WSO2 Open Banking solution includes consent revocation apps that supports bank customers (PSUs) and banks (ASPSPs) to revoke consents. The consent revocation app provided to PSU is known as Self-care portal and the consent revocation app provided to ASPSP is known as Customer Care portal. You can find more information, here.
Do the following configurations in order to use the self care portal (https://<WSO2_OBKM_HOST>:9446/consentmgt)
.
- On the Main tab of the Identity and Access Management Console, click Home > Identity > Service Providers> Add.
- Enter
consentmgt
as the Service Provider’s name. - Click Register.
Click Inbound Authentication configuration > OAuth/OpenID Connect configuration > Configure.
Set the values for the following parameters and keep the default value for the other parameters.Parameter Value OAuth Version 2.0 Allowed Grant Type code
Callback URL regexp=(https://<IAM_HOST>:<IAM_PORT>/consentmgt\|https://<IAM_HOST>:<IAM_PORT>/consentmgt)
The first and second URLs are respectively redirected and logout URLs.
The OAuth client key/client ID and OAuth client secret are generated. Those are used in Configuring consent management jaggery application.
Open the
wso2-obkm-version/repository/deployment/server/jaggeryapps/consentmgt/config/
file.conf.js
Modify the
apimHost
,applicationId
,authCredential
,redirectUrl
, andlogoutUrl
parameters as follows.In
authCredential
, be sure to encode theCLIENT_ID:CLIENTSECRET
withBASE64ENCODE
encoding.{ "app" : "consentmgt", "applicationType" : "oauth2", "tenantDomain": "carbon.super", "apimHost":"http://<OBAM_HOSTNAME>", "apimNioPort":"8280", "apimHttpPort":"9763", "kmHost" : "https://<WSO2_OBKM_HOSTNAME>", "kmPort" : "9446", "kmTokenAPI" : "oauth2/token", "kmAuthorizeAPI" : "oauth2/authorize", "applicationId":"", "authCredential":"", "redirectUrl":"https://<OBKM_HOSTNAME>:9446/consentmgt", "logoutUrl": "https://<HOSTNAME>:9446/consentmgt", "tokenApiName" : "token", "tokenApiVersion" : "", "authorizeApiName" : "authorize", "authorizeApiVersion" : "", "pagination" : { "limit" : 11, "actualLimit" : 10, "offset": 0 }, "DeployedSpecification" : "UK" }
Update the specification under
DeployedSpecification
parameter approproately. Possible values areUK, BERLIN,
andSTET.
By default, the value is set toUK.
Troubleshooting
If you get hostname verification errors when accessing the Customer Care portal
(https://<OBKM_HOST>:9446/ccportal)
, add the following to the<WSO2_OBKM_HOME>/wso2server.sh
file and restart.Dhttpclient.hostnameVerifier="DefaultAndLocalhost" \
Dorg.wso2.ignoreHostnameVerification=true \