This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Configuring the Open-Banking.xml File for Berlin
Open open-banking.xml
file in the r
epository/conf/finance
of both WSO2_OB_APIM
and WSO2_OB_KM
nodes. Configure the open-banking.xml
file based on the configurations listed below.Â
Do the following configurations in both the wso2-obam
and wso2-obkm
nodes, and restart the servers.
Configuration | |
---|---|
1 | Define the specification that you plan to deploy. Possible values: <DeployedSpecification>BERLIN</DeployedSpecification> |
2 | Select a SCA approach from 1. Redirect (OAUTH2 is subsumed by this) <SCA> <SelectedSCAApproach>REDIRECT</SelectedSCAApproach> </SCA> |
3 | The endpoint to retrieve OIDC Discovery metadata. <SCA> <OAuthMetadataEndpoint>https://<WSO2_OB_APIM_HOST>/<WSO2_OB_KM>/.well-known/openid-configuration</OAuthMetadataEndpoint> </SCA> |
4 |
You need to get the latest product updates to verify if an account-id sent within the account-consents resource that is sent by TPP, is valid from the bank back-end. This improvement is available as a product update from June 27, 2019 (06-27-2019) onwards.
Sharable accounts -Â accounts that are accessible online. <SharableAccountsRetriveEndpoint>http://<WSO2_OB_APIM_HOST>/<WSO2_OB_KM>:9763/open-banking/services/bankaccounts/bankaccountservice/sharable-accounts</SharableAccountsRetriveEndpoint> In some banks, some PSUs may have a certain number of accounts, but not all accounts have the ability to be shared externally or to make a payment online. In a bank, the sharable account list and the payable account list can either be the same or different. In the default WSO2 Open Banking solution, at least two APIs are expected to return sharable and payable accounts when passing the user_id, and the given JSON response must be returned. Then it automatically loads the accounts list in the consent page. The bank's backend endpoint for retrieving the user's accounts returns a response in the following format: Account: type: object properties: iban: type: string example: DE12345678901234567890 description: IBAN of account GetAccountsResponse: type: object properties: customerNumber: type: string accounts: type: array items: $ref: '#/definitions/Account' description: The response related to the get method of Account When bank back-end is configured, required parameters can be passed as query parameters to those endpoints. As an example: http://<WSO2_OB_APIM_HOST>/<WSO2_OB_KM>:9763/open-banking/services/bankaccounts/bankaccountservice/sharable-accounts?userId=john@gold.com&consentId=1234567890 |
5 | The link to the payment initiation resource, which needs to be updated by the PSU identification. This might be used in an embedded, redirect or decoupled SCA Approach, where the PSU ID was missing in the first request. <SCA> <UpdatePSUIdentification>https://<WSO2_OB_APIM_HOST>/<WSO2_OB_KM></UpdatePSUIdentification> </SCA> |
6 | The link to the payment initiation resource, which needs to be updated by a PSU password and eventually the PSU identification if not delivered yet. This is used in case of the Embedded or Decoupled SCA approach. <SCA> <UpdatePSUAuthentication>https://<WSO2_OB_APIM_HOST>/<WSO2_OB_KM></UpdatePSUAuthentication> </SCA> |
7 | This is a link to a resource, where the TPP can select the applicable strong customer authentication methods for the PSU, if there were several available authentication method. <SCA> <SelectAuthenticationMethod>https://<WSO2_OB_APIM_HOST>/<WSO2_OB_KM></SelectAuthenticationMethod> </SCA> |
8 | The link to the payment initiation resource, where the "Payment Authorisation Request" is sent to. This is the link to the resource which will authorise the payment by checking the SCA authentication data within the Embedded SCA approach. <SCA> <AuthorizeTransaction>https://<WSO2_OB_APIM_HOST>/<WSO2_OB_KM></AuthorizeTransaction> </SCA> |
9 | The time interval for duplicate checking of payment consent initiation requests using X-Request-ID. <DuplicateCheck> <TimeIntervalInMinutes>60</TimeIntervalInMinutes> </DuplicateCheck> <EnableIBANBasedAccountRetrievalValidation>true</EnableIBANBasedAccountRetrievalValidation> <Host><WSO2_OB_APIM_HOST>/<WSO2_OB_KM>/Host> <Port>8243</Port> <AccountConsentsApiPath>/AccountsInfoAPI/v1.1.0/consents</AccountConsentsApiPath> <PaymentConsentsApiPath>/PaymentsAPI/v1.1.0/payments</PaymentConsentsApiPath> |