<div><div dir="auto">Yes - would you like to contact me off list and I can try to explain it?</div></div><div dir="auto"><br></div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, 26 Oct 2019 at 07:13, Anders Rundgren via Openid-specs-fapi <<a href="mailto:openid-specs-fapi@lists.openid.net">openid-specs-fapi@lists.openid.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi List,<br>
<br>
I'm currently exploring Open Banking APIs for payments.<br>
I have a hard time finding public¬† information regarding how to deal with OAuth tokens:<br>
<a href="https://standards.openbanking.org.uk/customer-experience-guidelines/pis-core-journeys/single-domestic-payments-supplementary-information/latest/" rel="noreferrer" target="_blank">https://standards.openbanking.org.uk/customer-experience-guidelines/pis-core-journeys/single-domestic-payments-supplementary-information/latest/</a><br>
<a href="http://w3c.github.io/payment-method-credit-transfer/#payer-initiated-through-payee" rel="noreferrer" target="_blank">http://w3c.github.io/payment-method-credit-transfer/#payer-initiated-through-payee</a><br>
<br>
Is there any mailing list dealing with such issues?<br>
<br>
This is my current (probably very n00b) problem/question:<br>
In order to perform any operation you must have a valid OAuth token, right?<br>
If the payer has no relation with the PISP, a new OAuth token must be created for each payment, right?<br>
Doesn't that lead to building an ever increasing heap of OAuth tokens in the ASPSP unless it caches the combination User + PISP?<br>
<br>
Does somebody out there have a complete flow chart for a Merchant/PISP/PSU/ASPSP payment?<br>
<br>
thanx<br>
Anders<br>
_______________________________________________<br>
Openid-specs-fapi mailing list<br>
<a href="mailto:Openid-specs-fapi@lists.openid.net" target="_blank">Openid-specs-fapi@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-fapi" rel="noreferrer" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-fapi</a><br>
</blockquote></div></div>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature">Rob Otto<br>EMEA Field CTO - Ping Identity <br>+44 777 135 6092</div>

<br>
<i style="margin:0px;padding:0px;border:0px;outline:0px;vertical-align:baseline;background:rgb(255,255,255);font-family:proxima-nova-zendesk,system-ui,-apple-system,system-ui,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,"Helvetica Neue",Arial,sans-serif;color:rgb(85,85,85)"><span style="margin:0px;padding:0px;border:0px;outline:0px;vertical-align:baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"><font size="2">CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.¬† If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.</font></span></i>