9 votes

Currently we use OAuth 2.0 to authorise external software to access APIs for healthcare workers. There is no standard way for external software to get the end user's details (name, role profiles etc). One way to do this would be to support token exchange (there's a separate feature for this). Another way would be to add Open ID Connect to the OAuth server. Under the covers this would retrieve the user's details from NHS Identity.

Suggested by: API Management Team Upvoted: 23 Oct Comments: 0

Planned make-design-and-build-easier platform-phase-2

Add a comment

0 / 1,000

* Your name will be publicly visible

* Your email will be visible only to moderators