Community
IBM Community Home
Business Analytics
Business Automation
Cloud Pak for Data
Data Science
DataOps
Hybrid Data Management
IBM Japan
IBM Z & LinuxONE
Internet of Things
Middleware
Power Systems
Public Cloud
Security
Storage
Supply Chain
Watson Apps
Log in
Announcements
Blogs
Groups
Discussions
Events
Glossary
Site Content
Libraries
on this day
between these dates
Posted by
Announcements
Blogs
Groups
Discussions
Events
Glossary
Site Content
Libraries
on this day
between these dates
Posted by
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Middleware
Topic groups
Application Infrastructure
DevOps
Integration
Management, ITSM, and AI Ops
Spectrum Computing Group
Expertise Connect(EC) Group
User groups
Events
Upcoming Middleware Events
On Demand Webinars
IBM Expert TV
Virtual Community Events
All IBM Community Events
Participate
Getting Started
Community Manager's Welcome
Post to Forum
Share a Resource
Blogging on the Community
Connect with Middleware Users
All IBM Community Users
Resources
IBM Support
IBM Cloud Support
IBM Champions
Demos
Cloud Integration Expert Labs & Learning Community
Meet the Middleware Team
Marketplace
Marketplace
IBM Middleware User Community
Being part of a community means collaborating, sharing knowledge via forums and blogs, and supporting one another in our everyday challenges. Together, we can connect and network to empower each other. Get involved today.
Join / Log in
Skip main navigation (Press Enter).
Toggle navigation
Content types
Announcements
Blogs
Groups
Discussions
Events
Glossary
Site Content
Libraries
Date range
on this day
between these dates
Posted by
Meet Your IMWUC Community Managers!
API Connect
Private Group
View Only
Group Home
Discussion
340
Library
27
Blogs
196
Events
0
Members
1.8K
Back to Blog List
API Connect delivers Open Banking API support for PSD2 requirements
By
Ozair Sheikh
posted
Fri July 14, 2017 05:05 PM
Options Dropdown
Mark as Inappropriate
0
Recommend
Data is the new oil for the digital economy and APIs are the approach to exposing that data to customers & business partners.
Financial service providers (ie banks) are evolving from the traditional retail experience and investing in their digital presence, where APIs and developer engagement is integral to its success.
Industry regulators and technology consortiums want to drive API adoption across the industry. The
OpenBanking working group
has published the API specifications for banks to expose their account and payments APIs to third-party providers. These specifications will also address the European Union’s Payment Services Directive (PSD2) requirements. This initiative is a big deal across Europe and even banks outside of Europe are paying close attention on the potential industry disruption as it enables banks, fintech or any third-party company to build payment-based solutions.
Financial service providers cannot do this alone. They need to engage with the right technology partners to deliver the best digital platform. IBM is well positioned to help meet your API, OpenBanking and PSD2 requirements. More over, IBM API
Connect delivers a comprehensive API platform to secure and manage business assets
and is the API platform trusted by many of the largest financial service providers in the world. It delivers key capabilities for securing and managing business assets:
API Security
: Highly secure and robust API security capabilities to protect access to critical payment and account assets
Developer onboarding
: self-service developer portal to onboard developers /third-party providers (TPP) and register for banking APIs
Analytics
: gain insight into TPP usage of banking APIs across any API version
API Management
: manage access to different versions of API, including the ability to lifecycle manage (deprecate, retire, new versions, etc)
As they say, the devils in the details, and we are committed to delivering the right set of capabilities to meet the Open Banking / PSD2 requirements. Our product strategy is to deliver support for technology standards like OAuth & OpenID Connect and provide extensibility within the framework to integrate with existing banking identity systems and Systems of Records. As we reviewed the specifications, it calls out three key flows:
TPP onboarding for registering and obtaining API credentials
Execute payments using a two-step approach (registering intent and payment submission)
R
etriev
ing
the status of a payment
s
ubmission.
These flows are heavily dependent upon OAuth and OpenID connect specifications. API Connect has first-class support for these specifications. This
tutorial
describes how to configure an OAuth provider to support OpenID Connect. This article will be updated continuously with more content as the OpenBanking specifications evolve.
In summary, IBM API connect provides the following key capabilities that are needed to support OpenBanking / PSD2 requirements. We have future roadmap plans to evolve the product capabilities to meet the optional components and deliver an enhanced user experience.
Category
Features
General
REST/JSON
Signed and Encrypted JWT Tokens
Validate JWT tokens
Policy assembly editor
OAuth
Grant Types
: code, application, resource owner, implicit
Integrate with existing Identity Applications
Refresh Tokens
Token metadata customization
Advance Scope checking
Revocation
Introspection
OpenID Connect
OpenID Connect
Validate id token (JWT)
Generate id token (JWT)
JSON request object
Discovery (/userinfo)
Developer Portal
GUI-based onboarding with OpenID Connect
Customize onboarding process
Customize client_id
We look forward to working with you to help address your OpenBanking / PSD2 requirements!
Reference
OpenBanking
IBM API Connect
API Connect & OpenID Connect
#BusinessStrategy
#oauth
#APIEconomy
#psd2
#APIManagement
#openidconnect
#openbanking
5 comments
1 view
×
Reason for Moderation
Describe the reason this content should be moderated (required)
Permalink
Comments
Ozair Sheikh
Wed July 24, 2019 02:13 AM
For more details, see https://www.slideshare.net/ibmdatapower/open-banking-via-api-connect-datapower
Ozair Sheikh
Wed February 14, 2018 05:44 PM
IBM has plans on becoming OIDC certified in the near-term. We are currently in the process of understanding the steps needed to formerly test our implementation and obtain the approvals from the Open ID Foundation.
Archive User
Wed February 07, 2018 01:02 PM
Hi,
I noticed that a lot of references is made to "support" for OIDC but no mention of certification such that Third Parties can be sure that there are no interoperability issues with vendors.
Can you confirm when IBM plans on becoming OIDC certified with its attestation published on the Open ID Foundations website? It will be great to see IBM demonstrate its commitment to the interoperability standards of the OIDF and ODIC.
Kind Regards,
Ozair Sheikh
Wed August 02, 2017 08:17 PM
We do have future plans to add OIDC relying party support. With that being said, we have a mechanism today to 'redirect' the application to an external authentication system to perform authentication / authorization and then callback into APIc with the results.
The link here provides details: https://www.ibm.com/support/knowledgecenter/SSMNED_5.0.0/com.ibm.apic.toolkit.doc/task_apionprem_redirect_form_.html
Since its implicit grant, its not that difficult to write a microservice to make an openid call and parse out the access token from the URL.
Tomas Rosa
Wed August 02, 2017 03:45 PM
Hello Ozair Sheikh,
thank you for your effort on APIC in relation to PSD2. Unfortunatelly we need to integrate to external authentication server through OpenID Connect (Implicit grant at ideal) and currently APIC works only in OpenID Connect provider. Yes I know that multuprotocol gateway supports social login but integration to APIC environment is not so easy.
Do you plan to support OpenID Connect from client side? I mean that DataPower Gateway is in client role in OpenID connect to external authentication server.
Best regards
Tomas Rosa
Middleware
Topic groups
Application Infrastructure
DevOps
Integration
Management, ITSM, and AI Ops
Spectrum Computing Group
Expertise Connect(EC) Group
User groups
Events
Upcoming Middleware Events
On Demand Webinars
IBM Expert TV
Virtual Community Events
All IBM Community Events
Participate
Getting Started
Community Manager's Welcome
Post to Forum
Share a Resource
Blogging on the Community
Connect with Middleware Users
All IBM Community Users
Resources
IBM Support
IBM Cloud Support
IBM Champions
Demos
Cloud Integration Expert Labs & Learning Community
Meet the Middleware Team
Marketplace
Marketplace
Copyright © 2020 IBM Corporation. All rights reserved.
Powered by Higher Logic