This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Multiple Authorisation Management

Owned by Former user (Deleted)
Last updated: Mar 24, 2020 by Former user (Deleted)Version comment
3 min read

Multiple Authorisation Management API allows ASPSPs to facilitate a payment initiation request that requires the authorisation of multiple bank customers. e,g., A payment initiation request from a joint-bank account. When a PSU initiates a payment through a PISP, the ASPSP checks if the payment consent has to be authorised by a single user or multiple users. For an ASPSP to check the authorisation type, the payment initiation request should define the Authorisation object, which is optional as per the Open Data API specification of OBIE

 Let's look at a sample payment initiation request...

The Authorisation object contains the following parameters:

ParameterDescription
  • AuthorisationType

Type of the authorisation flow requested.

Possible Values: [Any, Single]

  • CompletionDateTime
Date and time at which the requested authorisation flow must be completed.

If Authorisation object is undefined, the payment consent is considered as a single authorisation payment.

Below is a sample payment initiation request containing the Authorisation object:

{
   "Data":{
  	"Initiation":{
     	"InstructionIdentification":"ACME412",
     	"EndToEndIdentification":"FRESCO.21302.GFX.20",
     	"InstructedAmount":{
        	"Amount":"165.88",
        	"Currency":"GBP"
     	},
     	"DebtorAccount":{
        	"SchemeName":"UK.OBIE.SortCodeAccountNumber",
        	"Identification":"13131313131313",
        	"Name":"Andrea Frost"
     	},
     	"CreditorAccount":{
        	"SchemeName":"UK.OBIE.SortCodeAccountNumber",
        	"Identification":"12121212121212",
        	"Name":"ACME Inc",
        	"SecondaryIdentification":"0002"
     	},
     	"RemittanceInformation":{
        	"Reference":"FRESCO-101",
        	"Unstructured":"Internal ops code 5120101"
     	}
  	},
  	Authorisation":{
     	"AuthorisationType":"Single",
     	"CompletionDateTime":"2026-07-01T13:35:22.532Z"
  	}
   },
   "Risk":{
  	"PaymentContextCode":"EcommerceGoods",
  	"MerchantCategoryCode":"5967",
  	"MerchantCustomerIdentification":"053598653254",
  	"DeliveryAddress":{
     	"AddressLine":[
        	"Flat 7",
        	"Acacia Lodge"
     	],
     	"StreetName":"Acacia Avenue",
     	"BuildingNumber":"27",
     	"PostCode":"GU31 2ZZ",
     	"TownName":"Sparsholt",
     	"CountrySubDivision":[
        	"Wessex"
     	],
     	"Country":"UK"
  	}
   }
}

Once multi-authorisation is done, the core banking backend checks the status, and proceed with the payment.

Endpoints

The following API resources can be consumed from the WSO2 Open Banking Key Manager server.

Base URL: https://<WSO2_OB_KM_HOST>:9446/multi-auth-api/1.0.0/

EndPoint

Description

Method

/{consentId}/

Initiates the Multiple Authorisation session.

POST

/{consentId}/{userId}/

Updates the user authorisation status of a consent.

POST

/{consentId}/

Returns Multiple Authorisation for ConsentId.

GET

/{consentId}/status

Returns the Multiple Authorisation status for ConsentId. This can be used to poll the status of an ongoing multiple authorisation session by the core banking system.

GET

/{consentId}/users

Returns Multiple Authorisation users for ConsentId, allowing to see user status for multiple authorisation session.

GET

Initiate request

Use the following command to initiate a multi-authorisation request:

curl -k -X POST "https://<WSO2_OB_KM_HOST>:9446/multi-auth-api/1.0.0/<Consent ID>/" -H "accept: application/json; charset=utf-8" -H "Content-Type: application/json; charset=utf-8" -d "{ \"numberOfFullAuthorizedUsers\": 2, \"authorizationExpiryTime\": \"2019-01-23T10:45:47.633Z\", \"clientId\": \"1234\", \"selectedAccount\": \"1234\", \"users\": [ { \"userId\": \"psu1@wso2.com\", \"status\": \"Approved\" }, { \"userId\": \"psu2@wso2.com\", \"status\": \"Approved\" } ]}"

Add user authentication statuses

Use the following commands to add user authentication statuses:

curl -i -k -X PUT "https://<WSO2_OB_KM_HOST>:9446/multi-auth-api/1.0.0/<Consent ID>/psu1@wso2.com/" -H "accept: application/json; charset=utf-8" -H "Content-Type: application/json; charset=utf-8" -d "{ \"status\": \"Approved\"}"

Get status

Use the following commands to retrieve the statuses: 

curl -i -k -H "Accept: application/json" "https://<WSO2_OB_KM_HOST>:9446/multi-auth-api/1.0.0/<Consent ID>" 
curl -i -k -H "Accept: application/json" "https://<WSO2_OB_KM_HOST>:9446/multi-auth-api/1.0.0/<Consent ID>/status" 
curl -i -k -H "Accept: application/json" "https://<WSO2_OB_KM_HOST>:9446/multi-auth-api/1.0.0/<Consent ID>/users"