[Openid-specs-fapi] Using FAPI Locally at Bank
Anders Rundgren
anders.rundgren.net at gmail.com
Sat Sep 21 08:26:54 UTC 2019
This is probably not a use case people subscribed to this mailing list is particularly interested in.
However, there are a couple of reason why this is a relevant issue:
- If the bank can use the API themselves it will likely be better maintained
- If the consumer payment market rather prefers schemes like Swish, TWINT, MobilePay https://empsa.org/ , <https://empsa.org/> FAPI and similar Open Banking APIs could fall in importance
FWIW, I have just started (yesterday...) to investigate how Open Banking APIs could work in a local scenario:
https://github.com/cyberphone/swedbank-psd2-saturn
Swedbank uses the Berlin Group API but I guess the differences (on a higher level) compared to FAPI are not that big.
Anyway, since I'm not versed in OAuth2, I wonder if anybody out there have any ideas how to "patch" OAuth2 in such a way that an Open Banking API implementation could work in both local and remote mode without moving [too] many parts? Local mode = trusted service not needing user consent.
Cheers,
Anders
More information about the Openid-specs-fapi
mailing list