Authorisation - NHS Identity - separate authentication and authorisation model

15 votes

Currently, the only way to complete authorisation for a user-restricted API is using "combined authentication and authorisation" - authentication with NHS Identity occurs as part of the OAuth 2.0 authorisation flow. This feature will allow external software to authenticate separately with NHS Identity (using Open ID Connect) before authorising for an API. This will give full access to NHS Identity OIDC features.

Done make-design-and-build-easier platform platform-phase-2 Suggested by: API Management Team Upvoted: 06 May, '21 Comments: 1

Comments: 1

Add a comment

0 / 1,000

* Your name will be publicly visible

* Your email will be visible only to moderators