govuk-one-login · ZahuraB · Dec 4, 2025 · Feb 26, 2026 · Feb 26, 2026 · Feb 26, 2026
diff --git a/source/before-integrating/index.html.md.erb b/source/before-integrating/index.html.md.erb
@@ -1,7 +1,7 @@
 ---
 title: Before you integrate with GOV.UK One Login
 weight: 2.0
-last_reviewed_on: 2023-09-15
+last_reviewed_on: 2026-04-10
 review_in: 6 months
 ---
 
@@ -18,13 +18,15 @@ Make sure you scope your services according to the [GOV.UK Service Standard guid
 
 Before you can start integrating with GOV.UK One Login, you need to:
 
+* [consider how to integrate third-party platforms with GOV.UK One Login][integrate.connect-third-party]
+* [choose the correct token authentication method][integrate.choose-correct-token-auth-method]
 * [choose the level of authentication for your service][integrate.choose-level-of-auth]
 * [choose the level of identity confidence for your service][integrate.choose-level-of-confidence]
-* [generate a key pair][integrate.generate-key-pair]
 * [choose which user attributes your service can request][integrate.choose-user-attributes]
-* [create a configuration for each service you’re integrating][integrate.create-configurations-for-each-service]
-* [set up your service’s configuration with GOV.UK One Login][integrate.set-up-configuration]
-* [ensure you are setting the User-Agent header on calls to GOV.UK One Login][integrate.set-user-agent-header]
+* [choose your sector identifier][integrate.choose-sector-id]
+* [set up your public and private keys][integrate.set-up-public-private-key]
+* [create a configuration for each service you are integrating][integrate.create-configurations-for-each-service]
+* [register and manage your service with GOV.UK One Login][integrate.set-up-configuration]
 
 To get started, you’ll need to [choose the level of authentication for your service][integrate.choose-level-of-auth].
 

diff --git a/source/before-integrating/integrating-third-party-platform.html.md.erb b/source/before-integrating/integrating-third-party-platform.html.md.erb
@@ -6,7 +6,7 @@ review_in: 6 months
 ---
 
 
-# Integrating third-party platforms with GOV.UK One Login
+# Consider how to integrate third-party platforms with GOV.UK One Login
 
 If you use a third-party platform (Software as a Service such as Salesforce or Microsoft Power Platform, or an identity provider such as Amazon Cognito or ForgeRock) to integrate with GOV.UK One Login, you might experience issues or specific limitations during integration.
 
@@ -20,7 +20,6 @@ GOV.UK One Login will update this page with information on integrating with thir
 | Salesforce       | You'll need to build an authentication provider plugin to integrate using Salesforce. <br></br><br></br> There's further [guidance on building an authentication provider plugin](https://github.com/govuk-one-login/onboarding-examples/blob/main/clients/salesforce-apex/README.md) (opens separate repository). 
 
 
-
 ## Set up client secret using `client_secret_post` 
 
 You should only use `client_secret_post` as the token authentication method if: 

diff --git a/source/before-integrating/use-correct-token-authentication-method.html.md.erb b/source/before-integrating/use-correct-token-authentication-method.html.md.erb
@@ -1,12 +1,12 @@
 ---
-title: Use the correct token authentication method
+title: Choose the correct token authentication method
 weight: 1
 last_reviewed_on: 2024-07-04
 review_in: 6 months
 ---
 
 
-# Use the correct token authentication method
+# Choose the correct token authentication method
 
 The platform you use to integrate with GOV.UK One Login will affect which token authentication method you need to use. 
 

diff --git a/source/partials/_changelog.erb b/source/partials/_changelog.erb
@@ -20,21 +20,21 @@
 | May 2 2025       | Updates <a href="/integrate-with-integration-environment/authenticate-your-user/#make-a-request-to-the-authorize-endpoint"> guidance to add information about using Proof Key for Code Exchange (PKCE) parameters in the authorise request.</a> Updates guidance <a href="/integrate-with-integration-environment/authenticate-your-user/#make-a-token-request"> to include information about using PKCE parameters in the token request.</a> Updates guidance <a href="/configure-for-production/"> to include guidance about `PKCEEnforced` field when configuring your service</a>.                                             |
 | Apr 15 2025      | Updates guidance <a href="/integrate-with-integration-environment/managing-your-users-sessions/#managing-user-sessions-if-your-service-session-is-less-than-1-hour">"Managing user sessions if your service session is less than 1 hour"</a> to add guidance on how to re-authenticate your users.  Updates the <a href="/integrate-with-integration-environment/authenticate-your-user/#error-handling-for-make-a-request-to-the-authorize-endpoint">'Make a request to the /authorize endpoint' table</a> to add an entry for `login_required` error code. |                                                              |
 | Apr 2 2025       | New guidance <a href="/test-your-integration/gov-uk-one-login-simulator/">"Test your service with the GOV.UK One Login simulator"</a> to add information about the new GOV.UK One Login simulator.                                                                                                                                                                      |
-| Mar 5 2025       | Updates guidance <a href="/before-integrating/integrating-third-party-platform/#integrating-third-party-platforms-with-gov-uk-one-login">"Integrating third-party platforms with GOV.UK One Login"</a> to add guidance on integrating with GOV.UK One Login using Amazon Cognito.                                                                |
+| Mar 5 2025       | Updates guidance <a href="/before-integrating/integrating-third-party-platform/#consider-how-to-integrate-third-party-platforms-with-gov-uk-one-login">"Consider how to integrate third-party platforms with GOV.UK One Login"</a> to add guidance on integrating with GOV.UK One Login using Amazon Cognito.                                                                |
 | Feb 17 2025      | Updates guidance <a href="/test-your-integration/using-integration-for-testing/#using-the-integration-environment-for-end-to-end-testing">"Using the integration environment for end-to-end testing"</a> to remove reference to the integration environment basic authentication challenge which has been removed and is no longer required.|
 | Jan 27 2025      | Updates guidance <a href="/integrate-with-integration-environment/authenticate-your-user">"Authenticate your user"</a> to add information about using the `max_age` parameter. Updates guidance <a href="/integrate-with-integration-environment/authenticate-your-user">"Generate an authorisation code"</a> to add information about validating `max_age` parameter.                                                                |
 | Jan 21 2025      | New guidance <a href="/quick-start/">"Quick start"</a> to help users see how a typical integration with GOV.UK One Login works.                                                                 |
 | Oct 23 2024      | Updates guidance <a href="/integrate-with-integration-environment/prove-users-identity/#understand-the-core-identity-signing-key-rotations">"Understand the core identity signing key rotations"</a> to add information on the frequency of key rotations for the environments.                                                                 |
 | Oct 22 2024      | Updates and renames ‘Generate a key pair’ page to include new guidance <a href="before-integrating/set-up-your-public-and-private-keys">"share your public keys using a JWKS endpoint"</a> to add other option when sharing your public key with GOV.UK One Login.                                                              | 
 | Sep 25 2024      | Updates guidance <a href="/before-integrating/register-and-manage-your-service/#register-and-manage-your-service">"Register and manage your service"</a> to add guidance on how to register and manage a service.                                                                 |
-| Sep 17 2024      | Updates guidance <a href="/before-integrating/integrating-third-party-platform/#integrating-third-party-platforms-with-gov-uk-one-login">"Integrating third-party platforms with GOV.UK One Login"</a> to add guidance on integrating with GOV.UK One Login using Salesforce.                                                                 |
+| Sep 17 2024      | Updates guidance <a href="/before-integrating/integrating-third-party-platform/#consider-how-to-integrate-third-party-platforms-with-gov-uk-one-login">"Consider how to integrate third-party platforms with GOV.UK One Login"</a> to add guidance on integrating with GOV.UK One Login using Salesforce.                                                                 |
 | Sep 6 2024       | Updates guidance <a href="/configure-for-production/#use-the-production-discovery-endpoint">"Use the production discovery endpoint"</a> to add the production discovery endpoint.                                                                 |
 | Aug 21 2024      | Updates guidance <a href="/configure-for-production/">"Configure your service for production"</a> to add information about how to configure your service for production.                                                                 |
 | Aug 20 2024      | Updates guidance <a href="/integrate-with-integration-environment/authenticate-your-user/#receive-response-for-retrieve-user-information">"Receive response for ‘Retrieve user information’"</a> to add a table explaining more about the response from the `/userinfo` endpoint.                                                                 |
 | Jul 29 2024      | Updates guidance <a href="/integrate-with-integration-environment/authenticate-your-user/#error-handling-for-make-a-request-to-the-authorize-endpoint">"Error handling for ‘Make a request to the /authorize endpoint"</a> to update we now return HTTP 400 Bad Request errors for requests with incorrect parameters.                            |
 | Jul 18 2024      | New guidance <a href="/integrate-with-integration-environment/prove-users-identity/#validate-the-core-identity-claim-jwt-using-a-public-key">"Validate the core identity claim JWT using a public key"</a>. Contains information about validating the core identity claim JWT using a public key, which GOV.UK One Login publishes in its Decentralized Identifier (DID) documents.|
 | Jul 9 2024       | Removes the `https://vocab.account.gov.uk/v1/socialSecurityRecord` claim                                                                                                                                                                                                                                                                          |
-| Jul 4 2024       | New guidance <a href="/before-integrating/integrating-third-party-platform/">"Integrating third-party platforms with GOV.UK One Login"</a> which contains information about integrating with GOV.UK One Login using a third-party platform, and contains details about the <code>client_secret_post</code> token authentication method.           |
+| Jul 4 2024       | New guidance <a href="/before-integrating/integrating-third-party-platform/#consider-how-to-integrate-third-party-platforms-with-gov-uk-one-login">"Consider how to integrate third-party platforms with GOV.UK One Login"</a> which contains information about integrating with GOV.UK One Login using a third-party platform, and contains details about the <code>client_secret_post</code> token authentication method.           |
 | Jun 21 2024      | Updates guidance <a href="/integrate-with-integration-environment/authenticate-your-user/#error-handling-for-make-a-request-to-the-authorize-endpoint">"Error handling for ‘Make a request to the /authorize endpoint"</a> to clarify the <code>{"message": "Internal server error"}</code>HTTP 502 Bad gateway error.                            |
 | Jun 18 2024      | Includes example data to help with building mocks: Access example data.                                                                                                                                                                                                     |
 | May 22 2024      | New guidance <a href="/test-your-integration/using-integration-for-testing/">Using the integration environment for end-to-end testing</a> to explain how to use the integration environment for end-to-end testing.                                                                                                                               |

diff --git a/source/partials/_links.erb b/source/partials/_links.erb
@@ -22,9 +22,11 @@
 [integrate.choose-request-claim]: /before-integrating/choose-which-user-attributes-your-service-can-request/#choose-which-claims-your-service-can-request
 [integrate.choose-request-scope]: /before-integrating/choose-which-user-attributes-your-service-can-request/#choose-which-scopes-your-service-can-request
 [integrate.choose-sector-id]: /before-integrating/choose-your-sector-identifier/
+[integrate.choose-correct-token-auth-method]: /before-integrating/use-correct-token-authentication-method/
 [integrate.choose-user-attributes]: /before-integrating/choose-which-user-attributes-your-service-can-request/
 [integrate.client-id]: /before-integrating/create-individual-configurations-for-each-service/#understanding-the-client-identifier
 [integrate.create-configurations-for-each-service]: /before-integrating/create-individual-configurations-for-each-service/
+[integrate.set-up-public-private-key]: /before-integrating/set-up-your-public-and-private-keys/
 [integrate.generate-key-pair]: /before-integrating/set-up-your-public-and-private-keys/#create-a-key-pair
 [integrate.share-public-key]: /before-integrating/set-up-your-public-and-private-keys/#share-your-public-key-with-gov-uk-one-login
 [integrate.share-your-fixed-public-key]: /before-integrating/set-up-your-public-and-private-keys/#share-your-fixed-public-key
@@ -34,7 +36,7 @@
 [integrate.set-up-configuration]: /before-integrating/register-and-manage-your-service/
 [integrate.token-authentication-method]: /before-integrating/register-and-manage-your-service/#register-and-manage-your-service
 [integrate.set-user-agent-header]: /before-integrating/set-user-agent-header/
-[integrate.use-correct-token-auth-method]: /before-integrating/use-correct-token-authentication-method/
+[integrate.connect-third-party]: /before-integrating/integrating-third-party-platform/#consider-how-to-integrate-third-party-platforms-with-gov-uk-one-login
 
 <!-- integrating links (Auth) -->
 [integrate.integrate]: /integrate-with-integration-environment/