403 Forbidden Response on eRS ApPI

Our integration with eRS is currently failing for a number of organisations. We do not believe this issue relates to any changes made by OneAdvanced.

When our customers are currently getting 403 Forbidden response when attempting to perform A008 GetWorklist.

The following error is:
{"meta":{"profile":["https://fhir.nhs.uk/STU3/StructureDefinition/eRS-OperationOutcome-1"]},"resourceType":"OperationOutcome","issue":[{"severity":"error","code":"forbidden","details":{"coding":[{"code":"FORBIDDEN","system":"https://fhir.nhs.uk/STU3/CodeSystem/eRS-APIErrorCode-1","display":"Forbidden"}]},"diagnostics":"The ASID (200000022152) does not have the interaction (urn:nhs:names:services:ers:READ_WORKLIST_STU3_V001) required to call this endpoint."}]}

Hi @thomas.burton,

You should have a response from us via ServiceNow on case INC0272100 as follows (redacting some details here):

The calls are failing as you do not have access to the STU3 version of the Fetch Worklist API (or other APIs). This is controlled in SDS via the interactions assigned to your ASID(s).

We can see…

On Monday (20/01):

  • Calls being made to /ers-api/v1/ReferralRequest/$ers.fetchworklist
  • This is the DSTU2 Fetch Worklist API

On Tuesday (21/01):

  • Calls being made to /ers-api/STU3/v1/ReferralRequest/$ers.fetchworklist
  • This is the STU3 Fetch Worklist API (note the STU3 in the URL)

These ASIDs only have permission to call the DSTU2 APIs, not the STU3 APIs.

Did you intentionally switch from DSTU2 to STU3 APIs as part of a migration?

Regards,

Adam.

Thanks @adam.oldfield, we found and have rectified a deployment issue that resulted in us using STU3 instead of DSTU2.

Can I check how long DSTU2 will be supported for, as we’d like to finalise our move over to STU3?

Hi @thomas.burton -

Our API partners team will be reaching out to you, and your OA colleagues, to start engagement regarding your migration.

Please look out for the invite in your inbox.

Thanks,
Z.