V1.15.0 Release Notes
Release notes for version v1.15.0 of the CDR Standards.
This release minor errata and documentation fixes.
High Level Standards
| Change | Description | Link |
|---|---|---|
| Energy and Register endpoint versioning | Added Energy and Register endpoints to the Endpoint Versioning Schedule in line with Banking | Endpoint Versioning Schedule |
| Data Quality NFRs | Updated the data quality definitions regarding consumer data to align to upstream CDR Privacy Safeguards based on OAIC feedback | Data Quality |
| Navigation | Added schema list menu navigation and accordion to improve scrolling and usability | N/A |
API End Points
| Change | Description | Link |
|---|---|---|
| All authenticated resource endpoints | Updated the schema to indicate the x-fapi-auth-date header is mandatory for authenticated endpoints | N/A |
| Get Account Detail v2 | Changes to accomodate lending products without an instalment date or repayment frequency | Get Account Details |
| Register APIs | Corrected GetDataHolderBrands registerUType and jwksEndpoint schema definitions to clarify their usage in DH to ADR client authentication |
Register APIs |
| Register APIs | Corrected Register Discovery Document definition defect renaming request_object_signing_alg_values_supported to token_endpoint_auth_signing_alg_values_supported |
Register APIs |
| Energy schema | Fixed a schema bug which included an extraneous comma that caused OAS3 validation issues | Energy Schema |
| Energy schema | Updated EnergyPlanTariffPeriod schema in Energy Accounts and otherCharges objects in Billing and Invoice schemas to cater for C&I tariffs and charges | Energy Schema |
| Register APIs | Updated register swagger definitions to accommodate new endpoint versions covering multiple CDR sectors | Register APIs |
| Additional document URIs for Banking PRD | Support for secondary additional information URIs for banking product references | Get Products |
| Binding Energy standards | Updated energy standards to remove non-binding notices and made changes to reflect "Shared Responsibility Requests" in line with the Rules where previously they were referred to as "Secondary Responsibility Requests" | Energy Schema |
| Energy schema | Made EnergyPlanTariffPeriod.dailySupplyCharges optional to cater for C&I customers | Energy Schema |
| Energy schema | Updated EnergyPlanSolarFeedInTariff.tariffUType with correct ENUM values | Energy Schema |
| Energy schema | Updated EnergyBillingUsageTransaction and EnergyBillingOtherTransaction to accomodate C&I customers | Energy Schema |
| Energy schema | Updated Energy controlledLoad attribute description and Energy bulk balance endpoint menu text for clarity and consistency | Energy Schema |
| Energy schema | Update the list of mandatory attributes in EnergyInvoice schema with correct values and update swagger version to 1.15.0 | Energy Schema |
| Extended Banking Product feature support | Changes to accomodate additional enumerated product features | Get Account Details, and Get Product Details |
| Digital Wallet Payees | Changes to accomodate digital wallet payees | Get Payees, and Get Payee Detail |
| Get Customer Detail v2 | Changes to accomodate customer detail without a valid physical address for individual and non-individual consumers | Get Customer Detail |
| Register APIs | Added GetDataHoldersStatus endpoint | Register APIs |
Information Security Profile
| Change | Description | Link |
|---|---|---|
| Adoption of FAPI 1.0 Final | FAPI 1.0 adoption is introduced across three phases in accordance with Decision 209:
|
Security Profile |
| Authorisation Scopes | Added scope cdr-register:read to accommodate authenticated Register calls for participants outside of the banking sector |
Authorisation Scopes |
| Self-Signed JWT Audience | An immediate change to re-instate interoperability for Data Holders calling the Data Recipient's CDR Arrangement Revocation endpoint to revoke consent has been introduced. A phasing out of the multiple audience value support in favour of only the "resource path" for the end point being accessed is also introduced. | Self-Signed JWT Client Authentication |
| Data Recipient CDR Arrangement Endpoint | Armoured the Data Recipient hosted CDR arrangement endpoint by requiring the Data Holder to present the cdr_arrangement_id in a signed JWT |
CDR Arrangement Revocation End Point |
| OIDC Profile Scope | Added supporting requirements and standards for presenting the OIDC profile scope and individual claims | Scopes and Claims |
| Registration Validation | Added clarification that registration validation and responses must adhere to NFRs | Registration Validation |
| Data Holder Responsibilities | Added requirements for CDR Register and Data Holders to cater for missing statuses in Register API responses | Data Holder Responsibilities |
| Certificate Mangement | Fixed broken links to statically hosted certificate trust chain files | Certificate Management |
| Registration Validation | Provided clarification on registration request validation JWKS endpoint usage | Registration Validation |
| Authorization non-normative example | Updated the non-normative example to show the request of the sharing_expires_at and refresh_token_expires_at claims |
Authorisation End Point |
Consumer Experience
| Change | Description | Link |
|---|---|---|
| OIDC Profile Scope | Added CX data language standards for presenting the OIDC profile scope and individual claims | Profile scope CX |
| Joint Account CX Standards | Added the CX standards arising from Decision 162 in support of joint accounts and DOMS |