Deploy Open Banking APIs

This page explains how to deploy an Open Banking API.

Before publishing the APIs, need to create the consumer role in WSO2 API Manager.

Create Consumer Role APIM Console

  1. Goto APIM Carbon Console: https://<APIM_HOSTNAME>:9443/carbon

  2. Log into APIM Carbon Console using APIM admin username and password.

  3. Click on Main Tab → Users and Roles → Add

  4. Click on Add New Role. am-add-new-role.png

  5. Enter role Details: am-add-role-details.png

    Domain Role Name
    INTERNAL consumer

  6. Click on Finish.

Publish Open Banking APIs

Note

WSO2 Open Banking Accelerator supports Accounts flow, Payments flow and Confirmation of Funds flow. Publish all three APIs before trying out the flows.

  1. Sign in to the API Publisher Portal at https://<APIM_HOSTNAME>:9443/publisher.

  2. In the homepage, go to REST API and select Import Open API. select-rest-api.png

  3. Select OpenAPI File/Archive. upload-swagger.png

  4. Click Browse File to Upload and select the required yaml file.

    API Swagger File
    Accounts account-info-swagger.yaml
    Payments payment-initiation-openapi.yaml
    Confimation of Funds funds-confirmation-openapi.yaml

  5. Click Next.

  6. Set the Context value as follows:

    API Context Value
    Accounts /open-banking/{version}/aisp
    Payments /open-banking/{version}/pisp
    Confimation of Funds /open-banking/{version}/cbpii

  7. Leave the Endpoint field empty as it is, Select the Gateway Type and click Create. configure-api.png

  8. Select Subscriptions from the left menu pane and uncheck all subscription plans. api-subscription.png

  9. Click Save.

  10. Go to Runtime using the left menu pane.
    select-runtime.png

  11. Toggle the Schema Validation button to enable Schema Validation for all APIs except for the Dynamic Client Registration API. schema-validation.png

  12. Go to Endpoints using the left menu pane.
    select-endpoint.png

  13. Select the endpoint types; Dynamic Endpoints and click Save.
    dynamic-endpoint.png

  14. Add JWT claim based access validation.

    Use aut as the Access verification claim name and value from below.

    Token Type Claim Value
    Client Credentials Grant APPLICATION
    Authorization Code Grant APPLICATION_USER

  15. Create and engage the required Inbuilt Gateway Enforcements

    Refer to the below table and engage the required policies for each API.

    API API Level Policies Operational Level Policies
    Accounts MTLS Enforcement Policy Consent Enforcement Policy
    Dynamic Endpoint Policy
    Payments MTLS Enforcement Policy Consent Enforcement Policy
    Dynamic Endpoint Policy
    Confirmation of Funds MTLS Enforcement Policy Consent Enforcement Policy
    Dynamic Endpoint Policy

  16. Select the API Gateway type, in this scenario, it is Default.

  17. Click Deploy.

  18. Go to Overview using the left menu pane.
    select-overview.png

  19. click Publish. publish-api.png

Once you deploy the APIs an API resource will be created along with the role mentioned in the swagger on the Identity Server side.

Note

If you have created the users, assign the roles created while publishing the APIs to the users.

Top