Skip to main content

Sign Up

Introduction

Nursa offers different flows that you can choose to create a user account depending on the context of your application:

Nursa App Sign Up

In this scenario you need to forward the user to the Nursa Application Sign Up, and the user will login through Nursa’s UI. Afterwards, the user will need to access your application again and authenticate during the connection.

Nursa App Sign Up Flow

  1. Redirect the user to the Nursa Application:
  1. User will click on Sign Up button
  2. User will provide the Email and Password
  3. User will select the option I manage a facility
  4. User will complete the Sign Up by providing First Name, Last Name, and Phone Number
  5. User will read the NURSA® TERMS OF SERVICE AGREEMENT, and check the option to agree with the terms
  6. User will click on Continue button
  7. User will be successfully logged in on Nursa UI.
  8. User must go back to your application.
  9. Your application will implement and expose a Connect to Nursa button that should redirect the user to Login using the Authorization Code Flow or the Authorization Code Flow With PKCE
  10. User will provide the same credentials from the previous steps
  11. Nursa Authorization Server will redirect to your application with an Authorization Code.
  12. Your application must exchange the Authorization Code for an Access Token.
  13. Your application must store the token and use it to call resource APIs.

Password Validation Rules

To be considered as secure password it must follow the below requirements:

  • At least 8 characters.
  • Includes at least 3 of the following:
    • lowercase letters (a-z),
    • uppercase letters (A-Z),
    • numbers (0-9),
    • special characters (e.g., !@#$%^&*).

Progressive Sign Up

You can forward the User to the registration UI and then provide the missing required data by calling the Create Facility User Profile API.

Progressive Sign Up Flow

  1. Implement a Connect With Nursa button that should redirect the user to the Sign Up using the Authorization Code Flow or the Authorization Code Flow With PKCE by passing the parameter screen_hint=signup.
  2. User will provide the email and password, then submit the form.
  3. Nursa Authorization Server will redirect to your application with an Authorization Code.
  4. Your application must exchange the Authorization Code for an Access Token.
  5. Your application must check if the token (you can check the id_token or the access_token) has a role claim, if not you must provide extra data to Nursa. Otherwise you can stop at this stop and just use the given tokens.
  6. Call the Create Facility User Profile API to complete the user profile creation on Nursa.
  7. Forward the user to authorization flow again, using the Authorization Code Flow or the Authorization Code Flow With PKCE, this time make sure to avoid sending the prompt parameter so the user will not be required to inform their credentials again, you must avoid sending the screen_hint parameter as well.
  8. Nursa Authorization Server will redirect to your application with a new Authorization Code.
  9. Your application must exchange the Authorization Code for an Access Token.
  10. The given token must have a role claim at this point, meaning the process was successful.
  11. Your application must store the token and use it to call resource APIs.

Create Facility User Profile API

POST /users/facility-user/profile

Request Parameters

Parameter nameParameter typeDescription
firstName requiredstringThe user's first name.
lastName requiredstringThe user's last name.
phoneNumber requiredstringThe user's phone number. Must be a valid USA phone number matching the +1########## pattern. Must not be used by another user.

Request Example:

POST https://auth.nursa.com/users/facility-user/profile
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJSUzI1Ni...CIsImtpZCI6ImI0NTA0Z

{
"firstName": "John",
"lastName": "Doe",
"phoneNumber": "+10000000000",
}

Possible Responses

  • Success

HTTP/1.1 201 Created
{
"userId": "QEgqbC64yHGctLyUMgoktXhYmSwY",
}

  • Unauthorized:
HTTP/1.1 401 Unauthorized
{
"message": "Unauthorized",
"statusCode": 401
}
  • Phone number is already used:

HTTP/1.1 400 Bad Request
{
"message": "Phone number already used",
"error": "Bad Request",
"statusCode": 400
}

  • Missing data:
HTTP/1.1 400 Bad Request
{
"message": [
"firstName must be a string",
"firstName should not be empty",
"lastName must be a string",
"lastName should not be empty",
"phoneNumber must be a string",
"phoneNumber should not be empty"
],
"error": "Bad Request",
"statusCode": 400
}

Create User through Integration

If you want to create users through the integration channel you can call the Create Facility User API from a secure context.

Create Facility User API

POST /users/facility-user

Request Parameters

Parameter nameParameter typeDescription
firstName requiredstringThe user's first name.
lastName requiredstringThe user's last name.
phoneNumber requiredstringThe user's phone number. Must be a valid USA phone number matching the +1########## pattern. Must not be used by another user.
email requiredstringThe user's email. Must follow a valid email format. Must not be used by another user.
password requiredstringThe user password must follow the Password Validation Rules.

Request Example:

POST https://auth.nursa.com/users/facility-user
Content-Type: application/json

{
"firstName": "John",
"lastName": "Doe",
"phoneNumber": "+10000000000",
"email": "john.doe@nursa.com",
"password": "MyPa55$"
}

Possible Responses

  • Success

HTTP/1.1 201 Created
{
"userId": "QEgqbC64yHGctLyUMgoktXhYmSwY",
}

  • Email is already used:

HTTP/1.1 400 Bad Request
{
"message": "Email already used",
"error": "Bad Request",
"statusCode": 400
}

  • Phone number is already used:

HTTP/1.1 400 Bad Request
{
"message": "Phone number already used",
"error": "Bad Request",
"statusCode": 400
}

  • Missing data:
HTTP/1.1 400 Bad Request
{
"message": [
"firstName must be a string",
"firstName should not be empty",
"lastName must be a string",
"lastName should not be empty",
"phoneNumber must be a string",
"phoneNumber should not be empty",
"email must be an email",
"email should not be empty",
"The password is too weak and does not meet the requirements!",
"password must be a string",
"password should not be empty"
],
"error": "Bad Request",
"statusCode": 400
}