The improvements such as bug fixes and security fixes for the lately released WSO2 Open Banking v1.3.0 are documented here. You can download WSO2 Update Manager (WUM) and update the existing product. WUM is a command-line utility that is used to distribute improvements that are released by WSO2 Open Banking on top of a released version. With WUM updates, you can get the fixes you want without waiting for the next release of the product. WUM is accessible via a subscription, but you can try the 15-day trial here.
In order to download the latest version of WSO2 Open Banking, you need to use WUM. Following are the instructions on how to use WUM for downloading the product and its updates.
Set up the WSO2 Update Manager (WUM).
WUM is a simple command-line tool that connects to the WSO2 update service, determines which updates are new and relevant, and downloads them. You can get the latest version of the WSO2 Open Banking product packs through WUM.
Add the necessary product packs using the commands given below:
Update the product packs using the commands given below:
Additionally, download and update the other instances of WSO2 Open Banking product.
The product packs reside in the
<Product_name-<version>+<timestamp>.full.zip. Copy the product packs to a preferred location in each node, and extract them.
This document refers to the file paths of the product packs for the Key Manager, API Manager, API Manager Analytics, and Enterprise Integrator as
Following are the updates for WSO2 Open Banking 1.3.0 version.
|Released Date||Update Description|
Displays the error response for access token failures in the UK error format.
See Displaying the error response for access token failures in the UK error format to add the required configurations for this WUM update.
This WUM update introduces the certificate revocation validation feature.
In order to apply this update:
See the instructions given under the Certificate revocation validation section for the BERLIN specification.
An update to UK specification is sent to make the transport header configurable. Click here to find instructions.
|According to the OBIE, the Account Servicing Payment Service Providers (ASPSPs) need to make sure that the TPPs can be registered in a seamless, ideally a fully automated process. The Dynamic Client Registration(DCR) endpoint is capable of dynamically registering the clients with the ASPSP when the client sends a registration request with its metadata. Click here to see how to deploy the DCR v3.2 API.|
|An improvement for Berlin specification compliant solution in WSO2 Open Banking. Verifies if an account-id sent within the account-consents resource that is sent by TPP, is valid from the bank back-end. For the required configurations, see here.|
Request Payload Validation adds flexibility to validate an incoming request against any customisations done to the swagger definition. To use the feature, see Request Payload Validation for UK.
Introducing the PSD2 Data Reporting in WSO2 Open Banking that let Banks to make their statistics available to respective national authorities and open banking authorities to monitor compliance with PSD2/RTS. See PSD2 Data Reporting to find the capabilities and relevant configurations.
Validates PSD2 roles in the eiDAS QWAC (Transport Layer Certificate) during Berlin API Calls and restrict TPP accessing APIs if the required roles are not available in the certificate.
Allows the use of the DCR
|Improved the solution by validating the TPP when retrieving a payment submission. This validation confirms whether it is the same TPP that submitted the consent, is viewing the payment submission.|
Separates the redirect URI validation and the hostname validation for all the URIs in the request and changes the
Restricts RS256 signed messages from TPP. OBIE (Open Banking Implementation Entity) allowed both RS256 in addition to PS256 as the signature for signing JSON Web Signature (JWS). When market adopts RS256 sufficiently, RS256 has to be deprecated from signing JWS. As WSO2 Open Banking is an OBIE compliant solutions, this WUM update was released to deprecate the use of RS256. It includes the following changes: