...
The dataFromOtherOrg REST API call can be used to return a simple boolean for this purpose, which you might like to use to e.g. toggle a visual data availability indicator in your external system.
NHS login with assertedLoginIdentity
Since we’re using some external links to manage certain datapoints, there’s a possibility of losing one’s session while away from the PKB site. To avoid prompting the user with a login every time they use an external service, the following flow is implemented:
When the user logged in through NHS clicks a link pointing to an external service, we generate a token called assertedLoginIdentity
, and add it to the URL as a query parameter. The external service needs to add this same parameter to the callback URL pointing back to PKB.
When the user comes back to PKB using the callback URL, containing the assertedLoginIdentity
parameter, we do a login check via NHS. The token in this parameter helps to identify the user, and log them in without any action necessary from them. Once this automatic login is completed, we continue to redirect the user to the requested page within PKB.
Prompt parameter
If the external service wants to enforce an NHS login prompt, they can also add the optional prompt
parameter to the callback URL. This parameter will be passed to NHS, causing a login prompt even when the user has an NHS login session. If the prompt
parameter is not provided, we automatically pass prompt=none
to NHS.
PKB customer sites:deploy |developer |information governance |procurement |manual
...