...
Details about how the Shari'ah compliance will be informed to the end users can be seen on : https://openfinanceuae.atlassian.net/wiki/spaces/standardsv1dot1final/pages/210800446/Common+Rules+and+Guidelines#21.-Shari%E2%80%99ah-compliance-of-TPP
5.4.3 Registering Certifications
...
There are three types of client certificates, each with specific use cases. Detailed information about client certificates can be found in the Certificate Standard https://openfinanceuae.atlassian.net/wiki/x/1ICQD
Instructions on creating server certificates are available at https://docs.connect.raidiam.io/manage-certificates-for-organisation
...
The Technical Requirements around API and Server discovery are outlined on the security standards, on the Registration Framework https://openfinanceuae.atlassian.net/wiki/x/i4CQD
5.6.2 Establishing Connection with Servers
After retrieving all the resources, clients can call the Authorization Server token and PAR endpoints, as outlined in the Security Profile - FAPI https://openfinanceuae.atlassian.net/wiki/x/TYCQD document.
Note: Clients are not required to undergo an active registration step in the Registration Framework; servers will accept all incoming valid requests from clients.
...
In essence, Organisation Flags outline the expected products or services that an LFI should share, while https://openfinanceuae.atlassian.net/wiki/spaces/TFDocv3TFDocsv4/pages/edit-v2/168263702#4183468280#4.4.24-Registering-API-Resources reflect what they are currently sharing.
...
API Name | Endpoint | Usage | Instructions / Swagger |
|---|---|---|---|
Participants | Sandbox : https://data.sandbox.directory.openfinance.ae/participants Production : https://data.directory.openfinance.ae/participants | Provides details about all the Servers that have been registered on the Trust Framework, including :
| https://docs.connect.raidiam.io/find-data-providers-via-public-api |
Keystores | Sandbox : https://keystore.sandbox.directory.openfinance.ae/<org_id>/<app_id>/application.jwks Production : https://keystore.directory.openfinance.ae/<org_id>/<app_id>/application.jwks | Provides details about the certificates generated by the Trust Framework PKI. To verify details about client certificates, replace the <org_id> with the value of the Organisation UUID of the participant on the TF and the <app_id> with the value of the Client UUID To verify details about server certificates, remove the <app_id> from the URI path and provide only the the <org_id> with the value of the Organisation UUID of the participant | https://docs.connect.raidiam.io/public-and-private-keys#bz_0v |
PKI Chain | Provides the issuer and root certificates in | https://docs.connect.raidiam.io/public-key-infrastructure#lwJo2 | |
API Resources | Sandbox : https://web.sandbox.directory.openfinance.ae/config/apiresources Production : https://web.directory.openfinance.ae/config/apiresources | Provides the list of API Families that can be published on the TF. This API returns a JSON file which includes:
|
6.2.2 mTLS Protected APIs
...
Instructions on how to generate an Application are described on https://openfinanceuae.atlassian.net/wiki/spaces/TFDocv3TFDocsv4/pages/edit-v2/168263702#5183468280#5.4-Registering-Applications
To access these protected APIs, the participant must first generate an access token with the directory: software scope by calling the token endpoint using the client_credentials grant type. Instructions for obtaining the token can be found on https://docs.connect.raidiam.io/client-credentials-flow-obtain-access-token#YzDfh
...