Sign Up
Introduction
Nursa offers different flows that you can choose to create a user account depending on the context of your application:
Nursa App Sign Up
In this scenario you need to forward the user to the Nursa Application Sign Up, and the user will login through Nursa’s UI. Afterwards, the user will need to access your application again and authenticate during the connection.
- Redirect the user to the Nursa Application:
- Production: https://app.nursa.com/
- Sandbox: https://nursa-sandbox.web.app/
- User will click on Sign Up button
- User will provide the Email and Password
- User will select the option
I manage a facility - User will complete the Sign Up by providing First Name, Last Name, and Phone Number
- User will read the NURSA® TERMS OF SERVICE AGREEMENT, and check the option to agree with the terms
- User will click on
Continuebutton - User will be successfully logged in on Nursa UI.
- User must go back to your application.
- Your application will implement and expose a
Connect to Nursabutton that should redirect the user to Login using the Authorization Code Flow or the Authorization Code Flow With PKCE - User will provide the same credentials from the previous steps
- Nursa Authorization Server will redirect to your application with an Authorization Code.
- Your application must exchange the Authorization Code for an Access Token.
- Your application must store the token and use it to call resource APIs.
Password Validation Rules
To be considered as secure password it must follow the below requirements:
- At least 8 characters.
- Includes at least 3 of the following:
- lowercase letters (a-z),
- uppercase letters (A-Z),
- numbers (0-9),
- special characters (e.g., !@#$%^&*).
Progressive Sign Up
You can forward the User to the registration UI and then provide the missing required data by calling the Create Facility User Profile API.
- Implement a
Connect With Nursabutton that should redirect the user to the Sign Up using the Authorization Code Flow or the Authorization Code Flow With PKCE by passing the parameterscreen_hint=signup. - User will provide the email and password, then submit the form.
- Nursa Authorization Server will redirect to your application with an Authorization Code.
- Your application must exchange the Authorization Code for an Access Token.
- Your application must check if the token (you can check the id_token or the access_token) has a
roleclaim, if not you must provide extra data to Nursa. Otherwise you can stop at this stop and just use the given tokens. - Call the Create Facility User Profile API to complete the user profile creation on Nursa.
- Forward the user to authorization flow again, using the Authorization Code Flow or the Authorization Code Flow With PKCE, this time make sure to avoid sending the
promptparameter so the user will not be required to inform their credentials again, you must avoid sending thescreen_hintparameter as well. - Nursa Authorization Server will redirect to your application with a new Authorization Code.
- Your application must exchange the Authorization Code for an Access Token.
- The given token must have a
roleclaim at this point, meaning the process was successful. - Your application must store the token and use it to call resource APIs.
Create Facility User Profile API
POST /users/facility-user/profile
Request Parameters
| Parameter name | Parameter type | Description |
|---|---|---|
firstName required | string | The user's first name. |
lastName required | string | The user's last name. |
phoneNumber required | string | The user's phone number. Must be a valid USA phone number matching the +1########## pattern. Must not be used by another user. |
Request Example:
POST https://auth.nursa.com/users/facility-user/profile
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJSUzI1Ni...CIsImtpZCI6ImI0NTA0Z
{
"firstName": "John",
"lastName": "Doe",
"phoneNumber": "+10000000000",
}
Possible Responses
- Success
HTTP/1.1 201 Created
{
"userId": "QEgqbC64yHGctLyUMgoktXhYmSwY",
}
- Unauthorized:
HTTP/1.1 401 Unauthorized
{
"message": "Unauthorized",
"statusCode": 401
}
- Phone number is already used:
HTTP/1.1 400 Bad Request
{
"message": "Phone number already used",
"error": "Bad Request",
"statusCode": 400
}
- Missing data:
HTTP/1.1 400 Bad Request
{
"message": [
"firstName must be a string",
"firstName should not be empty",
"lastName must be a string",
"lastName should not be empty",
"phoneNumber must be a string",
"phoneNumber should not be empty"
],
"error": "Bad Request",
"statusCode": 400
}
Create User through Integration
If you want to create users through the integration channel you can call the Create Facility User API from a secure context.
Create Facility User API
POST /users/facility-user
Request Parameters
| Parameter name | Parameter type | Description |
|---|---|---|
firstName required | string | The user's first name. |
lastName required | string | The user's last name. |
phoneNumber required | string | The user's phone number. Must be a valid USA phone number matching the +1########## pattern. Must not be used by another user. |
email required | string | The user's email. Must follow a valid email format. Must not be used by another user. |
password required | string | The user password must follow the Password Validation Rules. |
Request Example:
POST https://auth.nursa.com/users/facility-user
Content-Type: application/json
{
"firstName": "John",
"lastName": "Doe",
"phoneNumber": "+10000000000",
"email": "john.doe@nursa.com",
"password": "MyPa55$"
}
Possible Responses
- Success
HTTP/1.1 201 Created
{
"userId": "QEgqbC64yHGctLyUMgoktXhYmSwY",
}
- Email is already used:
HTTP/1.1 400 Bad Request
{
"message": "Email already used",
"error": "Bad Request",
"statusCode": 400
}
- Phone number is already used:
HTTP/1.1 400 Bad Request
{
"message": "Phone number already used",
"error": "Bad Request",
"statusCode": 400
}
- Missing data:
HTTP/1.1 400 Bad Request
{
"message": [
"firstName must be a string",
"firstName should not be empty",
"lastName must be a string",
"lastName should not be empty",
"phoneNumber must be a string",
"phoneNumber should not be empty",
"email must be an email",
"email should not be empty",
"The password is too weak and does not meet the requirements!",
"password must be a string",
"password should not be empty"
],
"error": "Bad Request",
"statusCode": 400
}