NHSDigital
diff --git a/‎proxies/live/apiproxy/policies/AssignMessage.OAuthPolicyErrorResponse.xml‎
Lines changed: 0 additions & 28 deletions b/‎proxies/live/apiproxy/policies/AssignMessage.OAuthPolicyErrorResponse.xml‎
Lines changed: 0 additions & 28 deletions
diff --git a/‎proxies/live/apiproxy/policies/ExtractVariables.OAuthErrorFaultString.xml‎
Lines changed: 0 additions & 9 deletions b/‎proxies/live/apiproxy/policies/ExtractVariables.OAuthErrorFaultString.xml‎
Lines changed: 0 additions & 9 deletions
diff --git a/‎proxies/live/apiproxy/policies/RaiseFault.404NotFound.xml‎
Lines changed: 42 additions & 0 deletions b/‎proxies/live/apiproxy/policies/RaiseFault.404NotFound.xml‎
Lines changed: 42 additions & 0 deletions
diff --git a/‎proxies/live/apiproxy/targets/target.xml‎
Lines changed: 7 additions & 10 deletions b/‎proxies/live/apiproxy/targets/target.xml‎
Lines changed: 7 additions & 10 deletions
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<!--
+ This policy raises a 404 error response for an invalid resource request.
+
+ Raisefault policies stop the execution of the current flow and move to the error flow, which returns the error response defined here to the requesting application.
+
+ For more information on RaiseFault policies within Apigee see the following resource:
+    * https://docs.apigee.com/api-platform/reference/policies/raise-fault-policy
+-->
+<RaiseFault async="false" continueOnError="false" enabled="true" name="RaiseFault.404NotFound">
+    <DisplayName>RaiseFault.404NotFound</DisplayName>
+    <Properties/>
+    <FaultResponse>
+        <Set>
+            <Headers/>
+            <StatusCode>404</StatusCode>
+            <ReasonPhrase>NotFound</ReasonPhrase>
+            <Payload>
+{
+    "issue": [
+        {
+            "code": "processing",
+            "details": {
+                "coding": [
+                    {
+                        "code": "INVALIDATED_RESOURCE",
+                        "display": "Resource that has been marked as invalid was requested - invalid resources cannot be retrieved",
+                        "system": "https://fhir.nhs.uk/R4/CodeSystem/ValidatedRelationships-ErrorOrWarningCode",
+                        "version": "1"
+                    }
+                ]
+            },
+            "severity": "error"
+        }
+    ],
+    "resourceType": "OperationOutcome"
+}
+            </Payload>
+        </Set>
+    </FaultResponse>
+    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
+</RaiseFault>
@@ -26,23 +26,20 @@
       </Response>
   </PostFlow>
   <FaultRules>
+    <FaultRule name="404_Not_Found">
+        <Step>
+            <Name>RaiseFault.404NotFound</Name>
+        </Step>
+        <Condition>response.header.x-amzn-ErrorType = "IncompleteSignatureException"</Condition>
+    </FaultRule>
     <FaultRule name="unauthorized">
         <Step>
             <Name>RaiseFault.401Unauthorized</Name>
               <Condition>
-              oauthV2.OauthV2.VerifyAccessToken.failed = true or fault.name = "invalid_access_token" or fault.name = "InvalidAccessToken" or fault.name = "access_token_not_approved" or fault.name = "apiresource_doesnot_exist" or fault.name = "InvalidAPICallAsNo" or fault.name = "ApiProductMatchFound"
+              oauthV2.OauthV2.VerifyAccessToken.failed = true or fault.name = "invalid_access_token" or fault.name = "InvalidAccessToken" or fault.name = "access_token_not_approved" or fault.name = "apiresource_doesnot_exist" or fault.name = "InvalidAPICallAsNo" or fault.name = "ApiProductMatchFound" or fault.name = "access_token_expired"
               </Condition>
         </Step>
     </FaultRule>
-    <FaultRule name="access_token_expired">
-      <Step>
-        <Name>ExtractVariables.OAuthErrorFaultString</Name>
-      </Step>
-      <Step>
-        <Name>AssignMessage.OAuthPolicyErrorResponse</Name>
-      </Step>
-      <Condition>oauthV2.OauthV2.VerifyAccessToken.failed</Condition>
-    </FaultRule>
   </FaultRules>
   <HTTPTargetConnection>
       <LoadBalancer>