This documentation is for WSO2 Open Banking version 1.3.0. View documentation for the latest release.
Skip to end of metadata
Go to start of metadata

Do the following configurations in API Manager and restart the server.

Make sure the Key Manager server is running before you start the API Manager server.

Go to the <WSO2_OB_APIM_HOME>/bin directory and execute the following command:

./wso2server.sh

Configuring the axis2.xml file

  1. Configure the axis2.xml file in the <WSO2_OBAM_HOME>/repository/conf/axis2 with the following configurations.  

    1. Add the following messageformatter contentType to  messageformatter.

      messageFormatters
      <messageFormatter contentType="application/jwt"
                                class="org.apache.axis2.format.PlainTextFormatter"/>
    2. Add the following messageBuilder contentType to MessageBuilders.

      messageBuilders
      <messageBuilder contentType="application/jwt"
                              class="org.apache.axis2.format.PlainTextBuilder"/>
    3. Set the SSLVerifyClient parameter as optional in https transportansReciever of transport Ins (Listeners).

      transportReceiver name="https"
      <transportReceiver name="https">
      <parameter name="SSLVerifyClient">optional</parameter>
      </transportReceiver>
    4. Change the supported value for the HostnameVerifier parameter as AllowAll. Other supported values are Strict, DefaultAndLocalhost, or default. default is used if none specified.

      HostnameVerifier
      <parameter name="HostnameVerifier">AllowAll</parameter>

Configuring datasources

Make sure to update the URL, username, password, and driver class name accordingly.

  1. Configure the <WSO2_OBAM_HOME>/repository/conf/datasources/master-datasources.xml file with the following configurations:

    If you are using Oracle, update the validationQuery in each datasource with the following value.

    <validationQuery>SELECT 1 FROM DUAL</validationQuery>
    <datasource>
    		<name>WSO2Config_DB</name>
    		<description>The datasource used for registry- config/governance</description>
    		<jndiConfig>
    				<name>jdbc/WSO2Config_DB</name>
    		</jndiConfig>
    		<definition type="RDBMS">
    				<configuration>
    					<url>dbc:mysql://<WSO2_OBAM_HOST>:3306/openbank_am_configdb?autoReconnect=true&useSSL=false</url>
                        <username>root</username>
                        <password>root</password>
                        <driverClassName>com.mysql.jdbc.Driver</driverClassName>
                        <maxActive>150</maxActive>
                        <maxWait>60000</maxWait>
                        <testOnBorrow>true</testOnBorrow>
                        <validationQuery>SELECT 1</validationQuery>
                        <validationInterval>30000</validationInterval>
                        <defaultAutoCommit>false</defaultAutoCommit>
                    </configuration>
    		</definition>
    </datasource>
     
    <datasource>            
    		<name>WSO2UM_DB</name>
                <description>The datasource used by user manager</description>
                <jndiConfig>
                    <name>jdbc/WSO2UM_DB</name>
                </jndiConfig>
                <definition type="RDBMS">
                    <configuration>
                        <url>jdbc:mysql://localhost:3306/openbank_userdb?autoReconnect=true&useSSL=false</url>
                        <username>root</username>
                        <password>root</password>
                        <driverClassName>DB_DRIVER</driverClassName>
                        <maxActive>150</maxActive>
                        <maxWait>60000</maxWait>
                        <testOnBorrow>true</testOnBorrow>
                        <validationQuery>SELECT 1</validationQuery>
                        <!--Use below for oracle-->
                        <!--<validationQuery>SELECT 1 FROM DUAL</validationQuery>-->
                        <validationInterval>30000</validationInterval>
                        <defaultAutoCommit>false</defaultAutoCommit>
                    </configuration>
                </definition>
    </datasource>
     
    <datasource>
    		<name>WSO2AM_DB</name>
    		<description>The datasource used for API Manager database</description>
    		<jndiConfig>
    				<name>jdbc/WSO2AM_DB</name>
    		</jndiConfig>
    		<definition type="RDBMS">
                	<configuration>
                    	<url>jdbc:mysql://<WSO2_OBAM_HOST>:3306/openbank_apimgtdb?autoReconnect=true&useSSL=false</url>
                        <username>root</username>
                        <password>root</password>
                        <driverClassName>com.mysql.jdbc.Driver</driverClassName>
                        <maxActive>150</maxActive>
                        <maxWait>60000</maxWait>
                        <testOnBorrow>true</testOnBorrow>
                        <validationQuery>SELECT 1</validationQuery>
                        <validationInterval>30000</validationInterval>
                        <defaultAutoCommit>false</defaultAutoCommit>
                	</configuration>
    		</definition>
    </datasource>
     
    <datasource>
    		<name>WSO2AM_STATS_DB</name>
    		<description>The datasource used for getting statistics to API Manager</description>
    		<jndiConfig>
                	<name>jdbc/WSO2AM_STATS_DB</name>
    		</jndiConfig>
    		<definition type="RDBMS">
                	<configuration>
                    	<url>DB_USER_STORE_URL</url>
                        <username>DB_USER</username>
                        <password>DB_PASS</password>
                        <driverClassName>DB_DRIVER</driverClassName>
                        <maxActive>150</maxActive>
                        <maxWait>60000</maxWait>
                        <testOnBorrow>true</testOnBorrow>
                        <validationQuery>SELECT 1</validationQuery>
                        <validationInterval>30000</validationInterval>
                        <defaultAutoCommit>false</defaultAutoCommit>
                	</configuration>
    		</definition>
    </datasource>
     
    <datasource>
    		<name>WSO2_MB_STORE_DB</name>
    		<description>The datasource used for message broker database</description>
    		<jndiConfig>
    				<name>WSO2MBStoreDB</name>
    		</jndiConfig>
    		<definition type="RDBMS">
    				<configuration>
                    	<url>DB_USER_STORE_URL</url>
                        <username>DB_USER</username>
                        <password>DB_PASS</password>
                        <driverClassName>DB_DRIVER</driverClassName>
                        <maxActive>150</maxActive>
                        <maxWait>60000</maxWait>
                        <testOnBorrow>true</testOnBorrow>
                        <validationQuery>SELECT 1</validationQuery>
                        <validationInterval>30000</validationInterval>
                        <defaultAutoCommit>false</defaultAutoCommit>
                	</configuration>
    		</definition>
    </datasource>
    
    
    <datasource>            
    		<name>WSO2REG_DB</name>
                <description>The datasource used by the registry</description>
                <jndiConfig>
                    <name>jdbc/WSO2REG_DB</name>
                </jndiConfig>
                <definition type="RDBMS">
                    <configuration>
                        <url>jdbc:mysql://localhost:3306/openbank_govdb?autoReconnect=true&useSSL=false</url>
                        <username>root</username>
                        <password>root</password>
                        <driverClassName>DB_DRIVER</driverClassName>
                        <maxActive>150</maxActive>
                        <maxWait>60000</maxWait>
                        <testOnBorrow>true</testOnBorrow>
                        <validationQuery>SELECT 1</validationQuery>
                        <!--Use below for oracle-->
                        <!--<validationQuery>SELECT 1 FROM DUAL</validationQuery>-->
                        <validationInterval>30000</validationInterval>
                        <defaultAutoCommit>false</defaultAutoCommit>
                    </configuration>
                </definition>
    </datasource>
  2. Update the <WSO2_OBAM_HOME>/repository/conf/datasources/ open-banking-datasources.xml file with the datasource configurations.

    <datasources-configuration xmlns:svns="http://org.wso2.securevault/configuration">
    
        <providers>
            <provider>org.wso2.carbon.ndatasource.rdbms.RDBMSDataSourceReader</provider>
        </providers>
    
        <datasources>
            <datasource>
                <name>WSO2_CONSENT_DB</name>
                <description>The datasource used for registry and user manager</description>
                <jndiConfig>
                    <name>jdbc/WSO2ConsentDB</name>
                </jndiConfig>
                <definition type="RDBMS">
                    <configuration>
                        <url>jdbc:mysql://<WSO2_OBAM_HOST>:3306/openbank_consentdb?autoReconnect=true&useSSL=false</url>
                        <username>root</username>
                        <password>root</password>
                        <driverClassName>com.mysql.jdbc.Driver</driverClassName>
                        <maxActive>150</maxActive>
                        <maxWait>60000</maxWait>
                        <testOnBorrow>true</testOnBorrow>
                        <validationQuery>SELECT 1</validationQuery>
                        <validationInterval>30000</validationInterval>
                        <defaultAutoCommit>false</defaultAutoCommit>
                    </configuration>
                </definition>
            </datasource>
    </datasources>
    
    </datasources-configuration>
  3. Update the properties of the registry.xml file in the <WSO2_OBAM_HOME>/repository/conf appropriately. 

    <dbConfig name="wso2registry">
            <dataSource>jdbc/WSO2CarbonDB</dataSource>
    </dbConfig>
    
    
    <dbConfig name="configRegistry">
            <dataSource>jdbc/WSO2Config_DB</dataSource>
    </dbConfig>
    
        <remoteInstance url="https://<WSO2_OBAM_HOST>:9443/registry">
            <id>configInstance</id>
            <dbConfig>configRegistry</dbConfig>
            <readOnly>false</readOnly>
            <enableCache>true</enableCache>
            <registryRoot>/</registryRoot>
        </remoteInstance>
    
        <mount path="/_system/config" overwrite="true">
            <instanceId>configInstance</instanceId>
            <targetPath>/_system/config</targetPath>
        </mount>
    
    
        <dbConfig name="governanceRegistry">
            <dataSource>jdbc/WSO2REG_DB</dataSource>
        </dbConfig>
    
        <remoteInstance url="https://<WSO2_OBAM_HOST>:9443/registry">
            <id>governanceInstance</id>
            <dbConfig>governanceRegistry</dbConfig>
            <readOnly>false</readOnly>
            <enableCache>true</enableCache>
            <registryRoot>/</registryRoot>
        </remoteInstance>
    
        <mount path="/_system/governance" overwrite="true">
            <instanceId>governanceInstance</instanceId>
            <targetPath>/_system/governance</targetPath>
    	</mount>
  4. Update the datasource of the user-mgt.xml file in the <WSO2_OBAM_HOME>/repository/conf to point to the WSO2UM_DB

    <Property name="dataSource">jdbc/WSO2UM_DB</Property>


    1. Enable the internal JDBC user store of the user-mgt.xml file in the <WSO2_OBAM_HOME>/repository/conf. Update the  UsernameJavaRegEx, UsernameJavaScriptRegEx, IsBulkImportSupported, and UsernameWithEmailJavaScriptRegEx properties using the  sample configuration given below:

      user-mgt.xml
      <UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
                  <Property name="TenantManager">org.wso2.carbon.user.core.tenant.JDBCTenantManager</Property>
                  <Property name="ReadOnly">false</Property>
                  <Property name="ReadGroups">true</Property>
                  <Property name="WriteGroups">true</Property>
                  <Property name="UsernameJavaRegEx">a-zA-Z0-9@._-{3,30}$</Property>
                  <Property name="UsernameJavaScriptRegEx">^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$</Property>
                  <Property name="UsernameJavaRegExViolationErrorMsg">Username pattern policy violated</Property>
                  <Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
                  <Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
                  <Property name="PasswordJavaRegExViolationErrorMsg">Password length should be within 5 to 30 characters</Property>
                  <Property name="RolenameJavaRegEx">^[\S]{3,30}$</Property>
                  <Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
                  <Property name="CaseInsensitiveUsername">true</Property>
                  <Property name="SCIMEnabled">false</Property>
                  <Property name="IsBulkImportSupported">false</Property>
                  <Property name="PasswordDigest">SHA-256</Property>
                  <Property name="StoreSaltedPassword">true</Property>
                  <Property name="MultiAttributeSeparator">,</Property>
                  <Property name="MaxUserNameListLength">100</Property>
                  <Property name="MaxRoleNameListLength">100</Property>
                  <Property name="UserRolesCacheEnabled">true</Property>
                  <Property name="UserNameUniqueAcrossTenants">false</Property>
      	    <Property name="UsernameWithEmailJavaScriptRegEx">^[\S]{3,30}$</Property>
              </UserStoreManager>

Configuring the api-manager.xml file

  1. Update the api-manager.xml file in the <WSO2_OBAM_HOME>/repository/conf with the following configurations.

    1. Add the port to the ServerURL parameter of authentication service under AuthManager and APIKeyValidator.

      <ServerURL>https://<WSO2_OBAM_HOST>:9446${carbon.context}services/</ServerURL>
    2. Update the endpoint URLs for the APIs hosted in this API Gateway under GatewayEndpoint parameter as follows:

      <GatewayEndpoint>http://<WSO2_OBAM_HOST>:${http.nio.port},https://<WSO2_OBAM_HOST>:${https.nio.port}</GatewayEndpoint>
    3. Enable analytics for the API Manager under Analytics parameter as follows:

      <Analytics>
      <Enabled>true</Enabled>
      </Analytics>
    4. Update the StreamProceesorUsernameStreamProcessorRestApiUsername as wso2.com@cabon.super under Analytics parameter as follows:

      <StreamProcessorUsername>admin@wso2.com@carbon.super</StreamProcessorUsername>
      <StreamProcessorRestApiUsername>admin@wso2.com@carbon.super</StreamProcessorRestApiUsername>
    5. Follow the same configuration mentioned in step d for username under PolicyDeployer.

    6. Update the PublisherClass in API usage data publisher.

      <PublisherClass>com.wso2.finance.open.banking.gateway.uk.monitoring.publisher.OBUsageDataBridgeDataPublisher</PublisherClass>
    7. Change the value to WSClient under APIKeyValidator. After this configuration, it switches back to web service client.

       <KeyValidatorClientType>WSClient</KeyValidatorClientType>
    8. Update the value as false for the EnableThriftServer.

       <EnableThriftServer>false</EnableThriftServer>
    9. Update KeyManagerClientImpl under APIManager.

       <KeyManagerClientImpl>com.wso2.finance.open.banking.sca.keymanager.SCABasedKeyManagerClient</KeyManagerClientImpl>
    10. Disable RemoveOAuthHeadersFromOutMessage to remove OAuth headers from an outgoing message by updating the value as false of RemoveOAuthHeadersFromOutMessage under OAuthConfigurations parameter.

      <RemoveOAuthHeadersFromOutMessage>false</RemoveOAuthHeadersFromOutMessage>
    11. Update the ScopeWhiteList under OAuthConfigurations as following:

      <ScopeWhitelist>
                 <Scope>openid</Scope>
                 <Scope>^OB_.*</Scope>
      </ScopeWhitelist>
    12. Set the value as false for DisplayComments and DisplayRatings under APIStore.

       <DisplayComments>false</DisplayComments>
      
      
       <DisplayRatings>false</DisplayRatings>
    13. Add URL under APIPublisher.

      <URL>https://<WSO2_OBAM_HOST>:${mgt.transport.https.port}/publisher</URL>
    14. Update connectionfactory.TopicConnectionFactory under JMSConnectionParameters as follows:


      <JMSConnectionParameters>
      <connectionfactory.TopicConnectionFactory>
      amqp://admin!wso2.com!carbon.super:${admin.password}@clientid/carbonbrokerlist='tcp://${carbon.local.ip}:${jms.port}'
      </connectionfactory.TopicConnectionFactory>        		    
      </JMSConnectionParameters>
    15. Add the following metadata configurations to <WSO2_OB_APIM_HOME>/repository/conf/api-manager.xml.

      You need to get the latest product updates to use software_id as the application name in the current version of WSO2 Open Banking. This feature is available as a product update from June 7, 2019 (06-07-2019) onwards.

      <ApplicationConfiguration>
      	<ApplicationAttributes>
      		<Attribute required="false">
      			<Name>software_client_name_sandbox</Name>
      			<Description>Software Client Name of sandbox</Description>
      		</Attribute>
      		<Attribute required="false">
      			<Name>software_client_name_production</Name>
      			<Description>Software Client Name of production</Description>
      		</Attribute>
      	</ApplicationConfiguration>
      </ApplicationConfiguration>

Configuring the carbon.xml file

  1. Update HostName and MgtHostName with the IP address of the API Manager server in the <WSO2_OBAM_HOME>/repository/conf/carbon.xml file.

    carbon.xml
    <HostName><WSO2_OBAM_HOST></HostName>
    
    <MgtHostName><WSO2_OBAM_HOST></MgtHostName>

Configuring the claim-config.xml file

  1. Add the following ClaimConfig parameters in the <WSO2_OBAM_HOME>/repository/conf/claim-config.xml file.
claim-config.xml
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspBasicName</ClaimURI>
				<DisplayName>Legal entity name</DisplayName>
				<AttributeID>pspName</AttributeID>
				<Description>Payment Service Providers name</Description>
				<DisplayOrder>11</DisplayOrder>
				<Required />
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspBasicCountryRegistration</ClaimURI>
				<DisplayName>Country of registration</DisplayName>
				<AttributeID>pspCountry</AttributeID>
				<Description>Country of registration</Description>
				<DisplayOrder>12</DisplayOrder>
				<Required />
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspBasicRegisterAuthorizedNumber</ClaimURI>
				<DisplayName>Legal Entity Identifier (LEI) number</DisplayName>
				<AttributeID>pspAuthorizedNumber</AttributeID>
				<Description>Legal Entity Identifier (LEI) number</Description>
				<DisplayOrder>13</DisplayOrder>
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspBasicRegisterName</ClaimURI>
				<DisplayName>Company register</DisplayName>
				<AttributeID>pspRegisterCompany</AttributeID>
				<Description>Company register</Description>
				<Required />
				<DisplayOrder>14</DisplayOrder>
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspBasicRegisterNumber</ClaimURI>
				<DisplayName>Company registration number</DisplayName>
				<AttributeID>pspRegisterNumber</AttributeID>
				<Description>Company registration number</Description>
				<Required />
				<DisplayOrder>15</DisplayOrder>
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspBasicRegisterAddressLine1</ClaimURI>
				<DisplayName>Address line 1</DisplayName>
				<AttributeID>pspRegisterAddressLine1</AttributeID>
				<Description>Address line 1</Description>
				<DisplayOrder>16</DisplayOrder>
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspBasicRegisterAddressLine2</ClaimURI>
				<DisplayName>Address line 2</DisplayName>
				<AttributeID>pspRegisterAddressLine2</AttributeID>
				<Description>Address line 2</Description>
				<DisplayOrder>17</DisplayOrder>
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspBasicRegisterCity</ClaimURI>
				<DisplayName>City</DisplayName>
				<AttributeID>pspRegisterCity</AttributeID>
				<Description>City</Description>
				<DisplayOrder>18</DisplayOrder>
				<Required />
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspBasicRegisterPostalCode</ClaimURI>
				<DisplayName>Postal code</DisplayName>
				<AttributeID>pspRegisterPostalCode</AttributeID>
				<Description>Postal code</Description>
				<DisplayOrder>19</DisplayOrder>
				<Required />
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspBasicRegisterCountry</ClaimURI>
				<DisplayName>Country</DisplayName>
				<AttributeID>pspRegisterCountry</AttributeID>
				<Description>Country</Description>
				<Required />
				<DisplayOrder>20</DisplayOrder>
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspCompetentAuthorityCountry</ClaimURI>
				<DisplayName>Competent authority country</DisplayName>
				<AttributeID>pspCompetentAuthorityCountry</AttributeID>
				<Description>Competent authority country</Description>
				<DisplayOrder>21</DisplayOrder>
				<Required />
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspCompetentAuthority</ClaimURI>
				<DisplayName>Competent authority</DisplayName>
				<AttributeID>pspCompetentAuthority</AttributeID>
				<Description>Competent authority</Description>
				<Required />
				<DisplayOrder>22</DisplayOrder>
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspCompetentAuthorityRegisistrationNumber</ClaimURI>
				<DisplayName>Competent authority registration number</DisplayName>
				<AttributeID>pspCompetentAuthorityRegistrationNumber</AttributeID>
				<Description>Competent authority registration number</Description>
				<Required />
				<DisplayOrder>23</DisplayOrder>
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspCompetentAuthorityUrl</ClaimURI>
				<DisplayName>URL of the competent authority register page showing the entity</DisplayName>
				<AttributeID>pspCompetentAuthorityUrl</AttributeID>
				<Description>Competent authority url</Description>
				<Required />
				<DisplayOrder>24</DisplayOrder>
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspCompetentAuthorityRole</ClaimURI>
				<DisplayName>Please select the Open Banking role(s) you wish to enrol for</DisplayName>
				<AttributeID>pspCompetentAuthorityRole</AttributeID>
				<Description>Please select the Open Banking role(s) you wish to enrol for</Description>
				<DisplayOrder>25</DisplayOrder>
				<Required />
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspCompetentAuthorityRoleVerify</ClaimURI>
				<DisplayName>Are you registered to provide the services for all the role(s) you have selected?</DisplayName>
				<AttributeID>pspCompetentAuthorityRoleVerify</AttributeID>
				<Description>Are you registered to provide the services for all the role(s) you have selected?</Description>
				<Required />
				<DisplayOrder>26</DisplayOrder>
				<SupportedByDefault />
			</Claim>
			<Claim>
				<ClaimURI>http://wso2.org/claims/pspCompetentAuthorityRoleVerify2</ClaimURI>
				<DisplayName>Have you applied for registration to provide the services for the role(s) you have selected?</DisplayName>
				<AttributeID>pspCompetentAuthorityRoleVerify2</AttributeID>
				<Description>Have yoy applied for registration to provide the services for the role(s) you have selected?</Description>
				<DisplayOrder>27</DisplayOrder>
				<SupportedByDefault />
			</Claim>
  • No labels