Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

We have used examples for a Payment Initiation Service journey, but the same principles apply for all Account Information Service journeys.

3.6.1

...

Model A: Static Customer identifier

A Decoupled authentication flow, where the Customer provides a static identifier to the Third Party which is used by the API Provider to notify the Customer, such that the Customer can authenticate using the API Provider app on a separate device or mobile application.

...

Expand
titleExpand to access downloadable content

View file
name3.6.1.1 Decoupled authentication - Model A Static Customer identifier.pdf

3.6.2

...

Model B: API Provider generated identifier

A Decoupled authentication flow where the Customer provides a dynamic identifier generated with their API Provider to the Third Party which is then used by the API Provider to identify the Customer through the API Provider appto authenticate and action the Third Party request.

...

Expand
titleExpand to access downloadable content

View file
name3.6.2.1 Decoupled authentication - Model B API Provider generated identifier.pdf

3.6.3

...

Model C: Third Party generated identifier

A Decoupled authentication flow where the Customer is provided with an identifier generated by the Third Party, which is then used by the API Provider to identify the Customer through the API Provider app to authenticate and action the Third Party request.

...

Expand
titleExpand to access downloadable content

View file
name3.6.3.1 Decoupled authentication - Model C Third Party generated identifier.pdf

3.6.4

...

Model D: Customer with a previously generated ID token

A Decoupled authentication flow where the Third Party provides the API Provider with an ID Token, generated by the API Provider from a previous consent authentication event. This is used by the API Provider to re-identify the Customer for a new authentication and authorisation event.

...