/
Configuring Consent Revocation Apps for Berlin

This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Configuring Consent Revocation Apps for Berlin

Oct 27, 2020

After a certain period, some bank customers (Payment Service Users/(PSUs), may prefer to revoke the consents they gave Third-Party Providers (TPPs) to access account data. In WSO2 Open Banking, you can revoke these consents as follows:

Let's learn more about these two methods! 

WSO2 Open Banking adheres to PSD2, which states that a PSU cannot revoke a payment-order consent after it has been authorised, you can only revoke account consents, not payment consents.

Revoking the Consents by Payment Service Users

Before you begin:

Configure the Consent Management application to try out the Consent Manager Portal.

The WSO2 Open Banking Consent Manager portal also known as the Self-care portal, enables Payment Service Users (PSUs) to review and revoke the consents they provided to access account details. 

Let's take a look at how a PSU can revoke consent.

  1. Go to the Consent Manager portal at https://<WSO2_OB_IAM_HOST>:9446/consentmgt.

  2. Enter the username and password provided by the bank. Click Continue.

  3. In the Consent Manager portal's home page, you can view a list of Accounts and Payments consents that you have granted access to account information.

  4. Consent status is displayed to the right of the selected consent. The statuses of the consents are as follows: 

  5. After reviewing the consent, you may revoke it. 

  6. Optionally, you can enter a reason for the revocation.

  7. Click Revoke to confirm the revocation. 

  8. The status of the consent is now changed to Revoked. You can still find the history of consents remaining in the list.

Revoking the consents by Customer Care Representatives

The WSO2 Open Banking Customer Care portal enables the Customer Care Representatives to revoke the consents on behalf of the PSUs.

Before you begin:

Create a user whose role is defined as a customer care officer. 

  1. Sign in to the Customer Care Portal (https://<WSO2_OB_IAM_HOST>:9446/ccportal) using the username and password of a user with the Customer Care role. See Configuring Users and Roles, for more information on user roles.

  2.  You can filter the search results using the following parameters:

    • User ID: The user ID created for a PSU in the online baking application. This is the same ID used to generate the Consent ID.

    • Consent Type: Selected Accounts by default. You can select between Accounts and Payments.

    • Status: Select the consent status. 

    • Set Date Range: The date range in which the PSU’s consent is valid.

  3. Click Search.

  4. A list of search results is displayed, as shown below. You can view the Account and Payment consent information by clicking the consent.

    Click the consent you want to revoke and view the consent details. 

  5. One consent ID can be granted to many accounts that belong to the same PSU. Therefore, there are two methods to revoke account consent.

    1. Revoke a consent -
      When a PSU has asked a customer care representative to revoke consent, customer care representative revokes all account consents with that consent ID.

    2. Revoke an account consent -
      An individual account consent can be revoked. It revokes only that account consent. 

  6. Click Revoke.

  7. Optionally, you are asked to enter a reason for the revocation.

  8. Click Revoke to confirm the revocation.