Table of Contents | ||||
---|---|---|---|---|
|
...
Version | Date | Author | Comments |
---|---|---|---|
v1.0.0 |
| Open Banking Read/Write API Team | Published |
Implementer's Draft v1.0.0 |
| Open Banking Read/Write API Team | Renamed to Implementer's Draft. Client Registration section moved to OB Directory Specification |
Implementer's Draft v1.0.1 |
| Open Banking Read/Write API Team | Recreating document from up to date sub sections. Clarifications to Implementation Guide
|
Implementer's Draft v1.1.0 | Open Banking Read/Write API Team | Reflecting changes to the R/W API specifications for v1.1:
| |
Implementer's Draft v1.1.1 | Open Banking Read/Write API Team | Reflecting errata updates resultant from live proving
Removing duplicate references to FAPI Read Write or Read specifications. Adding explicit line number references | |
Implementer's Draft v1.1.2 | Open Banking Read/Write API Team | Reflecting errata updates resultant from live proving and errata issued from the OIDF Financial API Working Group
|
Info | ||
---|---|---|
| ||
The MASTER location for this profile is located here: https://bitbucket.org/openid/obuk/src/4630771db004da59992fb201641f5c4ff2c881f1/uk-openbanking-security-profile.md?at=master&fileviewer=file-view-default Version Control is located here: https://bitbucket.org/openid/obuk/commits/all Git Commit Reference: 05-02-18 - c2df242 All changes are tracked as GIT commits for 100% transparency and visibility. Ideally comments, issues and pull requests will raised against the OIDF git repository however comments raised below as comments or on feedback pages will be responded too and incorporated during a transition period. |
UK Open Banking OIDC Security Profile
Bitbucket readme macro | ||||||||
---|---|---|---|---|---|---|---|---|
|
Expand | ||||||
---|---|---|---|---|---|---|
| ||||||
|
This document is based on the OpenID Foundations Financial API Read+Write specification document, FAPI-RW, which in turn is based on the Read only specification document. The OpenBanking profile will further shape these two base profiles in some cases tightening restrictions and in others loosening requirements using keywords. Please see the introduction to FAPI-RW for a general introduction to the aims of this document.
...
1. The PISP can query for the status of a Payment-Submission by invoking the /payment-submissions using the known PaymentSubmissionId. This can use an existing access token with payments scope or the PISP can obtain a fresh access token by replaying the client credentials grant request as per Step 2 - Setup Single Payment Initiation.
Request: payment-submissions/{PaymentSubmissionId} | Response: payment-submissions | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
|
2. A PISP can also optionally query for the status of a Payment resource by invoking /payments/{PaymentId}. This can use an existing access token with payments scope or the PISP can obtain a fresh access token by replaying the client credentials grant request as per Step 2 - Setup Single Payment Initiation.
Account API Specification
...