2 mins read

OAuth, FAPI, and Security for Open Finance

Financial institutions can utilize Cloudentity to gain immediate compliance with Open Finance security profiles.

Cloudentity comes with instantly applicable, jurisdiction-specific, preconfigured Open Banking profiles that will make your solution instantly compliant in the area of security profile. The key elements that a profile encloses are:

  • We deliver fine-grained authorization (consent) capabilities which means that customers have direct control over the data they share. For example, consent can be limited to one of many customer’s accounts.

  • Cloudentity provides FAPI compliant authorization servers which can be set to a profile compliant with a specific Open Banking directive where your developers, fintech companies, and partners can register their applications, issue tokens for service consumption, and more.

  • Cloudentity authorization servers support various OAuth and OIDC authorization grant types and client authentication methods.

  • We can leverage the authentication factors your financial institution uses to fulfill the requirement of Strong Customer Authentication (that some of the directives require).

  • Cloudentity comes with a built-in policy engine responsible for enforcing authorization policies on application and request levels.

  • You get two authorization policies types: Cloudentity policies with a built-in UI editor and OPA policies written in REGO language.

  • You can integrate major API gateways and Service Meshes to discover your APIs within the Cloudentity platform using our Authorizers and enforce all access control measures for your APIs.

  • Use Cloudentity multi-tenancy model to spin up multiple authorization servers. If your bank has branches in multiple countries and needs to follow different directives, this is a way to go! Additionally, you can have different tenants for development, testing, and production environments.

  • We provide a developer portal functionality that allows the developers to register and manage their client applications. Additionally, applications can be dynamically registered with the use of Cloudentity APIs compliant with various OB reforms.

Updated: Sep 28, 2023