Product Backlog
This product backlog contains the features we're delivering to realise our API management vision. You can comment on features, upvote features, and suggest new features.
If your suggestion relates to our e-Referral service then please complete this form instead. To view e-Referral service requests, see here.
Performance testing capability
Provide something to help API consumers do performance testing. This might be a hosted service or a set of ready-to-go stubs.
NHS number card for Apple / Android wallets
Ability to add an NHS card to your Apple or Android wallet. Which would include; name and NHS number.
Training courses / hackathons
Organise formal training courses and / or hackathons for developers to learn how to use our APIs.
Expose APIs as a GraphQL gateway
It would be amazing if you could query a tree of data, then have role based access control to limit what data is returned based on your identity. This means data can ...
Create a building healthcare software guide for the workforce domain
Create a non-technical guide to building software that deals with the workforce within the NHS in England.
This might include roster management and more general ...
Role based access control (RBAC) for APIs
Currently, national APIs such as PDS rely on the calling system to implement role-based access controls (RBAC). This in turn increases the assurance burden on ...
Non-NHS Digital API producer teams
Make the API platform available to non-NHS Digital API producer teams. It's not clear what specific use cases this might be for.
APIs for the API platform itself
Provide APIs that allow API producers and/or API consumers to perform "platform" functions through an API. This might include API deployment, monitoring, analytics, ...
Expose a certificate renewal and download API
Every year 100s, if not 1000s of certificate renewals are performed by a human that requires too many manual steps.
This is costly to the business, it is error ...
Create a building healthcare software guide for the vaccinations domain
Create a non-technical guide to building software that deals with vaccinations within the NHS in England.
Information and training videos
Videos on the developer portal explaining things like how the portal works or tutorials on how to connect to our APIs.
My developer account - improved UX
The developer account is based on a product and has UX pain points. The scope of this feature is to refresh it and bring it more into the NHS Digital look & feel to ...
Onboarding - digitise
Make the onboarding process more online and more self-service.
User researcher capability
User research is really important for APIs, but API producer teams typically don't have a dedicated UR - perhaps because they don't see the value, perhaps because ...
Developer forum
Create an open forum where developers can ask questions and answers one another's questions. Curate it.
gRPC support
Please consider creating/supporting contract first API protocols like gRPC; gRPC is more performant over other API protocols and has a contract first approach where ...
OAuth support for single page apps
Some of our APIs require the end user to authenticate themselves and/or authorise their software to access them, using the OAuth 2.0 standard. OAuth 2.0 uses ...
FHIR validation service
Provide a service for validating FHIR message payloads. Possibly, this should be part and parcel of API sandboxes (and to some extent it already is).
Facility for people interested in an API to be notified of new releases
Historically it has been difficult to stay informed of API updates, particularly if these were not on TRUD.
It would help if developers could subscribe to an Api ...
Utilise Android OS for personal device CIS2 Authentication
Permit the functionality of iOS user/authentication for CIS2 to be extended (built out) for Android devices, negating the need for the most expensive form of mobile ...
Add usage patterns to API-M website
I think it would be useful to add the usage pattern to entries in the API catalogue pages - "open access", "application restricted" and "user restricted" as a ...
National RBAC role selection UI
Currently, for smartcard users, the Identity Agent will ask the end user to select a role to use for the current session (using the list of nationally-defined roles ...
Help and support - response time SLAs
Define and implement response time service level agreements for responding to support requests.
Test data tool refresh / single sign-on
The test data tool is a little long in the tooth, and also requires a separate account from the developer account, which we have to set up for you (not self service). ...
Domain model
Build and publish a domain model for NHS Digital APIs that defines a taxonomy for domains and consider how that impacts our API URL namespace. Ties in with feature to ...
App store / marketplace (FHIR?)
Create a place where external developers can publish their apps for all to see, for example like Smart on FHIR (https://apps.smarthealthit.org/)
Developer-facing analytics
Ability for developers to view analytic data for API traffic from their applications.
Calling application version management
Add an optional field in API requests specifying the software version of the Connecting System. This could be descriptive, such as 'v1.0.5', or an ID such as a GUID ...
Merge the two oath2 endpoints in the API-M INT environment into a single endpoint
Description:
There are two identity services in INT, both using Oauth2:
• One identity service “/oauth2” needs to use a smartcard/OIDC and uses NHS Identity to ...
Developer / integration guide - Urgent and Emergency care and 111
An online guide containing best practice guidance for integrating urgent and emergency care software with NHS Digital APIs
Other developer guides
As part of our vision to make learning easier, we want to produce a number of "developer guides" - on this page: ...
OAuth support for installed apps
Some of our APIs require the end user to authenticate themselves and/or authorise their software to access them, using the OAuth 2.0 standard. OAuth 2.0 uses ...