An overview of the security requirements for FHIR API calls into Spine.
Important: This site is under active development by NHS Digital and is intended to provide all the technical resources you need to successfully develop applications using the FHIR® Reasonable Adjustments API. This project is being developed using an agile methodology so iterative updates to content will be added on a regular basis.
Warning: This site is provided for information only and is intended for those engaged with NHS Digital. It is advised not to develop against these specifications until a formal announcement has been made.
Headers
This page collates and summarises http headers to be included with http requests and responses submitted.
Headers listed are cumulative.
Requests
All requests
- Authorization: Bearer [jwt_token_string]
- InteractionID: [serviceName]
InteractionID varies by resource and interaction undertaken.
Update requests
- If-Match: [versionIdETag]
Responses
All failure responses
- Date: [servedNowDate]
- Content-type: application/json+fhir or application/xml+fhir
All success responses
- Date: [servedNowDate]
- Last-Modified: [lastModDate]
- ETag: W/”[versionId]”
- Content-type: application/json+fhir or application/xml+fhir
Create responses
- Location: https://clinicals.spineservices.nhs.uk/STU3/[type]/[id]/_history/[vid]
InteractionID
| Interaction | Resource | InteractionID |
|---|---|---|
| Read | Consent | urn:nhs:names:services:flagserver:consent:read |
| Flag | urn:nhs:names:services:flagserver:flag:read | |
| Condition | urn:nhs:names:services:flagserver:condition:read | |
| List | urn:nhs:names:services:flagserver:list:read | |
| Create, Update, Delete |
Consent | urn:nhs:names:services:flagserver:consent:update |
| Flag | urn:nhs:names:services:flagserver:flag:update | |
| Condition | urn:nhs:names:services:flagserver:condition:update | |
| List | urn:nhs:names:services:flagserver:list:update |
