Interactive prototype hub
A high-fidelity, clickable prototype of the full H.A.R.D. claimant and Assessment-Provider / DWP journeys for the Health Assessment Advisory Service (HAAS), on behalf of DWP. Every flow, validation rule and the 7-day lifecycle is simulated in the browser — there is no backend, no real authentication and no real file handling.
Claimant journey · AP / DWP portal · Variant traceability (V1–V13)
Claimant journey EN + CY
The stateful retrieval journey. State (attempts, lockout, downloaded, expiry) persists across screens and both languages. Start at the SMS inbox, or deep-link any screen below.
-
1. SMS inbox
SMS1 + reminders, correct per-lot sender ID, Annex A copy verbatim.
-
2. Authentication
Passcode + NINO gate: 3-attempt lockout, generic anti-enumeration failure, expiry.
-
3. Welcome (pre-download)
Annex A Welcome copy verbatim.
-
4. Download
Forced download (attachment), no in-browser playback.
-
5. Outcome (post-download)
Annex A Outcome copy verbatim; 24h auto-delete note.
-
6. Already-downloaded / removed
File-removed, expired and already-downloaded states.
Assessment Provider / DWP portal EN
Entra OIDC in production; this demo uses temp-login. The nav is role-scoped — sign in as different roles to see RBAC and FAS-lot segregation change what is visible.
-
Sign in
Temp-login + reserved Entra ID (V13).
-
Dashboard
Lot-scoped request list; cross-lot 403 (V6).
-
Locate recording
Source catalogue + mandatory metadata.
-
Upload + validation
Drag-drop multi-file, per-file state, §3.5 pipeline (V7, V8).
-
Validation result
Pass vs quarantined / blocked (V7, V8).
-
Distribution + lifecycle
Language choice, per-lot sender ID, time-warp (V3, V4, V12).
-
SMS templates
EN/CY template catalogue, locale-parity build gate (V2, §8.6).
-
Request detail
Per-request hash-chained audit timeline; Team Lead reassignment (V10).
-
Admin (RBAC)
User provisioning, suspend/reactivate, cross-lot audit, no data-plane access (V6).
-
Reporting
Read-only KPIs from the audit stream.
-
Audit / SIEM
Hash-chained log, verify chain, storage failover (V9, V10).
Demo variant traceability (spec §8.5)
Each demo scenario maps to the screen(s) that prove it. Footer tags on every screen repeat this mapping so the prototype doubles as a demo script.
| Variant | Proves | Where to see it |
|---|---|---|
| V1 — Happy path (EN) | AP → SMS → passcode+NINO → download → audit. | Claimant journey |
| V2 — Welsh path (cy-GB) | Every screen + SMS in approved Welsh; EN/CY template parity is a build gate (§8.6). | Claimant journey (CY) · SMS templates |
| V3 — Reminder + expiry cadence | 72/96/120/144h reminders; 168h auto-delete. | Distribution time-warp |
| V4 — Post-download deletion | +24h auto-delete after a download. | Distribution time-warp |
| V5 — Security negatives | Wrong passcode → lockout; wrong NINO → generic failure; expired link. | Authentication |
| V6 — Lot segregation | Lot-A user cannot see Lot-B; cross-lot → 403. | Dashboard · Admin |
| V7 — Wrong-file prevention | Missing metadata / mismatch / oversized → blocked. | Upload |
| V8 — AV rejection | EICAR-style → quarantine + audit, no SMS. | Upload |
| V9 — Storage failover | OVH down → Wasabi serves; single ingress. | Audit / SIEM |
| V10 — Audit / SIEM evidence | Hash-chained events + chain verification. | Audit / SIEM · Request detail |
| V11 — Session / CA signals | Risky-user → session terminated; MFA gate (reserved). | Sign in |
| V12 — Branding (HAAS) | HAAS theme on DWP DS; per-lot sender IDs. | SMS inbox · Distribution |
| V13 — Temp-login mode | Auth without Entra, still role + lot scoped. | Sign in |