Accessing user-restricted eRS API endpoints in the integration environment using CIS2


We are currently planning to go through the onboarding process for the eRS integration environment and have been looking into getting the access tokens required to interact with the eRS FHIR API in INT. I can see on this page that users can be requested and set up and CIS2 is used in the INT environments as well.

Our solution is required to use user-restricted endpoints. Once the users we require have been requested and set up, how can we use their details to attain an access token that allows us to call the API? Is there a CIS2 integration environment that we need to interact with or is there a way we can bypass that? Do we need to use a specific type of two factor auth like a smart card or can we use something like the authenticator app?

Apologies if this is documented somewhere, I couldn’t find a guide for it. Any help would be greatly appreciated.

Thanks in advance!

I hope this link helps:


thanks for this @chauhangaurav, this helps somewhat. I was wondering if you could explain the process of how to use the CIS2 integration environment once we have users set up? Furthermore, do we need to request smart cards for each user we request to be able to authorise them at a certain level in order to call the eRS FHIR API?

HI @oli.slade

Aplogies, I am not from NHS CIS2 team, I am just like consumer as you who is also in process of integrating with CIS2 and guiding you.

You can reach out to email id for all of your queries related to this. This is their group email id.

Gaurav Chauhan

Thanks for the response and your help Gaurav, I will do.

For the authentication side of things, the PTL process is defined here: NHS CIS2 Authentication path to live process - NHS England Digital

Onboarding information is here: Apply to use NHS CIS2 Authentication - NHS England Digital

Other authenticators are available: NHS CIS2 Authentication - NHS England Digital