Open Finance Sandbox Environment
Get familiar with Open Finance initiatives with a hands-on experience of the Open Finance Sandbox environment. Learn the Open Finance flows and understand the requirements.
Open Finance Quickstart
SecureAuth has a reference Open Finance Quickstart GitHub project that helps you understand different Open Finance actors and workflows and how all these are integrated with the SecureAuth platform.
This quickstart allows you to either quickly spin up a local dockerized version of SecureAuth solution or connect to a SaaS tenant. You may choose and proceed with one of the option for quick verification of the platform capabilities.
Generic Open Banking Workspace
To allow financial institutions to explore Open Finance more, or to enable ecosystem designers to experience Open Finance flows themselves, SecureAuth provides a Generic Open Banking workspace based on the Financial-Grade API (FAPI) profile. If your country has yet to define Open Finance specification, or if you're in the process of evaluating various authorization servers for constructing your own Open Finance solution, this workspace is tailored to your needs.
How Generic Open Banking Sandbox Works
In the integration pattern we are proposing to customers interested in building an Open Banking solution, a key architectural advantage lies in the loose coupling between our FAPI-certified authorization server and consent storage.
The below sequence diagram illustrates the authorization flow, detailing the interactions between TPPs, the Authorization Server, the Consent Page, and the Consent Storage.
Request authorization: This step is done using either lodging intent pattern or TPP passing data directly in the flow using various techniques such as: essential claims / dynamic scopes / RAR.
Authentication: This is out of scope but various IDPs can be configured using identity hub and SCA can be enforced.
Consent Page: After authentication, the user is redirected to external Consent Page configured in the authorization server.
Consent Storage: Upon consent approval, the consent record is created in an external system the of your choice. The unique consent id is passed back to authorization server to issue access token bound to the consent.
What You Get with Generic Open Finance Sandbox
Once you decide to explore the Open Finance Sandbox, two workspaces are created for you within your tenant for mocked financial institutions -- GO Bank and Hyperscale Bank. You can explore the Open Finance flows using the sandbox as well as experience how consent storage works -- to that end, SecureAuth uses Identity Pools as a data store.