litevna

    ___ __
   / (_) /____ _   ______  ____ _
  / / / __/ _ \ | / / __ \/ __ `/
 / / / /_/  __/ |/ / / / / /_/ /
/_/_/\__/\___/|___/_/ /_/\__,_/

Overview

Once you have created an account and logged in, you can create an image store. Each image store has a unique label across all image stores, not just the ones owned by you.

All images stores share a common dicomweb root at https://litevna.app/dicomweb.

API Keys & Tokens

Creating API Keys

Log in to your account at https://litevna.app, navigate to your image store, and create an API key. When creating an API key, you can configure:

Label: A friendly name for the key
Permissions: Select which operations are allowed (QIDO, WADO, STOW, DELETE)
Expiration: When the key expires (optional)

Creating Scoped Tokens (Optional)

You can derive short-lived, scoped tokens from your API keys using the POST /image-stores/{label}/tokens/create endpoint:

POST /image-stores/{label}/tokens/create
Content-Type: application/json

{
  // API key from which to derive the token
  "api_key_value": "eyJhbGc...",
  "ttl": 3600,
  // optional   "scopes": {
    "study_ids": ["1.2.3.4.5"],
    "patient_ids": ["P12345"]
  }
}

Tokens:

Inherit permissions from the parent API key
Can be restricted to specific studies or patients with scopes (up to 100)
May have shorter TTL
Useful for temporary, limited access (e.g., sharing a single study)

Authentication Methods

All requests must include valid authentication. The [token] in the examples below can be either:

An API key - long-lived, created through the web UI
A scoped token - short-lived, derived from an API key via the API

Five authentication methods are supported:

1. Authorization Header (Bearer)

Authorization: Bearer [token]

Standard OAuth 2.0 Bearer token format.

2. Authorization Header (Basic)

Use username "litevna" with the token as password:

Authorization: Basic [base64(litevna:token)]

Useful for tools that support Basic auth but not custom headers.

3. URL Path Prefix

Embed the token in the URL path before /dicomweb:

https://litevna.app/key_[token]/dicomweb/studies

Useful for direct links without header support (e.g., image tags, embedding in viewers).

4. Cookie

Set a cookie named litevna-token with the token value.

Automatically set when creating tokens via the web UI.

5. Query Parameter

Add the token as a query parameter:

https://litevna.app/dicomweb/studies?_auth_token=[token]

Enables "simple" cross-origin requests without CORS preflight. Query param excluded from cache key.

QIDO

To issue a QIDO request, use a path such as: https://litevna.app/dicomweb/studies?limit=100

WADO

To issue a WADO request, use a path with the pattern:

https://litevna.app/dicomweb/studies/[studyUID]/series/[seriesUID]/metadata

https://litevna.app/dicomweb/studies/[StudyInstanceUID]/series/[SeriesInstanceUID]/instances/[SOPInstanceUID]/frame/1

DICOM Part 10

To download dicom part 10 file, set the Accept header to "application/dicom" on an instance level request, like:

GET https://litevna.app/dicomweb/studies/[StudyInstanceUID]/series/[SeriesInstanceUID]/instances/[SOPInstanceUID]
Accept: application/dicom

STOW

To store a dicom file (STOW), send a POST request to:

https://litevna.app/dicomweb/studies

Set the request body to the DICOM part 10 file buffer.
Set the Content-Type header to "application/dicom".
Set the Authorization header to the api token.

DELETE

To delete a study, series, or instance and all child objects, send a DELETE request to the corresponding url, such as:

DELETE https://litevna.app/dicomweb/studies/[StudyInstanceUID]

DELETE https://litevna.app/dicomweb/studies/[StudyInstanceUID]/series/[SeriesInstanceUID]/instances/[SOPInstanceUID]

Made by Jason Hostetter