Versions Compared

Version Old Version 12 New Version Current
Changes made by

Anthony Jones

Chris Michael

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Expand
titleMENU
Table of Contents
stylenone

...

Author

...

Erick Domingues

...

Version

...

1.

...

Classification

...

Public

1. Introduction

This document aims to explain the role of the Trust Framework in the Open Finance UAE Program and how technical users from LFIs and TPPs are expected to interact with it. Its content is derived from the https://docs.connect.raidiam.io/ Documentation, which is referenced multiple times within this document.

...

  • Ensure Server Certificates are Valid:

    • Generate and use transport, signing and encryption certificates on the Trust Framework; rotating them at least once every 12 months (certificate expiration is set at 13 months).

  • Ensure Published APIs are Valid and Certified:

    • Publish the API endpoints and ensure the correct version is available before any defined ecosystem go-live date.

    • Ensure server metadata is always up to date, including server logo, server description and customer-facing name.

  • Integrate with Directory for Onboarding:

    • Integrate with the Trust Framework registration endpoints, ensuring all clients registered are onboarded and validated following the ecosystem registration framework. Registration Framework

  • Integrate Authentication:

    • Integrate with the Trust Framework JWKS endpoints, recovering client public keys when validating message signatures and executing message encryption.

    • Integrate with the Directory OCSP/CRL services, verifying that used certificates are valid and up-to-date.

...

< This section requires definitions around the Terms and Conditions that need to be signed during the Participant Onboarding Process .- Currently under definition >

For details about Terms and Conditions and how they are handled by the Directory, check the documentation under https://docs.connect.raidiam.io/terms-and-conditions

...

Organization Administrators and certain types of https://docs.connect.raidiam.io/platform-users#bz7Kyusers , such as PBCs and PTCs, can onboard other Organization Administrators and technical users. Newly added users have the same scope as existing users. Adding/removing users in the Trust Framework can be done using the platform UI following the instructions defined at https://docs.connect.raidiam.io/add-users .

...

5.1 Creating an Account

Please refer to https://openfinanceuae.atlassian.net/wiki/spaces/MarketEngagementTFDocsv1/pages/edit-v2/117801029#4.1-Creating-an-Account

5.2 Signing the Ecosystem Participation Document

Please refer to https://openfinanceuae.atlassian.net/wiki/spaces/MarketEngagementTFDocsv1/pages/edit-v2/117801029#4.2-Signing-the-Ecosystem-Participation-Document

5.3 Onboarding Additional Users

Please refer to https://openfinanceuae.atlassian.net/wiki/spaces/MarketEngagementTFDocsv1/pages/117801029/Trust+Framework+User+Documentation#4.3-Onboarding-Additional-Users

5.4 Registering Clients

The Client Resource enables organizations to register details of their OpenID Relying Parties (Clients), which will interact with OAuth 2.0 Authorization Servers to access protected APIs. The interaction rules between clients and Authorization Server endpoints are outlined in the Security Profile - FAPI document at https://openfinanceuae.atlassian.net/wiki/x/TYCFBg

...