PDS - Patient Access - Additional Scopes result in errors


I’m attempting to integrate our patient-access consumer app with the PDS api’s and I’ve fun into a problem with the oauth2-mock service in the Integration Test environment.

We’re able to successfully authenticate as a fake patient (9912003071) with the Second-generation Mocked API service - int.api.service.nhs.uk/oauth2-mock/authorize

However, this only works when using the “nhs-login” scope – which doesnt provide any information about the currently authenticated Patient, and we don’t have enough information to call the FHIR/R4/Patient/:id endpoint successfully.

When we add additional scopes, like “profile”, “openid” or “fhirUser”
authorize url redirects to CIS MOCK INT instead of NHS LOGIN MOCK INT, and using the test user results in an “Invalid username” error.

What is the correct way to retrieve the current user’s patient identifier and call the FHIR api?

Hello. For the mock auth the additional scopes are not supported. For the mocks I believe you need a valid user and then all the information should be in the test data packs for testing. PDS FHIR API test data - NHS Digital