Page Comparison

...

1. Start WSO2 Open Banking Key Manager and API Manager servers.

2. Deploy Account API v3.1.0 and Payment API v3.1.0.

   Anchor
   createAnApp createAnApp

   Tip
   If you’re using the Dynamic Client Registration v3.2 API, you may skip Setting up the test suite.

3. Sign in to the API Store as the TPP at https://<WSO2_OB_APIM_HOST>:9443/store

4. Create an application.

5. Subscribe to the APIs deployed in step 4.

6. Create the public certificate of the signing certificate and generate keys.

Setting up the test suite

1. Execute the following command in a terminal to pull and run the image.
   

   Code Block
   docker run --add-host=<DOCKER-BRIDGE_SEVER_HOST>:<docker0 ip> -it --name=fsuite -p 8443:8443 -e LOG_LEVEL=debug -e LOG_TRACER=true -e LOG_HTTP_TRACE=true -e DISABLE_JWS=FALSE "openbanking/conformance-suite:[TEST_SUITE_VERSION]"

2. Add the certificates to the container.
   

   1. Go to <WSO2_OB_APIM_HOME>/repository/resources/security and execute the command below to generate the pem file for <WSO2_OB_APIM_HOST>.crt

      Code Block
      openssl x509 -inform der -in <WSO2_OB_APIM_HOST>.crt -out <WSO2_OB_APIM_HOST>.pem

   2. Log in to the container

      Code Block
      docker exec -it fsuite /bin/bash

   3. Add the <WSO2_OB_APIM_HOST>.pem certificate to the following locations:

      - /usr/local/share/ca-certificates/<WSO2_OB_APIM_HOST>.pem
- /etc/ssl/certs/<WSO2_OB_APIM_HOST>.pem

   4. Run the following command.

      Code Block
      update-ca-certificates

   5. Stop the container.

      Code Block
      docker stop fsuite

   6. Restart the container

      Code Block
      docker start -a fsuite

3. Access the test suite at https://<WSO2_OB_APIM_HOST>:8443
4. Select Open Banking test suite and start the test.
   

5. In the Discovery step, update the following values in the JSON file. 

   Tip
   A sample configure.json is available here.

   

   discoveryItems
   apiSpecification name	Account and Transaction API Specification
   openidConfigurationUri	The OpenID Connect discovery endpoint. For example: https://10.100.0.3:8243/.well-known/openid-configuration
   resourceBaseUri	Production/Sandbox URL for the API. For example: https://10.100.0.3:8243/open-banking/v3.1/aisp

   discoveryItems
   apiSpecification name	Payment Initiation API
   openidConfigurationUri	The OpenID Connect discovery endpoint. For example: https://10.100.0.3:8243/.well-known/openid-configuration
   resourceBaseUri	Production/Sandbox URL for the API. For example: https://10.100.0.3:8243/open-banking/v3.1/pisp

6. Click Next and proceed to the Configuration stage.

7. Add the following mandatory configurations in the form/JSON file.

   Payments

   Identification

   Beneficiary account identification

   Name

   Name of the account, as

   
   

   Tip
   A sample configure.json is available here.

   Client
   Private Signing Key (.key):	The Private Signing Key certificate of the client/application created in the section above .
   Public Signing Certificate (.pem):	The Public Signing Certificate of the client/application created in the section above.
   Private Transport Key (.key):	The Private Transport Key certificate of the client/application created in the section above.
   Public Transport Certificate (.pem):	The Public Transport Certificate of the client/application created in the section above.
   Account IDs	The Account IDs of the account resources that the customer (PSU) has consented to provide to the client/application.
   Statement IDs	The Statement IDs of the statement resources that the customer (PSU) has consented to provide to the client/application.
   Client ID	Consumer key of the client/application created in the section above.
   Client Secret	Consumer secret of the client/application created in the section above.
   x-fapi-financial-id	The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB. For example: open-bank

   Well-Known

   OAuth 2.0 response_type

   A JSON array containing a list of the OAuth 2.0 response_type values that this OP supports. Dynamic OpenID Providers MUST support the code, id_token, and the token id_token Response Type values

   Request object signing algorithm

   The algorithm used to sign requests objects

   Resource Base URL

   The base URL of the WSO2 OB APIM server. For example: https://<WSO2_OB_APIM_HOST>:8243

   tpp_signature_kid	The KID value of the signing certificate.
   tpp_signature_issuer	Certificate Owner (Eg: CN=sgsMuc8ACBgBzinpr8oJ8B, OU=0015800001HQQrZAAX, O=OpenBanking, C=GB)
   tpp_signature_tan	Trust Anchor used in signing JOSE (Eg: openbanking.org.uk)

   Well-Known
   OAuth 2.0 response_type	A JSON array containing a list of the OAuth 2.0 response_type values that this OP supports. Dynamic OpenID Providers MUST support the code, id_token, and the token id_token Response Type values
   Request object signing algorithm	The algorithm used to sign requests objects
   Resource Base URL	The base URL of the WSO2 OB APIM server. For example: https://<WSO2_OB_APIM_HOST>:8243

   Payments
   Identification	Beneficiary account identification
   Name	Name of the account, as assigned by the account servicing institution. Usage: The account name is the name or names of the account owner(s) represented at an account level. The account name is not the product name or the nickname of the account.
   International Identification	The international beneficiary account identification
   International Name	International name of the account, as assigned by the account servicing institution. Usage: The account name is the name or names of the account owner(s) represented at an account level. The account name is not the product name or the nickname of the account.

   tpp_signature_kid

   The KID value of the signing certificate.

   tpp_signature_issuer

   Certificate Owner (Eg: CN=sgsMuc8ACBgBzinpr8oJ8B, OU=0015800001HQQrZAAX, O=OpenBanking, C=GB)

   tpp_signature_tan

   Trust Anchor used in signing JOSE (Eg: openbanking.org

   .

   uk)

8. Click Next and run the suite.