Docs

Platform Portal guide

A full guide to document an APIs, Event Systems, Channel Services and User guides on the Platform Portal.

Overview

Below is a step-by-step tutorial that walks you through the process of preparing an OpenAPI spec, AsyncAPI (events) spec, or MDX (custom markdown) page for the Platform Portal. As there are a lot of teams that need their services on the portals, this is a self-serve process. However, we are here to help with the following resources and tools in this guide.

  1. Uploading an API or Event Service will require both an API/Event System Specification and a product narrative page. Information is also available on updating and deprecating an API or Event Service.

  2. Uploading a Channel Service will require a product narrative page.

See the below sections for information on requirements for uploading and maintaining these content types.

Please give the Platform Portal Team a heads up if you are looking to put new content on the portals, this will mean we can ensure we capacity to help you (PO: Pete Dawson). All tickets related to the content should be linked to our External (DEVP-5) or Internal (DEVP-6) increments using 'Is Contained By'.

Guidelines and Requirements for APIs and Events

Standards and guidelines for APIs and events

APIs and events should meet the Standards and Guidelines outlined by architecture. In line with these standards, the below requirements are mandatory for users to identify and understand your API. All descriptions must be user-friendly and consumable by the end user and should take the shortest form possible.

  1. Response statuses with descriptions (2xx and 500 at a minimum)

  2. Tags and properties (Internal Portal: Domain tag and team property. External Portal: Tag for Product, User Type & Solution and team property, you can find the relevant domain to your team here.)

  3. OperationId field (In UpperCamelCase e.g. RetrieveSpendOptions)

  4. Title, endpoint, and parameter descriptions

  5. User friendly schema names (UpperCamelCase and max 50 characters)

  6. Servers and Description of Servers for Staging and Production on NDC and NDT environments (and Dev for Internal APIs)

  7. URLs without version numbers or /api

  8. Version numbers should use the format “1.0” (not 1.0.0, v1 or others).

  9. Titles must be user-friendly with alphabetic characters only, capitalized initial letters, and spaces between words. Titles must not contain ‘NewDay’ or partner names, version numbers, or the term ‘API’ as these are implicit.

  10. Response examples for all response statuses, responses should be formatted in the following format so they render correctly, like the example here:

If necessary you can use HTML tags or markdown to format the descriptions. This can be useful for adding lists of bolded text.

Allowed HTML tags are:

  • <b> for bold
  • <i> for italics
  • <ul> for unordered lists
  • <ol> for ordered lists
  • <li> for list items
  • <br> for line breaks

You also can use markdown:

  • ** for bold
  • * for italics
  • - for unordered lists

Use the API Previewer Tool in your design and build stages to understand where improvements can be made against the NewDay standards. If you need more information on our linting warnings, we have a Linting Warnings Guide.

Requirements for internal APIs and events

The following steps should be considered when uploading an internal API or event to the portal:

  1. Domain pages: When uploading an internal API or making changes to an existing API, the related domain page file must be updated. Use the existing format in file to document the new or updated API in the product grid.
  2. API Design Review: All APIs must go through the design review process before going live, all info here: API Design Review
  3. Product Narrative Content: Your API must be accompanied by a product narrative content page to reduce the manual invention needed for our internal users to understand our APIs. All information can be found in the dedicated section below.

Requirements for external APIs and events

Before an API can go external, it must go through our quality-checking process. This is key to keep our users happy as our external portal is regularly used by multiple external clients and as a tool in our sales process.

  1. Changelogging: When uploading an external API or making changes to an existing API, the changelog.mdx file is updated automatically. When in doubt feel free to reach out and request additional changes.
  2. API Design Review: All APIs must go through the design review process before going live, all info here: API Design Review
  3. Peer Reviewing: Your API spec and product narrative content pages (info detailed below) must be reviewed by the following people: Platform Portal PO, Client Solutions, Digital Archicturecture and Principal Engineering (this process can be organised by the Platform Portal PO if you let them know).
  4. Product Narrative Content: Your API must be accompanied by a product narrative content page to reduce the manual invention needed for our external users to understand our APIs. All information can be found in the dedicated section below.

Uploading an API or Event System Specification

Your API is rendered on the portal via an OpenAPI spec, an AsyncAPI (events) spec or a combination of the two. You can upload your files from your own GitHub repository and automate the PR to our repository using the GitHub Action provided below. If you don’t have access to our repo, contact your Engineering Manager.

This GitHub Action automatically validates your API specs against NewDay’s standards, checks for differences between the updated spec and the old version, and updates the content repo with the new spec.

Before you start: the Action reads a API file or files so they must be available during the run. The files can be stored in your repo or generated and accessible during the workflow.

Step-by-step guide

While using the GitHub Action, you will need the following information:

1

Use the correct version of the GitHub Action

Avoid using the main branch version. The current major version is v2: NewDayCards/DevPortal.Actions@v2.

2

Processing multiple files

To lint, validate, and upload multiple files, use YAML block scalar notation (|). Ensure that the files, target_file_paths, publish, and tags inputs have the same number of lines. For each file the Action will create a separate PR.

3

Use the correct token – github_token

To upload API specs to the Platform Portal, use the ORGANISATION_PAT_DEVPORTALCONTENT secret.

4

Name your files correctly – files

Use swagger.json for OpenAPI specs and swagger(async).json for combined AsyncAPI specs.

5

Use the correct file path in the content repo – target_file_paths

For external specs, use external/api-products/product-name/api-name/swagger.json. For internal APIs, use internal/api/domain-name/api-name/swagger.json.

6

Specify your team

Use the correct team name with proper casing. When in doubt, check the tags.json file.

7

Specify user type, product, and solution for external APIs, or domain for internal APIs – tags

Valid tags are listed in the tags.json file. Each file you upload must have corresponding tags.

8

Choose where your API should be published – publish

For new specs, set publish to false to deploy to the dev environment only. Setting it to true publishes it to all environments in the portal.

9

Decide whether to fail on validation warnings – throw_on_error

Setting throw_on_error to true will fail the job if the spec does not meet validation rules. Otherwise, the job will proceed normally.

10

Decide whether to fail on breaking changes – throw_on_breaking_diffs

Setting throw_on_breaking_diffs to true will fail the job if the spec has breaking changes. Otherwise, the job will proceed normally.

11

Control when your API is uploaded to the Portal – upload

By default, the API is uploaded when a PR is merged. The upload input allows setting custom conditions.

12

Process the linting results (optional) – use step outputs

If you're not using the throw_on_error input, or if it's set to false, you can access the Action's outputs: has_errors and has_warnings. These boolean outputs indicate whether the linter found any errors or warnings in your spec. You can use them later in your workflow with GitHub Actions syntax, like this: steps.action-step-id.outputs.has_errors and steps.action-step-id.outputs.has_warnings.

Usage example

Once we have merged your changes, they should update on the portal once we have done a release (usually done twice a week).

Troubleshooting

  • [object Object]

    Ensure that the file is available during the run. Check that:
    • The file path is correct in your repository.
    • If the spec is generated during the workflow, the step generating it runs before the upload step.
    • If using actions/checkout with a path parameter, update file paths to include the prefix.

  • [object Object]

    The action validates specs against NewDay's API guidelines. By default, failing standards validation does not result in action failure. If this is not expected behaviour, ensure that your throw_on_error code is not set to true.

  • [object Object]

    By default, the upload only occurs when a PR is merged into main. If you're running the workflow on another event (e.g., a push, a tag, or a scheduled run), you need to specify an explicit upload condition using the upload input.


    As a last resort, you can set upload to true, but we recommend defining a more specific condition to avoid accidental uploads.

  • [object Object]

    Check that:
    • Your PR was merged to main, as by default uploads only happen on main.
    • Your workflow ran successfully (check the logs in GitHub Actions).
    • You set publish: true if you intended for it to go live immediately. Otherwise, it remains in the dev environment.
    • The Portal release process has run — updates usually happen twice a week.

  • [object Object]

    Ensure that:
    • The tags are valid and match exactly as listed in tags.json.
    • The correct format is used (e.g., separate multiple tags with commas, and avoid extra spaces).
    • Each file you upload has corresponding tags, as missing tags can prevent processing.

  • [object Object]

    By default, the action creates a PR in the content repository for approval. If auto-merging is expected:
    • Check if the branch protection rules require approvals.
    • Ensure the GitHub token has the right permissions (contents: write required).
    • If automation is expected, confirm that branch policies allow auto-merging.

  • [object Object]

    Make sure that:
    • You are using the correct token: ORGANISATION_PAT_DEVPORTALCONTENT.
    • The token has write access to the content repository.
    • Your repo has permission to trigger workflows in the target repo.

Updating and Deprecating an API or Event System Specification

Updating APIs

If anything changes about an API, the specs should be uploaded to the portal with the relevant changes, it is key for users that we ensure the Platform Portal is up to date with the latest information. If an internal API changes team or domain, all services should be updated so their specs are tagged to the correct team or domain.

Versioning

  1. Minor Versions: These changes are non-breaking and should replace older minor versions upon upload to the portal. For example, if a team is on version 1.0 and makes changes to add support for more fields, the version they upload should be 1.1, and the previous version is replaced.

  2. Major Versions: These changes are breaking. Multiple major versions can coexist, allowing support for customers on different major versions simultaneously. Version control is administered via the content repository as follows:

    • Older versions must be marked with a specific version in their filenames. For instance, the latest version specifications are labeled as swagger.json, while previous versions need to include a version identifier in their filenames, such as swagger_v1.json.
    • When teams add spec files with the specified file naming to the content repository, older specs are rendered on the portal under a new URL, such as /api-products/core-credit/core-credit/archive/4.6/reference with the latest version displayed by default. All older versions are available in the archive dropdown.

Deprecating APIs, endpoints and fields

If you have an old version of an API or a legacy service on the portal, you will want to remove it to avoid confusion with users. To deprecate an API you need to set the pub ready settings to false, this will send the API to dev. This means it can be recovered if needed but it won’t display on the live version of the portal. If you only want to deprecate an endpoint or parameter you can use the native deprecated field in Open API, this will render ‘deprecated’ banners next to the endpoint or paramter on the portal.

If you have an API that you want to move users off, you should mark every endpoint as deprecated as below. This will mark the API as deprecated and will help to communicate the APIs status to users.

The endpoints and parameters can also be deprecated using the native Open API deprecated flag. This will render a deprecated banner next to the endpoint on the portal.

Uploading a product narrative page

Overview

Product narrative content pages are pages that take the MDX format and are designed to explain an API, Event System or Channel service, these can be used on internal or external APIs but the format is slightly different.

  1. To draft your product narrative content, we recommend using the Microsoft Copilot GPT-4 AI model. Start by feeding the AI model information about your service. Then prompt the model to answer the questions below.
  2. Use this text as your starting point and draft your product narrative content information in plain text. This text can be pulled in a word document, confluence page or any other method you wish.
  3. Once this is ready, send it for review by a member of the Platform Portal team. For external services, the page must be reviewed by the following people: Client Solutions, Digital Archicturecture and Principal Engineering (this process can be organised by the Platform Portal PO if you let them know).

When creating MDX product narrative content pages, all tickets relating to changes should be linked to our External (DEVP-5) or Internal (DEVP-6) increments using 'Is Contained By'.

Structuring your product narrative content for internal

Section 1 – Overview This section explains the service in a few sentences as high-level information.

Section 2 – Benefits Describe the functionality of the service, it’s capabilities and use cases. Describe which services it interacts with and what products it contributes to.

Section 3 – Authentication Describe how a user can become authenticated to use the service.

Section 4 – Intended Audience Describe who the consumers of the service are.



Structuring your product narrative content for external

Section 1 – Overview This section explains the service in a few sentences as high-level information. Section 2 – Non-technical Info Describe the functionality of the service from the perspective of ‘what does this enable you to do’ – think from the point of view of a Product Owner. For APIs, this section should include information on each endpoint or multi-endpoint capabilities as well as a description of the whole API capabilities. It is key that information about how this service interacts with our other services is included, the focus of this piece is your API but the context of the wider customer journey will help our customers understand the use cases.

Section 3 – Technical Info Describe the functionality of the service from the perspective of ‘how does the service work’ – think from the point of view of a Developer. Explain any customisations, statuses, or any other technical information that you think might be needed.

Section 4 – Mandatory Info

At the bottom of your page, you must put the standard ‘Getting started with NewDay’ and ‘Still have questions?’ content (you can copy this from the mdx file of an existing API, like the example below).

Example: NewDay eKYC API in portal and NewDay eKYC API in Github.

product narrative content should be customer and lender agnostic as we are developing a platform. Make sure to tailor your content with language that does not mention company names where possible. Consider whether your content will need to be reviewed by any other stakeholders before coming to us (e.g. Legal, Brand).

If you need any icons, images or diagrams, request them from the Platform Portal Team by raising a ticket on your board with the linked Issue set to ‘is contained by’. Then select ‘External DevPortal Content - DEVP-5’ or ‘Internal DevPortal Content - DEVP-6’ depending on which portal you will be uploading to. This Jira method means we can both track the progress of your content as it will be on both yours and our boards.

Using MDX to format your Product Narrative Page

To convert your plain text product narrative content into a renderable form, you will need to use MDX. We have created a full guide on how to use MDX.

The guide has code examples of the different components you may want to use such as a bullet point list. The easiest way to navigate it is by copying and pasting sections of this code and adapting it with your plain text content.

Once you have developed an MDX file, you can view it using our previewer tool. To upload your MDX file, follow the same process as for uploading a spec (above).

Things to note while using MDX:

  1. The right-hand navigation bar is rendered when you set right-nav to true, this will generate from the ‘H2’ heading sections.

  2. You will have to set pub-ready to true/false to show if your content is ready to be published or not.

  3. You will need to add a page title and description.

  4. For icons within MDX, you can use our icons library.

Uploading your mdx content page

To upload your mdx content page, manually upload the file to the Content Repo under the same folder as your API spec with title ‘index.mdx’.

Useful resources

FAQ

  • What file types does the Platform Portal support?

    The portal currently supports .json for specs and .mdx files for product narrative content pages.

  • Can I put up a ‘bare bones’ API on the internal portal?

    You can put an API on the internal portal if it meets the ‘Minimum Field Requirements’ outlined above.

  • Whose responsibility is it to upload documentation to the portal?

    It’s is the responsibility of the PO and Tech Lead to upload documentation to the portal.

  • Is a product narrative content page required when uploading to the portal?

    A product narrative content page is only required for the external portal. However, if you want to write one for the internal portal too it will make your API easier to consume by your colleagues.

  • What’s the difference between uploading to the internal or external portal?

    As above, the API will go into a different folder for internal or external. Other than that, APIs for the external environment must have a well-written content page and are held to a our normal high standard.

  • Who do I request to review my GitHub pull request?

    Select the Dev Portal team to review your PR using the 'DevPortal Content' request button.

  • When will my API go to production?

    Your API will go to production when we do a release, usually a couple of times a week.
  • What do you want to see next on this page?
  • Are there any features you want for the DevPortal?
  • Are there any tools you want to help with uploading?
  • We welcome any feedback, please let us know your thoughts!
  • For feature requests reach out to Pete Dawson.