diff --git a/README.md b/README.md
index d14f4a2b2..66c3345ae 100644
--- a/README.md
+++ b/README.md
@@ -81,6 +81,8 @@ To use your local `.env` file make sure to source it:
$ source .env
```
+As a reminder: environment variable changes from the `.env` file take place only when the workspace is reloaded (e.g. through a new cli or `direnv allow`)
+
### Make commands
There are `make` commands that alias some of this functionality:
@@ -126,7 +128,11 @@ Our API integration tests support two authentication methods:
#### Bearer Token Authentication
-To be able to generate bearer token authentication for tests you need to declare the `API_ENVIRONMENT` environment variable:
+>**Notice:** This section contains the handling of secrets. As a reminder, secrets should only be shared via secure methods (e.g. NHS Mail) and MUST NOT be committed to source control
+
+##### Set the Environment
+
+To be able to generate bearer token authentication for tests you need to declare the `API_ENVIRONMENT` environment variable, e.g.:
```
export API_ENVIRONMENT=internal-dev
@@ -139,7 +145,13 @@ Available values for `API_ENVIRONMENT` include:
* `int`
* `prod`
-The authentication process uses `API_ENVIRONMENT` to generate authentication for a given client by using an api and private key pairing suitable for a client on its given environment.
+This defines the scope of tests that will be executed and the Apigee App/Product that will be used to service requests.
+
+The authentication process uses an API and private key pairing for the application defined by the `API_ENVIRONMENT`
+
+##### API Key
+
+To define the API Key, the following envars are used:
|Environment|API Key Variable|Private Key Variable|
|-----------|----------------|--------------------|
@@ -148,7 +160,20 @@ The authentication process uses `API_ENVIRONMENT` to generate authentication for
|int|`INTEGRATION_API_KEY`|`INTEGRATION_PRIVATE_KEY`|
|prod|`PRODUCTION_API_KEY`|`PRODUCTION_PRIVATE_KEY`|
-__Ensure these variables are set and sourced in your .env file before running tests.__
+To find the values for the `*_API_KEY` values:
+* Identify the correct envar for your `API_ENVIRONMENT` from the table above
+* Navigate to the Apigee App that will serve that environment e.g. `Comms-manager-local`
+* Copy the value of the `Key` found in the credentials section to your envar in `.env`
+
+In addition the `API_KEY` envar is also used and should use the same value.
+
+##### Private Key
+
+The value of the `*_PRIVATE_KEY` envars are a *file path* to the location of a private key file.
+
+The keys are held securely within the Management Account - talk to existing team members for more information on sourcing and configuring these values
+
+>__Ensure these variables are set and sourced in your .env file before running tests.__
#### Generate An Apigee Access Token
diff --git a/example.env b/example.env
index 789b25293..684ca78b2 100644
--- a/example.env
+++ b/example.env
@@ -15,7 +15,7 @@ export PROXY_NAME=xxx
# In order to find out the value of an environments given API key, follow these steps
# 1. Log in to Non-Prod/ Prod APIGEE
# 2. Navigate to 'Publish' > 'Apps' and search for the app linked to authentication
-# 3. Copy the secret key related to the app
+# 3. Copy the "key" value related to the app
#
# api key used to manually generate authentication for a given environment, used in generate_bearer_token.py and for postman authentication
export API_KEY=xxx
diff --git a/proxies/live/apiproxy/targets/target.xml b/proxies/live/apiproxy/targets/target.xml
index c9c0bfdd3..819d15e91 100644
--- a/proxies/live/apiproxy/targets/target.xml
+++ b/proxies/live/apiproxy/targets/target.xml
@@ -18,10 +18,14 @@
true
-
-
-
- {requestpath}
+ {% if ENVIRONMENT_TYPE == 'sandbox' %}
+
+
+
+ {requestpath}
+ {% else %}
+ https://comms-apim.de2-masl2.communications.national.nhs.uk
+ {% endif %}
29000
diff --git a/proxies/shared/policies/AssignMessage.MessageBatches.Create.Request.xml b/proxies/shared/policies/AssignMessage.MessageBatches.Create.Request.xml
index 3dfbc673b..852b51544 100644
--- a/proxies/shared/policies/AssignMessage.MessageBatches.Create.Request.xml
+++ b/proxies/shared/policies/AssignMessage.MessageBatches.Create.Request.xml
@@ -16,10 +16,17 @@
target.copy.pathsuffix
false
-
- requestpath
- /api/v1/send
-
+ {% if ENVIRONMENT_TYPE == 'sandbox' %}
+
+ requestpath
+ /api/v1/send
+
+ {% else %}
+
+ target.url
+ https://comms-apim.de2-masl2.communications.national.nhs.uk/api/v1/send
+
+ {% endif %}
%data.payload#
diff --git a/proxies/shared/policies/AssignMessage.Messages.Create.Request.xml b/proxies/shared/policies/AssignMessage.Messages.Create.Request.xml
index 2a8e9cd5c..86e829dd5 100644
--- a/proxies/shared/policies/AssignMessage.Messages.Create.Request.xml
+++ b/proxies/shared/policies/AssignMessage.Messages.Create.Request.xml
@@ -16,10 +16,17 @@
target.copy.pathsuffix
false
-
- requestpath
- /api/v1/messages
-
+ {% if ENVIRONMENT_TYPE == 'sandbox' %}
+
+ requestpath
+ /api/v1/messages
+
+ {% else %}
+
+ target.url
+ https://comms-apim.de2-masl2.communications.national.nhs.uk/api/v1/messages
+
+ {% endif %}
%data.payload#
diff --git a/proxies/shared/policies/AssignMessage.Messages.GetSingle.Request.xml b/proxies/shared/policies/AssignMessage.Messages.GetSingle.Request.xml
index ce54ec959..cbaff3c75 100644
--- a/proxies/shared/policies/AssignMessage.Messages.GetSingle.Request.xml
+++ b/proxies/shared/policies/AssignMessage.Messages.GetSingle.Request.xml
@@ -16,10 +16,17 @@
target.copy.pathsuffix
false
-
- requestpath
- /api/v1/messages/{data.messageId}
-
+ {% if ENVIRONMENT_TYPE == 'sandbox' %}
+
+ requestpath
+ /api/v1/messages/{data.messageId}
+
+ {% else %}
+
+ target.url
+ https://comms-apim.de2-masl2.communications.national.nhs.uk/api/v1/messages/{data.messageId}
+
+ {% endif %}
diff --git a/proxies/shared/policies/AssignMessage.NhsAppAccounts.Get.Request.xml b/proxies/shared/policies/AssignMessage.NhsAppAccounts.Get.Request.xml
index 6d71f721a..fda91bcaf 100644
--- a/proxies/shared/policies/AssignMessage.NhsAppAccounts.Get.Request.xml
+++ b/proxies/shared/policies/AssignMessage.NhsAppAccounts.Get.Request.xml
@@ -16,10 +16,17 @@
target.copy.pathsuffix
false
-
- requestpath
- /api/channels/nhsapp/accounts
-
+ {% if ENVIRONMENT_TYPE == 'sandbox' %}
+
+ requestpath
+ /api/channels/nhsapp/accounts
+
+ {% else %}
+
+ target.url
+ https://comms-apim.de2-masl2.communications.national.nhs.uk/api/channels/nhsapp/accounts
+
+ {% endif %}