Hi everyone,
I am trying to call A008 in INT environment.
The access mode is User-Restricted Access. I managed to reach all the steps regarding the authorization journey, called A030 to get the ODS code for the smartcard (it was issued for INT by ITOC), but when I call A008 I get “diagnostics”: “ODS code not provided or has not been configured.”
Did I perhaps miss some configuration steps?
Thank you!
Hi @ry8msk.dev02,
Can you confirm you are providing the selected ODS code in the Request header NHSD-End-User-Organisation-ODS (and Business Function in the NHSD-eRS-Business-Function header)?
For user-restricted access the ODS Code / Business function must be provided on every request (except for A030 as that lets you discover what is allowed).
If you can provide your Application-ID and X-Correlation-ID/X-Request-ID I can look into it further.
Thanks,
Adam.
Hi @adam.oldfield and sorry for the late response.
Your response helped me a bit and found out I had a typo in my headers that I fixed.
Now I get that I need to provide on behalf of user ID. Where can I get that param?
Thank you!
Hi @ry8msk.dev02,
Good to hear that helped.
If you are using the SERVICE_PROVIDER_CLINICIAN_ADMIN Business Function then the Service Provider Clinician you are working on behalf of needs to be provided in the NHSD-eRS-On-Behalf-Of-User-ID header.
You can determine what users a SERVICE_PROVIDER_CLINICIAN_ADMIN can work on behalf of using: Retrieve “on-behalf-of” practitioner user information (A040, FHIR R4)
Regards,
Adam.