Technical standards

The technical standards are what data and dashboard providers will use to interface with the  central technical architecture and/or each other. This includes the connectivity mechanisms; protocols for authorising the sharing of information; the methodology for the generation of pension identifiers, tokens, globally unique identifiers used in ecosystem transactions; and the rules for registration of pension identifiers for pensions found.

Further technical documentation to accompany the technical standards will be released at a later date.

All PDP standards are published as ‘draft’ until approved by the Secretary of State for Work and Pensions. Find out more about PDP’s approach to standards governance.

PDP recommends schemes and providers align with the current version whilst preparing for connection. This version was developed following industry consultation and review by PDP volunteer participants.

PDP may make further changes before seeking formal approval. Only necessary changes will be considered and we will work with industry to understand potential impacts.

Download technical standards

Changelog

Published 19 July 2022
Last updated 21 November 2022
Show all updates

Introduction

1 to 12. New section: updated to include common introduction

API technical standards: transaction monitoring

69. New line: added Xrequest ID as the method of transport for the transaction ID

Find API: HTTP method

77. request ID removed from the table

78. New line: added Xrequest ID to the header of the example

78. Deleted line: removed request ID from the body of the example

Obtain PAT API: HTTP method

90. Correction: correction of grant example

91. New line: added Xrequest ID to the header of the example

Register PeI API: resource description

109. New line: added registration reason

110. New line: added inbound request ID

111. New line: added inbound event type

112. New line: added inbound timestamp

Register PeI API: create resource description

114. New line: added Xrequest ID to the header of the example

114. New line: added registration reason to the body of the example

114. New line: added inbound request id to the body of the example

114. New line: added inbound event type to the body of the example

114. New line: added inbound timestamp to the body of the example

Register PeI API: read resource description

118. New line: added Xrequest ID to the header of the example

119. New line: added registration reason to the body of the example

119. New line: added inbound request id to the body of the example

119. New line: added inbound event type to the body of the example

119. New line: added inbound timestamp to the body of the example

Register PeI API: update resource description

123 to 125. New line: content type added

124. New line: added Xrequest ID to the header of the example

124. New line: added Xrequest ID to the header of the example

124. New line: added inbound request id to the body of the example

124. New line: added inbound event type to the body of the example

124. New line: added inbound timestamp to the body of the example

Register PeI API: list resource description

128. New line: added Xrequest ID to the header of the example

View API: HTTP method

147. Further explanation: added text to say payload is validated against JSON schema

148. New example: pension details example changed

View API: error handling

149 to 154. Example added: example missing for one of the error types

Introspect API: HTTP method

160. New line: added Xrequest ID to the header of the example

Permission API: HTTP method

170. New line: added Xrequest ID to the header of the example

PAT refresh API: error handling

179. New paragraph: added HTTP 401 error

PAT refresh API: HTTP method

185. New line: added Xrequest ID to the header of the example

Authorise API: HTTP method

197. New line: added Xrequest ID to the header of the example

Obtain PeIs API: HTTP method

206. New line: added Xrequest ID to the header of the example

Obtain PeIs API: tesponse

207. Error: JSON array error corrected on pei’s

208. Omission: empty array example for a 200 where no pei’s exist to be sent back

Obtain PeI configuration API: HTTP method

217. New line: added Xrequest ID to the header of the example

217. More clarity: complete section changed to reflect simpler explanation

Technical standards. JWT signing and verification

230 to 232. New paragraph and example: added kid parameter