This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 33 Next »

This document guides you with the assumption that you have set up WSO2 Open Banking Key Manager, and WSO2 Open Banking API Manager in separate servers. 

Before you begin

  1. Create a user with Internal/creator and Internal/publisher roles using https://<OBKM_HOSTNAME>:9446/carbon. To create users and roles, see configuring users and roles, which elaborates the steps to create the user as the API publisher.
  2. Set endpoints in the velocity_template.xml file.
  3. Configure sequence files.

Configuring an API

In the WSO2 Open Banking Berlin v1.1, it is mandatory to configure APIs for:

  • Accounts API v1.1
  • Payments API v1.1

Given below is the general procedure to configure and publish an API. 

  1. Sign in to the API Publisher ( https:// localhost:9443/publisher ) with the credentials for  mark@gold.com .

  2. Click ADD NEW API > I have an existing API

  3. Select the Swagger definition from <WSO2_OB_APIM_HOME>/repository/resources/finance/apis and configure the properties according to the open-banking specification. Find more information from the table given below.


    Click Start Creating.
  4. Click Next: Implement to navigate to the next level.
  5. Expand Managed API, and use the table below to select the relevant Endpoint Type from the drop-down list.
  6. Check Select a message mediation policy to be executed in the message flow under Message Mediation Policies.
  7. Click Upload In Flow and select the corresponding In sequence file from <WSO2_OB_APIM_HOME>/repository/resources/finance/apis.

  8. Click Next: Manage to navigate to the next level.

  9. Expand Throttling Settings. Under Subscription Tiers, check the option as Unlimited : Allows unlimited requests unless you want to limit the requests.
  10. Expand  API Properties  and add the following values as  Additional properties :

  11. Click the + button to save the above values.

  12. Click Save & Publish.

Summarized information for configuring APIs

Specification

APIImplement tabManage tab
Endpoint typeEndpointEnable Message mediation

In flow


API property nameAPI property value
UK specificationAccountInfo API v3.1.0DynamicN/AMark as checked

Select the respective In Sequence in the <WSO2_OB_APIM_HOME>/repository/resources/finance/apis/openbanking.org.uk directory

ob-specuk
Payments API v3.1.0DynamicN/AMark as checked Select the respective In Sequence in the <WSO2_OB_APIM_HOME>/repository/resources/finance/apis/openbanking.org.uk directoryob-specuk
Funds Confirmation API v3.1.0DynamicN/AMark as checkedSelect the respective In Sequence in the <WSO2_OB_APIM_HOME>/repository/resources/finance/apis/openbanking.org.uk directory ob-spec uk
Event Notifications API v3.1.0

Dynamic

N/AMark as checkedSelect the respective In Sequence in the <WSO2_OB_APIM_HOME>/repository/resources/finance/apis/openbanking.org.uk directoryob-specuk
Berlin specificationAccountInfo API v1.1.0DynamicN/AMark as checked Select the respective In Sequence in the <WSO2_OB_APIM_HOME> /repository/resources/finance/apis/berlin-group.org directoryob-spec berlin
Payments API v1.1.0DynamicN/AMark as checkedSelect the respective In Sequence in the wso2-obam-version/repository/resources/finance/apis/berlin-group.org directoryob-specberlin
STET specificationAccountsAPI v1.4.0DynamicN/AMark as checkedSelect the respective In Sequence in the <WSO2_OB_APIM_HOME> /repository/resources/finance/apis/stet directoryob-specSTET
PaymentsAPI v1.4.0DynamicN/AMark as checkedSelect the respective In Sequence in the <WSO2_OB_APIM_HOME> /repository/resources/finance/apis/stet directoryob-specSTET

Configuring the velocity_template.xml file

velocity_template  file checks the deployed specification. The velocity_template.xml file in the <WSO2_OBAM_HOME>/repository/resources/api_templates/velocity_template.xml file, is by default configured to support berlin specification with the following handler. 

<handler class="com.wso2.finance.open.banking.berlin.consent.enforcement.ConsentEnforcementHandler">
    <property name="accountValidationUrl" value="https://<OBKM_HOST>:9446/consent/berlin110/accounts-validation"/>
    <property name="keyStore" value="./repository/resources/security/wso2carbon.jks"/>
    <property name="password" value="wso2carbon"/>
    <property name="alias" value="wso2carbon"/>
</handler>

You need to get the latest product updates to validate the incoming request to APIs, in the current version of WSO2 Open Banking. This feature is available as a product update from  June 25, 2019 (06-25-2019)  onwards. Follow the instructions given below to apply changes.

Before you update as follows;

Make sure you have added required changes to the API-Manager management console as mentioned here.

WSO2 Open Banking allows users to validate incoming requests to APIs against any customizations done to a swagger file. Update the RequestSchemaValidationHandler in the velocity_template.xml file as follows:

#if($apiObj.additionalProperties.get("ob-spec") == "berlin") ………..
#if($!apiVersion == "v3.0" || $!apiVersion == "v3.1" || $!apiVersion == "v3.1.1" || $!apiVersion == "v2.0") ##add request validation handler <handler class="com.wso2.finance.open.banking.gateway.api.schema.validation.RequestSchemaValidationHandler"/>
#end

Configuring sequence files

Sequence files for Accounts and Payments must be updated separately in the <WSO2_OBAM_HOME>/repository/resources/finance/apis / berlin-group.org / <Name of the API> . Update the value of the <OBKM_HOSTNAME> with the hostname of the WSO2 Open Banking Key Manager server. 

By default, WSO2 Open Banking API Manager includes a mock bank backend, which is configured by default in the In sequences. Ideally, the two occurrences of https://<OBAM_HOSTNAME>:9443/open-banking/services/accounts/accountservice should be replaced by the core banking system's API endpoints corresponding to the production, and sandbox environments respectively. For more information, see Integrating Core Banking System for Berlin.

AccountsAPI
<sequence xmlns="http://ws.apache.org/ns/synapse" name="accounts-dynamic-endpoint-insequence-2.0.0">
    <property name="endpointURI" expression="get-property('To')"/>
    <header name="TPP-Unique-ID" expression="get-property('api.ut.consumerKey')" scope="transport"/>
    <filter regex=".*\/consents.*" source="$ctx:endpointURI">
        <then>
            <property name="resourcepath" scope="default" type="STRING" value=""/>
            <property expression="get-property('resourcepath')" name="REST_URL_POSTFIX" scope="axis2" type="STRING"/>
            <header name="To" expression="fn:concat('https://<OBKM_HOST>:9446/consent/berlin110' , get-property('api.ut.resource'))"/>

            <rewrite>
                <rewriterule>
                    <action type="replace" regex="\/consents" value="\/accounts" fragment="path"/>
                </rewriterule>
            </rewrite>

        </then>
        <else>
            <filter source="$ctx:AM_KEY_TYPE" regex="PRODUCTION">
                <then>
                    <header name="To" value="https://<OBAM_HOST>:9443/open-banking-berlin/services/accounts"/>
                </then>
                <else>
                    <header name="To" value="https://<OBAM_HOST>:9443/open-banking-berlin/services/accounts"/>
                </else>
            </filter>
        </else>
    </filter>
    <property expression="get-property('To')" name="ENDPOINT_ADDRESS"/>
</sequence>
PaymentsAPI
<sequence xmlns="http://ws.apache.org/ns/synapse" name="payments-dynamic-endpoint-insequence-2.0.0">
    <property name="endpointURI" expression="get-property('To')"/>
    <filter source="$ctx:endpointURI" regex=".*payments.*">
        <then>
            <header name="TPP-Unique-ID" scope="transport" expression="get-property('api.ut.consumerKey')"/>
            <filter source="get-property('api.ut.HTTP_METHOD')" regex="POST">
                <then>
                    <header name="To" value="https://<OBKM_HOST>:9446/consent/berlin110/payments"/>
                    <filter source="$ctx:endpointURI" regex="^((?!\/bulk-payments).)*$">
                        <then>
                            <payloadFactory media-type="json">
                                <format>[$1]</format>
                                <args>
                                    <arg evaluator="json" expression="$"/>
                                </args>
                            </payloadFactory>
                        </then>
                    </filter>
                </then>
                <else>
                    <filter source="get-property('api.ut.HTTP_METHOD')" regex="GET">
                        <then>
                            <property name="resourcePath" scope="default" type="STRING" value=""/>
                            <property expression="get-property('resourcePath')" name="REST_URL_POSTFIX" scope="axis2"
                                      type="STRING"/>

                            <header name="To"
                                    expression="fn:concat('https://<OBKM_HOST>:9446/consent/berlin110', get-property('api.ut.resource'))"/>

                            <rewrite>
                              <rewriterule>
                                <action type="replace" regex="\/payments\/sepa-credit-transfers" value="\/payments" fragment="path"/>
                                <action type="replace" regex="\/payments\/instant-sepa-credit-transfers" value="\/payments" fragment="path"/>
                                <action type="replace" regex="\/payments\/target-2-payments" value="\/payments" fragment="path"/>
                                <action type="replace" regex="\/payments\/cross-border-credit-transfers" value="\/payments" fragment="path"/>
                                <action type="replace" regex="\/bulk-payments\/sepa-credit-transfers" value="\/payments" fragment="path"/>
                                <action type="replace" regex="\/bulk-payments\/instant-sepa-credit-transfers" value="\/payments" fragment="path"/>
                                <action type="replace" regex="\/bulk-payments\/target-2-payments" value="\/payments" fragment="path"/>
                                <action type="replace" regex="\/bulk-payments\/cross-border-credit-transfers" value="\/payments" fragment="path"/>
                                <action type="replace" regex="\/periodic-payments\/sepa-credit-transfers" value="\/payments" fragment="path"/>
                                <action type="replace" regex="\/periodic-payments\/instant-sepa-credit-transfers" value="\/payments" fragment="path"/>
                                <action type="replace" regex="\/periodic-payments\/target-2-payments" value="\/payments" fragment="path"/>
                                <action type="replace" regex="\/periodic-payments\/cross-border-credit-transfers" value="\/payments" fragment="path"/>
                              </rewriterule>
                            </rewrite>

                        </then>
                    </filter>

                </else>
            </filter>

        </then>
        <else>
            <filter source="$ctx:AM_KEY_TYPE" regex="PRODUCTION">
                <then>
                    <header name="To" value="https://<OBAM_HOST>:9443/open-banking/services/payments/paymentservice"/>
                </then>
                <else>
                    <header name="To" value="https://<OBAM_HOST>:9443/open-banking/services/payments/paymentservice"/>
                </else>
            </filter>
        </else>
    </filter>
    <property name="ENDPOINT_ADDRESS" expression="get-property('To')"/>
</sequence>

Create a new version for an existing API

In the API Publisher of WSO2 Open Banking, users are not allowed to duplicate the scope of an API. Therefore, users are allowed to create a new version for the API in order to share the same scope. See below to find how it is done:
  1. In the API Publisher (https://<WSO2_OB_APIM_HOST>:9443/publisher), click the API thumbnail to view the API overview.
  2. Select the CREATE NEW VERSION tab.

  3. Follow the versioning format and define the new version.

  4. Click Done.

    Users need to define the correct version for the API and choose the swagger and In sequence files appropriately.

    The directory path to the files in the solution pack helps you to choose the correct file. For example, choose the swagger and in sequence files from <WSO2_OB_APIM_HOME>/repository/resources/finance/apis/openbanking.org.uk/Payments/3.1.1 if you want to create the 3.1.1 version of Payment Initiation API.

  5. Click on the newly created API and click EDIT API.
  6. You are redirected to the Design phase. Click the Edit Source button under API Definition section.
  7. In the Swagger Editor menu bar, select File>Import File.
  8. Browse for the intended swagger file in .yaml format and click Open File.
  9. Click Apply Changes to save the changes and go back to the Design page.
  10. Scroll down and click Save.
  11. Click Next: Implement > to navigate to the next page.
  12. Expand Managed API, and click Upload In Flow.
  13. Select the relevant In sequence file for the corresponding API and its version, and click Upload.
  14. Click Next: Manage > to navigate to the next page.
  15. Expand API Properties and ensure the ob-spec property is set to reflect the correct specification.
  16. Click Save & Publish.

    To get the existing subscriptions to the new version, follow the steps below:

    1. In the API Publisher, click the new API thumbnail to Browse API.
    2. Go to the Lifecycle tab.
      Tick the relevant boxes if you want to:
      1. Deprecate the old versions after publishing this new version.
      2. Remove the existing subscriptions and require the applications to re-subscribe.
    3. Click Publish.
    4. To verify the subscriptions, go to the Versions tab.

  • No labels