SlideShare a Scribd company logo

OBIE Directory Integration - A Technical Deep Dive

WSO2
WSO2

This deck will cover the OpenBanking OpenID Dynamic Client Registration Specification - v1.0.0-rc2, software statement assertion (SSA), automated client registration, manual client registration, and dynamic client registration v3.1

Technology
1 of 26
Download to read offline
OBIE Directory Integration A Technical Deep Dive Ashirwada Dayarathne Software Engineer WSO2 Open Banking 1
Agenda • The OpenBanking OpenID Dynamic Client Registration Specification - v1.0.0-rc2 • Software Statement Assertion (SSA) • Automated Client Registration • Manual Client Registration • Dynamic Client Registration v3.1
The OpenBanking OpenID Dynamic Client Registration Specification - v1.0.0-rc2 Automated Client Registration Manual Client Registration Dynamic Client Registration
Open Banking Client Registration TPP Primary technical Contact(PTC) OpenBanking Directory Developer Portal TPP Client Option A: Dynamic Client Registration Endpoint Option B: Developer Web Portal Open Banking Client Registration Overview(Option A, B) 1 Login 2 Download SSA 3A. Automated Client Registration 4A. OAuth Client Registration request w/SSA 5A. Response with Client Credentials 5B. SSO Response 4B. SSO Request6B. Download Client Credentials 3B. Manual Client Registration(Login to Portal) ASPSP
Software Statement Assertion (SSA) The SSA is a JSON Web Token (JWT) containing client metadata about an instance of TPP client software. The JWT is issued and signed by the OpenBanking Directory. Sample SSA https://docs.google.com/document/d/1jNkJFixqciZKwx3SAPbwUVMXZdlR3Zt4zHbY4tB9pPQ/edit
Dynamic Client Registration v1.0.0-rc2 Automated Flow
Automated Client Registration OBIE Directory TPP PTC TPP Client Dynamic Client Registration Endpoint Download the SSA Login to OBIE Directory Onboard through automated flow ASPSP Validate SSA and onboard TPP Client Registration request with SSA Client credentials Client credentials
Client Registration Endpoint • If an ASPSP supports automated client registration, the ASPSP MUST operate an [RFC7591] compliant registration endpoint. • The client registration endpoint MUST be protected by transport-layer security
Flow of Automated Client Registration with WSO2 Open Banking :TPP :APIM :OB Directory Validate Request Create Application Subscribe API Generate Keys Register SSA Register Credentials
Configurations • Upload the Open Banking directory root and issuing certificates to the client truststore in both API Manager and Identity Server. • A new message formatter and message builder should be added to the axis2 xml config file in <AM_HOME>/repository/conf/axis2 folder. This is to support the content type application/jwt. • To store any of the properties coming from SSA, need to add the server level configuration to api-manager.xml which resides in <AM_HOME>/repository/conf in folder 10
Configurations • Following parameters need to be added to the open banking.xml file in the <AM_HOME>/repository/conf/finance folder • Supported authentication methods for the token endpoint • The connection and read timeout values for retrieving the remote jwks to validate the ssa and request jwt signatures during tpp registration • The endpoint urls are to access the rest APIs of API manager in order to create the application, service provider and generate keys for the application. • Enable validations for the policy,client,terms of service,logo uris • Enable validations for the hostnames of policy,client,terms of service, logo uris match with the hostname of redirect uri • APIs that need to be subscribed 11
DCR Sample Request & Response https://docs.google.com/document/d/1nRMQi4QRGfC1-aKpLfJ6472WbomMHHDXDvLV LOihDpY/edit?usp=sharing
Manual Client Registration v1.0.0-rc2 Integration with OBIE flow
Manual Client Registration • In this mechanism, TPP uses OB directory as a federated Identity Provider to log in to the API store using Single Sign On (SSO). • The TPP need to be registered with OB Directory as an AISP or PISP for a successful login • The authorization code grant is used in OIDC flow when using the federated IDP
Manual Client Registration OBIE Directory TPP PTC Developer Web Portal of the ASPSP Download the SSA Login to OBIE Directory Login to developer portal ASPSP SSO Request Login details Client credentials SSO Response Download client credentials
Flow of Manual Client Registration with WSO2 Open Banking • User login to APIM store • User get redirected to OB directory login • User logs in using OB credentials • Second factor authentication using PING ID mobile app • User gets logged in to the APIM store • User pastes a valid SSA and clicks on add to create the application
Configurations ● Create an IDP with the configurations for OB directory ● Create a service provider ● Update config changes in site.json which resides in <OB_APIM_HOME>/repository/deployment/server/jaggeryapps/store/site/conf folder. ● Include the attributes which need to be stored in api manager xml ● Update the key store with OB root and issuer certificates
Dynamic Client Registration v3.1/v3.2
Dynamic Client Registration v3.1/v3.2 ● DCR v3.1 & v3.2 are a supersede of the Open Banking OpenID Connect (OIDC) Dynamic Client Registration Profile. ● Dynamic Client Registration v3.1 Specification https://openbanking.atlassian.net/wiki/spaces/DZ/pages/937066600/Dynamic+Client+Registrati on+-+v3.1 ● Dynamic Client Registration v3.2 Specification https://openbanking.atlassian.net/wiki/spaces/DZ/pages/1078034771/Dynamic+Client+Registra tion+-+v3.2
Changes compared to v1.0.0-rc2 1. Software Statement A Software Statement may be issued by any actor that is trusted by the authorization server. According to the spec these actors can be but is not limited to: • The TPP itself • The Directory solution provided by OBIE • Another Directory service provider 2. Authentication Authentication section have two parts for authentication of different types of requests. • POST operation - TLS Mutual Authentication • GET, PUT and DELETE operations - client credentials grant
Changes Compared to v1.0.0-rc2 3. Endpoints HTTP Operation Endpoint Mandatory ? Grant Type POST POST /register Conditional NA GET GET /register/{ClientId} Optional Client Credentials PUT PUT /register/{ClientId} Optional Client Credentials DELETE DELETE /register/{ClientId} Optional Client Credentials
DCR v3.1 with WSO2 Open Banking ● For DCR v3.1, a separate API is written to expose via APIM ● All the APIs invoked are routed to the internal API which is written in APIM through the insequence in gateway level.
Architecture for DCR v3.1 in WSO2 Open Banking Gateway Insequence API Service DAO IS DB APIM POST GET PUT DELETE Generate Access Token Calls to APIM 1 - Request Admin Credentials 2 - Create Admin Stub 3 - Create User 4 - Get all Applications 5 - Create Application 6 - Generate Keys
Release Details for DCR v3.1 • Will be available before the september deadline
WSO2 Documentation for TPP Onboarding • For more information refer the WSO2 documentation TPP Onboarding
THANK YOU wso2.com THANK YOU wso2.com

Recommended

Risc cisc Difference
Risc cisc DifferenceRisc cisc Difference
Risc cisc Difference
Sehrish Asif
 
Chapter 1 Introduction to Digital Logic
Chapter 1 Introduction to Digital LogicChapter 1 Introduction to Digital Logic
Chapter 1 Introduction to Digital Logic
ISMT College
 
Introduction to Embedded Systems
Introduction to Embedded SystemsIntroduction to Embedded Systems
Introduction to Embedded Systems
WalaaMohamed
 
FPGA Based Digital Logic Circuits Operation for Beginners
FPGA Based Digital Logic Circuits Operation for BeginnersFPGA Based Digital Logic Circuits Operation for Beginners
FPGA Based Digital Logic Circuits Operation for Beginners
ijtsrd
 
Programmable dma controller 8237
Programmable dma controller 8237Programmable dma controller 8237
Programmable dma controller 8237
saravanamanikandan02
 
Types of Instruction Format
Types of Instruction FormatTypes of Instruction Format
Types of Instruction Format
Dhrumil Panchal
 
RTL-Design for beginners
RTL-Design for beginnersRTL-Design for beginners
RTL-Design for beginners
Dr.YNM
 
Chapter 8
Chapter 8Chapter 8
Chapter 8
deval patel
 

Recommended

Risc cisc Difference
Risc cisc DifferenceRisc cisc Difference
Risc cisc Difference
Sehrish Asif
 
Chapter 1 Introduction to Digital Logic
Chapter 1 Introduction to Digital LogicChapter 1 Introduction to Digital Logic
Chapter 1 Introduction to Digital Logic
ISMT College
 
Introduction to Embedded Systems
Introduction to Embedded SystemsIntroduction to Embedded Systems
Introduction to Embedded Systems
WalaaMohamed
 
FPGA Based Digital Logic Circuits Operation for Beginners
FPGA Based Digital Logic Circuits Operation for BeginnersFPGA Based Digital Logic Circuits Operation for Beginners
FPGA Based Digital Logic Circuits Operation for Beginners
ijtsrd
 
Programmable dma controller 8237
Programmable dma controller 8237Programmable dma controller 8237
Programmable dma controller 8237
saravanamanikandan02
 
Types of Instruction Format
Types of Instruction FormatTypes of Instruction Format
Types of Instruction Format
Dhrumil Panchal
 
RTL-Design for beginners
RTL-Design for beginnersRTL-Design for beginners
RTL-Design for beginners
Dr.YNM
 
Chapter 8
Chapter 8Chapter 8
Chapter 8
deval patel
 
Arm cm3 architecture_and_programmer_model
Arm cm3 architecture_and_programmer_modelArm cm3 architecture_and_programmer_model
Arm cm3 architecture_and_programmer_model
Ganesh Naik
 
ARM Micro-controller
ARM Micro-controllerARM Micro-controller
ARM Micro-controller
Ravikumar Tiwari
 
Addressing modes
Addressing modesAddressing modes
Addressing modes
RAMESHBABUA3
 
Advanced Processor Power Point Presentation
Advanced Processor Power Point PresentationAdvanced Processor Power Point Presentation
Advanced Processor Power Point Presentation
PrashantYadav931011
 
State table and characteristic equation for sequential circuit
State table and characteristic equation for sequential circuitState table and characteristic equation for sequential circuit
State table and characteristic equation for sequential circuit
Preet_patel
 
ARM7-ARCHITECTURE
ARM7-ARCHITECTURE ARM7-ARCHITECTURE
ARM7-ARCHITECTURE
Dr.YNM
 
Embedded c
Embedded cEmbedded c
Embedded c
Ami Prakash
 
interfacing of temperature sensor LM 35 with 8051.pdf
interfacing of temperature sensor LM 35 with 8051.pdfinterfacing of temperature sensor LM 35 with 8051.pdf
interfacing of temperature sensor LM 35 with 8051.pdf
Srikrishna Thota
 
ARM - Advance RISC Machine
ARM - Advance RISC MachineARM - Advance RISC Machine
ARM - Advance RISC Machine
EdutechLearners
 
1.ripple carry adder, full adder implementation using half adder.
1.ripple carry adder, full adder implementation using half adder.1.ripple carry adder, full adder implementation using half adder.
1.ripple carry adder, full adder implementation using half adder.
MdFazleRabbi18
 
Introduction to C++ Remote Procedure Call (RPC)
Introduction to C++ Remote Procedure Call (RPC)Introduction to C++ Remote Procedure Call (RPC)
Introduction to C++ Remote Procedure Call (RPC)
Abdelrahman Al-Ogail
 
Microprocessor Lab Manual by Er. Swapnil V. Kaware
Microprocessor Lab Manual by Er. Swapnil V. KawareMicroprocessor Lab Manual by Er. Swapnil V. Kaware
Microprocessor Lab Manual by Er. Swapnil V. Kaware
Prof. Swapnil V. Kaware
 
Programmableperipheralinterface 8255 ppt
Programmableperipheralinterface 8255 pptProgrammableperipheralinterface 8255 ppt
Programmableperipheralinterface 8255 ppt
sharan Kumar
 
Key board interfacing with 8051
Key board interfacing with 8051Key board interfacing with 8051
Key board interfacing with 8051
DominicHendry
 
Clocked Sequential circuit analysis and design
Clocked Sequential circuit analysis and designClocked Sequential circuit analysis and design
Clocked Sequential circuit analysis and design
Dr Naim R Kidwai
 
Lecture 03 basics of pic
Lecture 03 basics of picLecture 03 basics of pic
Lecture 03 basics of pic
Vajira Thambawita
 
Introduction to msp430
Introduction to msp430Introduction to msp430
Introduction to msp430
Harsha herle
 
Electronic (digital) dice.pptx
Electronic (digital) dice.pptxElectronic (digital) dice.pptx
Electronic (digital) dice.pptx
AhmadSajjad34
 
Introduction to 8085 & it's description(includes basic lab experiments)
Introduction to 8085 & it's description(includes basic lab experiments)Introduction to 8085 & it's description(includes basic lab experiments)
Introduction to 8085 & it's description(includes basic lab experiments)
Basil John
 
Circuit Partitioning for VLSI Layout presented by Oveis Dehghantanha
Circuit Partitioning for VLSI Layout presented by Oveis DehghantanhaCircuit Partitioning for VLSI Layout presented by Oveis Dehghantanha
Circuit Partitioning for VLSI Layout presented by Oveis Dehghantanha
oveis dehghantanha
 
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
WSO2
 
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
apidays
 

More Related Content

What's hot

Arm cm3 architecture_and_programmer_model
Arm cm3 architecture_and_programmer_modelArm cm3 architecture_and_programmer_model
Arm cm3 architecture_and_programmer_model
Ganesh Naik
 
ARM Micro-controller
ARM Micro-controllerARM Micro-controller
ARM Micro-controller
Ravikumar Tiwari
 
Addressing modes
Addressing modesAddressing modes
Addressing modes
RAMESHBABUA3
 
Advanced Processor Power Point Presentation
Advanced Processor Power Point PresentationAdvanced Processor Power Point Presentation
Advanced Processor Power Point Presentation
PrashantYadav931011
 
State table and characteristic equation for sequential circuit
State table and characteristic equation for sequential circuitState table and characteristic equation for sequential circuit
State table and characteristic equation for sequential circuit
Preet_patel
 
ARM7-ARCHITECTURE
ARM7-ARCHITECTURE ARM7-ARCHITECTURE
ARM7-ARCHITECTURE
Dr.YNM
 
Embedded c
Embedded cEmbedded c
Embedded c
Ami Prakash
 
interfacing of temperature sensor LM 35 with 8051.pdf
interfacing of temperature sensor LM 35 with 8051.pdfinterfacing of temperature sensor LM 35 with 8051.pdf
interfacing of temperature sensor LM 35 with 8051.pdf
Srikrishna Thota
 
ARM - Advance RISC Machine
ARM - Advance RISC MachineARM - Advance RISC Machine
ARM - Advance RISC Machine
EdutechLearners
 
1.ripple carry adder, full adder implementation using half adder.
1.ripple carry adder, full adder implementation using half adder.1.ripple carry adder, full adder implementation using half adder.
1.ripple carry adder, full adder implementation using half adder.
MdFazleRabbi18
 
Introduction to C++ Remote Procedure Call (RPC)
Introduction to C++ Remote Procedure Call (RPC)Introduction to C++ Remote Procedure Call (RPC)
Introduction to C++ Remote Procedure Call (RPC)
Abdelrahman Al-Ogail
 
Microprocessor Lab Manual by Er. Swapnil V. Kaware
Microprocessor Lab Manual by Er. Swapnil V. KawareMicroprocessor Lab Manual by Er. Swapnil V. Kaware
Microprocessor Lab Manual by Er. Swapnil V. Kaware
Prof. Swapnil V. Kaware
 
Programmableperipheralinterface 8255 ppt
Programmableperipheralinterface 8255 pptProgrammableperipheralinterface 8255 ppt
Programmableperipheralinterface 8255 ppt
sharan Kumar
 
Key board interfacing with 8051
Key board interfacing with 8051Key board interfacing with 8051
Key board interfacing with 8051
DominicHendry
 
Clocked Sequential circuit analysis and design
Clocked Sequential circuit analysis and designClocked Sequential circuit analysis and design
Clocked Sequential circuit analysis and design
Dr Naim R Kidwai
 
Lecture 03 basics of pic
Lecture 03 basics of picLecture 03 basics of pic
Lecture 03 basics of pic
Vajira Thambawita
 
Introduction to msp430
Introduction to msp430Introduction to msp430
Introduction to msp430
Harsha herle
 
Electronic (digital) dice.pptx
Electronic (digital) dice.pptxElectronic (digital) dice.pptx
Electronic (digital) dice.pptx
AhmadSajjad34
 
Introduction to 8085 & it's description(includes basic lab experiments)
Introduction to 8085 & it's description(includes basic lab experiments)Introduction to 8085 & it's description(includes basic lab experiments)
Introduction to 8085 & it's description(includes basic lab experiments)
Basil John
 
Circuit Partitioning for VLSI Layout presented by Oveis Dehghantanha
Circuit Partitioning for VLSI Layout presented by Oveis DehghantanhaCircuit Partitioning for VLSI Layout presented by Oveis Dehghantanha
Circuit Partitioning for VLSI Layout presented by Oveis Dehghantanha
oveis dehghantanha
 

What's hot (20)

Arm cm3 architecture_and_programmer_model
Arm cm3 architecture_and_programmer_modelArm cm3 architecture_and_programmer_model
Arm cm3 architecture_and_programmer_model
 
ARM Micro-controller
ARM Micro-controllerARM Micro-controller
ARM Micro-controller
 
Addressing modes
Addressing modesAddressing modes
Addressing modes
 
Advanced Processor Power Point Presentation
Advanced Processor Power Point PresentationAdvanced Processor Power Point Presentation
Advanced Processor Power Point Presentation
 
State table and characteristic equation for sequential circuit
State table and characteristic equation for sequential circuitState table and characteristic equation for sequential circuit
State table and characteristic equation for sequential circuit
 
ARM7-ARCHITECTURE
ARM7-ARCHITECTURE ARM7-ARCHITECTURE
ARM7-ARCHITECTURE
 
Embedded c
Embedded cEmbedded c
Embedded c
 
interfacing of temperature sensor LM 35 with 8051.pdf
interfacing of temperature sensor LM 35 with 8051.pdfinterfacing of temperature sensor LM 35 with 8051.pdf
interfacing of temperature sensor LM 35 with 8051.pdf
 
ARM - Advance RISC Machine
ARM - Advance RISC MachineARM - Advance RISC Machine
ARM - Advance RISC Machine
 
1.ripple carry adder, full adder implementation using half adder.
1.ripple carry adder, full adder implementation using half adder.1.ripple carry adder, full adder implementation using half adder.
1.ripple carry adder, full adder implementation using half adder.
 
Introduction to C++ Remote Procedure Call (RPC)
Introduction to C++ Remote Procedure Call (RPC)Introduction to C++ Remote Procedure Call (RPC)
Introduction to C++ Remote Procedure Call (RPC)
 
Microprocessor Lab Manual by Er. Swapnil V. Kaware
Microprocessor Lab Manual by Er. Swapnil V. KawareMicroprocessor Lab Manual by Er. Swapnil V. Kaware
Microprocessor Lab Manual by Er. Swapnil V. Kaware
 
Programmableperipheralinterface 8255 ppt
Programmableperipheralinterface 8255 pptProgrammableperipheralinterface 8255 ppt
Programmableperipheralinterface 8255 ppt
 
Key board interfacing with 8051
Key board interfacing with 8051Key board interfacing with 8051
Key board interfacing with 8051
 
Clocked Sequential circuit analysis and design
Clocked Sequential circuit analysis and designClocked Sequential circuit analysis and design
Clocked Sequential circuit analysis and design
 
Lecture 03 basics of pic
Lecture 03 basics of picLecture 03 basics of pic
Lecture 03 basics of pic
 
Introduction to msp430
Introduction to msp430Introduction to msp430
Introduction to msp430
 
Electronic (digital) dice.pptx
Electronic (digital) dice.pptxElectronic (digital) dice.pptx
Electronic (digital) dice.pptx
 
Introduction to 8085 & it's description(includes basic lab experiments)
Introduction to 8085 & it's description(includes basic lab experiments)Introduction to 8085 & it's description(includes basic lab experiments)
Introduction to 8085 & it's description(includes basic lab experiments)
 
Circuit Partitioning for VLSI Layout presented by Oveis Dehghantanha
Circuit Partitioning for VLSI Layout presented by Oveis DehghantanhaCircuit Partitioning for VLSI Layout presented by Oveis Dehghantanha
Circuit Partitioning for VLSI Layout presented by Oveis Dehghantanha
 

Similar to OBIE Directory Integration - A Technical Deep Dive

[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
WSO2
 
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
apidays
 
MSB Deep Dive
MSB Deep DiveMSB Deep Dive
MSB Deep Dive
Huabing Zhao
 
How to build Simple yet powerful API.pptx
How to build Simple yet powerful API.pptxHow to build Simple yet powerful API.pptx
How to build Simple yet powerful API.pptx
Channa Ly
 
What’s New With WSO2 Open Banking?
What’s New With WSO2 Open Banking?What’s New With WSO2 Open Banking?
What’s New With WSO2 Open Banking?
WSO2
 
Online Meetup - MuleSoft - June 2020
Online Meetup - MuleSoft - June 2020 Online Meetup - MuleSoft - June 2020
Online Meetup - MuleSoft - June 2020
Royston Lobo
 
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Hitachi, Ltd. OSS Solution Center.
 
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
Vladimir Bychkov
 
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
APIsecure_ Official
 
Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?
Hitachi, Ltd. OSS Solution Center.
 
Webinar: Embracing REST APIs through APPSeCONNECT
Webinar: Embracing REST APIs through APPSeCONNECTWebinar: Embracing REST APIs through APPSeCONNECT
Webinar: Embracing REST APIs through APPSeCONNECT
APPSeCONNECT
 
apidays LIVE Hong Kong 2021 - Next Stage for Open API at Banking Industry by ...
apidays LIVE Hong Kong 2021 - Next Stage for Open API at Banking Industry by ...apidays LIVE Hong Kong 2021 - Next Stage for Open API at Banking Industry by ...
apidays LIVE Hong Kong 2021 - Next Stage for Open API at Banking Industry by ...
apidays
 
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2
 
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
Profesia Srl, Lynx Group
 
CIS 2015 Extreme OAuth - Paul Meyer
CIS 2015 Extreme OAuth - Paul MeyerCIS 2015 Extreme OAuth - Paul Meyer
CIS 2015 Extreme OAuth - Paul Meyer
CloudIDSummit
 
WEB API Gateway
WEB API GatewayWEB API Gateway
WEB API Gateway
Kumaresh Chandra Baruri
 
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIsWSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best Practice
Shiu-Fun Poon
 
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachi
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachiapidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachi
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachi
apidays
 
RPKI RTAs and RDAP Mirroring
RPKI RTAs and RDAP MirroringRPKI RTAs and RDAP Mirroring
RPKI RTAs and RDAP Mirroring
APNIC
 

Similar to OBIE Directory Integration - A Technical Deep Dive (20)

[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
 
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
 
MSB Deep Dive
MSB Deep DiveMSB Deep Dive
MSB Deep Dive
 
How to build Simple yet powerful API.pptx
How to build Simple yet powerful API.pptxHow to build Simple yet powerful API.pptx
How to build Simple yet powerful API.pptx
 
What’s New With WSO2 Open Banking?
What’s New With WSO2 Open Banking?What’s New With WSO2 Open Banking?
What’s New With WSO2 Open Banking?
 
Online Meetup - MuleSoft - June 2020
Online Meetup - MuleSoft - June 2020 Online Meetup - MuleSoft - June 2020
Online Meetup - MuleSoft - June 2020
 
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
Lightweight Zero-trust Network Implementation and Transition with Keycloak an...
 
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
2019 - Nova Code Camp - AuthZ fundamentals with ASP.NET Core
 
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
 
Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?
 
Webinar: Embracing REST APIs through APPSeCONNECT
Webinar: Embracing REST APIs through APPSeCONNECTWebinar: Embracing REST APIs through APPSeCONNECT
Webinar: Embracing REST APIs through APPSeCONNECT
 
apidays LIVE Hong Kong 2021 - Next Stage for Open API at Banking Industry by ...
apidays LIVE Hong Kong 2021 - Next Stage for Open API at Banking Industry by ...apidays LIVE Hong Kong 2021 - Next Stage for Open API at Banking Industry by ...
apidays LIVE Hong Kong 2021 - Next Stage for Open API at Banking Industry by ...
 
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
 
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
 
CIS 2015 Extreme OAuth - Paul Meyer
CIS 2015 Extreme OAuth - Paul MeyerCIS 2015 Extreme OAuth - Paul Meyer
CIS 2015 Extreme OAuth - Paul Meyer
 
WEB API Gateway
WEB API GatewayWEB API Gateway
WEB API Gateway
 
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIsWSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best Practice
 
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachi
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachiapidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachi
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachi
 
RPKI RTAs and RDAP Mirroring
RPKI RTAs and RDAP MirroringRPKI RTAs and RDAP Mirroring
RPKI RTAs and RDAP Mirroring
 

More from WSO2

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
WSO2
 
Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2
WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
WSO2
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
WSO2
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
WSO2
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
WSO2
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
WSO2
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
WSO2
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2
 

More from WSO2 (20)

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
 
Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
 

Recently uploaded

Principle of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptxPrinciple of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptx
BibashShahi
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE VisionWhat is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
DianaGray10
 
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
Fwdays
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
Fwdays
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Miro Wengner
 
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
Safe Software
 
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Pitangent Analytics & Technology Solutions Pvt. Ltd
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
ScyllaDB
 
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsConnector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
DianaGray10
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
Neo4j
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Alpen-Adria-Universität
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Precisely
 

Recently uploaded (20)

Principle of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptxPrinciple of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptx
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE VisionWhat is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
 
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
 
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
 
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
 
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsConnector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
 

OBIE Directory Integration - A Technical Deep Dive

  • 1. OBIE Directory Integration A Technical Deep Dive Ashirwada Dayarathne Software Engineer WSO2 Open Banking 1
  • 2. Agenda • The OpenBanking OpenID Dynamic Client Registration Specification - v1.0.0-rc2 • Software Statement Assertion (SSA) • Automated Client Registration • Manual Client Registration • Dynamic Client Registration v3.1
  • 3. The OpenBanking OpenID Dynamic Client Registration Specification - v1.0.0-rc2 Automated Client Registration Manual Client Registration Dynamic Client Registration
  • 4. Open Banking Client Registration TPP Primary technical Contact(PTC) OpenBanking Directory Developer Portal TPP Client Option A: Dynamic Client Registration Endpoint Option B: Developer Web Portal Open Banking Client Registration Overview(Option A, B) 1 Login 2 Download SSA 3A. Automated Client Registration 4A. OAuth Client Registration request w/SSA 5A. Response with Client Credentials 5B. SSO Response 4B. SSO Request6B. Download Client Credentials 3B. Manual Client Registration(Login to Portal) ASPSP
  • 5. Software Statement Assertion (SSA) The SSA is a JSON Web Token (JWT) containing client metadata about an instance of TPP client software. The JWT is issued and signed by the OpenBanking Directory. Sample SSA https://docs.google.com/document/d/1jNkJFixqciZKwx3SAPbwUVMXZdlR3Zt4zHbY4tB9pPQ/edit
  • 7. Automated Client Registration OBIE Directory TPP PTC TPP Client Dynamic Client Registration Endpoint Download the SSA Login to OBIE Directory Onboard through automated flow ASPSP Validate SSA and onboard TPP Client Registration request with SSA Client credentials Client credentials
  • 8. Client Registration Endpoint • If an ASPSP supports automated client registration, the ASPSP MUST operate an [RFC7591] compliant registration endpoint. • The client registration endpoint MUST be protected by transport-layer security
  • 9. Flow of Automated Client Registration with WSO2 Open Banking :TPP :APIM :OB Directory Validate Request Create Application Subscribe API Generate Keys Register SSA Register Credentials
  • 10. Configurations • Upload the Open Banking directory root and issuing certificates to the client truststore in both API Manager and Identity Server. • A new message formatter and message builder should be added to the axis2 xml config file in <AM_HOME>/repository/conf/axis2 folder. This is to support the content type application/jwt. • To store any of the properties coming from SSA, need to add the server level configuration to api-manager.xml which resides in <AM_HOME>/repository/conf in folder 10
  • 11. Configurations • Following parameters need to be added to the open banking.xml file in the <AM_HOME>/repository/conf/finance folder • Supported authentication methods for the token endpoint • The connection and read timeout values for retrieving the remote jwks to validate the ssa and request jwt signatures during tpp registration • The endpoint urls are to access the rest APIs of API manager in order to create the application, service provider and generate keys for the application. • Enable validations for the policy,client,terms of service,logo uris • Enable validations for the hostnames of policy,client,terms of service, logo uris match with the hostname of redirect uri • APIs that need to be subscribed 11
  • 12. DCR Sample Request & Response https://docs.google.com/document/d/1nRMQi4QRGfC1-aKpLfJ6472WbomMHHDXDvLV LOihDpY/edit?usp=sharing
  • 14. Manual Client Registration • In this mechanism, TPP uses OB directory as a federated Identity Provider to log in to the API store using Single Sign On (SSO). • The TPP need to be registered with OB Directory as an AISP or PISP for a successful login • The authorization code grant is used in OIDC flow when using the federated IDP
  • 15. Manual Client Registration OBIE Directory TPP PTC Developer Web Portal of the ASPSP Download the SSA Login to OBIE Directory Login to developer portal ASPSP SSO Request Login details Client credentials SSO Response Download client credentials
  • 16. Flow of Manual Client Registration with WSO2 Open Banking • User login to APIM store • User get redirected to OB directory login • User logs in using OB credentials • Second factor authentication using PING ID mobile app • User gets logged in to the APIM store • User pastes a valid SSA and clicks on add to create the application
  • 17. Configurations ● Create an IDP with the configurations for OB directory ● Create a service provider ● Update config changes in site.json which resides in <OB_APIM_HOME>/repository/deployment/server/jaggeryapps/store/site/conf folder. ● Include the attributes which need to be stored in api manager xml ● Update the key store with OB root and issuer certificates
  • 19. Dynamic Client Registration v3.1/v3.2 ● DCR v3.1 & v3.2 are a supersede of the Open Banking OpenID Connect (OIDC) Dynamic Client Registration Profile. ● Dynamic Client Registration v3.1 Specification https://openbanking.atlassian.net/wiki/spaces/DZ/pages/937066600/Dynamic+Client+Registrati on+-+v3.1 ● Dynamic Client Registration v3.2 Specification https://openbanking.atlassian.net/wiki/spaces/DZ/pages/1078034771/Dynamic+Client+Registra tion+-+v3.2
  • 20. Changes compared to v1.0.0-rc2 1. Software Statement A Software Statement may be issued by any actor that is trusted by the authorization server. According to the spec these actors can be but is not limited to: • The TPP itself • The Directory solution provided by OBIE • Another Directory service provider 2. Authentication Authentication section have two parts for authentication of different types of requests. • POST operation - TLS Mutual Authentication • GET, PUT and DELETE operations - client credentials grant
  • 21. Changes Compared to v1.0.0-rc2 3. Endpoints HTTP Operation Endpoint Mandatory ? Grant Type POST POST /register Conditional NA GET GET /register/{ClientId} Optional Client Credentials PUT PUT /register/{ClientId} Optional Client Credentials DELETE DELETE /register/{ClientId} Optional Client Credentials
  • 22. DCR v3.1 with WSO2 Open Banking ● For DCR v3.1, a separate API is written to expose via APIM ● All the APIs invoked are routed to the internal API which is written in APIM through the insequence in gateway level.
  • 23. Architecture for DCR v3.1 in WSO2 Open Banking Gateway Insequence API Service DAO IS DB APIM POST GET PUT DELETE Generate Access Token Calls to APIM 1 - Request Admin Credentials 2 - Create Admin Stub 3 - Create User 4 - Get all Applications 5 - Create Application 6 - Generate Keys
  • 24. Release Details for DCR v3.1 • Will be available before the september deadline
  • 25. WSO2 Documentation for TPP Onboarding • For more information refer the WSO2 documentation TPP Onboarding