diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index e41beaa9..f02452b2 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -74,18 +74,42 @@ info: ## Security and authorisation - This API is [user-restricted](https://digital.nhs.uk/developer/guides-and-documentation/security-and-authorisation#user-restricted-apis), meaning an end user must be present, authenticated and authorised. + This API supports both [user-restricted](https://digital.nhs.uk/developer/guides-and-documentation/security-and-authorisation#user-restricted-apis) and [application-restricted](https://digital.nhs.uk/developer/guides-and-documentation/security-and-authorisation#application-restricted-apis) access types with the following access modes: - The end user must be: - * a patient who receives health and social care or makes use of NHS services - * strongly authenticated, using [NHS login](https://digital.nhs.uk/services/nhs-login) + | Access mode | Access type | + |-------------------------------|------------------------| + | Patient access | User-restricted | + | Healthcare worker access | User-restricted | + | Application-restricted access | Application-restricted | - To use this access mode, use one of the following security patterns: + For more information on access modes and how to use them, see the developer [security and authorisation guide](https://digital.nhs.uk/developer/guides-and-documentation/security-and-authorisation). - | Security pattern | Technical details | Advantages | Disadvantages | - |-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| ----------------------------------------------------| ------------------------------------------------------------|---------------------------------------------------------| - |[NHS login - combined authentication and authorisation](https://digital.nhs.uk/developer/guides-and-documentation/security-and-authorisation/user-restricted-restful-apis-nhs-login-combined-authentication-and-authorisation) |OAuth 2.0 authorisation code with API key and secret |No need to integrate and onboard separately with NHS login. |No access to user information. | - |[NHS login - separate authentication and authorisation](https://digital.nhs.uk/developer/guides-and-documentation/security-and-authorisation/user-restricted-restful-apis-nhs-login-separate-authentication-and-authorisation) |OAuth 2.0 token exchange with signed JWT |Gives access to user information. |Need to integrate and onboard separately with NHS login. | + ### User-restricted access + + User-restricted access meaning an end user must be present, authenticated and authorised. + + #### Patient access mode + If the end user is a patient then you must use this access mode. + + [Review all patient access modes](https://digital.nhs.uk/developer/guides-and-documentation/security-and-authorisation#patient-access-mode) + + Validated Relationships Service API checks the patient is P9 verified and has a high [vector of trust](https://nhsconnect.github.io/nhslogin/vectors-of-trust/) (VOT). + + Allowed vectors of trust are: + - `P9.Cp.Cd` + - `P9.Cp.Ck` + - `P9.Cm` + + #### Healthcare worker access mode + If the end user is a healthcare worker then you must use this access mode. + + [Review all CIS2 healthcare worker access modes](https://digital.nhs.uk/developer/guides-and-documentation/security-and-authorisation#healthcare-worker-access-mode) + + ### Application-restricted access + + This API is application-restricted, meaning we authenticate the calling application but not the end user. + + [Review all application-restricted access modes](https://digital.nhs.uk/developer/guides-and-documentation/security-and-authorisation#application-restricted-apis) ## Headers This API is case-insensitive when processing request headers, meaning it will accept headers regardless of the letter casing used. (e.g. X-Request-Id, x-request-id are treated the same). When sending headers back in the response, we preserve the exact casing as received in the original request. @@ -162,6 +186,11 @@ paths: For the most part demographics information doesn't need to be provided in the access request since it can be pulled from PDS. + ## Access modes + + This endpoint supports the following access modes: + - Patient access + ## Sandbox test scenarios | Scenario | Request | Response | @@ -267,6 +296,12 @@ paths: A valid reference code must be provided as a query parameter. This reference code is returned when a QuestionnaireResponse is initially submitted via the POST endpoint. + ## Access modes + + This endpoint supports the following access modes: + - Patient access + - Healthcare worker access + ## Sandbox test scenarios | Scenario | Request | Response | @@ -356,6 +391,12 @@ paths: You can (optionally) include the `_include=RelatedPerson:patient` request parameter to include the patient's details in the response. + ## Access modes + + This endpoint supports the following access modes: + - Patient access + - Healthcare worker access + ## Sandbox test scenarios | Scenario | Request | Response | @@ -475,6 +516,13 @@ paths: You can (optionally) include the `_include=Consent:patient` request parameter to include the patient's details in the response. + ## Access modes + + This endpoint supports the following access modes: + - Patient access + - Healthcare worker access + - Application-restricted access + ## Sandbox test scenarios | Scenario | Request | Response | @@ -618,6 +666,11 @@ paths: ## Overview Use this endpoint to create a new proxy role between a patient and a related person (proxy). + ## Access modes + + This endpoint supports the following access modes: + - Healthcare worker access + ## Sandbox test scenarios The sandbox supports a limited number of scenarios, and does not attempt to validate requests. The returned result is dependant on the `performer.identifier.value`. @@ -744,6 +797,11 @@ paths: You can (optionally) include the `_include=Consent:patient` request parameter to include the patient's details in the response. + ## Access modes + + This endpoint supports the following access modes: + - Healthcare worker access + ## Sandbox test scenarios The sandbox supports a limited number of scenarios, and does not attempt to validate requests. The returned result is dependant on the `ID` for the consent resource. @@ -857,6 +915,12 @@ paths: * JSON Patch operations must be valid according to RFC 6902 * Status changes must use valid status codes from + ## Access modes + + This endpoint supports the following access modes: + - Patient access + - Healthcare worker access + ## Sandbox test scenarios The sandbox supports a limited number of scenarios, and does not attempt to validate requests. The returned response is dependant on the `id` parameters.