Summary Care Record FHIR API (Release Candidate 1.3.2)

Set Permission

The SCR API provides a custom operation, setPermission, to allow update of Permission to view for GP Summaries held for the patient. Possible values are Yes, No, Ask.

setPermission is specified in the OperationDefinition setPermission

Endpoint
https://[baseURL]/$setPermission
Parameters
patient: NHSNo
Permission value: Yes | No | Ask Using coded values from CodeSystem CodeSystem-SCR-ACSPermission
Query
POST https://[baseUrl]/$setPermission

Client view of Get SCR Id sequence diagram

setPermission

Example setPermission call

POST https://[baseUrl]/$setPermission /HTTP/1

Example setPermission call payload

setPermission passes in-parameter arguments as a Parameter payload

{
    "resourceType": "Parameters",
    "parameter":  [
        {
            "name": "setPermissions",
            "part":  [
                {
                    "name": "nhsNumber",
                    "valueString": "999999998"
                },
                {
                    "name": "permissionCode",
                    "valueCoding": {
                        "system": "https://fhir.nhs.uk/CodeSystem/SCR-ACSPermission",
                        "code": "Ask"
                    }
                }
            ]
        }
    ]
}

Example setPermission success response

Returns an operationOutcome on sucess or failure

HTTP/1.1 201 Created
Date: Tue, 24 Aug 2020 11:00:00 GMT
Content-Type: application/fhir+json

{
  "resourceType": "OperationOutcome",
  "id": "27242108-f2ee-429c-a387-ace44bb87f40",
  "issue": [
    {
      "severity": "information",
      "code": "informational",
      "details": {
        "text": "Resource Created"
      }
    }
  ]
}

Example setPermission failure response

Returns an operationOutcome on failure. Error handling is in line with Spine Error Codes II [NB: internal Confluence link].

HTTP/1.1 400 Bad Request
Date: Tue, 24 Aug 2020 11:00:00 GMT
Content-Type: application/fhir+json

{
  "resourceType": "OperationOutcome",
  "id": "27242108-f2ee-429c-a387-ace44bb87f40",
  "issue": [
    {
      "severity": "error",
      "code": "invalid",
      "details": {
        "text": "Bad Request"
      }
    }
  ]
}