External Webhook API
This is an API that you must construct within your own service in order to receive webhook notifications from our own system.
You can receive:
- Events for in-house studies
- Events for orders
- Events for referrals
This documentation is provided as guidance for customers who need to receive events from our system.
Who can use this service
This service is intended for customers who have a commercial relationship with Acurable.
If you do not yet have a commercial relationship with us, or you would like to trial our solutions, contact us through our website.
This service is available to customers in the following regions:
- UK
- European Union
- USA
This API needs to be constructed by customers who have integrated with our integration API and require the ability to receive updates related to entities created within the Acurable platform.
Service level
We expect services that implement this API to be available 24 hours a day 365 days a year.
Our system will attempt to resend events to third party systems for a short period of time before it stops delivery attempts.
Support is available via our [email protected] email address. Response times will be dependent upon the SLA we have agreed within your contract.
If you do not yet have a contract with us we aim to respond to support requests within 3 business days.
Technology
This is a REST-based API.
It follows the JSON:API standard for our request and response schemas.
Request content types
This API needs to accept request payloads of the type application/json.
The Content-Type header on all requests from our system will include this value.
It is recommended that if this value is not sent in any of our requests then you must respond with a 415 Unsupported Media Type response.
Network access
Our service can talk to API implementations on the internet and on the Health and Social Care Network (HSCN).
HSCN connectivity is limited to the following environments:
- Test
- Pre-production
- Production UK
Security and authorisation
Our service can be configured to utlise the following authentication mechanisms for your API:
- Anonymous
- OIDC Client Credential Flow
If you require a different authentication mechanism then you must request it during your onboarding;
Environments and testing
| Environment | Internet IP | HSCN IP |
|---|---|---|
| Test | 34.62.57.205 | 10.122.196.101, 10.122.197.101 |
| Pre-production | 34.79.70.56 | 10.122.196.101, 10.122.197.101 |
| Production UK | 34.89.21.220 | 10.122.196.101, 10.122.197.101 |
| Production US | 35.184.178.10 | N/A |
| Production EU | 34.38.165.13 | N/A |
Test environment
Our test environment is for early developer testing & MVPs.
This environment is designed for customers who need to test upcoming work in progress on our platform against their integration.
This environment only emits events for entities created via the test environment API.
Pre-production environment
Our pre-production environment is for formal integration testing & acceptance.
This environment runs the same version of our platform as our production environment.
This environment only emits events for entities created via the pre-production environment API.
Onboarding
You need to get your software approved by us before it can go live with this API.
See the steps for onboarding.
Errors
We expect standard HTTP status codes to show whether an API request succeeded or not. These are usually in the range:
- 200 to 299 if it succeeded
- 302 if you must follow a new URL to fetch the resource requested
- 400 to 499 if it failed because of a client error by your application
- 500 to 599 if it failed because of an error on our service
You must ensure that your API responds using this standard convention.
Authentication
- Anonymous
- HTTP: Bearer Auth
Anonymous access
Security Scheme Type: | http |
|---|---|
HTTP Authorization Scheme: | other |
Bearer token authorization
Security Scheme Type: | http |
|---|---|
HTTP Authorization Scheme: | bearer |