Technology
This API is an HL7 V3 API.
It uses asynchronous HL7 V3.
For more details, see HL7 V3.
Message Handling System (MHS) adaptor
To remove the complexity of building your own Message Handling System, we offer a pre-assured, client side MHS adaptor that you can integrate into your own infrastructure.
It makes it easier to connect to the NHS Spine and perform business operations by exposing a RESTful API that conforms to the HL7 V3 standard.
Security and authorisation
Authentication
This API is user-restricted, meaning an end user must be present and authenticated to use it.
The end user must be:
We support the following security patterns:
- user-restricted HL7 V3 API, using NHS Care Identity Service 2 (NHS CIS2)
- user-restricted HL7 V3 API, using CIS
For more details see user-restricted APIs.
Authorisation
For some activities, the end user must be authorised to perform that activity.
The API itself does not perform any authorisation checks. Rather, the calling system is expected to perform them. The authorisation rules are specified in our national Role Based Access Control (RBAC) database.
For more details see our national Role Based Access Control (RBAC) database on the registration authorities and smartcards page.
Last edited: 24 October 2022 12:27 pm