From 77286e272a7e7b8e1edb283bbf1c2b22e3206d38 Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Wed, 11 Mar 2026 11:14:32 +0000 Subject: [PATCH 01/18] NPA-6425: POST /QuestionnaireResponse done --- .../validated-relationships-service-api.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index ddbff7cb..df02862a 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -268,14 +268,14 @@ paths: | ----------- | ------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | | 400 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | | 400 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | - | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | + | 400 | `BAD_REQUEST` | Failed questionnaire response validation | + | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. (NOT IN CODE) | | 403 | `FORBIDDEN` | Access denied to resource. | - | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | - | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | - | 408 | `TIMEOUT` | Request timed out. | + | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. (NOT IN CODE) | + | 408 | `TIMEOUT` | Request timed out. (NOT IN CODE) | | 409 | `DUPLICATE_RELATIONSHIP` | A proposed proxy role already exists for this proxy/patient relationship. | - | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. | - | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | + | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. (NOT IN CODE) | + | 429 | `THROTTLED` | You have exceeded your application's (NOT IN CODE) [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | content: application/fhir+json: @@ -330,7 +330,7 @@ paths: | Valid access request ID | ID value: `156e1560-e532-4e2a-85ad-5aeff03dc43e` | HTTP Status 200 with QuestionnaireResponse | | Invalid access request ID | ID value: `INVALID` | HTTP Status 400 with INVALID_IDENTIFIER_VALUE message | | Missing access request ID | No ID path parameter | HTTP Status 405 with METHOD_NOT_ALLOWED message | - | Non-existent access request ID | ID value: `60d09b82-f4bb-41f9-b41e-767999b4ac9b` | HTTP Status 404 with QUESTIONNAIRE_RESPONSE_NOT_FOUND message | + | Non-existent access request ID | ID value: `60d09b82-f4bb-41f9-b41e-767999b4ac9b` | HTTP Status 404 with NOT_FOUND message | ### Sandbox constraints From c37f58ff7005ccf341883002908e43ab9bf91c91 Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Wed, 11 Mar 2026 11:17:31 +0000 Subject: [PATCH 02/18] NPA-6425: audited 5xx error codes --- specification/validated-relationships-service-api.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index df02862a..affb6417 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -293,7 +293,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | - | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. (NOT IN CODE) | content: application/fhir+json: From d9a45152d46f3eb8720a0831c5a08c04518ef77d Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Wed, 11 Mar 2026 13:26:05 +0000 Subject: [PATCH 03/18] NPA-6425: audited error responses for get QuestionnaireResponse --- .../validated-relationships-service-api.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index affb6417..8b364157 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -364,13 +364,12 @@ paths: | 400 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | | 400 | `BAD_REQUEST` | The access request ID is required but was not provided in the request. | | 400 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | - | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | + | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. (NOT IN CODE) | | 403 | `FORBIDDEN` | Access denied to resource. | | 404 | `QUESTIONNAIRE_RESPONSE_NOT_FOUND` | No questionnaire response was found for the provided access request ID. | - | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | - | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | - | 408 | `TIMEOUT` | Request timed out. | - | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | + | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. (NOT IN CODE) | + | 408 | `TIMEOUT` | Request timed out. (NOT IN CODE) | + | 429 | `THROTTLED` | You have exceeded your application's (NOT IN CODE) [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | content: application/fhir+json: @@ -389,8 +388,9 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | - | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | - | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | + | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. (Could be possible? there is a generic try catch that returns an APIError object with whatever error it gets thrown) | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. (NOT IN CODE) | + | 503 | `DOWNSTREAM_SERVICE_ERROR` | Failed to generate response | content: application/fhir+json: From 4634a61a1be818182b69a8e7ded8601ed772d38f Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Wed, 11 Mar 2026 14:35:53 +0000 Subject: [PATCH 04/18] NPA-6425: get related person endpoint errors audited --- .../validated-relationships-service-api.yaml | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index 8b364157..7db791bd 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -389,6 +389,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. (Could be possible? there is a generic try catch that returns an APIError object with whatever error it gets thrown) | + | 501 | `NOT_IMPLEMENTED` | API Endpoint not implemented. | | 502 | `BAD_GATEWAY` | Connection to the backend service failed. (NOT IN CODE) | | 503 | `DOWNSTREAM_SERVICE_ERROR` | Failed to generate response | @@ -487,19 +488,17 @@ paths: | HTTP status | Error code | Description | | ----------- | ---------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | - | 400 | `INVALID_IDENTIFIER_SYSTEM` | Invalid identifier system. | - | 400 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | | 400 | `MISSING_IDENTIFIER_VALUE` | Missing RelatedPerson NHS number. | - | 400 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | - | 400 | `INVALID_IDENTIFIER_VALUE` | Malformed RelatedPerson NHS number. | - | 400 | `INVALID_PATIENT_IDENTIFIER_VALUE` | Malformed Patient NHS number. | - | 400 | `NOT_SUPPORTED` | The request is not currently supported. | - | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | - | 403 | `FORBIDDEN` | Access denied to resource. | + | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. (NOT IN CODE) | + | 403 | `FORBIDDEN` | Access denied to resource. (NOT IN CODE - less certain this is one) | | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | - | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | - | 408 | `TIMEOUT` | Request timed out. | - | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | + | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. (NOT IN CODE) | + | 408 | `TIMEOUT` | Request timed out. (NOT IN CODE) | + | 422 | `INVALID_IDENTIFIER_SYSTEM` | Invalid identifier system. | + | 422 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | + | 422 | `INVALID_PATIENT_IDENTIFIER_VALUE` | Malformed Patient NHS number. | + | 422 | `INVALID_IDENTIFIER_VALUE` | Malformed RelatedPerson NHS number. | + | 429 | `THROTTLED` | You have exceeded your application's (NOT IN CODE) [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | content: application/fhir+json: @@ -524,7 +523,8 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | - | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | + | 501 | `NOT_IMPLEMENTED` | API Endpoint not implemented. | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. (NOT IN CODE) | content: application/fhir+json: From 8882cb04732cb7358d6258eaa4d48f41b6cd98d4 Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Wed, 11 Mar 2026 14:59:21 +0000 Subject: [PATCH 05/18] NPA-6425: done get consented relationships lambda, still need the query proxy roles and so forth --- specification/validated-relationships-service-api.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index 7db791bd..dde0502b 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -645,14 +645,14 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | | 400 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | - | 400 | `INVALID_VALUE` | Invalid header. For details, see the `diagnostics` field. | | 400 | `MISSING_IDENTIFIER_VALUE` | Missing performer:identifier or patient:identifier value. | - | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | + | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. (NOT IN CODE) | | 403 | `FORBIDDEN` | Access denied to resource. | | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | | 404 | `GP_PRACTICE_NOT_FOUND` | GP Practice not found. | - | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | - | 408 | `TIMEOUT` | Request timed out. | + | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. (NOT IN CODE) | + | 408 | `TIMEOUT` | Request timed out. (NOT IN CODE) | + | 422 | `INVALID_VALUE` | Invalid header. For details, see the `diagnostics` field. | | 422 | `INVALID_IDENTIFIER_SYSTEM` | Invalid performer:identifier or patient:identifier identifier system. | | 422 | `INVALID_IDENTIFIER_VALUE` | Malformed performer:identifier or patient:identifier NHS number. | | 422 | `INVALID_PARAMETER` | Invalid parameter. For details, see the `diagnostics` field. | From ed00fd5fdd02cb681589e223db3ffa434c2e59f5 Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Wed, 11 Mar 2026 16:01:39 +0000 Subject: [PATCH 06/18] NPA-6425: added error codes to post consent, still need to trim them down --- specification/validated-relationships-service-api.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index dde0502b..2eb4d558 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -776,7 +776,6 @@ paths: | HTTP status | Error code | Description | | ----------- | --------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | - | 400 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | | 400 | `MISSING_IDENTIFIER_VALUE` | Missing grantee or patient identifier. | | 400 | `MISSING_IDENTIFIER_SYSTEM` | Missing grantee or patient identifier system. | | 400 | `MISSING_PATIENT` | Missing patient. | @@ -796,6 +795,7 @@ paths: | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | | 408 | `TIMEOUT` | Request timed out. | | 409 | `DUPLICATE_RELATIONSHIP` | Conflict with requested proxy role. | + | 422 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | | 422 | `INVALID_IDENTIFIER_VALUE` | Invalid grantee or patient identifier value. | | 422 | `INVALID_IDENTIFIER_SYSTEM` | Invalid grantee or patient identifier system. | | 422 | `INVALID_PATIENT` | Invalid patient. | @@ -807,6 +807,7 @@ paths: | 422 | `INVALID_PROVISION` | Invalid provision. | | 422 | `INVALID_EXTENSION` | Invalid extension. | | 422 | `INVALID_GRANTOR_VALUE` | Grantor ODS code is missing, empty, whitespace-only or invalid format. | + | 422 | `INVALID_PERFORMER` | Invalid performer. | | 422 | `INVALID_GRANTOR_SYSTEM` | Grantor identifier system is invalid (must be 'https://fhir.nhs.uk/Id/ods-organization-code'). | | 422 | `INVALID_PARAMETER` | Invalid request parameter. For details, see the diagnostics field. | | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | @@ -850,6 +851,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------- | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | + | 501 | `NOT_IMPLEMENTED` | API Endpoint not implemented. | | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | | 503 | `DOWNSTREAM_SERVICE_ERROR` | A downstream service has failed, request cannot be completed. | From ec3e3b38fa651ed0e7382b3c0ef90c44df670ed8 Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Thu, 12 Mar 2026 13:47:43 +0000 Subject: [PATCH 07/18] NPA-6425: update consent endpoint audited --- .../validated-relationships-service-api.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index 2eb4d558..b72edb66 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -1083,26 +1083,25 @@ paths: | HTTP status | Error code | Description | | ----------- | --------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | - | 400 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | - | 400 | `INVALID_PATCH_FORMAT` | Invalid patch format. | - | 400 | `INVALID_PATCH` | Invalid patch. | | 400 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | | 400 | `MISSING_GRANTOR` | Grantor extension is required when creating or activating a consent with status "active". For details, see the `diagnostics` field. | | 400 | `MISSING_GRANTOR_REFERENCE` | Grantor extension reference is required when creating or activating a consent with status "active". For details, see the `diagnostics` field. | | 400 | `MISSING_GRANTOR_IDENTIFIER`| Grantor extension identifier is required when creating or activating a consent with status "active". For details, see the `diagnostics` field. | | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | | 403 | `FORBIDDEN` | Access denied to resource. | - | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | | 408 | `TIMEOUT` | Request timed out. | - | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. | + | 409 | `DUPLICATE_PATCHES` | Two or more patches use same path. | + | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. (NOT IN CODE) | + | 422 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | + | 422 | `INVALID_EXTENSION` | Invalid extension. | + | 422 | `INVALID_PATCH` | Invalid patch. | | 422 | `INVALID_PATCH_PATH` | Invalid patch path. | | 422 | `INVALID_STATUS_CODE` | Invalid status code. | | 422 | `INVALID_STATUS_REASON` | Invalid status reason. | | 422 | `INVALID_STATE_TRANSITION` | Invalid state transition. | | 422 | `INVALID_LEGAL_BASIS_CODE` | Invalid legal basis code. | | 422 | `INVALID_END_DATE` | End date is invalid. | - | 422 | `DUPLICATE_PATCHES` | Two or more patches use same path. | | 422 | `INVALID_GRANTOR_VALUE` | Invalid grantor identifier value. For details, see the `diagnostics` field. | | 422 | `INVALID_GRANTOR_SYSTEM` | Invalid grantor system value. For details, see the `diagnostics` field. | | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | @@ -1142,6 +1141,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------- | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | + | 501 | `NOT_IMPLEMENTED` | API Endpoint not implemented. | | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | content: From e953dc3a697effbf2589d75aabf6a84c84220109 Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Thu, 12 Mar 2026 16:22:10 +0000 Subject: [PATCH 08/18] NPA-6425: filtered down create consent errors --- .../validated-relationships-service-api.yaml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index e4bee9b1..e17b16aa 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -787,15 +787,13 @@ paths: | 400 | `MISSING_SCOPE` | Missing scope. | | 400 | `MISSING_CATEGORY` | Missing category. | | 400 | `MISSING_DATETIME` | Missing datetime. | - | 400 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | + | 400 (422 in the code but we need a new error to cover this) | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | | 400 | `BAD_REQUEST` | Invalid request. For details, see the `diagnostics` field. | - | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | + | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. (NOT IN CODE) | | 403 | `FORBIDDEN` | Access denied to resource. | - | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | - | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | - | 408 | `TIMEOUT` | Request timed out. | + | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. (NOT IN CODE) | + | 408 | `TIMEOUT` | Request timed out. (NOT IN CODE) | | 409 | `DUPLICATE_RELATIONSHIP` | Conflict with requested proxy role. | - | 422 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | | 422 | `INVALID_IDENTIFIER_VALUE` | Invalid grantee or patient identifier value. | | 422 | `INVALID_IDENTIFIER_SYSTEM` | Invalid grantee or patient identifier system. | | 422 | `INVALID_PATIENT` | Invalid patient. | @@ -809,7 +807,6 @@ paths: | 422 | `INVALID_GRANTOR_VALUE` | Grantor ODS code is missing, empty, whitespace-only or invalid format. | | 422 | `INVALID_PERFORMER` | Invalid performer. | | 422 | `INVALID_GRANTOR_SYSTEM` | Grantor identifier system is invalid (must be 'https://fhir.nhs.uk/Id/ods-organization-code'). | - | 422 | `INVALID_PARAMETER` | Invalid request parameter. For details, see the diagnostics field. | | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | content: From 00b3c5f9f4846890795f67e3a8569f7be4c67d52 Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Fri, 13 Mar 2026 10:31:12 +0000 Subject: [PATCH 09/18] NPA-6425: finished auditing errors --- .../validated-relationships-service-api.yaml | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index e17b16aa..e01b799e 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -644,17 +644,11 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | - | 400 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | - | 400 | `MISSING_IDENTIFIER_VALUE` | Missing performer:identifier or patient:identifier value. | | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. (NOT IN CODE) | - | 403 | `FORBIDDEN` | Access denied to resource. | | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | | 404 | `GP_PRACTICE_NOT_FOUND` | GP Practice not found. | | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. (NOT IN CODE) | | 408 | `TIMEOUT` | Request timed out. (NOT IN CODE) | - | 422 | `INVALID_VALUE` | Invalid header. For details, see the `diagnostics` field. | - | 422 | `INVALID_IDENTIFIER_SYSTEM` | Invalid performer:identifier or patient:identifier identifier system. | - | 422 | `INVALID_IDENTIFIER_VALUE` | Malformed performer:identifier or patient:identifier NHS number. | | 422 | `INVALID_PARAMETER` | Invalid parameter. For details, see the `diagnostics` field. | | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | @@ -938,16 +932,10 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | - | 400 | `NOT_SUPPORTED` | The request is not currently supported. | - | 400 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | - | 400 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | - | 403 | `FORBIDDEN` | Access denied to resource. | | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | | 408 | `TIMEOUT` | Request timed out. | - | 422 | `INVALID_ID_VALUE` | Invalid id. | - | 422 | `INVALID_PARAMETER` | Invalid parameter. For details, see the `diagnostics` field. | | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | content: @@ -970,6 +958,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------- | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | + | 501 | `NOT_IMPLEMENTED` | API Endpoint not implemented. | | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | content: From c60ca619ee5c2dc285190473c607cd28ed420a77 Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Fri, 13 Mar 2026 10:47:34 +0000 Subject: [PATCH 10/18] NPA-6425: formatting the table --- .../validated-relationships-service-api.yaml | 76 +++++++++---------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index e01b799e..fa01542d 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -41,7 +41,7 @@ info: ## Service level This API is a bronze service, meaning it is operational and supported only during business hours (8am to 6pm), Monday to Friday excluding bank holidays. - For more details, see [service levels](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#service-levels). + For more detail's, see [service levels](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#service-levels). ## Technology This API is [RESTful](https://digital.nhs.uk/developer/guides-and-documentation/our-api-technologies#basic-rest). @@ -268,14 +268,14 @@ paths: | ----------- | ------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | | 400 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | | 400 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | - | 400 | `BAD_REQUEST` | Failed questionnaire response validation | - | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. (NOT IN CODE) | + | 400 | `BAD_REQUEST` | Failed questionnaire response validation | + | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | | 403 | `FORBIDDEN` | Access denied to resource. | - | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. (NOT IN CODE) | - | 408 | `TIMEOUT` | Request timed out. (NOT IN CODE) | - | 409 | `DUPLICATE_RELATIONSHIP` | A proposed proxy role already exists for this proxy/patient relationship. | - | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. (NOT IN CODE) | - | 429 | `THROTTLED` | You have exceeded your application's (NOT IN CODE) [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | + | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | + | 408 | `TIMEOUT` | Request timed out. | + | 409 | `DUPLICATE_RELATIONSHIP` | A proposed proxy role already exists for this proxy/patient relationship. | + | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. (NOT IN CODE) | + | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | content: application/fhir+json: @@ -360,16 +360,16 @@ paths: | HTTP status | Error code | Description | | ----------- | ---------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | - | 400 | `INVALID_IDENTIFIER_VALUE` | The access request ID must be a valid uuid. | + | 400 | `INVALID_IDENTIFIER_VALUE` | The access request ID must be a valid uuid. | | 400 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | - | 400 | `BAD_REQUEST` | The access request ID is required but was not provided in the request. | + | 400 | `BAD_REQUEST` | The access request ID is required but was not provided in the request. | | 400 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | - | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. (NOT IN CODE) | + | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | | 403 | `FORBIDDEN` | Access denied to resource. | - | 404 | `QUESTIONNAIRE_RESPONSE_NOT_FOUND` | No questionnaire response was found for the provided access request ID. | - | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. (NOT IN CODE) | - | 408 | `TIMEOUT` | Request timed out. (NOT IN CODE) | - | 429 | `THROTTLED` | You have exceeded your application's (NOT IN CODE) [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | + | 404 | `QUESTIONNAIRE_RESPONSE_NOT_FOUND` | No questionnaire response was found for the provided access request ID. | + | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | + | 408 | `TIMEOUT` | Request timed out. | + | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | content: application/fhir+json: @@ -390,7 +390,7 @@ paths: | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. (Could be possible? there is a generic try catch that returns an APIError object with whatever error it gets thrown) | | 501 | `NOT_IMPLEMENTED` | API Endpoint not implemented. | - | 502 | `BAD_GATEWAY` | Connection to the backend service failed. (NOT IN CODE) | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | | 503 | `DOWNSTREAM_SERVICE_ERROR` | Failed to generate response | content: @@ -489,16 +489,16 @@ paths: | HTTP status | Error code | Description | | ----------- | ---------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | | 400 | `MISSING_IDENTIFIER_VALUE` | Missing RelatedPerson NHS number. | - | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. (NOT IN CODE) | - | 403 | `FORBIDDEN` | Access denied to resource. (NOT IN CODE - less certain this is one) | + | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | + | 403 | `FORBIDDEN` | Access denied to resource. (NOT IN CODE - less certain this is one) | | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | - | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. (NOT IN CODE) | - | 408 | `TIMEOUT` | Request timed out. (NOT IN CODE) | + | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | + | 408 | `TIMEOUT` | Request timed out. | | 422 | `INVALID_IDENTIFIER_SYSTEM` | Invalid identifier system. | | 422 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | | 422 | `INVALID_PATIENT_IDENTIFIER_VALUE` | Malformed Patient NHS number. | | 422 | `INVALID_IDENTIFIER_VALUE` | Malformed RelatedPerson NHS number. | - | 429 | `THROTTLED` | You have exceeded your application's (NOT IN CODE) [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | + | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | content: application/fhir+json: @@ -524,7 +524,7 @@ paths: | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | | 501 | `NOT_IMPLEMENTED` | API Endpoint not implemented. | - | 502 | `BAD_GATEWAY` | Connection to the backend service failed. (NOT IN CODE) | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | content: application/fhir+json: @@ -644,11 +644,11 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | - | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. (NOT IN CODE) | + | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | | 404 | `GP_PRACTICE_NOT_FOUND` | GP Practice not found. | - | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. (NOT IN CODE) | - | 408 | `TIMEOUT` | Request timed out. (NOT IN CODE) | + | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | + | 408 | `TIMEOUT` | Request timed out. | | 422 | `INVALID_PARAMETER` | Invalid parameter. For details, see the `diagnostics` field. | | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | @@ -770,23 +770,23 @@ paths: | HTTP status | Error code | Description | | ----------- | --------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | - | 400 | `MISSING_IDENTIFIER_VALUE` | Missing grantee or patient identifier. | - | 400 | `MISSING_IDENTIFIER_SYSTEM` | Missing grantee or patient identifier system. | + | 400 | `MISSING_IDENTIFIER_VALUE` | Missing grantee or patient identifier. | + | 400 | `MISSING_IDENTIFIER_SYSTEM` | Missing grantee or patient identifier system. | | 400 | `MISSING_PATIENT` | Missing patient. | | 400 | `MISSING_GRANTEE` | Missing grantee. | | 400 | `MISSING_GRANTOR` | Grantor extension is required when creating or activating an active proxy role. | - | 400 | `MISSING_GRANTOR_REFERENCE` | Grantor extension is present but missing valueReference. | - | 400 | `MISSING_GRANTOR_IDENTIFIER`| Grantor extension is present but missing valueIdentifier. | + | 400 | `MISSING_GRANTOR_REFERENCE` | Grantor extension is present but missing valueReference. | + | 400 | `MISSING_GRANTOR_IDENTIFIER`| Grantor extension is present but missing valueIdentifier. | | 400 | `MISSING_STATUS` | Missing status. | | 400 | `MISSING_SCOPE` | Missing scope. | | 400 | `MISSING_CATEGORY` | Missing category. | | 400 | `MISSING_DATETIME` | Missing datetime. | - | 400 (422 in the code but we need a new error to cover this) | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | + | 400 (422 in the code but we need a new error to cover this) | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | | 400 | `BAD_REQUEST` | Invalid request. For details, see the `diagnostics` field. | - | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. (NOT IN CODE) | + | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | | 403 | `FORBIDDEN` | Access denied to resource. | - | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. (NOT IN CODE) | - | 408 | `TIMEOUT` | Request timed out. (NOT IN CODE) | + | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | + | 408 | `TIMEOUT` | Request timed out. | | 409 | `DUPLICATE_RELATIONSHIP` | Conflict with requested proxy role. | | 422 | `INVALID_IDENTIFIER_VALUE` | Invalid grantee or patient identifier value. | | 422 | `INVALID_IDENTIFIER_SYSTEM` | Invalid grantee or patient identifier system. | @@ -798,8 +798,8 @@ paths: | 422 | `INVALID_DATETIME` | Invalid datetime. | | 422 | `INVALID_PROVISION` | Invalid provision. | | 422 | `INVALID_EXTENSION` | Invalid extension. | - | 422 | `INVALID_GRANTOR_VALUE` | Grantor ODS code is missing, empty, whitespace-only or invalid format. | - | 422 | `INVALID_PERFORMER` | Invalid performer. | + | 422 | `INVALID_GRANTOR_VALUE` | Grantor ODS code is missing, empty, whitespace-only or invalid format. | + | 422 | `INVALID_PERFORMER` | Invalid performer. | | 422 | `INVALID_GRANTOR_SYSTEM` | Grantor identifier system is invalid (must be 'https://fhir.nhs.uk/Id/ods-organization-code'). | | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | @@ -1078,7 +1078,7 @@ paths: | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | | 408 | `TIMEOUT` | Request timed out. | | 409 | `DUPLICATE_PATCHES` | Two or more patches use same path. | - | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. (NOT IN CODE) | + | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. (NOT IN CODE) | | 422 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | | 422 | `INVALID_EXTENSION` | Invalid extension. | | 422 | `INVALID_PATCH` | Invalid patch. | @@ -1088,8 +1088,8 @@ paths: | 422 | `INVALID_STATE_TRANSITION` | Invalid state transition. | | 422 | `INVALID_LEGAL_BASIS_CODE` | Invalid legal basis code. | | 422 | `INVALID_END_DATE` | End date is invalid. | - | 422 | `INVALID_GRANTOR_VALUE` | Invalid grantor identifier value. For details, see the `diagnostics` field. | - | 422 | `INVALID_GRANTOR_SYSTEM` | Invalid grantor system value. For details, see the `diagnostics` field. | + | 422 | `INVALID_GRANTOR_VALUE` | Invalid grantor identifier value. For details, see the `diagnostics` field. | + | 422 | `INVALID_GRANTOR_SYSTEM` | Invalid grantor system value. For details, see the `diagnostics` field. | | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | content: From 03d2d34cc27de98bb3061389d65015fef8eddf9c Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Fri, 13 Mar 2026 13:16:12 +0000 Subject: [PATCH 11/18] NPA-6425: final tidy up of spec --- specification/validated-relationships-service-api.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index fa01542d..02c5ab0d 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -274,7 +274,7 @@ paths: | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | | 408 | `TIMEOUT` | Request timed out. | | 409 | `DUPLICATE_RELATIONSHIP` | A proposed proxy role already exists for this proxy/patient relationship. | - | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. (NOT IN CODE) | + | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. | | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | content: @@ -293,7 +293,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | - | 502 | `BAD_GATEWAY` | Connection to the backend service failed. (NOT IN CODE) | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | content: application/fhir+json: @@ -490,7 +490,7 @@ paths: | ----------- | ---------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | | 400 | `MISSING_IDENTIFIER_VALUE` | Missing RelatedPerson NHS number. | | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | - | 403 | `FORBIDDEN` | Access denied to resource. (NOT IN CODE - less certain this is one) | + | 403 | `FORBIDDEN` | Access denied to resource. | | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | | 408 | `TIMEOUT` | Request timed out. | @@ -1078,7 +1078,7 @@ paths: | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | | 408 | `TIMEOUT` | Request timed out. | | 409 | `DUPLICATE_PATCHES` | Two or more patches use same path. | - | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. (NOT IN CODE) | + | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. | | 422 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | | 422 | `INVALID_EXTENSION` | Invalid extension. | | 422 | `INVALID_PATCH` | Invalid patch. | From e03786738cd83b51f9a735a199b2e01689806635 Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Fri, 13 Mar 2026 13:23:33 +0000 Subject: [PATCH 12/18] NPA-6425: removed leftover comment --- specification/validated-relationships-service-api.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index 02c5ab0d..749fb3d1 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -781,13 +781,13 @@ paths: | 400 | `MISSING_SCOPE` | Missing scope. | | 400 | `MISSING_CATEGORY` | Missing category. | | 400 | `MISSING_DATETIME` | Missing datetime. | - | 400 (422 in the code but we need a new error to cover this) | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | | 400 | `BAD_REQUEST` | Invalid request. For details, see the `diagnostics` field. | | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | | 403 | `FORBIDDEN` | Access denied to resource. | | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | | 408 | `TIMEOUT` | Request timed out. | | 409 | `DUPLICATE_RELATIONSHIP` | Conflict with requested proxy role. | + | 422 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | | 422 | `INVALID_IDENTIFIER_VALUE` | Invalid grantee or patient identifier value. | | 422 | `INVALID_IDENTIFIER_SYSTEM` | Invalid grantee or patient identifier system. | | 422 | `INVALID_PATIENT` | Invalid patient. | From f38eaf7a5fcf60f6473fcc22deb07679bd89e76f Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Fri, 13 Mar 2026 13:37:31 +0000 Subject: [PATCH 13/18] NPA-6425: removed random apostrophe --- specification/validated-relationships-service-api.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index 749fb3d1..38db742d 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -41,7 +41,7 @@ info: ## Service level This API is a bronze service, meaning it is operational and supported only during business hours (8am to 6pm), Monday to Friday excluding bank holidays. - For more detail's, see [service levels](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#service-levels). + For more details, see [service levels](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#service-levels). ## Technology This API is [RESTful](https://digital.nhs.uk/developer/guides-and-documentation/our-api-technologies#basic-rest). From 18ebcc4671a3786178f22895122a2ace348c2bbd Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Fri, 13 Mar 2026 13:44:09 +0000 Subject: [PATCH 14/18] NPA-6425: reverted NOT FOUND error correction --- specification/validated-relationships-service-api.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index 38db742d..65aefb9e 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -330,7 +330,7 @@ paths: | Valid access request ID | ID value: `156e1560-e532-4e2a-85ad-5aeff03dc43e` | HTTP Status 200 with QuestionnaireResponse | | Invalid access request ID | ID value: `INVALID` | HTTP Status 400 with INVALID_IDENTIFIER_VALUE message | | Missing access request ID | No ID path parameter | HTTP Status 405 with METHOD_NOT_ALLOWED message | - | Non-existent access request ID | ID value: `60d09b82-f4bb-41f9-b41e-767999b4ac9b` | HTTP Status 404 with NOT_FOUND message | + | Non-existent access request ID | ID value: `60d09b82-f4bb-41f9-b41e-767999b4ac9b` | HTTP Status 404 with QUESTIONNAIRE_RESPONSE_NOT_FOUND message | ### Sandbox constraints From f8d2092401da10a6358016492bf18f888a3d830a Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Tue, 17 Mar 2026 10:58:58 +0000 Subject: [PATCH 15/18] NPA-6425: removed comment --- .../validated-relationships-service-api.yaml | 2 +- test-report.xml | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 test-report.xml diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index 65aefb9e..a3ec03f6 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -388,7 +388,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | - | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. (Could be possible? there is a generic try catch that returns an APIError object with whatever error it gets thrown) | + | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | | 501 | `NOT_IMPLEMENTED` | API Endpoint not implemented. | | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | | 503 | `DOWNSTREAM_SERVICE_ERROR` | Failed to generate response | diff --git a/test-report.xml b/test-report.xml new file mode 100644 index 00000000..ca96f551 --- /dev/null +++ b/test-report.xml @@ -0,0 +1,18 @@ +/opt/homebrew/Cellar/python@3.14/3.14.3_1/Frameworks/Python.framework/Versions/3.14/lib/python3.14/importlib/__init__.py:88: in import_module + return _bootstrap._gcd_import(name[level:], package, level) + ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +<frozen importlib._bootstrap>:1398: in _gcd_import + ??? +<frozen importlib._bootstrap>:1371: in _find_and_load + ??? +<frozen importlib._bootstrap>:1342: in _find_and_load_unlocked + ??? +<frozen importlib._bootstrap>:938: in _load_unlocked + ??? +.venv/lib/python3.14/site-packages/_pytest/assertion/rewrite.py:186: in exec_module + exec(co, module.__dict__) +sandbox/api/tests/conftest.py:3: in <module> + from ..app import app +sandbox/api/app.py:4: in <module> + from flask import Flask +E ModuleNotFoundError: No module named 'flask' \ No newline at end of file From de2fbce4b03373e7380bf5a22b17d01a1678527a Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Tue, 17 Mar 2026 11:01:52 +0000 Subject: [PATCH 16/18] NPA-6425: removed test-report.xml --- test-report.xml | 18 ------------------ 1 file changed, 18 deletions(-) delete mode 100644 test-report.xml diff --git a/test-report.xml b/test-report.xml deleted file mode 100644 index ca96f551..00000000 --- a/test-report.xml +++ /dev/null @@ -1,18 +0,0 @@ -/opt/homebrew/Cellar/python@3.14/3.14.3_1/Frameworks/Python.framework/Versions/3.14/lib/python3.14/importlib/__init__.py:88: in import_module - return _bootstrap._gcd_import(name[level:], package, level) - ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -<frozen importlib._bootstrap>:1398: in _gcd_import - ??? -<frozen importlib._bootstrap>:1371: in _find_and_load - ??? -<frozen importlib._bootstrap>:1342: in _find_and_load_unlocked - ??? -<frozen importlib._bootstrap>:938: in _load_unlocked - ??? -.venv/lib/python3.14/site-packages/_pytest/assertion/rewrite.py:186: in exec_module - exec(co, module.__dict__) -sandbox/api/tests/conftest.py:3: in <module> - from ..app import app -sandbox/api/app.py:4: in <module> - from flask import Flask -E ModuleNotFoundError: No module named 'flask' \ No newline at end of file From 9f5be893f671eda830b0ef86c0993f32abe54e99 Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Tue, 17 Mar 2026 11:23:00 +0000 Subject: [PATCH 17/18] NPA-6425: added test-report.xml to gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 5865c338..126c61fa 100644 --- a/.gitignore +++ b/.gitignore @@ -16,6 +16,7 @@ __pycache__/ .venv/ smoketest-report.xml +test-report.xml env .dir-locals.el *.pyc From 31c863fd2bb9d8cc81bb7e17970e215ec93f8144 Mon Sep 17 00:00:00 2001 From: Elliot Hallam <20362314+ehallam@users.noreply.github.com> Date: Wed, 18 Mar 2026 09:08:59 +0000 Subject: [PATCH 18/18] NPA-6425: reverted the relevant 422 statuses back to 400 --- .../validated-relationships-service-api.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index a3ec03f6..b84aaeb5 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -489,15 +489,15 @@ paths: | HTTP status | Error code | Description | | ----------- | ---------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | | 400 | `MISSING_IDENTIFIER_VALUE` | Missing RelatedPerson NHS number. | + | 400 | `INVALID_IDENTIFIER_SYSTEM` | Invalid identifier system. | + | 400 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | + | 400 | `INVALID_PATIENT_IDENTIFIER_VALUE` | Malformed Patient NHS number. | + | 400 | `INVALID_IDENTIFIER_VALUE` | Malformed RelatedPerson NHS number. | | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | | 403 | `FORBIDDEN` | Access denied to resource. | | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | | 408 | `TIMEOUT` | Request timed out. | - | 422 | `INVALID_IDENTIFIER_SYSTEM` | Invalid identifier system. | - | 422 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | - | 422 | `INVALID_PATIENT_IDENTIFIER_VALUE` | Malformed Patient NHS number. | - | 422 | `INVALID_IDENTIFIER_VALUE` | Malformed RelatedPerson NHS number. | | 429 | `THROTTLED` | You have exceeded your application's [rate limit](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#rate-limits). | content: @@ -777,6 +777,7 @@ paths: | 400 | `MISSING_GRANTOR` | Grantor extension is required when creating or activating an active proxy role. | | 400 | `MISSING_GRANTOR_REFERENCE` | Grantor extension is present but missing valueReference. | | 400 | `MISSING_GRANTOR_IDENTIFIER`| Grantor extension is present but missing valueIdentifier. | + | 400 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | | 400 | `MISSING_STATUS` | Missing status. | | 400 | `MISSING_SCOPE` | Missing scope. | | 400 | `MISSING_CATEGORY` | Missing category. | @@ -787,7 +788,6 @@ paths: | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | | 408 | `TIMEOUT` | Request timed out. | | 409 | `DUPLICATE_RELATIONSHIP` | Conflict with requested proxy role. | - | 422 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | | 422 | `INVALID_IDENTIFIER_VALUE` | Invalid grantee or patient identifier value. | | 422 | `INVALID_IDENTIFIER_SYSTEM` | Invalid grantee or patient identifier system. | | 422 | `INVALID_PATIENT` | Invalid patient. | @@ -1073,15 +1073,15 @@ paths: | 400 | `MISSING_GRANTOR` | Grantor extension is required when creating or activating a consent with status "active". For details, see the `diagnostics` field. | | 400 | `MISSING_GRANTOR_REFERENCE` | Grantor extension reference is required when creating or activating a consent with status "active". For details, see the `diagnostics` field. | | 400 | `MISSING_GRANTOR_IDENTIFIER`| Grantor extension identifier is required when creating or activating a consent with status "active". For details, see the `diagnostics` field. | + | 400 | `INVALID_PATCH` | Invalid patch. | + | 400 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | | 403 | `FORBIDDEN` | Access denied to resource. | | 405 | `METHOD_NOT_ALLOWED` | The method is not allowed. | | 408 | `TIMEOUT` | Request timed out. | | 409 | `DUPLICATE_PATCHES` | Two or more patches use same path. | | 415 | `UNSUPPORTED_MEDIA` | Unsupported media type. | - | 422 | `INVALID_VALUE` | Invalid Parameter or Invalid operation. | | 422 | `INVALID_EXTENSION` | Invalid extension. | - | 422 | `INVALID_PATCH` | Invalid patch. | | 422 | `INVALID_PATCH_PATH` | Invalid patch path. | | 422 | `INVALID_STATUS_CODE` | Invalid status code. | | 422 | `INVALID_STATUS_REASON` | Invalid status reason. |