Posts

Showing posts from June, 2017

Beyond PSD2 for a Better Open Banking Expereince

PSD2 is acting as a catalyst in the digital transformation happening in the Banking industry. While meeting the compliance requirements of PSD2, financial institutes are excited to make use of the new business models and opportunities opened by this laid foundation. More the customers and partners we can reach, more the business activities and more the revenue. Making the banking functions more accessible and reactive will be a key enabler to provide a seamless experience to these parties, including internal banking staff whom directly affects the business efficiency.
IAM plays a critical role in improving business accessibility without compromising the system boundaries. PSD2 mandates strong customer authentication(SCA), setting the bar high for user authenticity, while keeping few exemptions, not to bother payment services user(PSU) with SCA for every little transactions. While adhering to this policy will make an institute PSD2 complaint, if they can react fast to the fraud rates…

WSO2 Identity Server - Extension Points - Part 2 - OAuth

OAuth2 is widely used in the enterprise today for authorization aspects of APIs. This is the second post on the extension points available in WSO2 Identity Server after WSO2 Identity Server - Extension Points - Part 1 - SAML

All the implementation using following extension point needs to be configured at <IS_HOME>/repository/conf/identity/identity.xml file under the element OAuth.
1. Custom OAuth grant handlerUsage: When we need to support an OAuth flow that is different from standard grant types. Validates the grant, scopes, and access delegation.
Sample:https://docs.wso2.com/display/IS510/Writing+a+Custom+OAuth+2.0+Grant+Type
Interface:org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler
2. Client Auth Handler
Usage: When the client credential authentication needs to be customized. By default we validate the client id and secret.
Interface: org.wso2.carbon.identity.oauth2.token.handlers.clientauth.ClientAuthenticationHandler
3. OAuthCallbackHandlerAn ex…