Open Banking and Cloudentity Walkthrough

Featured image for Open Banking and Cloudentity Walkthrough

Open Banking is coming to the rest of the world, and Cloudentity's Identity and Authorization for APIs provides the required mix of tools to automate the process of developers connecting to banking APIs while securing access down the the consumer consent of individual kinds of activities.

Here's a walkthrough of how some of these features work.

1 - Registering with the Open Banking Directory
Each country designates an organization that approves applications and manages the certificates and purpose of each application.  The developer registers with the Open Banking Directory, gets keys and/or certificates which allow the bank to easily identify legitimate developers and grant access to their Open Banking compliant APIs.

2 - Developer Portal Registration
Developers need an easy way to register with the bank to gain access to individual bank APIs. Cloudentity's developer portal automates the process by combining developer identity and application identity in the same platform.This allows banks to be Open Banking compliant while creating a manageable environment

3 - Creating and App with the Bank
Once the developer has created an account in the portal, they are able to submit their Software Statement Assertion (SSA) to create their application credentials. The Cloudentity portal verifies the SSA and maps the application to specific scopes required to grant the correct access to the banking APIs.

4 - Admin tools
Naturally, the process should be as automated as possible, but sometimes you need to make administrative changes. With tools to manage applications, users, organizations, multiple upstream IdPs, legacy SAML Service Providers and permissions.

5 - Consent
At the core of Open Banking is giving the consumer the ability to manage their own data. With Cloudentity's Permission Service and MicroPerimeter™ Security, banking APIs can be "consent aware" on a user by user, and app by app, basis.

Most Recent Related Stories

Making Dynamic Authorization an Essential Pillar in Federal Government Zero Trust Architecture Strategies Read More
Aligning Cloudentity Components with XACML Terminology Read More
Securing partner API integrations with OAuth mTLS Read More