Spine External Interface Specification (EIS)

The Spine EIS describes how to connect to the Spine national services via HL7 V3 APIs.

Overview

The Spine EIS (External Interface Specification) is a set of Word documents that provide system developers (architects, designers, and builders) with the necessary information to connect to the Spine national services via HL7 V3 APIs.

It does not give details of the format of specific messages - for that see the Spine Message Implementation Manual.

Note that many of these specifications and APIs are now superseded, for example:

HL7 V3 APIs are superseded by FHIR APIs, such as the Personal Demographics Service - HL7 V3 API by the Personal Demographic Service FHIR API
Spine Security Broker API is now deprecated and superseded by the NHS CIS2 Care Identity Authentication API

For individual API details, see the API and integration catalogue.

These are Microsoft Word files. To request a different format, contact us.

EIS Part 1 - Introduction

An overview of audience, background, standards and specification conventions.

Part 1 - Intro v12.3

doc 499 KB

EIS Part 2 - Message Handling Service (MHS)

Explains how to build a Message Handling Service (MHS).

You must use an MHS to send correctly structured messages to and from Spine services.

Part 2 - MHS v11.6

doc 622 KB

EIS Part 3 - Message Interaction Map

Includes tables of all Spine interactions. In each case it describes the interaction type; for example, synchronous or asynchronous.

Part 3 - Message Interaction Map v12.3

doc 587 KB

EIS Part 4 - Gazetteer Service

Explains how to use the Gazetteer Service, which supports the validation or retrieval of UK-based addresses.

Part 4 - Gazetteer Service v11.6

doc 208 KB

EIS Part 5 - Spine Directory Services (SDS)

Describes the external interfaces necessary for systems to obtain information from the Spine Directory Services (SDS). SDS provides details of organisations, people and systems registered with the Spine.

Part 5 - SDS v11.8

doc 3 MB

Additional notes on Part 5 - Accredited System attributes

EIS Part 5, section 5.5.2.4 describes the LDAP object class for an Accredited System.

We've added the following attribute to the nhsAs object class:

Data Item	LDAP Attribute	Cardinality	Description
Manufacturer Organisation Code	nhsMhsManufacturerOrg	1	ODS Code of the supplier whose product is registered on the endpoint associated with the Accredited System

EIS Part 6 - Spine Security Broker (SSB)

Describes the external interfaces required by system implementers to access the Spine Security Broker (SSB) to implement single sign-on.

Part 6 - SSB v12.2

doc 2 MB

EIS Part 6 and 7 addendum

For EIS Part 6 SSB v12.2, this addendum outlines the changes you need to overlay on top of the specification.

For EIS Part 7 SSB API, Section 7.7 'PKCS example C', or Section 7.8 'PKCS example Java', refer to the new API interface outlined in Section 4.1.x of this addendum.

EIS Part 6 and 7 addendum v3

docx 115 KB

Additional notes on Part 6 addendum - support for vendor neutral smartcards

The Part 6 and 7 addendum outlines the changes to be overlaid on top of EIS Part 6 SSB v12.2.

This document is for existing suppliers in the primary care market who have integrated authentication and signing capabilities with the CIS1 service. GP software 'new market entrants' should only integrate with CIS2 and the API Management platform.

EIS Part 7 - Spine Security Broker (SSB) API

Includes the formal specification of SSB Java and C APIs.

Part - 7 SSB API v11.8

doc 918 KB

Additional notes on Part 7 addendum - C and Java API examples

Spine EIS Part 7 remains relevant for organisations who directly integrate with CIS1 as an authentication service. The document remains live for reference only.

Any sections that refer to PKCS#11 (section 7.7 'PKCS example C' and section 7.8 'PKCS example Java') should use the new API interface outlined in Section 4.1.x in the EIS Part 6 and 7 addendum under ‘EIS Part 6 SSB v12.2' above.

Any GP software 'new market entrants' should integrate directly with CIS2 and the API Management platform. Part 7 and the addendum are not relevant for new market entrants.

Additional notes on Part 7 - identity agent PKCS#11 API

The identity agent exposes the PKCS#11 API on the healthcare worker's computer. C or Java code uses the code libraries distributed with the identity agent's client to access the API. For a detailed example of C and Java, see sections 7.7 and 7.8 in EIS Part 7.

The API can digitally sign information based on an asymmetric private key and associated digital certificate stored on the healthcare worker's smartcard. Electronic prescription systems use this functionality to sign prescriptions digitally.

EIS Parts 8, 9 and 10

These parts have been withdrawn.

EIS Part 11 - Access Control Service

Describes the additional Access Control Framework (ACF) subsystem service provided by Spine. Specifically, it covers the requirements for the web services to support resource-based access control maintenance and query.

Primarily used for Summary Care Record (SCR) consent.