This documentation is for WSO2 Open Banking version 1.3.0. View documentation for the latest release.
Skip to end of metadata
Go to start of metadata

WSO2 Open Banking provides the technology requirements that banks need in order to become PSD2 compliant and digitally transformed. It combines the technical capabilities of WSO2 API Manager, WSO2 Identity Server, WSO2 Stream Processor and WSO2 Enterprise Integrator with PSD2-specific feature customizations to quickly satisfy open banking requirements. 

For more information on WSO2 Open Banking, see the overview and architecture pages in our documentation, and the product page on WSO2 Open Banking.

What is new in this release

The WSO2 Open Banking version 1.3.0 is the successor of version 1.2.0. It contains the following new features and enhancements:

  • Changes to the naming convention of solution packs:

    In WSO2 OB 1.2.0In WSO2 OB 1.3.0
    • wso2ob-am-2.6.0

    • wso2ob-km-5.7.0

    • wso2ob-am-analytics-2.6.0

    • wso2ob-ei-6.4.0

    • wso2-obam-1.3.0

    • wso2-obkm-1.3.0

    • wso2-obbi-1.3.0

      Only Transaction Risk Analytics (TRA) and Fraud Detection capabilities are available in the wso2-obbi-1.3.0 pack.

      If you want to view API Analytics, download and configure the wso2am-analytics-2.6.0 pack.

      If you want to use the integration and workflow capabilities, download and configure the wso2ei-6.4.0 pack.

  • Updates to the UK specification

    WSO2 Open Banking 1.3.0 is compliant with the following conformance test suites:

    Security test suiteOpenID conformance suite v3.2.1
    Functional test suiteFunctional conformance suite v1.1.19
    • Support for UK Account Initiation API v3.0 and v3.1

      • Release management to support multiple versions in one deployment

      • Consent re-authorization

    • Support for UK Payment Initiation API v3.0 and v3.1

      • Support for domestic payments and international payments

      • Support for /funds-confirmation API

      • Support for multi-authorization

      • Release management to support multiple versions in one deployment

      • Support for cut-off date/time behaviour

    • Support for UK Confirmation of Funds API v3.0 and v3.1

      • Release management to support multiple versions in one deployment

      • Consent re-authorization

    • Support for UK Event Notification API v3.0/v3.1

      • Release management to support multiple versions in one deployment

      • Support to register the callback URLs of the TPPs

    • Improved error response structure according to the OBIE Read/Write API specifications

    • Support for UK Dynamic Client Registration v1.0.0-RC2

    • Support for UK Manual Client Registration

    • Security Improvements

      • Security improvements to comply with the UK Security Conformance suite

      • Enabled sensitive parameters passed in the authorize flow to be hidden

      • Improved MTLS cert validation handler to validate the transport certificate when it is provided as a header to the gateway during instances when the MTLS is terminated before the request is received at the Gateway
    • Backend swaggers to integrate with the core banking systems

    • SAML SSO enabled for the Customer Care portal

    • Improved Consent APIs for accounts, payment, and confirmation of funds to integrate consent flows with bank portals

    • Multi authorization API to get the authorization data to process the payment from the bank side

    • JWS signature validation support

    • TLS client authentication

    • Oracle database support

    • UX improvements

      • Ability to select multiple accounts in the consent page

      • Validate debtor account against the PSU before loading the consent page.

      • Load the account list only when the debtor account is not specified in the consent page

      • Ability to revoke consent per account in the consent revocation apps

      • Support for confirmation of funds in the consent revocation apps


  • Berlin specification
    • Support for Accounts and Payments in the consent revocation apps

    • SAML SSO enabled for the Customer Care portal

    • Improvements to the Berlin Account API v1.1

    • Improvements to the Berlin Payment API v1.1

    • Oracle database support

What has changed in this release

No features were removed or deprecated in this release. 

Known Issues

  • Sending event notification to the TPP when the multi-authorization completes

  • Support for Dynamic Client Registration v3.1

  • Support for File Payment v3.0/3.1

  • No labels