<div><div dir="auto">Yes - would you like to contact me off list and I can try to explain it?</div></div><div dir="auto"><br></div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, 26 Oct 2019 at 07:13, Anders Rundgren via Openid-specs-fapi <<a href="mailto:openid-specs-fapi@lists.openid.net">openid-specs-fapi@lists.openid.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi List,<br>
<br>
I'm currently exploring Open Banking APIs for payments.<br>
I have a hard time finding public  information regarding how to deal with OAuth tokens:<br>
<a href="https://standards.openbanking.org.uk/customer-experience-guidelines/pis-core-journeys/single-domestic-payments-supplementary-information/latest/" rel="noreferrer" target="_blank">https://standards.openbanking.org.uk/customer-experience-guidelines/pis-core-journeys/single-domestic-payments-supplementary-information/latest/</a><br>
<a href="http://w3c.github.io/payment-method-credit-transfer/#payer-initiated-through-payee" rel="noreferrer" target="_blank">http://w3c.github.io/payment-method-credit-transfer/#payer-initiated-through-payee</a><br>
<br>
Is there any mailing list dealing with such issues?<br>
<br>
This is my current (probably very n00b) problem/question:<br>
In order to perform any operation you must have a valid OAuth token, right?<br>
If the payer has no relation with the PISP, a new OAuth token must be created for each payment, right?<br>
Doesn't that lead to building an ever increasing heap of OAuth tokens in the ASPSP unless it caches the combination User + PISP?<br>
<br>
Does somebody out there have a complete flow chart for a Merchant/PISP/PSU/ASPSP payment?<br>
<br>
thanx<br>
Anders<br>
_______________________________________________<br>
Openid-specs-fapi mailing list<br>
<a href="mailto:Openid-specs-fapi@lists.openid.net" target="_blank">Openid-specs-fapi@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-fapi" rel="noreferrer" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-fapi</a><br>
</blockquote></div></div>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature">Rob Otto<br>EMEA Field CTO - Ping Identity <br>+44 777 135 6092</div>

<br>
<i style="margin:0px;padding:0px;border:0px;outline:0px;vertical-align:baseline;background:rgb(255,255,255);font-family:proxima-nova-zendesk,system-ui,-apple-system,system-ui,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,"Helvetica Neue",Arial,sans-serif;color:rgb(85,85,85)"><span style="margin:0px;padding:0px;border:0px;outline:0px;vertical-align:baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"><font size="2">CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.</font></span></i>