Transport Level Security

Transport Level Security

On the transport level, all requests to the Open Banking Service, as well as all requests sent by the Open Banking Service must be encrypted using TLS and be made over HTTPS:

  • TLS 1.3 SHOULD be used;
  • TLS 1.2 may be used.
  • Anything below TLS 1.2 must not be used and will be refused by the Open Banking Service.

The TLS authentication method used is one-way, the server's identity is authenticated by the client. That means in requests to Open Banking Service, the Open Banking Service authenticates itself with its certificate and in case of requests from Open Banking Service to the Initiating Party, the Initiating Party authenticates itself with its certificate. Any connection without TLS encryption, such as plain http will be refused.

Mutual TLS optional

Optionally the TLS authentication can be done two-way, that means that both client and server identities are authenticated mutually. That means that both The Open Banking Service and the Initiating Party identities are authenticated, providing a higher level of security.  

 

Enable "on this page" menu on doc section
On

Product Override

Product Override

Retrieve the product extensions' load balancing

The API allows the parameters of the product extensions' load balancing to be retrieved. The parameters of the load balancing are used when a new card is requested.

The main input fields are:

  • The issuer ID
  • The issuer product external reference for which the detail of the product extensions' load balancing is requested.

API links

GET/api/v2/issuers/{issuerId}/products/external-products/{issuerProductExternalReference}/product-extension-balancing

Override the product extensions' load balancing

The API allows a list of pre-defined parameters for a product extensions' load balancing to be overridden.

The parameters of the load balancing are used when a new card is requested.

The main input fields are:

  • The issuer ID
  • The issuer product external reference for which the changes are required.
  • The parameters (profiles or thresholds of a product) to be overridden

The parameters of the load balancing can be retrieved using the Retrieve the product extensions' load balancing API.

The overridden parameters should be consistent with the initial product configuration defined in the system (e.g., the profiles to be updated must exist in the system to be found).

API links

PATCH /api/v2/issuers/{issuerId}/products/external-products/{issuerProductExternalReference}/product-extension-balancing

Retrieve the card producers' load balancing

The API allows the parameters of the load balancing between card producers to be retrieved.

The main input fields are:

  • The issuer ID
  • The card template reference for which the detail of the card producers' load balancing is requested

API links

GET/api/v2/issuers/{issuerId}/card-products/{cardTemplateReference}/card-producer-balancing

Override the card producers' load balancing

The API allows for the replacement of the load balancing parameters between card producers.

The main input fields are:

  • The issuer ID
  • The card template reference for which the changes are requested
  • The parameters to be overridden

The overridden parameters of the card producers' load balancing can be retrieved using the Retrieve the card producers' load balancing API.

API links

PATCH /api/v2/issuers/{issuerId}/card-products/{cardTemplateReference}/card-producer-balancing

Enable "on this page" menu on doc section
On
Subscribe to