Before we delve into the specifics of the Solution it may be worthwhile to note the transformation happening currently in the banking space. Digital is positing itself in many facets and interactions that a consumer has with the Bank.
Apigee OpenBank Solution enables banks to accelerate development of digital services. OpenBank is built on Apigee Edge API Management Platform, and features:
- Account Information Access APIs.
- Payment Transfer APIs
- Open Data APIs
- OAuth APIs
It also provides an implementation of OpenID and oAuth based authentication, consent and two-factor authentication using SMS.
These APIs play a critical role in the digital transformation of banking services as represented below:
This repository contains the necessary artifacts that will allow one to pull up a complete set of Banking APIs that comply with Openbanking and PSD2 regulations. In addition this will also allow one to build a sandbox complete with a Developer Portal, mock backend and a sample app.
- Apigee API Management Developer Account
- Apigee API BaaS Account
- Apigee Developer Portal
To deploy the APIs and its dependencies on your own org please run the following script
$ cd src/gateway
$ sh setup/setup.shThis will interactively prompt you for your Edge and BaaS credentials, and will then create / deploy all relevants bundles and artifacts and will provision the OpenBank Sandbox on your own Org.
The APIs provided are configurable to connect to your own Banking backend and / or provide your own consent apps. The following sections will help you understand this solution so that you can go about this on your own.
The Banking APIs are designed as Northbound + Southbound APIs.
The Northbound API provides a fixed set of interfaces that can be relyed on by the external consumers. In order to minimize changes to the contract, this API will not need to be changed once deployed.
The Southbound API connects to the actual backend of the bank (or the mock backend) and provides the data that is exposed by the Northbound APIs When the API Developer has to make any changes to the APIs (specifically to connect to a different backend), then these are the APIs that need to be modified.
All Southbound APIs end with the suffix '-connector'
In addition, there are some internal APIs which are not exposed outside, but which are used internally from the other APIs and provide common service such as sending out SMS, storing and fetching session data etc.
The consent app is a key part in helping the user securely authenticate with the bank. The consent app is a trusted app of the bank will allow the user to login and subsequently provide consent information.
In this sandbox, the consent app will talk to the following APIs in order to fulfill its functionality
- Session API
- SMS API
- Accounts-connector API
- Authention-connector API
In order to customize the consent app, or in case one or more components delivered along with the sandbox is changed, then the configuration of the consent app needs to be updated.
The consent app has a config.json file available in the src/gateway/consent-app/apiproxy/resources/node/ folder. This json file has to be customized so that the right API endpoints are provided to the consent app.