This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Consent Management for Australia

Consent Management APIs provide the capability to manage consents in a web application, on behalf of an end-user. A banking service consumer or the bank (Data Holder) may need to develop their own web application or use their own mechanism to deploy the consent management capabilities. At this point, the Data Holder needs a way to directly present consent resources to Data Recipients and consumers. To cater to this requirement, these consent capabilities (for example, consent creation/consent deletion) are presented as API resources in the Accounts Consent Management API.

The Accounts Consent Management API specifies a RESTful API for managing accounts information sharing consents.   

You can find the REST API documentation for the Consent Management APIs in the following links:


Basic authentication for Consent Management APIs

By default, the Consent Management APIs are secured with basic authentication. To access the Consent Management APIs, use the default user or create a new user using the WSO2 Open Banking Identity and Access Management Console.

The credentials are set to admin credentials in the deployment.toml files as follows:

  • <WSO2_OB_IAM_HOME>/repository/conf/deployment.toml
  • <WSO2_OB_APIM_HOME>/repository/conf/deployment.toml
[open_banking.api_security.global]
username = "$ref{super_admin.username}"
password = "$ref{super_admin.password}"

Search for consents

Banks can retrieve consents for the following attributes:

This is available only as a WUM update and is effective from June 09, 2021 (06-09-2021). For more information on updating WSO2 Open Banking, see Updating WSO2 Products.

AttributeDescription
offsetStarting point within the complete list of qualified items
userIdUser identifier of the subject
clientIdClient identifier of the subject
status 

Status of the consent

Possible values: Authorised, Expired, Revoked

fromTimestamp

Start date and time for the search

Example: 2018-06-07T10:33:18Z

toTimestamp

End date and time for the search

Example: 2018-06-07T10:33:18Z

excludeExpiredConsents

Search both expired and non-expired consents

Possible values: True, False

accountIdAccount identifier of the subject

 See the sample request and response given below:

Periodical Task Manager and CRON job service

WSO2 Open Banking provides a Periodical Task Manager and CRON job service to update the statuses of consents upon expiration.

This is available only as a WSO2 Update and is effective from October 28, 2021 (10-28-2021). For more information on updating WSO2 Open Banking, see Updating WSO2 Products.

The consent expiry job runs at 12 am every day and updates the statuses of expired consents.

Enabling the Periodical Task Manager

  1. Open the <WSO2_OB_IAM_HOME>/repository/conf/deployment.toml file.
  2. Add the following tags: 

    [open_banking.periodical_task_manager]
    enable = true
    
  3. Locate the <WSO2_OB_IAM_HOME>/repository/conf/finance/quartz.properties file.
  4. Replace the <CARBON_HOME> placeholder with the path to the WSO2 Open Banking Identity and Access Management component.

Setting up to the periodic task manager in a clustered deployment

  1. Locate the quartz.properties file and enable clustering and configure the datasources according to the Quartz official documentation.
    • Click here to download a sample quartz.properties file with basic configurations.
  2. Set up datasource and create tables. Use the database scripts available here to create the tables.
  3. Add the following jars to the <WSO2_OB_IAM_HOME>/repository/component/lib directory.

Adding Consent Expiry Listener

The solution provides a listener interface that engages upon consent expiry. This can be used to perform actions like sending SMS notifications upon consent expiry. For more information on this interface, see Consent Expiry Listener.

Configuring a new periodic job

Using the Periodical Task Manager component, you can add any Quartz Simple or Cron Trigger by following the steps below:

  1. Implement the org.quartz.Job class and write a periodic job. For more information, follow the Quartz documentation.
  2. Open the <WSO2_OB_IAM_HOME>/repository/conf/finance/taskManagerJobs.xml file, configure the job and trigger. For more information, Quartz documentation - Initializing Job Data With Scheduler Initialization.

Configuring the impact of the DCR application status change on the consent expiration job

Due to the impact of the DCR Application Status Change on the consent expiration job, the STATE value in the OB_DCR_DETAILS table is modified as mentioned below.

This is only available as a WSO2 Update from WSO2 Open Banking API Manager Level 2.0.0.147 onwards. For more information on updating WSO2 Open Banking, see Updating WSO2 Products.

For successful DCR applications, the state was previously stored as APPROVED in the STATE column of the OB_DCR_DETAILS table. With the update, this is changed to the value ACTIVE. Therefore, it is required to migrate the APPROVED values in applications to the ACTIVE state in the OB_DCR_DETAILS table.

To migrate the APPROVED status to ACTIVE, execute the following query in the openbank_openbankingdb database.

UPDATE OB_DCR_DETAILS SET STATUS ='ACTIVE' WHERE STATUS ='APPROVED';