/
TPP Onboarding API Guide

TPP Onboarding API Guide

Owned by Chris Michael
12 Nov 2024
2 min read

The TPP Onboarding API facilitates onboarding a TPP to each LFI they choose to integrate with. It is called once per LFI, prior to submitting the first request to a given LFI instance on the Open Finance Platform (OFP), which makes a backend call to the Open Finance Trust Framework (OFTF).

Once completed, a given TPP can then call the LFIs instance as per the standard API Flows described in each functional area.

1. API Flows

1.1 Invoke Onboarding Operation

The flow MUST begin with a TPP who has a client certificate signed by the OFTF for the purposes of providing client authentication for transport layer security.

At this stage provisioning on the OFTF has yet to be completed so no other credentials can be provided.

The TPP MUST:

  • Invoke the TPP Onboarding Operation at the LFI instance on the OFP to which they wish to connect.

  • Send their signed client certificate to provide transport layer authentication.

  • Send an empty payload.

The OFP MUST:

  • Validate the presented client certificate and verify it is valid and signed by the OFTF.

  • Reject the connection attempt if the client certificate presented by the TPP cannot be validated.

  • Introspect the certificate to retrieve the TPP ID and Software Statement ID from the relevant assertions encoded on the certificate.

  • Call the Onboarding Operation at the OFTF to complete onboarding the TPP.

  • Return a 204 No Content response to the TPP to indicate that onboarding has been completed successfully.

  • Return an appropriate HTTP status code and optionally an error object if the request cannot be completed.

2. TPP Onboarding Examples

The following are non-normative examples of invoking the TPP Onboarding operation.

2.1 Invoke TPP Manual Onboarding Operation

  1. TPP onboards on to the OFTF (Trust Framework User Documentation | 5. TPPs Quick Access Guide)

  2. TPP creates an Application on the OFTF (Trust Framework User Documentation | 5.4 Registering Applications)

  3. TPP must supply the following information to openfinance@cbuae.gov.ae.

    1. TPP Org Id

    2. TPP Application Id

    3. Cert JWKS url

2.2 Invoke TPP Onboarding Operation

2.1.1 Request: TPP to LFI Onboarding Instance at OFP

POST /open-finance/onboarding/v1.0/tpp-registration x-fapi-interaction-id: ecd4f69f-b1ea-4589-afe9-71e63416bb6f

2.1.2 Response: Onboarding Operation Successful

HTTP/1.1 204 No Content Cache-Control: no-cache, no-store x-fapi-interaction-id: ecd4f69f-b1ea-4589-afe9-71e63416bb6f

3. OpenAPI Description

See the https://openfinanceuae.atlassian.net/wiki/pages/createpage.action?spaceKey=AHDV&title=TPP%20Onboarding%20OpenAPI page.

© Ozone Financial Technology Limited 2024-2025
Ozone Non Commercial Software EULA