diff --git a/images/Guidance-user-journey-no-consent.png b/images/Guidance-user-journey-no-consent.png new file mode 100644 index 0000000..e3148cd Binary files /dev/null and b/images/Guidance-user-journey-no-consent.png differ diff --git a/images/Guidance-userjourney-no-consent.png b/images/Guidance-userjourney-no-consent.png deleted file mode 100644 index 7da38f8..0000000 Binary files a/images/Guidance-userjourney-no-consent.png and /dev/null differ diff --git a/images/no-consent-guard-login-error-screen.png b/images/no-consent-guard-login-error-screen.png new file mode 100644 index 0000000..32d04f5 Binary files /dev/null and b/images/no-consent-guard-login-error-screen.png differ diff --git a/no-consent-guidance/index.html b/no-consent-guidance/index.html index 3b8386b..382e516 100644 --- a/no-consent-guidance/index.html +++ b/no-consent-guidance/index.html @@ -523,11 +523,11 @@

If a user does not agree to share their NHS login information, your service should display a clear message telling them they can either continue their journey or cannot use your service.

User journey asking users to share their NHS login information

- + Open this user journey flow in new window
- Diagram showing the flow that a user goes down when they do not agree to share their NHS login information with your service + Diagram showing the flow that a user goes down when they do not agree to share their NHS login information with your service

We ask users to agree to share their NHS login information with your service when:

@@ -658,10 +658,18 @@

Services that use NHS App in the broswer

Behaviour of the back button in the browser

-

When a user selects the back button in the browser, the preferred action for your service's no-consent error screen is to reload.

-

Current guidance instructs the user to close your service's no-consent error screen tab to return to the NHS App in the browser. +

Current guidance instructs the user to close your service's no-consent error screen tab to return to the NHS App in the browser.

Do not add your own back button to this page.

+

When a user selects the back button in the browser, the preferred action for your service's no-consent error screen is to reload. In a service where this is not possible, NHS login has implemented a technical solution to prevent users from entering the service again by means of the back button in the browser.

+

This solution means that if users go back using the browser back button and do not have either NHS authorisation cookies, or an ID token in place, they will be directed to an error screen within NHS login.

+ + Open this example of the NHS login internal error screen in new window + +
+ Diagram showing the internal NHS login error screen shown to a user who does not have NHS authorisation cookies or an ID token in place +
+

This error screen will be the responsibility of NHS login and no additional steps need to be taken by your service.

Services that use NHS App in the mobile application