Product Backlog

This product backlog contains the features we're delivering to realise our API management vision. You can comment on features, upvote features, and suggest new features. If your suggestion relates to our e-Referral service then please complete this form instead. To view e-Referral service requests, see here.

Smartcard authentication internet-facing

Make it possible to authenticate with a smartcard using NHS Identity on the internet i.e. without needing an HSCN connection.
Suggested by: Tony Heap (11 Jul, '20) Upvoted: 27 Jan Comments: 2

PDS FHIR API - application-restricted / smartcardless access

Enhance the PDS FHIR API so it can be accessed without an authenticated end user present (i.e. without the need for a smartcard) - similar to the way PDS Spine Mini ...
Suggested by: Tony Heap (11 Jul, '20) Upvoted: 01 Feb Comments: 12

Open ID Connect (OIDC) support on the OAuth server

Currently we use OAuth 2.0 to authorise external software to access APIs for healthcare workers. There is no standard way for external software to get the end user's ...
Suggested by: Tony Heap (22 Jul, '20) Upvoted: 14 Dec, '23 Comments: 1

Authorisation - NHS Identity - separate authentication and authorisation model

Currently, the only way to complete authorisation for a user-restricted API is using "combined authentication and authorisation" - authentication with NHS Identity ...
Suggested by: Tony Heap (16 Jul, '20) Upvoted: 06 May, '21 Comments: 1

API platform internet-facing

Make our API platform available on the internet, rather than being only available on the HSCN network.
Suggested by: Tony Heap (11 Jul, '20) Upvoted: 17 May, '23 Comments: 3

Role based access control (RBAC) for APIs

Currently, national APIs such as PDS rely on the calling system to implement role-based access controls (RBAC). This in turn increases the assurance burden on ...
Suggested by: Tony Heap (05 Aug, '20) Upvoted: 10 May, '23 Comments: 0

Make swagger/OAS files available

IMHO it would be good to provide developers with open-api/swagger.json documentation to allow the generation of http restful clients using open-api tooling for the ...
Suggested by: Grahame Horner (19 Jan, '21) Upvoted: 23 Oct, '23 Comments: 3

Client libraries and reference implementations

Provide client libraries and / or reference implementations to make it easier for developers to integrate their software with our APIs.
Suggested by: Tony Heap (11 Jul, '20) Upvoted: 11 Dec, '23 Comments: 2

APIs for the API platform itself

Provide APIs that allow API producers and/or API consumers to perform "platform" functions through an API. This might include API deployment, monitoring, analytics, ...
Suggested by: Tony Heap (10 Nov, '22) Upvoted: 15 Nov, '22 Comments: 5

Exemplar API - PDS FHIR API - search & retrieve - production

Make the PDS FHIR API available for production use, including the onboarding process.
Suggested by: Tony Heap (11 Jul, '20) Upvoted: 16 Oct, '21 Comments: 1

Exemplar API - PDS FHIR API - authentication for healthcare professionals using NHS Identity

Allow the PDS FHIR API to be accessed by healthcare professionals by authenticating with NHS Identity - using a smartcard or more modern alternative.
Suggested by: Tony Heap (11 Jul, '20) Upvoted: 19 Feb, '21 Comments: 0

gRPC support

Please consider creating/supporting contract first API protocols like gRPC; gRPC is more performant over other API protocols and has a contract first approach where ...
Suggested by: Grahame Horner (22 Jan, '21) Upvoted: 05 Jan, '22 Comments: 1

National RBAC role selection UI

Currently, for smartcard users, the Identity Agent will ask the end user to select a role to use for the current session (using the list of nationally-defined roles ...
Suggested by: Tony Heap (16 Nov, '20) Upvoted: 18 Nov, '20 Comments: 1

API design guide and process for API producer teams

A design guide for our API producer teams, backed up by a design review process, that will help ensure consistency across APIs.
Suggested by: Tony Heap (11 Jul, '20) Upvoted: 11 Jul, '20 Comments: 1

Exemplar API - PDS FHIR API - search & retrieve - sandbox

Build a callable sandbox for the PDS FHIR API search & retrieve endpoints.
Suggested by: Tony Heap (11 Jul, '20) Upvoted: 11 Jul, '20 Comments: 1

FHIR policy update

Our FHIR policy hasn't been looked at in a while. The scope of this feature is to revisit it and refresh it, maybe adding further details.
Suggested by: Tony Heap (12 Jan, '21) Upvoted: 12 Jan, '21 Comments: 0

Exemplar API - PDS FHIR API - FHIR conformance

Make the PDS FHIR API a FHIR-conformant API
Suggested by: Tony Heap (11 Jul, '20) Upvoted: 11 Jul, '20 Comments: 0

Exemplar API - PDS FHIR API - REST conformance

Make the PDS FHIR API a REST conformant API
Suggested by: Tony Heap (11 Jul, '20) Upvoted: 11 Jul, '20 Comments: 0