How I scraped the CQC Care Register without hitting the API auth wall

The Care Quality Commission regulates 56,000+ healthcare and social care locations in England — care homes, GP surgeries, hospitals, dental practices, home care agencies. If you work in care sector tech, you've probably needed this data at some point.

There's a CQC REST API, and I was planning to wrap it. Then I hit the auth wall.

The API is now authenticated

CQC migrated their API to api.service.cqc.org.uk and added bearer token authentication. You need to register at their developer portal, create an application, and include an Authorization: Bearer <token> header on every request. That's not a dealbreaker for enterprise use cases, but it creates friction for a data product — it means requiring users to register with CQC before they can run your actor.

I checked the old API base (api.cqc.org.uk/public/v1) as a fallback. HTTP 403. Fully blocked.