Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

WSO2 Open Banking provides the complete technology stack for a hassle-free PSD2 compliance. This guide gives you For a quick walk-through to the WSO2 Open Banking using the following sample scenario. 

Sample scenario

In order to comply with the PSD2 directive, the ABC Bank wishes to expose its customers' account and transaction data to third-parties via APIs upon receiving the consent from authenticated customers. Account Information Service Provider (AISPs) and Payment Initiation Service Providers (PISPs) are two types of third-parties that utilize these account and transaction data. AccPro is an AISP that subscribes to the ABC Bank's APIs to provide an aggregated view of customers' account and transaction details. TransacPro is a PISP that subscribes to the ABC Bank's APIs to initiate credit transfers on behalf of the ABC Bank's customers. 

Image Removed

Let's see how AISPs and PISPs interact with WSO2 Open Banking. 

Tip

Before you begin

Make sure you have the following ready:

  1. A wso2.com user account. If you do not have a WSO2 account yet,

    1. Go to https://wso2.com/user/register.
    2. Enter the required information.

      Note

      Provide a valid phone number with the country code to complete the two-factor authentication (e.g., +44 xxxxxxxxxx for a UK phone number).

    3. Click Register.
    4. Validate your account details by accessing the one-time login URL that you received via email.
  2. cURL: You need cURL on your machine so that you can make API calls using the command line.

  3. A web browser: You need a web browser to work with the customer consent approval process.

Let's get started!

...

directionhorizontal

...

titleAISP

AISP Flow

Imagine that you are an administrator at AccPro (the AISP) responsible for subscribing to ABC Bank's APIs that expose customers' account and transaction data. Let's take a look at the tasks you need to perform to consume these APIs.

...

Follow the steps below to sign in to the WSO2 Open Banking live demo:

...

Follow the steps below to create an application with which you can subscribe to APIs:

Click Applications on the WSO2 Open Banking live demo to view all the applications.

...

WSO2 Open Banking comes with a sample application named DefaultApplication, which has a service-level agreement (SLA) with unlimited access.

...

Enter a name for the application and click Add to create the application. 

...

You can select an SLA via the Per Token Quota dropdown, e.g., 50PerMin. If you do not select an SLA, the default SLA, which is unlimited will be applied.

...

AISP-Step3Step 3 - Subscribe to an API

Follow the steps below to subscribe to an API via an application:

...

AISP-Step4Step 4 - Generate an application access token

...

Enter the required information.

...

This determines the credentials used to generate the access token. There are two types of grant types available in the WSO2 Open Banking live demo:

  • Client Credentials: This relates to the Client Credentials grant type and is applicable when consuming the API as an application.
  • Code: This relates to the Authorization Code grant type and is applicable when consuming the API as a user.

...

This defines the access token's validity period after which it requires regeneration. You can keep the default value, which is 3600 seconds.

If you set the validity period to a minus value, e.g., -1, the token never expires.

Click Generate Keys
This generates an access token, consumer key, and consumer secret. 

Step 5 - Consume an API

Now that you have your access token, follow the steps below to invoke the AccountsInformationAPI and obtain the account information:

Navigate to the WSO2 Open Banking live demo and click AccountsInformationAPI API.

...

Click Try it out. You receive a 201 response upon successful API invocation.

...

Copy the AccountRequestId that is returned from above API call so that you can use it for the other API invocations.

What'sNextWhat's Next?

...

Copy the URL shown below and update the placeholders as follows:

...

Click Approve to allow sharing of customer data.

...

Copy the cURL command shown below and update the placeholders as follows:

...

<client-ID>: Again, replace the <client-ID> with the consumer key.

...

<authorization-code> : Replace this with the authorization code, e.g., 2b602c70-6a6e-3e96-9132-8570aaad4458.

...

You can only use the authorization code once.

...

Paste the updated cURL command in the command prompt to generate the user access token with the consented privileges.

Example:

Now, try out other API resources with the generated user access token.

...

  • GET /accounts/{AccountId}/beneficiaries
  • GET /accounts/{AccountId}/direct-debits
  • GET /accounts/{AccountId}/standing-orders
  • GET /accounts/{AccountId}/balances
  • GET /accounts/{AccountId}/product
  • GET /accounts/{AccountId}/transactions
  • GET /accounts
  • GET /accounts/{AccountId}

...

  • POST /account-initiations

  • DELETE /account-initiations/{AccountRequestId}

  • GET /account-initiations/{AccountRequestId}

...

titlePISP

PISP Flow

Imagine that you are an administrator at TransacPro (the PISP) responsible for subscribing to ABC Bank's APIs to initiate credit transfers on behalf of the ABC Bank's customers. Let's take a look at the tasks you need to perform to consume these APIs.

...

Follow the steps below to sign in to the WSO2 Open Banking live demo:

...

Follow the steps below to create an application with which you can subscribe to APIs:

...

Enter a name for the application and click Add to create an application. 

...

If you like you can select an SLA via the Per Token Quota dropdown, e.g., 50PerMin. If you do not select an SLA, the default SLA, which is unlimited will be applied

...

PISP-Step3Step 3 - Subscribe to an API

Follow the steps below to subscribe to an API via an application:

...

PISP-Step4Step 4 - Generate an application access token

...

Enter the required information.

...

This determines the credentials used to generate the access token. There are two types of grant types available in the WSO2 Open Banking live demo:

  • Client Credentials: This relates to the Client Credentials grant type and is applicable when consuming the API as an application.
  • Code: This relates to the Authorization Code grant type and is applicable when consuming the API as a user.

...

This is the URL used by TransacPro to receive the authorization code sent from the ABC Bank.

...

Scopes enable fine-grained access control to API resource based on user roles. Select payments : payments.

...

This defines the access token's validity period after which it requires regeneration. You can keep the default value, which is 3600 seconds.

If you set the validity period to a minus value, e.g., -1, the token never expires

Click  Generate Keys

This generates an access token, consumer key, and consumer secret, which you can use in token generation API calls. 

Step 5 - Consume an API

Now that you have your access token, follow the steps below to invoke the PaymentsAPI API and post payments:

Click APIs on the WSO2 Open Banking live demo and click PaymentsAPI API.

...

Click Try it out. A 201 response appears upon a successful API invocation.

...

Copy the PaymentID that is returned from the API call so that you can use it for other API invocations.

PISP-What'sNextWhat's Next?

...

Click Approve to perform the transaction.

After the consent process is approved, the authorization code appears.

Copy the cURL command shown below and update the placeholders as follows:

...

<client-ID> : Again, replace the <client-ID> withthe consumer key.

...

<authorization-code> : Replace this with the authorization code, e.g., 2b602c70-6a6e-3e96-9132-8570aaad4458.

...

You can only use the authorization code once.

...

Paste the updated cURL command in the command prompt to generate the user access token with the consented privileges.

Example:

Now, try out other API resources of the PaymentsAPI API.

...

  • POST /payment-submissions
  • GET /payment-submissions/{PaymentSubmissionId}

...

POST /payment-initiations

...

hands-on experience, see Sandbox Guide.