Security within Test
Security starts to be a key element of the design and process for testing at this point. The following four key principles should be considered:
The following non-exhaustive list describes common security patterns and links to example cases where they are used:
- Basic Auth
- JWT - GP Connect
- NHS Verify (UK only)
- Citizen Id (UK only)
- SmartCards (UK only)
Depending on the chosen end usage, channel and network will influence the chosen security choice.
Other API consideration are shown below. Please click on the parts of the API process to continue your API creation journey.