Unauthorised - 401 - No Api Product Match Found

Hello, I am receiving a 401 - Unauthorised response on calling an e-RS endpoint (INT environment), eg. A030. The diagnostics of the response return “Invalid API call as no apiproduct match found”. Can someone identify what is causing this error?

The access token is obtained using the CIS2 process.

Below is the request & response from the A030 call:

{
  "request" : {
    "headers" : {
      "accept" : "application/fhir+json",
      "Authorization" : "Bearer ybgcLiItiZGvYm7vbk81AAZLKAON",
      "X-Correlation-ID" : "19638cef-ad9d-4f11-b40a-d195827e5b2e",
      "accept-encoding" : "gzip, deflate"
    },
    "url" : "https://int.api.service.nhs.uk/referrals/FHIR/R4/PractitionerRole",
    "scheme" : "https",
    "request-method" : "get"
  },
  "headers" : {
    "connection" : "keep-alive",
    "content-length" : "411",
    "content-type" : "application/fhir+json",
    "date" : "Fri, 13 Sep 2024 15:25:24 GMT",
    "strict-transport-security" : "max-age=31536000; includeSubDomains",
    "www-authenticate" : "Bearer realm=\"null\",error=\"invalid_token\",error_description=\"keymanagement.service.InvalidAPICallAsNoApiProductMatchFound: Invalid API call as no apiproduct match found\"",
    "x-correlation-id" : "19638cef-ad9d-4f11-b40a-d195827e5b2e"
  },
  "status" : 401,
  "content-type" : "application/fhir+json",
  "version" : "http-1.1",
  "body" : {
    "meta" : {
      "lastUpdated" : "2024-09-13T15:25:24.404Z",
      "profile" : [ "https://www.hl7.org/fhir/R4/operationoutcome.html" ]
    },
    "issue" : [ {
      "diagnostics" : "Invalid API call as no apiproduct match found",
      "details" : {
        "coding" : [ {
          "system" : "https://fhir.nhs.uk/CodeSystem/NHSD-API-ErrorOrWarningCode",
          "code" : "ACCESS_DENIED"
        } ]
      },
      "severity" : "error",
      "code" : "login"
    } ],
    "resourceType" : "OperationOutcome"
  }
}

The above error response I believe is obtained using a valid token, as if I allow the token expire and try to use it on the A030 I then receive the response of “Invalid Access Token” as shown below.

{
  "request" : {
    "headers" : {
      "accept" : "application/fhir+json",
      "Authorization" : "Bearer ybgcLiItiZGvYm7vbk81AAZLKAON",
      "X-Correlation-ID" : "f5985265-f667-423a-8610-69567ebeab82",
      "accept-encoding" : "gzip, deflate"
    },
    "url" : "https://int.api.service.nhs.uk/referrals/FHIR/R4/PractitionerRole",
    "scheme" : "https",
    "request-method" : "get"
  },
  "headers" : {
    "connection" : "keep-alive",
    "content-length" : "386",
    "content-type" : "application/fhir+json",
    "date" : "Fri, 13 Sep 2024 15:38:32 GMT",
    "strict-transport-security" : "max-age=31536000; includeSubDomains",
    "www-authenticate" : "Bearer realm=\"null\",error=\"invalid_token\",error_description=\"keymanagement.service.invalid_access_token: Invalid Access Token\"",
    "x-correlation-id" : "f5985265-f667-423a-8610-69567ebeab82"
  },
  "status" : 401,
  "content-type" : "application/fhir+json",
  "version" : "http-1.1",
  "body" : {
    "meta" : {
      "lastUpdated" : "2024-09-13T15:38:33.005Z",
      "profile" : [ "https://www.hl7.org/fhir/R4/operationoutcome.html" ]
    },
    "issue" : [ {
      "diagnostics" : "Invalid Access Token",
      "details" : {
        "coding" : [ {
          "system" : "https://fhir.nhs.uk/CodeSystem/NHSD-API-ErrorOrWarningCode",
          "code" : "ACCESS_DENIED"
        } ]
      },
      "severity" : "error",
      "code" : "login"
    } ],
    "resourceType" : "OperationOutcome"
  }
}

Let me know if you require further information.

Hi @Alexlykos,

Using https://onboarding.prod.api.platform.nhs.uk can you confirm that the Application you are using has one of the following APIs enabled/selected (depending on the access mode you are using):

  • e-Referral Service - Application Restricted ( Integration Testing )
  • e-Referral Service - Healthcare Worker ( Integration Testing )

See also 2.2 Create and register your application under “5. Add the e-Referral Service API”.

Thanks,

Adam.

Hi Adam,

I have gone through the onboarding process. The application is registered in the developer portal with the connected and enabled API of ‘e-Referral Service - Healthcare Worker ( Integration Testing )’. I have also received confirmation regarding the setup of the e-RS FHIR API in the INT environment (ASIDs, MHS Party key and Test Data Pack) for the smartcard I am performing the-RS API calls.

Let me know if you require any further information.
Alex

Hi @Alexlykos,

Can you please provide your Application ID and I’ll will check the configuration for you?

Hi Adam,

The Application ID is: 9a72bda1-b2eb-4470-a9f2-5a0222cebd73

This looks like an issue with the APIM Management (APIM) platform. I’ve raised it with them to try an understand the issue.

Hi @Alexlykos,

The @nhserspartners team is going to arrange a meeting with you and a member of the APIM support team so we can work through the issue together.

Whilst waiting for this please ensure you have completed the “API platform configuration” step here - by emailing the partners team the required details. This will ensure once the current issue is resolved there isn’t anything else standing in the way of a successful call.

Thanks,

Adam.