Versions Compared

Version Old Version 12 New Version 13
Changes made by

Anthony Jones

Anthony Jones

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The Sandbox Trust Framework can be accessed at the following link:

...

  • Sign Participation Documents

    • To fully onboard on the Ecosystem all participants - LFIs, TPPs and VASPs, are expected to issue and sign the Ecosystem participation Document on Docusign.

  • Ensure Server Certificates are Valid:

    • Generate transport, signing and encryption certificates on the Trust Framework; rotating them at least once every 12 months (certificate expiration is set at 13 months).

  • Ensure Published APIs are Valid and Certified:

    • Publish the API endpoints and ensure the correct version is available before any defined ecosystem go-live date.

    • Ensure server metadata is always up to date, including server logo, server description and customer-facing name.

  • Integrate with Directory for Onboarding:

    • Integrate with the Trust Framework registration endpoints, ensuring all clients registered are onboarded and validated following the ecosystem Registration Framework

  • Integrate Authentication:

    • Integrate with the Trust Framework JWKS endpoints, recovering client public keys when validating message signatures and executing message encryption.

    • Integrate with the Directory OCSP/CRL services, verifying that used certificates are valid and up-to-date.

...

Participants can register https://docs.connect.raidiam.io/xwL5-api-resources for the products and services they offer on the schema. Only approved API endpoints and versions for go-live should be added to the Trust Framework.

...

There are three types of server certificates, each serving different purposes. Detailed information about server certificates can be found in the Certificate Standard https://openfinanceuae.atlassian.net/wiki/x/1ICQD .

Instructions on creating server certificates are available at https://docs.connect.raidiam.io/manage-certificates-for-organisation

...

5.1 Creating an Account

Refer to the https://openfinanceuae.atlassian.net/wiki/spaces/TFDocv3TFDocsv4/pages/edit-v2/168263702#4183468280#4.1-Creating-an-Account section.

5.2 Signing the Terms & Conditions Document

...

Access to the Production Environment will be granted once the document is signed and reviewed by the AlTareq team.

Refer to the https://openfinanceuae.atlassian.net/wiki/spaces/TFDocv3TFDocsv4/pages/edit-v2/168263702#4183468280#4.2-Signing-the-Terms-%26-Conditions-Document section for more details.

5.3 Onboarding Additional Users

Refer to the https://openfinanceuae.atlassian.net/wiki/spaces/TFDocv3TFDocsv4/pages/edit-v2/168263702#4183468280#4.3-Onboarding-Additional-Users section.

5.4 Registering Applications

The Applications Resource allows Organisations to register details of their OpenID Relying Parties (Clients), which interact with OAuth 2.0 Authorization Servers to access protected APIs. The interaction rules are outlined in the Security Profile - FAPI https://openfinanceuae.atlassian.net/wiki/x/TYCQD document.

When creating an Application in the Trust Framework, participants can select the regulatory roles for the client, which define the types of APIs the client can access. The instructions on how to create new Applications Can be found on https://docs.connect.raidiam.io/add-and-manage-applications

...

Details about how the Shari'ah compliance will be informed to the end users can be seen on : https://openfinanceuae.atlassian.net/wiki/spaces/standardsv1finalstandardsv1dot1final/pages/151850813210800446/Common+Rules+and+Guidelines#21.-Shari%E2%80%99ah-compliance-of-TPP

5.4.3 Registering Certifications

...