Skip to main content

Open Insurance Brazil - Securely Innovate with Cloudentity

Accelerate Brazil Open Insurance compliance with Cloudentity OAuth, Consent, and API security capabilities.

Instant Compliance with Financial Data Exchange (OPIN)

Security Profile Compliance

Cloudentity comes with instantly applicable, jurisdiction-specific, pre-configured Open Finance profiles that will make your solution instantly compliant in the area of security profile. The key elements that a profile encloses are:

  • We deliver fine-grained authorization (consent) capabilities which means that customers have direct control over the data they share. For example, consent can be limited to one of many customer's accounts.

  • Cloudentity provides FAPI compliant authorization servers which can be set to a profile compliant with FDX where your developers, fintech companies, and partners can register their applications, issue tokens for service consumption, and more.

  • Cloudentity authorization servers support various OAuth and OIDC authorization grant types and client authentication methods.

  • We can leverage the authentication factors your financial institution uses to fulfill the requirement of Strong Customer Authentication.

  • Cloudentity comes with a built-in policy engine responsible for enforcing authorization policies on application and request levels.

  • You get two authorization policies types: Cloudentity policies with a built-in UI editor and OPA policies written in REGO language.

  • You can integrate major API gateways and Service Meshes to discover your APIs within the Cloudentity platform using our Authorizers and enforce all access control measures for your APIs.

  • Use Cloudentity multi-tenancy model to spin up multiple authorization servers. If your bank has branches in multiple countries and needs to follow different directives, this is a way to go! Additionally, you can have different tenants for development, testing, and production environments.

  • We provide a developer portal functionality that allows the developers to register and manage their client applications. Additionally, applications can be dynamically registered with the use of Cloudentity DCR APIs compliant with OPIN.

Support for All Open Finance Customer Journeys

  • We implement our solutions for customer journeys according to the OPIN Customer Experience Guidelines and Principles.

  • Journeys we support include data sharing with redirect flows, decoupled flows like CIBA , or embedded strategies that leverage Strong Customer Authentication.

Open Finance Sandbox

Cloudentity delivers Open Sourced Open Banking Quickstart GitHub project that you can use when creating your applications for a better understanding of how the Open Banking data sharing flow works and how you can integrate with Cloudentity platform.

The Open Banking Quickstart project simulates an Open Banking ecosystem that consists of data recipient's fintech application (Financroo) and financial institution (Go Bank). Go Bank exposes OB Data APIs and utilizes Cloudentity for user consent and authorization to enable access to APIs to fintech applications. The quickstart lets emulate read and read-write Open Banking scenarios that show how Cloudentity supports these flows. In particular, it lets understand the concept of sample consent application that renders custom fine-grained consent page that becomes part of the OAuth flow.

Bring Your Own Identity Provider

Bring Your Own Identity (BYOID) is a philosophy that Cloudentity strongly believes in. Cloudentity allows you to integrate the platform with your existing identity sources using open standards such as OpenID Connect and SAML.

To make it easier for you to integrate solutions, Cloudentity has a vast number of built-in Identity Connectors for major Identity Sources that allow you to quickly connect your Identity Source to the platform. If your Identity Source does not have a dedicated connector in Cloudentity, but shares identity information using either OIDC or SAML standard, you can use a generic OIDC or SAML connector instead. Most of the provided out of the box connectors comply with the OIDC standard, but you can also use the SAML generic connector to integrate your identity source in a SAML-compliant way.

CDR identity provider

Pick Your Style - SaaS vs non SaaS

Cloudentity offers a highly available SaaS region in North America. If you want to host the solution yourself, we offer the same binary and tools that we use to run our SaaS infrastructure to your DevOps team. Your team can run our high scale solution on the infrastructure of your choice. Read about all the offered deployment models here.

Why Cloudentity and Not Any Different CIAM Platform

The solution and capabilities offered by Cloudentity platform are very different compared to other platforms or authorization servers and it is important to understand the difference in approaches that we undertake to ensure a robust specification-compliant solution for your consumption.

Ecosystem-specific profiles offered by Cloudentity include numerous distinct configurations of internal OAuth authorization server and other components that assure our customers about up-to-date compliance in area of security and consent. API security providers and authorization servers in general do not come with such profiles and treat consent APIs as part of the solution that is out of their scope which often requires extra plugins or other code and is not treated as a main stream features. Cloudentity is tailored to each and every profile and we make sure to keep up the standards and treat them as primary features.

Use of Open Banking profiles saves hours of engineering work required for configuration, testing, and development of consent APIs in case of building the solution with use of a general purpose API security provider or authorization server.

Open Insurance Integration guides

Feels like diving deep into all the Open Insurance specifics and integrations? We have detailed guides to help you navigate the Open Insurance journey with ease.

Jumpstart OPIN Journey

Ready to get started? Do not wait and check out our Get OAuth, Consents, and API Security for Open Finance quickstart article