# Guide: Enable Organisations to Make Requests to an Application This document describes how you can go enable an orginization to interact with the application system. ## Prerequisites For an organisation to be able to able to read/update an application the setup is as follows 1. Create a connection between their x-road server (handled by the institution) and our x-road server (handled by [Andes](https://github.com/orgs/island-is/teams/andes)) 2. Create a new client In the IDS with: * Machine Client type * client claims prefix: `client_` * relevant scopes `application:read` and/or `application:write` * claim with key: nationalId and The orginasation's national Id as value This client can be created in the [IDS admin panel](https://beta.dev01.devland.is/admin) on dev using Gervimaður Útlönd 010-7789. For Staging and Prod a make request on #ids\_changes ## Orginization and Application Interaction ### 1. Add and map a role for the Orginization In the Application template map the orginasation's nationalId like so ```typescript mapUserToRole( id: string, application: Application, ): ApplicationRole | undefined { ... if (id === 'xxxxxx-xxxx') { // The nationalId added as claim in the Ids earlier. return Roles.ORGINISATION_REVIEWER } ... }, ``` ### 2. Create an interaction state for the orginisation For the org to be able to interact we need to add the role permission to a relevant state for the them to interact with the application. Add an entry action: ```typescript stateMachineOptions: { actions: { assignToInstitution: assign((context) => { const { application } = context const institution_ID = 'xxxxxx-xxxx' set(application, 'assignees', [institution_ID]) return context }) } } ``` An example of an approve/reject state from an organisation. Add your state with entry and exit that handles the assign of the institution ```typescript [States.ORGINISATION_APPROVAL]: { entry: 'assignToInstitution', exit: ['clearAssignees'], //ideally you would clear the assignees here meta: { name: States.ORGINISATION_APPROVAL, ... roles: [ ... { id: Roles.ORGINISATION_REVIEWER, formLoader: () => import('../forms/InReview').then((val) => Promise.resolve(val.InReview), ), read: 'all', write: 'all', }, ... ], }, on: { [DefaultEvents.APPROVE]: { target: States.APPROVED }, [DefaultEvents.REJECT]: { target: States.REJECT }, }, ``` ### 3. Originisation API requests To invoke a state change the machine client would for approving make a PUT request like so: ```bash curl --location --request PUT '{{baseUrl}}/applications/{{applicationId}}/submit' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer xxx' \ --data-raw '{ "event": "APPROVE", "answers": {}, "message": "" }' ``` #### Postman local testing setup Log in to the [IDS admin panel](https://beta.dev01.devland.is/admin) on dev using Gervimaður Útlönd 010-7789. Find the client you created earlier, create a new secret and copy it to your clipboard: ![image](/files/fcUsjTug45unzvcI6EIP) Choose Oauth 2.0 and use the settings below. Insert your Client id, client secret and the Scope should be `@island.is/applications:read @island.is/applications:write` press "Get New Access Token" and you have your token. ![image](/files/5mZyAaHJXO6kVjT9ebut) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.devland.is/misc/application-system-org-requests.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.