10 votes

Currently, the only way to complete authorisation for a user-restricted API is using "combined authentication and authorisation" - authentication with NHS Identity occurs as part of the OAuth 2.0 authorisation flow. This feature will allow external software to authenticate separately with NHS Identity (using Open ID Connect) before authorising for an API. This will give full access to NHS Identity OIDC features.

Suggested by: API Management Team Upvoted: 12 Nov Comments: 0

Planned make-design-and-build-easier platform-phase-2

Add a comment

0 / 1,000

* Your name will be publicly visible

* Your email will be visible only to moderators