Skip to content

NPA-5116 Add API Authentication Documentation#224

Merged
JackPlowman merged 5 commits into
masterfrom
docs/NPA-5116_Auth_Docs
Jun 18, 2025
Merged

NPA-5116 Add API Authentication Documentation#224
JackPlowman merged 5 commits into
masterfrom
docs/NPA-5116_Auth_Docs

Conversation

@JackPlowman

@JackPlowman JackPlowman commented Jun 18, 2025
edited
Loading

Copy link
Copy Markdown
Contributor

Pull Request

Ticket Link

https://nhsd-jira.digital.nhs.uk/browse/NPA-5116

Description/Change Summary

Updated specification

e.g.
image

How to test?

Review Checklist

ℹ️ This section is to be filled in by the reviewer.

  • I have reviewed the changes in this PR and they fill all or part of the acceptance criteria of the ticket, and the code is in a mergeable state.
  • If there were infrastructure, operational, or build changes, I have made sure there is sufficient evidence that the changes will work.
  • I have ensured the changelog has been updated by the submitter, if necessary.

Post-merge

After merging and deploying changes to the sandbox, Postman collection or spec examples please run the Run Postman collection workflow.

This will run the tests within the collection to check that the sandbox is working as expected once deployed.

@github-actions

github-actions Bot commented Jun 18, 2025

Copy link
Copy Markdown

This branch is work on a ticket in the NHS Digital NPA JIRA Project. Here's a handy link to the ticket:

NPA-5116

@JackPlowman JackPlowman changed the title NPA-5116 Add Authorisation Documentation NPA-5116 API Authentication Documentation Jun 18, 2025
@JackPlowman JackPlowman self-assigned this Jun 18, 2025
@JackPlowman JackPlowman added documentation Improvements or additions to documentation enhancement New feature or request labels Jun 18, 2025
@JackPlowman JackPlowman changed the title NPA-5116 API Authentication Documentation NPA-5116 Add API Authentication Documentation Jun 18, 2025
@github-actions

github-actions Bot commented Jun 18, 2025

Copy link
Copy Markdown

This branch is work on a ticket in the NHS Digital NPA JIRA Project. Here's a handy link to the ticket:

NPA-5116

@JackPlowman JackPlowman marked this pull request as ready for review June 18, 2025 12:06
@github-actions

github-actions Bot commented Jun 18, 2025

Copy link
Copy Markdown

This branch is work on a ticket in the NHS Digital NPA JIRA Project. Here's a handy link to the ticket:

NPA-5116

@JackPlowman JackPlowman force-pushed the docs/NPA-5116_Auth_Docs branch from 39e7d91 to c40c598 Compare June 18, 2025 12:23
@github-actions

github-actions Bot commented Jun 18, 2025

Copy link
Copy Markdown

This branch is work on a ticket in the NHS Digital NPA JIRA Project. Here's a handy link to the ticket:

NPA-5116

@ClarksonAdam ClarksonAdam self-requested a review June 18, 2025 12:29
ClarksonAdam
ClarksonAdam requested changes Jun 18, 2025
View reviewed changes
Comment thread specification/validated-relationships-service-api.yaml Outdated
The end user must be:
* a patient who receives health and social care or makes use of NHS services
* strongly authenticated, using [NHS login](https://digital.nhs.uk/services/nhs-login)
- [User-restricted access](https://digital.nhs.uk/developer/guides-and-documentation/security-and-authorisation#user-restricted-apis)

@ClarksonAdam ClarksonAdam Jun 18, 2025

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given that the links to the types are already in the sentence above, I think it would be better here to list the access modes against each of the types.

That way when they're listed against each endpoint, it makes a little more sense what they relate to without having to read this whole section:

For example:

## Security and authorisation

This API supports both [user-restricted](https://digital.nhs.uk/developer/guides-and-documentation/security-and-authorisation#user-restricted-apis) and [application-restricted](https://digital.nhs.uk/developer/guides-and-documentation/security-and-authorisation#application-restricted-apis) access types with the following access modes:

| Access mode                   | Access type            |
|-------------------------------|------------------------|
| Patient access                | User-restricted        |
| Healthcare worker access      | User-restricted        |
| Application-restricted access | Application-restricted |

...

@github-actions

github-actions Bot commented Jun 18, 2025

Copy link
Copy Markdown

This branch is work on a ticket in the NHS Digital NPA JIRA Project. Here's a handy link to the ticket:

NPA-5116

ClarksonAdam
ClarksonAdam approved these changes Jun 18, 2025
View reviewed changes

@ClarksonAdam ClarksonAdam left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@JackPlowman JackPlowman merged commit fe78aa2 into master Jun 18, 2025
17 checks passed
@JackPlowman JackPlowman deleted the docs/NPA-5116_Auth_Docs branch June 18, 2025 15:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ClarksonAdam ClarksonAdam ClarksonAdam approved these changes

Assignees

@JackPlowman JackPlowman

Labels

documentation Improvements or additions to documentation enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JackPlowman @ClarksonAdam