API services versus API standards
NHS Digital has two distinct categories of APIs - API services (an actual callable national service) and API standards (a specification that is intended to aid peer-to-peer interoperability, but with no national service). The developer portal and API catalogue don't make this clear. The "getting started" page is currently aimed at use of API services, not API standards. The scope of this feature is to distinguish between API services and API standards, both in the API catalogue and also in the general information.
I agree with this one - but can the API standards also look at end point discovery, linking together with authentication standards, transport (use of proxy services?) as well? It would be great if there was one way of doing these things instead of us just adding to methods (MESH, SSP, NEMS over MESH, ITK3 over MESH, ITK2.2 web services......)
I agree with the comment from Kate that we need a set of implementation guides for these APIs and these should look to address different concerns so we can layer additional security and interaction patterns on as needed
Tony Heap Admin
The scope of this feature is now complete. All the entries in our API catalogue are tagged as API services (central or intermediary) or API standards. The comments above about endpoint discovery are valid, but aren't really part of the scope. I've created a separate feature - https://nhs-digital-api-management.featureupvote.com/suggestions/180532/consistent-endpoint-discovery