...
- The Data Recipient sends an authorisation request to the Data Holder. This request is sent to authenticate the consumer before retrieving information through an Accredited Data Recipient's interface.
- The consumer logs into the Data Holder’s authorisation webpage using the username. This is achieved using the identifier-first authenticator in the WSO2 Open Banking Identity and Access Management module. Once the username is entered, an OTP is sent. Instead of the password, auth web app of the Identity and Access Management module authenticates the consumer using the username and the OTP. Upon successful authentication, the consumer can view requested data. At this point, the consumer requires to select the account and authorise the consentCDR Arrangement ID.
- The Auth web app of the Identity and Access Management module sends an authorisation code to the defined redirection URL of Data Recipient application.
- The Data Recipient requests for a user access token and a refresh token using the authorisation code sent in step 4.
- Using the generated access token, now the Data Recipient can retrieve information via the Data Holder's interface.
...