An overview of the security requirements for FHIR API calls into Spine.
Important: This site is under active development by NHS Digital and is intended to provide all the technical resources you need to successfully develop applications using the FHIR® Reasonable Adjustments API. This project is being developed using an agile methodology so iterative updates to content will be added on a regular basis.
Warning: This site is provided for information only and is intended for those engaged with NHS Digital. It is advised not to develop against these specifications until a formal announcement has been made.
Headers
This page collates and summarises http headers to be included with http requests and responses submitted.
Headers listed are cumulative.
Requests
All requests
- Authorization: Bearer [jwt_token_string]
- FromASID: [clientASID]
- ToASID: [serverASID]
- InteractionID: [serviceName]
InteractionID varies by resource and interaction undertaken.
FromASID and ToASID headers, and Accredited System IDs are specified in the Spine Core FHIR API Framework
Create requests
- Prefer: return=representation
Update requests
- If-Match: [versionIdETag]
- Prefer: return=representation
Responses
All Read & failure responses
- Date: [servedNowDate]
- Content-type: application/fhir+json or application/fhir+xml
All successful Create responses
- Date: [servedNowDate]
- Last-Modified: [lastModDate]
- Location: https://clinicals.spineservices.nhs.uk/STU3/[type]/[id]/_history/[vid]
- ETag: W/”[versionId]”
- Content-type: application/fhir+json or application/fhir+xml
All successful Update responses
- Date: [servedNowDate]
- Last-Modified: [lastModDate]
- ETag: W/”[versionId]”
- Content-type: application/fhir+json or application/fhir+xml
InteractionID
Interaction | Resource | InteractionID |
---|---|---|
Read | Consent | urn:nhs:names:services:raflags:Consent.read:1 |
Flag | urn:nhs:names:services:raflags:Flag.read:1 | |
Condition | urn:nhs:names:services:raflags:Condition.read:1 | |
List | urn:nhs:names:services:raflags:List.read:1 | |
Create, Update, Delete |
Consent | urn:nhs:names:services:raflags:Consent.write:1 |
Flag | urn:nhs:names:services:raflags:Flag.write:1 | |
Condition | urn:nhs:names:services:raflags:Condition.write:1 | |
List | urn:nhs:names:services:raflags:List.write:1 | |
$removeflag | urn:nhs:names:services:raflags:removeflag.write:1 |