Data Sharing Manager/API calls through DSM

From Voror_Wiki

API call overview

This diagram shows, at a high level, the way the API calls, and the associated projects, are given access to the correct patient details:

  1. When an API call is made, Keycloak checks the user ID.
  2. DSM then uses the user ID to determine which project that user ID has access to.
  3. The project information in DSM determines which organisation’s (publishers) data is made available, and the associated config entry.
  4. The DDS UI config entry is used to access the configuration information in the config database; this determines which internal Compass database can be accessed.

The following examples show how access differs depending on the project information and publisher lists. We will assume that the Internal Compass Database holds data for 100 organisations.

These examples use the same config entry and the same Internal Compass Database, however the project information in the DSM is unique to each project.

Example 1: The project only has access to 10 of the 100 organisations

Project 1

Example 2: The project only has access to 50 of the 100 organisations

Project 2

Example 3: The project has access to all 100 organisations

Project 3