This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Authorize API

The banks who wish to override the default consent page and integrate their own page can perform this by using the Authorise API. This is a REST API and it provides the following functionalities:

  • Display information on the consent page.
  • Capture the data on the consent page and persist them

The above functionalities are fulfilled by the following API resources:


GET /consent/data/{session-data-key}

The retrieval endpoint invokes this an API to retrieve consent data from the solution and account data from the bank back end. Then the consent page invokes the GET /consent/data/{session-data-key} endpoint.

PATCH /authorize/{consent-id}

You can capture the information on the consent page and persist them. The consent page needs to invoke the PATCH /authorize/{consent-id} endpoint to capture and persist information. By default, account and consent information is persisted.

Authorising accounts consents

Given below are sample requests and responses when you authorise an account consent. 

Authorising payment consents

Given below are sample requests and responses when you authorise a payment consent. 

Authorising funds-confirmation consents

Given below are sample requests and responses when you authorise a funds-confirmation consent. 

POST /oauth2/authorize

This resource is to generate an URL with an authorisation code. 

Accounts consents
Funds confirmation consents
Payment consents