Barclays - Online Banking - PSU cannot complete consent if they refresh or click any links

Description

Barclays - Online Banking - PSU cannot complete consent if they refresh or click any links

On the web-to-web consent journey, after the PSU logs in, they are presented with the consent screen to select the accounts for which to share account information for (see attached image). If they click on any of the other links on the page, for example one of the drop down menus at the top, they are redirected to those pages, and it is not possible for them to return to the consent journey or the TPP.

As with OBSD-6455, this breaks the Oauth redirection flow as the PSU is "swallowed" by Barclays, and there is no feasible option for them to be able to return back to the TPP.

Expected

The PSU should always have the option to be redirected back to the TPP if they cannot complete the consent journey.

Actual

The PSU is "stuck" on the Barclays Online Banking page and has no feasible options for them to return back to the TPP.

Impact

Critical. This change has been pushed onto a live production, breaking redirection flows for PSUs that click on any of the links provided to them during the consent journey.

Technical Impact

None

Workaround

None

Resolution Notes

None

Impact Assessment

None

Status

Assignee

Unassigned

Reporter

Service Desk

Reference

None

Service Desk Reference

OBSD-6481

ASPSP

Query Type

None

Created (Original)

Feb 01, 2019, 4:11 PM

TPP Impact

High

Issue Summary

Barclays - Online Banking - PSU cannot complete consent if they refresh or click any links

OB Environment

Production

Business Impact Severity

None

Share

Yes
Configure