Disclosing a security issue upstream

Government as a Platform team in their morning stand-up

As an Open Source community member, you are responsible for handling any security issues you identify. This post provides an example of a security issue we encountered and resolved by working with the project security team.

Our approach to API authentication

We’ve recently written a number of blog posts on APIs covering the basic areas like making use of HTTP, URIs, JSON and CSV, as well as on the topic of more complex subjects like how to iterate. There  are further …

Using containers to help develop GOV.UK Pay

We’ve recently begun using container tools on GOV.UK Pay to help us run the platform locally and make development less resource heavy. GOV.UK Pay consists of several interacting microservices: a citizen front end, a government service admin interface, a public …