ODS FHIR API - CORS error

jstarmx · 13 September 2023 12:45

My application is directly accessing the ODS FHIR API from the browser. We have several subdomains for testing. If I make a request e.g. https://directory.spineservices.nhs.uk/STU3/Organization/E84044 from dev.mydomain.com, and then the same request from staging.mydomain.com, the second request fails with a CORS error as the Access-Control-Allow-Origin header in the response is still set to dev.mydomain.com. However if I make a request for a different ODS code from from staging.mydomain.com, it’s fine.

It feels like the origin for a request is being cached by the API for specific urls perhaps based on the originating IP address? Is this a deliberate security feature or something unintended?

alan.rawlings2 · 14 September 2023 11:54

Hello jstarmx,

Take a look at this post:

Change to the ORD and STU3 made 5th Sep - Services / Organisation Data Service (ODS) - NHS Digital Developer Community

jstarmx · 14 September 2023 12:51

Thanks very much @alan.rawlings2, I’m still seeing the issue as of yesterday so may reach out to the email address you provided on the other thread.

Topic		Replies	Views
403 error from ODS FHIR API Organisation Data Service (ODS) fhir	2	237	14 June 2023
Fetch prescriptions using test-data on Development Environment Electronic Prescription Service (EPS) FHIR fhir , error-code	1	274	16 July 2023
SDS FHIR API errors in PTL integration Spine Directory Service (SDS) fhir , integration	4	326	13 February 2023
Intermittant errors connecting to live /token end point Personal Demographics Service (PDS) pds , fhir , spine	3	153	22 January 2024
Personal Demographics Service - FHIR API - Application-restricted API authentication failure Personal Demographics Service FHIR API testing , authentication , fhir , integration	1	564	7 November 2022

ODS FHIR API - CORS error

Related Topics