This document guides you with the assumption that you have set up WSO2 Open Banking Key Manager, and WSO2 Open Banking API Manager in separate servers.
Before you begin
- Create a user with Internal/creator and Internal/publisher roles using
https://<OBKM_HOSTNAME>:9446/carbon. To create users and roles, see configuring users and roles, which elaborates the steps to create the user as the API publisher. - Set endpoints in the velocity_template.xml file.
- Configure sequence files.
Configuring an API
In the WSO2 Open Banking Berlin v1.1, it is mandatory to configure APIs for:
- Accounts API v1.1
- Payments API v1.1
Given below is the general procedure to configure and publish an API.
- Create a user in order to configure API. For more information on creating a user, refer Configuring users and roles.
- If one version of the API is already deployed, you may create a new version of it instead of deploying a new API. For more information, see create a new version for an existing API.
Sign in to the API Publisher (
https://localhost:9443/publisher
Click ADD NEW API > I have an existing API.
Select the Swagger definition from
<WSO2_OB_APIM_HOME>/repository/resources/finance/apisand configure the properties according to the open-banking specification. Find more information from the table given below.
Click Start Creating.- Click Next: Implement to navigate to the next level.
- Expand Managed API, and use the table below to select the relevant Endpoint Type from the drop-down list.
- Check Select a message mediation policy to be executed in the message flow under Message Mediation Policies.
Click Upload In Flow and select the corresponding In sequence file from
<WSO2_OB_APIM_HOME>/repository/resources/finance/apis.
Click Next: Manage to navigate to the next level.
- Expand Throttling Settings. Under Subscription Tiers, check the option as Unlimited : Allows unlimited requests unless you want to limit the requests.
Expand API Properties and add the following values as Additional properties :
Click the + button to save the above values.
Click Save & Publish.
Summarized information for configuring APIs
Configuring the velocity_template.xml file
velocity_template file checks the deployed specification. The velocity_template.xml file in the <WSO2_OBAM_HOME>/repository/resources/api_templates/velocity_template.xml file, is by default configured to support berlin specification with the following handler.
<handler class="com.wso2.finance.open.banking.berlin.consent.enforcement.ConsentEnforcementHandler">
<property name="accountValidationUrl" value="https://<OBKM_HOST>:9446/consent/berlin110/accounts-validation"/>
<property name="keyStore" value="./repository/resources/security/wso2carbon.jks"/>
<property name="password" value="wso2carbon"/>
<property name="alias" value="wso2carbon"/>
</handler>
You need to get the latest product updates to validate the incoming request to APIs, in the current version of WSO2 Open Banking. This feature is available as a product update from June 25, 2019 (06-25-2019) onwards. Follow the instructions given below to apply changes.
Before you update as follows;
Make sure you have added required changes to the API-Manager management console as mentioned here.
WSO2 Open Banking allows users to validate incoming requests to APIs against any customizations done to a swagger file. Update the RequestSchemaValidationHandler in the velocity_template.xml file as follows:
#if($apiObj.additionalProperties.get("ob-spec") == "berlin") ………..
#if($!apiVersion == "v3.0" || $!apiVersion == "v3.1" || $!apiVersion == "v3.1.1" || $!apiVersion == "v2.0") ##add request validation handler <handler class="com.wso2.finance.open.banking.gateway.api.schema.validation.RequestSchemaValidationHandler"/>
#end
Configuring sequence files
Sequence files for Accounts and Payments must be updated separately in the <WSO2_OBAM_HOME>/repository/resources/finance/apis
/ berlin-group.org
/
<Name
of the API>
. Update the value of the <OBKM_HOSTNAME> with the hostname of the WSO2 Open Banking Key Manager server.
By default, WSO2 Open Banking API Manager includes a mock bank backend, which is configured by default in the In sequences. Ideally, the two occurrences of https://<OBAM_HOSTNAME>:9443/open-banking/services/accounts/accountservice should be replaced by the core banking system's API endpoints corresponding to the production, and sandbox environments respectively. For more information, see Integrating Core Banking System for Berlin.
<sequence xmlns="http://ws.apache.org/ns/synapse" name="accounts-dynamic-endpoint-insequence-2.0.0">
<property name="endpointURI" expression="get-property('To')"/>
<header name="TPP-Unique-ID" expression="get-property('api.ut.consumerKey')" scope="transport"/>
<filter regex=".*\/consents.*" source="$ctx:endpointURI">
<then>
<property name="resourcepath" scope="default" type="STRING" value=""/>
<property expression="get-property('resourcepath')" name="REST_URL_POSTFIX" scope="axis2" type="STRING"/>
<header name="To" expression="fn:concat('https://<OBKM_HOST>:9446/consent/berlin110' , get-property('api.ut.resource'))"/>
<rewrite>
<rewriterule>
<action type="replace" regex="\/consents" value="\/accounts" fragment="path"/>
</rewriterule>
</rewrite>
</then>
<else>
<filter source="$ctx:AM_KEY_TYPE" regex="PRODUCTION">
<then>
<header name="To" value="https://<OBAM_HOST>:9443/open-banking-berlin/services/accounts"/>
</then>
<else>
<header name="To" value="https://<OBAM_HOST>:9443/open-banking-berlin/services/accounts"/>
</else>
</filter>
</else>
</filter>
<property expression="get-property('To')" name="ENDPOINT_ADDRESS"/>
</sequence>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="payments-dynamic-endpoint-insequence-2.0.0">
<property name="endpointURI" expression="get-property('To')"/>
<filter source="$ctx:endpointURI" regex=".*payments.*">
<then>
<header name="TPP-Unique-ID" scope="transport" expression="get-property('api.ut.consumerKey')"/>
<filter source="get-property('api.ut.HTTP_METHOD')" regex="POST">
<then>
<header name="To" value="https://<OBKM_HOST>:9446/consent/berlin110/payments"/>
<filter source="$ctx:endpointURI" regex="^((?!\/bulk-payments).)*$">
<then>
<payloadFactory media-type="json">
<format>[$1]</format>
<args>
<arg evaluator="json" expression="$"/>
</args>
</payloadFactory>
</then>
</filter>
</then>
<else>
<filter source="get-property('api.ut.HTTP_METHOD')" regex="GET">
<then>
<property name="resourcePath" scope="default" type="STRING" value=""/>
<property expression="get-property('resourcePath')" name="REST_URL_POSTFIX" scope="axis2"
type="STRING"/>
<header name="To"
expression="fn:concat('https://<OBKM_HOST>:9446/consent/berlin110', get-property('api.ut.resource'))"/>
<rewrite>
<rewriterule>
<action type="replace" regex="\/payments\/sepa-credit-transfers" value="\/payments" fragment="path"/>
<action type="replace" regex="\/payments\/instant-sepa-credit-transfers" value="\/payments" fragment="path"/>
<action type="replace" regex="\/payments\/target-2-payments" value="\/payments" fragment="path"/>
<action type="replace" regex="\/payments\/cross-border-credit-transfers" value="\/payments" fragment="path"/>
<action type="replace" regex="\/bulk-payments\/sepa-credit-transfers" value="\/payments" fragment="path"/>
<action type="replace" regex="\/bulk-payments\/instant-sepa-credit-transfers" value="\/payments" fragment="path"/>
<action type="replace" regex="\/bulk-payments\/target-2-payments" value="\/payments" fragment="path"/>
<action type="replace" regex="\/bulk-payments\/cross-border-credit-transfers" value="\/payments" fragment="path"/>
<action type="replace" regex="\/periodic-payments\/sepa-credit-transfers" value="\/payments" fragment="path"/>
<action type="replace" regex="\/periodic-payments\/instant-sepa-credit-transfers" value="\/payments" fragment="path"/>
<action type="replace" regex="\/periodic-payments\/target-2-payments" value="\/payments" fragment="path"/>
<action type="replace" regex="\/periodic-payments\/cross-border-credit-transfers" value="\/payments" fragment="path"/>
</rewriterule>
</rewrite>
</then>
</filter>
</else>
</filter>
</then>
<else>
<filter source="$ctx:AM_KEY_TYPE" regex="PRODUCTION">
<then>
<header name="To" value="https://<OBAM_HOST>:9443/open-banking/services/payments/paymentservice"/>
</then>
<else>
<header name="To" value="https://<OBAM_HOST>:9443/open-banking/services/payments/paymentservice"/>
</else>
</filter>
</else>
</filter>
<property name="ENDPOINT_ADDRESS" expression="get-property('To')"/>
</sequence>