C_12735_Anlage

Änderung in I_Entitlement_Management.yaml

Anpassung der Conditions-Tabelle in description zu setEntitlementPSV2 (POST /epa/basic/api/v2/ps/entitlements):

alt: (HSM verification entfällt, bzw. wird ersetzt)

       | Conditions | Status code | Error code | Remarks |
       |------------|-------------|------------|---------|
       | Successful operation | 201 || even if an existing entitlement is kept due to longer validity |
       | Request does not match schema | 400 | malformedRequest ||
       | Requestor role is not in the list of allowed usergroups | 403 | invalidOid ||
       | HSM verification failed | 403 | invalidToken ||
       | Health record does not exist (UNKNOWN) or is in state INITIALIZED | 404 | noHealthRecord | |
       | Health record is in state SUSPENDED or INACCESSIBLE| 409 | statusMismatch | (see 'Retry interval') |
       | request claims _actorId_ and _actorId_ is referenced by a Blocked User Policy assignment | 409 | requestMismatch ||
       | Rate limiting | 423 | locked||
       | to many failed attempts | 423 | locked | _kvnr_ check limit |
       | Any other error | 500 | internalError | (see 'Retry interval') |

neu: 

      | Conditions | Status code | Error code | Remarks |
       |------------|-------------|------------|---------|
       | Successful operation | 201 || even if an existing entitlement is kept due to longer validity |
       | Request does not match schema | 400 | malformedRequest ||
       | Requestor not authorized | 403 | invalAuth | no user session with valid ID-Token available |
       | Requestor role is not in the list of allowed usergroups | 403 | invalidOid ||
       | Token verification failed | 403 | invalidToken ||
       | Audit evidence was already used before | 403 | tokenReuse ||
       | request claims _actorId_ and _actorId_ is referenced by a Deny List assignment | 409 | requestMismatch ||      
       | Health record does not exist (UNKNOWN) or is in state INITIALIZED | 404 | noHealthRecord | |
       | Health record is in state SUSPENDED or INACCESSIBLE| 409 | statusMismatch | (see 'Retry interval') |
       | request claims _actorId_ and _actorId_ is referenced by a Blocked User Policy assignment | 409 | requestMismatch ||
       | Rate limiting | 423 | locked||
       | to many failed attempts | 423 | locked | _kvnr_ check limit |
       | Any other error | 500 | internalError | (see 'Retry interval') |