PDS FHIR API - intermittent 401

jakob · 5 December 2024 13:19

Despite not changing anything i’ve suddenly starting getting intermittant 401 errors for the INT environment. The every 5 minutes or so a request will go through as normal and then i’ll get 401’s such as below. After a period of time it’ll then randomly allow a certain message to go through.

  {
        "resourceType": "OperationOutcome",
        "issue": [
          {
            "severity": "error",
            "code": "forbidden",
            "details": {
              "coding": [
                {
                  "system": "https://fhir.nhs.uk/R4/CodeSystem/Spine-ErrorOrWarningCode",
                  "version": "1",
                  "code": "ACCESS_DENIED",
                  "display": "Access Denied - Unauthorised"
                }
              ]
            },
            "diagnostics": "Invalid Access Token"
          }
        ]
      }

david.hamill1 · 5 December 2024 14:18

Hi,

Given the message you are receiving, I suspect that API Platform will be the team to resolve the problem quickest. Hence, I have placed this under the API Platform topic.

oliver.schafer · 5 December 2024 16:01

Thanks David, I can confirm we’ve tested this across multiple instances and networks and run into the same issue.

jakob · 16 December 2024 13:09

Just to confirm that this still seems to be an issue, it’s been nearly two weeks with 0 response

navin.bose · 16 December 2024 15:28

Hi Jakob,

Apologies for the delayed response to your post/query.

The intermittent 401 errors with an “Invalid Access Token” message often point to issues in the authentication chain. Since this is happening suddenly and intermittently, even though nothing changed on your end, the cause may be related to token handling, environment stability, or backend configuration in the INT environment.

We will need more information to investigate further.

Intermittent 401 errors could be caused by expired or poorly timed tokens (ensure tokens are refreshed before they expire), environment or gateway instability, rate limiting (if throttling is being applied), changed token scopes or claims, or missing headers such as the subscription key etc.

For help and support connecting to our APIs and to get started with an onboarding process, or to discuss your query in more detail, please complete our [enquiry form](https://digital.nhs.uk/services/partner-onboarding/enquiry-form). Please provide as much information as possible.

Dependent upon your query and the API your are trying to connect to, we may need to know:

your application ID – for example 3ebd88d7-8cdb-79e1-96eb-14507fefffb4
the access mode you are using
the network mode you are using
the environment you are using
your organisation data service code (ODS)
copies of request(s) and response(s) - for example headers, host, path, query parameters and any error codes

Thanks,

NHS England API Platform team

Please note: The API Platform team can only address queries relevant to the NHS England API platform, including security, rate limiting, logging, monitoring and alerting. For any API specific queries, please reach out the relevant API teams.

Topic		Replies	Views
401 Access denied when calling patient resource Personal Demographics Service (PDS) authentication , onboarding , fhir , integration , spine	7	309	24 January 2024
401 when calling Token URL PDS Service Personal Demographics Service FHIR API pds , fhir , api , integration , spine , jwt	3	211	30 January 2024
PDS FHIR API - Internal Server Error in INT Personal Demographics Service (PDS) testing , pds , fhir , integration , spine	3	44	5 December 2024
Pds api http 500 Personal Demographics Service (PDS) pds , fhir , spine	2	142	28 May 2024
PDS FHIR API - Internal errors returning 404 response codes Personal Demographics Service FHIR API pds , fhir , spine	5	421	22 November 2023

PDS FHIR API - intermittent 401

Related topics