This section covers some of the pre-requisites for most API calls on Spine.
Broadly, in most cases the overall steps required when making calls into Spine APIs are (please see individual API specs, and the relevant sections below for more details):
- Before making the API call:
- Develop your client as per the relevant API specification for the service you are wanting to integrate with
- Test against a test endpoint, and engage with the NHS Digital assurance team to support you through the testing and assurance process.
- Some services have internet accessible reference implementations, others can be accessed through OpenTest.
- Go through the formal assurance process to gain access to a path-to-live, and subsequently a live environment for a deployment of your application into a health or social care service.
- The output of the above will be the creation of an Accredited System ID for your deployment, and a client certificate for you to use to secure your API calls.
- When making an API call:
- Do the relevant lookups on the Spine Directory Service to establish the relevant endpoint information for the API call
- In APIs calls relating to a patient, first ensure you have traced the patient’s NHS number on PDS
- In future:
- Make the API call using the URL from SDS and the appropriate Acccess token