API update Dec 2015

Following swiftly on from Brigid McBride's last blog, here’s the first of many (hopefully!) updates from me.

For those of you I haven't already met, I'm Umer Ehsan, Head of Design and Delivery for the API Programme and Product Owner for the API Platform. I ensure consistency and coherence in HMRC’s API work to improve the interactive experience with HMRC through third party software.

Brigid talked recently about going live with the Private Beta for the API Developer Hub. It gives guidance on working with HMRC's​API Platform and documentation on the available APIs. We've had really positive feedback so far. The API Platform, which provides the underlying functionality and infrastructure, has been stable in production. Google Analytics data has been insightful and intriguing!​ We're having fun seeing unique visitors from Swindon to Stavanger (it's in Norway, in case you were wondering).

I also wanted to let you know we've delivered sandbox test environments for the SA Prepopulation and Class II NICs APIs. If you'd like to start using these capabilities as part of our Private Beta, please contact and let them know you're interested.

From a development perspective, we've just completed our stories on User Registration. A self-serve capability for software developers to register themselves on the API Developer Hub and log in/out on future visits. Our next focus is on Application Registration and Management, which will allow software developers to create an application, retrieve test and production credentials, and enable that application to use the APIs provided by HMRC. We're aiming to release all of these capabilities as part of the move to Public Beta in March 2016.

I'm pleased to announce we’ve just completed building works on the new Collaboration Zone for the Digital Delivery Centre in Yorkshire. As well as providing a modern working space for our staff, it reflects our intent to use our Yorkshire office as a strategic location for engaging and collaborating with the software developer community. I'll have details on the official launch date and the events plan for the site soon. So watch this space!

I know Brigid has mentioned it before, but I also wanted to pass on my thanks for the immense support we've been given by the software developer community through interviews, workshops and usability testing. We’ve now run user testing days in three different cities, London, Leeds and Bristol, with over 40 different software developers...

... but this doesn't go far enough! We’ve kicked off a stream of collaborative research around the OAuth 2.0 software authorisation flows on the API Platform. We recognised early that parts of these user journeys took place outside of HMRC's control, so we've been working with a small number of developers to create clickable prototypes that show how third party software can integrate the OAuth 2.0 flow. We're running usability sessions next week, so I’ll report back on what is a very novel way for us to test with users of third party software.

This is my first blog and I'm trying to give a sense the amount of work going on in the API Programme, without giving you war and peace. However, if there are technology areas that you're particularly interested in, please do leave comments or feedback, and I'll try to talk about it next time.

If you don't hear from me before, I wish you all a wonderful Christmas and a happy New Year.​

Share this page


  1. Comment by Becci Helm - Communications Team posted on

    Hi Angela
    Thanks for your feedback. I’m glad you’ve noticed that we are trying to make things clearer for our customers.

    Some of the posts on our Digital blog, especially the API ones (Application Programme Interface – or in English, how two computers systems talk to each other), are aimed at a more technical audience. This one is primarily for the software developers and IT professionals we’re working with, improving the way our systems interact with tax software used outside HMRC. And, if we know the audience for a particular blog will understand the technical terms, we tend to let our bloggers use them.

    When the blog topic is aimed at a wider audience, we try to make it less techie. Having said that though, there is always room for improvement and we’ll continue to try and make sure that all our blog posts can be understood by anyone like yourself who is interested in what we’re doing.
    Please let us know how we get on, and thanks again for taking the time to comment.

  2. Comment by mike posted on

    OAuth 2.0 - great news and can't come soon enough. Authenticating APIs using passwords just encourages the password anti-pattern. It's been a concern of mine for a while...

  3. Comment by Angela Williams posted on

    I found this blog so full of jargon that I am none the wiser about anything after reading it. Please can I ask for Plain English in blogs in the future and for someone to explain all abbreviations before using them. API? API platform? OAuth 2.0 software authorisation flows on the API Platform? TAs a tax practitioner I am very interested in what HMRC is doing but language like this is not helping me to understand any messages put forward. I know HMRC is capable of making things clearer. What happened here|?