Connections between Santander to Open Banking are specified below.
- JWKS endpoint – this is open to public anyway
- Open Banking IdP – used for authenticating TPP PTCs/STCs through OIDC flows.
- Open Banking Token Provider – to retrieve access tokens
- Open Banking Directory – to invoke SCIM endpoints for TPP information
Out of the above, Santander's understanding is that only point 3 and 4 need to be accessed over TLS MA. Santander is using a B2B proxy to connect to these, where we currently don’t support TLS MA.
Note: The MIT directory is allowing TLS only connections and does not support TLS MA, therefore we have not been able to test a solution from our B2B proxy which will take some weeks before we can test and support this with the Production environment.