NAV Navbar

V1.1.0 Release Notes

Release notes for version 1.1.0 of the CDR Standards.

Errata for v1.1.0

Since v1.1.0 was published the following errors have been identified and will be corrected in the next version:

High Level Standards

Change Description Link
Content-Type header optionality Clarified that the Content-Type header is only mandatory for PUT and POST calls HTTP Headers Section
x-fapi-interaction-id description clarification A clarification of the description recommended by the CDR Engineering team HTTP Headers Section
x-cds-subject header removed This header has been removed from the standards based on community consultation HTTP Headers Section
Modification of x-cds-User-Agent header The x-cds-User-Agent header has been renamed to x-cds-client-headers and clarified to exclude specific types of headers HTTP Headers Section
Bug fix for rate type In a previous decision the limitation of the rate type to plus or minus 100% was agreed to be removed. This has not been fixed Common Field Types Section

API End Points

Change Description Link
Clarified description of productName Clarified that the productName field in the account structure is set by the data holder not the account holder BankingAccount Section
accountName optional for domestic payee For some Banks the account name field is not captured for domestic payees so this field has been made optional BankingDomesticPayeeAccount Section
Aggregated transaction clarification The handling of the sharing of data related to aggregated transactions has been added to the description of the transaction history end point Get Transactions For Account Section
Term deposit maturity instructions as array The termDeposit field in the account detail structure has been converted into an array BankingAccountDetail Section
International payees with domestic accounts clarification Description for how to represent international payees that are represented as a domestic account for payment purposes Get Payee Detail Section
Corrected description for amount field The amount field in scheduled payments had an incorrect description text which has been fixed BankingScheduledPaymentSet Section
Updates to scheduled payments Series of amendments to the scheduled payments structure for lastWeekDay LastWeekday Section
Clarification of ISO 8601 usage Clarification that the recurrence syntax in ISO 8601 will not be used Various
Card art in product end points Version 2 of Get Products and Get Product Detail has been added to allow for the inclusion of card art fields Banking APIs Section

Information Security Profile

Change Description Link
Normative reference versions Added specific dates or versions to the normative reference table to avoid ambiguity Normative References
Removed references to Vectors Of Trust This change was recommended via the maintenance iteration to remove ambiguity from the standards InfoSec End Points Section & Scopes and Claims Section
Clarified id_token non-normative sample Non-normative id_token has been modified to include the refresh_token_expires_at and sharing_expires_at claims Scopes and Claims Section
Added CORS support for public end points Added a CORS section allowing for CORS to be enabled for Get Status, Get Outages, Get Products and Get Product Detail end points CORS Section
Removal of MTLS for specific end points Removal of the MTLS requirements for
  • The revocation end point hosted by Data Recipients
  • The JWKS end point hosted by Data Recipients
  • The JWKS end point hosted by Data Holders
  • The OIDC discovery end point hosted by Data Holders
InfoSec End Points Section

Consumer Experience

No Change