UK API Pricing Guide 2025
API Type
Typical Scope
Timeline
ClickMasters Fixed Price
Simple REST API
5–15 endpoints, PostgreSQL, auth, OpenAPI
4–6 weeks
£6,000–£15,000
Complex REST API
20–50 endpoints, complex business logic, integrations
8–14 weeks
£15,000–£35,000
NHS FHIR R4 API
UK Core profiles, NHS SDS auth, PDS/EPS integration
10–16 weeks
£18,000–£40,000
FCA-regulated API
OpenAPI + FCA compliance, COBS disclosures, CASS
8–14 weeks
£18,000–£40,000
GDS public API
GOV.UK API standards, NCSC security, accessibility
8–12 weeks
£15,000–£35,000
Open Banking AISP/PISP
PSD2/PSRs AISP or PISP API, FCA authorisation
12–18 weeks
£25,000–£55,000
UK API Design Standards
| Standard | Who It Applies To | Key Requirements | ClickMasters Implementation |
|---|---|---|---|
| OpenAPI 3.0 | FCA COBS APIs, GDS public APIs, any external API | Machine-readable schema, request/response types, auth documented | Auto-generated from code (Fastify → OpenAPI via fastify-swagger) |
| NHS FHIR R4 UK Core | All NHS clinical data APIs | UK Core profiles, SNOMED CT coding, NHS SDS auth (RBAC) | HAPI FHIR server + UK Core validation |
| GOV.UK API Design Guidance | Government APIs (GDS service standard) | RESTful, versioned, rate-limited, JSON, HTTPS only | Standard REST, semver versioning, GOV.UK API keys |
| FCA Consumer Duty disclosure | FCA-regulated product APIs | Product information clearly disclosed (OpenAPI descriptions) | OpenAPI field descriptions include regulatory disclosure text |
| UK GDPR Article 25 | All APIs processing personal data | Data minimisation — return only fields needed for the specific operation | Per-endpoint field selection, no bulk personal data dumps |
API Versioning Strategy for UK Regulated APIs
FCA consideration: if your API serves client-facing data (account information, product information), FCA COBS requires that information is clear, fair, and not misleading. API response fields must have OpenAPI descriptions that are human-readable and FCA-compliant.