Awarded to Torchbox Ltd

Start date: Tuesday 1 March 2022
Value: £98,280
Company size: SME
The National Archives

Discovery & Alpha for a new improved Single sign on and user account experience for our website

7 Incomplete applications

7 SME, 0 large

7 Completed applications

7 SME, 0 large

Important dates

Wednesday 12 January 2022
Deadline for asking questions
Wednesday 19 January 2022 at 11:59pm GMT
Closing date for applications
Wednesday 26 January 2022 at 11:59pm GMT


Off-payroll (IR35) determination
Supply of resource: the off-payroll rules will apply to any workers engaged through a qualifying intermediary, such as their own limited company
Summary of the work
Discovery and Alpha phases to define the future vision and MVP of a user account and sign in experience for The National Archives website. To include identification of a sign-in technical solution and user research, design and build of an optimal user account management and signed in experience alpha.
Latest start date
Tuesday 1 February 2022
Expected contract length
Five months. Discovery and Alpha phases to be complete by end of June 2022.
No specific location, for example they can work remotely
Organisation the work is for
The National Archives
Budget range
Up to £100,000 inclusive of VAT for the Discovery and Alpha phases

About the work

Why the work is being done
The National Archives is in the process of completely redeveloping its website. This comprises several services. As part of the wider project, we need to deliver an improved user sign-in and account management experience, using Single Sign On (SSO). We are seeking a supplier who can help us clarify both the long-term vision and support the delivery of the MVP for user sign-in and account management.

The Discovery phase involves:

• Understanding the wider context and expected features of SSO and user account management.

• Defining the long-term vision for SSO / user account experience

• Identifying the features for the MVP

• Recommending the technology solution/s for SSO that can be deployed across multiple services and platforms

• Helping us understand how the recommended solution can integrate with the rest of our digital infrastructure and the resource requirements to develop and maintain the solution

Alpha phase (to complete by end June 2022) will prototype and test the recommendation, refine user journeys and confirm the technology choice, delivering:

• MVP of login process and user flow

• MVP of essential user account views

• Implementation plan to deliver the proposed solution as an MVP by end of 2022.
Problem to be solved
TNA website and services currently require different logins for different systems. We ultimately want one login and a complete user account area.

Challenges include:

Identifying a SSO solution, supporting MVP and future vision, and which:

Supports user authentication and authorisation based on role, archive, user location and department.

Supports the most common, widely-used protocols, e.g. SAML, OpenID Connect, OAuth 2, WS-Federation.

Compatible with modern web application technologies. We currently have a Django based Wagtail CMS website and a number of .Net applications, hosted on-prem and AWS.

Compliant with WCAG 2.1 level AA and supports progressive enhancement

Provides continuity of user data across legacy and new applications

Allows for migration of user data during private and public beta phase.

Analysis of complex dependencies on roles and permissions for document delivery options and their operation as part of a signed in state.

Analysis of services offered through existing .NET login (to be retired)

User research to understand user needs and goals for a user account and signed in experience, including motivations for creating an account and expectations of services.

User journey analysis to recommend how a signed in state would improve the user experience, to be prototyped and tested during alpha.
Who the users are and what they need to do
Our users are of all ages and abilities and from across the globe. Currently our main user group is 50+ and based in the UK with an interest in archival research. Current projects are focussed on providing better support for new and non-users who have an interest in history and the arts.

User activity relevant to a future sign in and user account experience includes searching the catalogue, save and tag catalogue searches, book and order documents to consult in the reading rooms, view and download digitized images of documents online, use the record copying service, sign up to newsletters, buy items from the shop or book tickets to TNA events.
Early market engagement
Any work that’s already been done
In 2018 some initial research into available technical options for a single sign on solution was conducted by the existing team for a previous product iteration.
Existing team
Existing team of product manager, delivery manager, backend developer, front end developer, interaction designer, UX manager, Data analyst, content designer, TNA subject matter expert and Performance Analyst.

We expect the supplier to provide the following skill sets: technical architect/senior developer, developer, UX analyst/researcher, service designer, business analyst and delivery manager to work with our existing team.

Supplier experience in technical analysis, service design and user research will be key to understanding complex business needs, technical infrastructure and onsite/online audiences.
Current phase
Not started

Work setup

Address where the work will take place
The National Archives, Kew, Richmond, Surrey TW9 4DU.
Working arrangements
We are looking for a team to provide resource and skills needed to support the technical analysis and advise on delivery options for the sign on and user account solution, as well as UX expertise to manage and conduct user research and analysis sessions. We would ideally like team members to be embedded in our team when working on the contract and for there to be consistency in who is allocated to The National Archives project work.

This contract has been assessed using HMRC online CEST tool and our assessment is that IR35 does not apply (out of scope).
Security clearance
Baseline check (blue) security clearance will be required

Additional information

Additional terms and conditions

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Essential skills and experience
  • Experience in sign in/single sign on solution evaluation and implementation in a Django based website, ideally in wagtail CMS
  • Previous experience of creating highly usable user account experiences
  • Experience in service design and evidence-based design for complex business and user needs across online and on-site services
  • Expertise in evaluating options, building prototypes and testing different ideas
  • Experience in user research activities, with expertise in planning, conducting and implementing effective and appropriate user research
  • Successful delivery of projects that include blended, multi-discipline, Agile teams focused on meeting user needs, and demonstrating clear methodology for engagement, problem solving and delivery
  • Expertise in the Government Service Standard and application of the Service Manual, including progressive enhancement, assisted digital and carrying out discovery and alpha phases.
  • Expertise in delivering production quality code that meets WCAG 2.1 and adheres to the Public Sector Bodies (Website and Mobile Applications) Regulations 2018.
  • Understanding of UK GDPR and data handling best practice
Nice-to-have skills and experience
Have an understanding of archives and archival practice

How suppliers will be evaluated

All suppliers will be asked to provide a written proposal.

How many suppliers to evaluate
Proposal criteria
  • Examples of options analysis and build of single sign on and user account management environments
  • Evidence of ability to establish sound data handling practices including ethical and UK GDPR considerations
  • Examples of undertaking a technical and build approach that is in line with the Government Service Standard including assisted digital
  • Demonstrable competence in delivering production quality code that meets WCAG 2.1 and adheres to the Public Sector Bodies (Website and Mobile Applications) Regulations 2018.
  • Examples of delivering relevant discovery and alpha phases, including building prototypes and testing different ideas
  • Demonstrated understanding of scope of work
  • Capacity to perform work within timescale and budget
  • Ability to provide the consistent resources, with the right skill sets, to be embedded in The National Archives team.
Cultural fit criteria
  • Have an Agile and collaborative working approach, e.g. working with in-house technical and other digital specialists as well as other suppliers.
  • Have an approach to facilitation and supporting teams to explore and learn new technologies
  • Have examples of delivering transition, knowledge transfer and handover of code
  • Have a no-blame culture and encourage people to learn from their mistakes.
  • Take ownership and responsibility for their work.
  • Excellent communication, willingness to adopt and contribute to TNA’s digital ways of working.
  • Demonstrable commitment to a diverse working environment, with a team comprised from a wide variety of backgrounds
  • Provide critical challenge whilst maintaining good relationships
Payment approach
Capped time and materials
Additional assessment methods
  • Case study
  • Work history
  • Presentation
Evaluation weighting

Technical competence


Cultural fit




Questions asked by suppliers

1. Can you re-confirm that the budget of 100k includes VAT and covers both the discovery and alpha phases? Or is there a separate alpha budget? Thanks
The £100k figure is excluding VAT but does cover both Discovery and Alpha phases.
2. “Experience in sign in/single sign on solution evaluation and implementation in a Django based website, ideally in wagtail CMS”. Would you consider experience in other Python frameworks such as Flask?
No, we need experience of SSO within a Django framework.
3. ‘Experience in sign in/single sign on solution evaluation and implementation in a Django based website, ideally in wagtail CMS’ – this is very specific for discovery/alpha phase project where specific technology choices are less important than the insights on user needs/journeys. It isn’t something a client has needed so far, but something that we’d be confident in doing based on other experience. We have deep expertise of SSO, including evaluation of options in discovery/alpha, and implementation in other contexts, and separately experience of working on Django based sites- would you consider an application which used separate examples for each component?
Yes, we would consider an application which used separate examples for each component.

We have requested experience with Django/Wagtail because we know future services will be built in these so we need to ensure compatibility. Also, the work described in the opportunity includes technical decision making and implementation (in a way that meets with Service Manual requirements, including progressive enhancement). The specific parts are: “ the recommended solution can integrate with the rest of our digital infrastructure and the resource requirements to develop and maintain the solution” and "...confirm the technology choice, delivering: MVP of login process and user flow”