[Openid-specs-fapi] Using FAPI Locally at Bank

Anders Rundgren anders.rundgren.net at gmail.com
Sat Sep 21 08:26:54 UTC 2019

This is probably not a use case people subscribed to this mailing list is particularly interested in.
However, there are a couple of reason why this is a relevant issue:
- If the bank can use the API themselves it will likely be better maintained
- If the consumer payment market rather prefers schemes like Swish, TWINT, MobilePay https://empsa.org/ , <https://empsa.org/> FAPI and similar Open Banking APIs could fall in importance

FWIW, I have just started (yesterday...) to investigate how Open Banking APIs could work in a local scenario:
Swedbank uses the Berlin Group API but I guess the differences (on a higher level) compared to FAPI are not that big.

Anyway, since I'm not versed in OAuth2, I wonder if anybody out there have any ideas how to "patch" OAuth2 in such a way that an Open Banking API implementation could work in both local and remote mode without moving [too] many parts?  Local mode = trusted service not needing user consent.


More information about the Openid-specs-fapi mailing list