Skip to main content

EPS: How to embed a signature within a prescription

Learn how to embed a signature when creating a prescription within the NHS Electronic Prescription Service.

You should read the Electronic Prescription Service - FHIR API page and the Supplier Conformance Assessment List (SCAL) before you read this page.


Overview

This page explains how you can embed a signature when creating a prescription. It is intended to integrate with the EPS FHIR API and signing library.


Step one: Send complete prescription payload apart from provenance to prepare endpoint

This returns the: 

  • base64 encoded signed info block (containing the digest) 
  • timestamp embedded in the digest 
  • algorithm that should be used to generate the signature 

Step two: Sign the base64 encoded signed info block

Use either the local signing library or the remote signing service. This should give a signature value and a certificate.


Step three: Create signature block

You need to embed the: 

  • decoded signed info block with the xmlns attribute removed
  • signature value with no preceding whitespace
  • certificate with no preceding whitespace

This should be structured as follows:

<Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> 
  {signed_info_block} 
  <SignatureValue>{signature_value}</SignatureValue> 
  <KeyInfo> 
    <X509Data> 
      <X509Certificate>{certificate}</X509Certificate> 
    </X509Data> 
  </KeyInfo> 
</SignedInfo>

Then base64 encode that and embed it in the FHIR Provenance resource signature.data value as defined in the OAS ‘Create a new prescription’ section.

Last edited: 12 March 2024 3:13 pm