The security page shows how to establish initial security credentials (where necessary) with the API provided

Security within Test

Security starts to be a key element of the design and process for testing at this point. The following four key principles should be considered:

  • Authentication
  • Authorisation
  • Encryption
  • Signatures

Security examples

The following non-exhaustive list describes common security patterns and links to example cases where they are used:

  • Basic Auth
  • OAuth2
  • Certifications/SSL
  • JWT - GP Connect
  • OpenId
  • NHS Verify (UK only)
  • Citizen Id (UK only)
  • SmartCards (UK only)

Depending on the chosen end usage, channel and network will influence the chosen security choice.

API Considerations

Other API consideration are shown below. Please click on the parts of the API process to continue your API creation journey.

provide_api Local decision Explained Provided Key: API Security Transform Traffic Management Versioning Engage API Docs Report & Monitor Patterns / Topology Access Endpoint