403:Forbidden. The logged In user Is Not authorised (A005 on DEP)

simon.goodinson · 13 August 2024 15:42

Hi NHS ers partners. We have just tried a test on the DEP environment. All looks as though it is configured but when we try

A005:RetrieveReferralRequest
Request = https://dep.api.service.nhs.uk/referrals-dep/FHIR/STU3/ReferralRequest/000049528485
eRS Response = 403:Forbidden. The logged In user Is Not authorised To perform the requested action(e.g.due To their business Function Not being authorised, organisation Not having the appropriate organisation role, legitimate relationship, referrer rights etc)
xCorrelationId = F9BEEBDB-8A75-F241-BF33-26960FED392F

This would suggest to me that the eRS configuration has not been setup correctly/Fully.

adam.oldfield · 14 August 2024 08:50

This looks like a setup issue when configuring the Organisation and User configured for Application Restricted access.

User 655246548106 has no roles at Organisation RVV.

@nhserspartners Looks like this hasn’t been configured correctly. This is for Application ID: f66d85b1-c274-4c24-bba8-02a7ab2244d6

Regards,

Adam.

simon.goodinson · 14 August 2024 09:18

Thanks Adam. that user is me and is stated as the SRO when we are sending in the request. I’ll chase them up

Topic		Replies	Views
A008 403 error - allowed OBO Users list e-Referral Service (e-RS) fhir	2	9	6 December 2024
The remote server returned an error: (403) Forbidden e-Referral Service (e-RS) testing , onboarding , fhir	7	91	27 August 2024
A010 - 403 Error (Int environment) e-Referral Service (e-RS) fhir	2	38	24 July 2024
e-RS FHIR API - A008, 403 with no response content e-Referral Service (e-RS) testing , fhir , integration	9	111	29 July 2024
Query regarding eRS API A005 ( Retrieve referral request ) e-Referral Service (e-RS)	8	221	4 March 2024