This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
API Security for Berlin
OAuth 2.0 is the underlying framework that Berlin NextGen PSD2 XS2A framework uses to ensure both the Account Servicing Payment Service Providers (ASPSPs) and Third Party Providers (TPPs) have correctly configured client and server instances in their open banking implementation. It consists of the standards for grant types, authentication, and authorisation flows. Additionally, Berlin NextGen PSD2 XS2A Framework recommends Electronic Identification, Authentication & Trust Services (eIDAS) Regulation to verify the certificates used in the transport and application layers. For more information on eIDAS, see eIDAS Implementation for PSD2 Compliance.
API Security in WSO2 Open Banking explains how Regulatory Technical Standards (RTS) have elaborated with PSD2. It enhances consumer protection, promotes innovation and improves the security of payment services across the European Union. Let’s see how WSO2 Open Banking supports the FAPI security profile: