This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Multiple Authorisation Management
Multiple Authorisation Management API allows ASPSPs to facilitate a payment initiation request that requires the authorisation of multiple bank customers. e,g., A payment initiation request from a joint-bank account. When a PSU initiates a payment through a PISP, the ASPSP checks if the payment consent has to be authorised by a single user or multiple users. For an ASPSP to check the authorisation type, the payment initiation request should define the Authorisation object, which is optional as per the Open Data API specification of OBIE.
Once multi-authorisation is done, the core banking backend checks the status, and proceed with the payment.
Endpoints
The following API resources can be consumed from the WSO2 Open Banking Identity and Access Management module.
Click here to see the Multiple Authorisation Management REST API documentation.
Base URL: https://<WSO2_OB_IAM_HOST>:9446/multi-auth-api/1.0.0/
EndPoint | Description | Method |
---|---|---|
/{consentId}/ | Initiates the Multiple Authorisation session. | POST |
/{consentId}/{userId}/ | Updates the user authorisation status of a consent. | POST |
/{consentId}/ | Returns Multiple Authorisation for | GET |
/{consentId}/status | Returns the Multiple Authorisation status for | GET |
/{consentId}/users | Returns Multiple Authorisation users for | GET |
Initiate request
Use the following command to initiate a multi-authorisation request:
curl -X POST \ https://<WSO2_OB_IAM_HOST>:9446/multi-auth-api/1.0.0/<Consent ID> \ -H "accept: application/json; charset=utf-8" \ -H "Content-Type: application/json; charset=utf-8" \ -d " { "numberOfFullAuthorizedUsers": 2, "authorizationExpiryTime": "2019-01-23T10:45:47.633Z", "clientId": "1234", "selectedAccount": "1234", "users": [ { "userId": "psu1@wso2.com", "status": "Approved" }, { "userId": "psu2@wso2.com", "status": "Approved" } ] } "
Add user authentication statuses
Use the following commands to add user authentication statuses:
curl -X PUT \ https://<WSO2_OB_IAM_HOST>:9446/multi-auth-api/1.0.0/<Consent ID>/psu1@wso2.com \ -H "accept: application/json; charset=utf-8" \ -H "Content-Type: application/json; charset=utf-8" \ -d "{ "status": "Approved" }"
Get status
Use the following commands to retrieve the statuses:
curl -X GET \ https://<WSO2_OB_IAM_HOST>:9446/multi-auth-api/1.0.0/<ConsentID> \ -H "Accept: application/json"
curl -X GET \ https://<WSO2_OB_IAM_HOST>:9446/multi-auth-api/1.0.0/<ConsentID>/status \ -H "Accept: application/json"
curl -X GET \ https://<WSO2_OB_IAM_HOST>:9446/multi-auth-api/1.0.0/<ConsentID>/users \ -H "Accept: application/json"