": "2ba3a270-1aa3-44b9-a7eb-07506dd63120", "site": "e302ab84-9366-4136-8eca-480b8bffd990", "active": false, "audit": [{ "user": "e9c57efe-f3e1-48c9-af90-15bf8ff8bde2", "site": "e302ab84-9366-4136-8eca-480b8bffd990", "active": false, "changed_by": "c5fff8fd-e022-4ba4-a35d-ddee6b9fa276", "changed_at": "2020-10-01T05:14:02.226256+00:00" }, { "user": "e9c57efe-f3e1-48c9-af90-15bf8ff8bde2", "site": "e302ab84-9366-4136-8eca-480b8bffd990", "active": true, "changed_by": "c5fff8fd-e022-4ba4-a35d-ddee6b9fa276", "changed_at": "2020-10-01 05:13:18.404173+00:00" }], "user": "e9c57efe-f3e1-48c9-af90-15bf8ff8bde2", "created_by": "c5fff8fd-e022-4ba4-a35d-ddee6b9fa276", "created_at": "2020-10-01T05:02:39.337651Z", "modified_by": "c5fff8fd-e022-4ba4-a35d-ddee6b9fa276", "modified_at": "2020-10-01T05:14:02.226256Z" }
If the user doesn’t have access to the site, the command is effectively ignored - the call will still return a status of 200 in this case.