In order to develop an application using the webservices of Abrumet, it is necessary to have the following material and information :
1. An eID card reader and the installed software Dioss middleware (v 22.214.171.124011 minimum)
2. A user within the Brusafe + platform.
a. This user is important in the context of the various patient tests, without this no data can be associated during a call to a web services
3. A validation of your access to the Abrumet company
4. A compliant SSL security certificate
- Open your browser and please go to : " https://auth.qa.brusafe.be/portal/patient/index.xhtml "
- Click on "Register". This user registration can only be done if you have a card reader and the Dioss Middleware software installed on your machine, an error message will warn you if this is not the case.
- Enter the PIN code of your ID carte and click afterwards on "Ok"
- The user creation form is displayed
- Medical Provider Type: You have the opportunity to be either a patient or a practitioner. If you are a practitioner please select your specialty from the drop-down list.
- Email: contact email and validation of the creation of the user
- Mobile Number: Your mobile phone number, this one allows the validation of your user during the creation. It should be noted that you can not use a landline number.
Choose Send Code Method: Connection validation method. You have the option to validate each connection in three different ways
- Send Code Email: Validation by mail
- Send Code SMS: Validation by mobile phone
- Send Code Both: Validation on both previous devices.
- Password et Confirm Password: Your password required to connect to the Brusafe + platform
- Click on Register
- The terms and conditions related to the application are displayed.
- Click on « Accept » if you accept the terms and conditions related to the application.
- Enter the verification code for your previously received account on your mobile phone. Then click on « Validate phonenumber ».
- A confirmation email is sent to validate the creation of your account
- Click on its link to validate the creation of your user
- You are now connected to the platform
The API is secured with OAuth2.0. To access the API, the developer must have a token. This means that he must be able to retrieve an access token. In order to retrieve an access token, the developer must first be registered on the authorization server.
This request must be made in advance to Mrs. Filoretta Velica at the following address firstname.lastname@example.org
The following preconditions will be required for any registration with Abrumet:
- An application
- A self-signed security certificate
- Installation of Brusafe + public safety certificates
GlobalSign Root CA -
GlobalSign Domain Validation CA - SHA256 - G2 -
- *.qa.brusafe.be - Link
- GlobalSign Domain Validation CA - SHA256 - G2 -
- Complete the platform access request document
The following information should appear in the mail:
- The name of your application
- The url of your application
- The access request document complete
The type of application
- Mobile of Application
An email of approval will be sent to you a few days after your request.
Following the approval of your request, you will be able to recover your access token
- Open your browser, and please go to the following address
Please replace the following parameters:
- <Application_Name> = the name of your application provided in the access request
- <Application_URL> = the url of your application provided in the access request
- When authentication is done, please copy the generated url. This will contain all the information needed to connect the various web services of the application Abrumet.
The "access_Token" parameter contains the Bearer ID. Each access request must therefore include an Authorization header with the Bearer authentication mechanism.
Autorisation: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6I
The SAML will manage both the XML message format, called assertion, as well as the information needed for authentication and the exchange process between two major partners:
- Le SP (Service Provider), which protects access to requested resources (websites, applications etc.) by applying a security policy. For example, it blocks all access to an unauthenticated user and directs it to their identity provider.
- L'IdP (Identity Provider) responds to the request of the SP. It is responsible for authenticating the user and forging the response containing the information associated with the identity (group in general) and requested by the SP.
- Open your browser and please go to the following address:
- Click on "File" and select "Import URL"
- Enter the following address in the dialog box that appears
- Click on "Import"
- The entire JSON code loads into the swagger editor .
- Edit line 16 and replace "localhost: 8080" with the following address "auth.qa.brusafe.be"
- Enter the bearer token in the dialog box that appears. Be careful, there must be a space between bearer and your token.
- Click on "Authenticate"
- Your Bearer Token is configured in order to appeal to different methods
- If you are a practitioner and your patient is not yet connected. Please do the steps:
- /medical/relation/request (National Register Number of the patient is a precondition). In the request options, select the "https" protocol as scheme and select "Application / json" format as return. Then click on "Send Request".
- /medical/relation/confirm (National Register Number of the patient is a precondition and the validation code). In the request options, select the "https" protocol as scheme and select "Application / json" format as return. Then click on "Send Request".
- /medical/relation/assertion (National Register Number of the patient is a precondition). In the request options, select the "https" protocol as scheme and select "Application / json" format as return. Then click on "Send Request".
- If you are just a patient, go directly to the "/ patient / assertion" method. In the request options, select the protocol "https" as scheme and select an "Application / xml" format as return. Then click on "Send Request".
- If your Bearer Token is valid, a return code will be executed in the Swagger Editor.
- .You have just recovered the saml token using the Swagger Code Editor.