This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

WSO2 Open Banking supports publishing non-regulatory APIs that are not bound to any regulations or standards. You can create non-regulatory applications to access the non-regulatory APIs. Certain security aspects of regulatory applications are minimised to cater to business use cases of a bank. The non-regulatory applications access the non-regulatory APIs without transport layer security. Therefore, grant types that are not allowed in regulatory applications such as password can be used in non-regulatory applications. This features adds more flexibility in designing use cases and user experiences when managing APIs and applications using WSO2 Open Banking. For example, you can publish an API to retrieve branch details and ATM details of a bank. 

Use one of the following methods to deploy a non-regulatory API in WSO2 Open Banking API Manager - API Publisher.

This document explains how to create an application that subscribes to a non-regulatory API using WSO2 Open Banking.

A sample non-regulatory API is available in WSO2 Open Banking.

 Click here to see how to deploy the sample non-regulatory API
  1. Sign in to the API Publisher (https://<WSO2_OB_APIM_HOST>:9443/publisher) with a user whose roles includes Internal/publisher.

  2. In the APIS menu, click Deploy Sample API to deploy the sample PizzaShackAPI - 1.0.0.
  3. Upon successful deployment, the following message is displayed.  Click OK to continue. You can see the API in the API Publisher Listing page as follows:

Create an application

This section explains how to create an application to subscribe to non-regulatory APIs.

  1. Sign in to the API Store (https://<WSO2_OB_APIM_HOST>:9443/store) with a user whose roles includes Internal/subscriber.
  2. Go to the  Applications tab.
  3. Click Add Application .
  4. Enter application details.

    FieldDescription
    NameThe name of the application.
    Per Token QuotaDetermines the maximum number of API requests accepted within a given duration.
    Regulatory Compliance

    Determines whether this application handle regulatory compliance APIs. By default, this box is checked.

    Uncheck the box as this application is to subscribe for non-regulatory APIs.

    Once you uncheck the checkbox the Token Type field will be enabled for non-Regulatory applications.

    Description

    The purpose of the application.

    Token TypeDetermines the issuer of the token.  For Non-Regulatory applications, there is no restriction on the token type. You can select a preferred token type from the drop-down list (OAuth, JWT).

  5. Click Add.

Generating Keys

After creating an application it is configured as a Non-Regulatory application. Follow the steps below to generate keys:

  1. Select either of the following tabs:
    1. Production Keys: Generates access tokens in the production environment.

    2. Sandbox Keys: Generates access tokens in the sandbox environment.

  2. Provide the requested information.

    FieldDescription

    Grant Types

    Determines the credentials that are used to generate the access token. All the grant types are applicable for non-regulatory applications and you may select them by checking the boxes.

    Callback URL

    The URL used by the application to receive the authorisation code sent from the bank. The authorisation code can be used later to generate an OAuth2 access token.

  3. To generate consumer key and consumer secret:

    • If you are generating production keys: Click Request Access. If workflows are configured in the solution, it sends a request to Approver user to approve the token generation. Otherwise, it generates consumer key and consumer secret.

    • If you are generating sandbox keys: Click Generate Keys

  4. Use the generated cURL commands to generate access tokens to invoke a non-regulatory API.

Subscribe to API

Use the application created above to subscribe to a non-regulatory API to access the API resources. Once subscribed, the application can access all the supported services of the API resources.

  1. Go to the APIs tab in the API Store.
  2. Select a non-regulatory API.
  3. Select the application you created in the Create an application section.

  4. Set the throttling policy to Unlimited.

  5. Click Subscribe.

  • No labels