fastenhealth/fasten-sources

NHS configuration

Opened this issue · 4 comments

AnalogJ commented

Status:

  • working Oauth redirect
  • using Sandpit credentials, OTP

TODO:

  • requires JWT Authz
{
  "custom_definition": true,
  "platform_type": "nhs",
  "authorization_endpoint": "https://auth.sandpit.signin.nhs.uk/authorize",
  "token_endpoint": "https://auth.sandpit.signin.nhs.uk/token",
  "url": "https://int.api.service.nhs.uk/personal-demographics/FHIR/R4",
  "client_id": "fastenhealth",
  "redirect_uri": "https://lighthouse.fastenhealth.com/sandbox/callback/nhs",
  "grant_types_supported": [
    "authorization_code"
  ],
  "response_types_supported": [
    "code"
  ],
  "response_modes_supported": [
    "query"
  ],
  "aud": "https://int.api.service.nhs.uk/personal-demographics/FHIR/R4",
  "scopes_supported": [
    "openid",
    "profile"
  ],
  "confidential": true,
  "code_challenge_methods_supported": [],
  "issuer": "https://int.api.service.nhs.uk/personal-demographics/FHIR/R4",
  "confidential_endpoint": "982b218a-ce90-4869-a33a-aa4231547fe8",
  "should_override_redirect": true,
  "override_redirect": "nhs"
}

Status - OLD - Using incorrect Authentication method

{
  "custom_definition": true,
  "platform_type": "nhs",
  "authorization_endpoint": "https://int.api.service.nhs.uk/oauth2-mock/authorize",
  "token_endpoint": "https://int.api.service.nhs.uk/oauth2-mock/token",
  "url": "https://int.api.service.nhs.uk/personal-demographics/FHIR/R4",
  "client_id": "XXXX",
  "redirect_uri": "https://lighthouse.fastenhealth.com/sandbox/callback/nhs",
  "grant_types_supported": [
    "authorization_code"
  ],
  "response_types_supported": [
    "code"
  ],
  "response_modes_supported": [
    "query"
  ],
  "aud": "https://int.api.service.nhs.uk/personal-demographics/FHIR/R4",
  "scopes_supported": [
    "nhs-login"
  ],
  "confidential": false,
  "code_challenge_methods_supported": [
    "S256"
  ],
  "issuer": "https://int.api.service.nhs.uk/personal-demographics/FHIR/R4"
}
AnalogJ commented

WIP

  • working AuthN
  • AuthZ failure, 401 if using fastenhealth client id, 400 if using API key.
{
  "custom_definition": true,
  "platform_type": "nhs",
  "should_override_redirect": false,
  "override_redirect": "",
  "authorization_endpoint": "https://auth.sandpit.signin.nhs.uk/authorize",
  "token_endpoint": "https://auth.sandpit.signin.nhs.uk/token",
  "url": "https://int.api.service.nhs.uk/personal-demographics/FHIR/R4",
  "client_id": "fastenhealth",
  "redirect_uri": "https://lighthouse.fastenhealth.com/sandbox/callback/nhs",
  "grant_types_supported": [
    "authorization_code"
  ],
  "response_types_supported": [
    "code"
  ],
  "response_modes_supported": [
    "query"
  ],
  "aud": "https://int.api.service.nhs.uk/personal-demographics/FHIR/R4",
  "scopes_supported": [
    "openid",
    "profile"
  ],
  "confidential": true,
  "confidential_endpoint": "982b218a-ce90-4869-a33a-aa4231547fe8",
  "pkce": false,
  "code_challenge_methods_supported": [],
  "issuer": "https://int.api.service.nhs.uk/personal-demographics/FHIR/R4"
}
AnalogJ commented

Details on connecting to the integration environments can be found here: https://digital.nhs.uk/developer/guides-and-documentation/testing#integration-testing

There are a number of test accounts available for use with the int.api.service.nhs.uk/oauth2-mock endpoint

clinkydoodle commented

@AnalogJ Would be happy to help where possible (am not a developer, but infrastructure engineer, UK based). Also it might be worth noting, that a lot of the hospital trusts (the organizations that run the hospitals here in the UK) use the same software within the hospitals that I can see you've already got working in USA (for instance, I'm based in Oxford and they use Cerner here, with Cerner health Patient portal, just rebranded) might be an opportunity to integrate that way. The NHS integration will get the basics, although the more detailed data will be in the patient portals, rather than the central NHS digital portal.