This documentation is for WSO2 Open Banking version 1.5.0. View documentation for the latest release.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Multiexcerpt
MultiExcerptNamesettingupDatabase

In order to start the servers, configure the databases in both the API Manager (APIM) and the Key Manager (KM) according to the open banking specification, as follows:

Anchor
step1
step1

  1. Open the <WSO2_OB_KM_HOME>/repository/resources/finance/scripts/startup.properties  file and configure the following:

    • Specify the hostnames for the API Manager and Key Manager servers.

      Code Block
      languagexml
      # Specify the hostname you want to configure
      APIM_HOSTNAME=localhost
      IAM_HOSTNAME=localhost
    • Configure the databases related properties.

      Database PropertyDescription
      DB_TYPE

      Type of the database you installed

      DB_USER Database user
      DB_PASS Password set for the database connection
      DB_HOST Name of the database server
      DB_DRIVER

      Configure DB_DRIVER according to the database installed:

      Info

      - Mysql JDBC Driver = com.mysql.jdbc.Driver 
      - MSSQL JDBC Driver = com.microsoft.sqlserver.jdbc.SQLServerDriver
      - Oracle JDBC Driver = oracle.jdbc.driver.OracleDriver

      Note

      If you are using an MS SQL, Oracle, or a PostgreSQL database, see the following topics and configure the databases.

      TEXT
      Note

      If you're setting up Open Banking for Berlin and using an Oracle or PostgreSQL databasesdatabase, update the data type of the given field:  

      Expand
      titleClick here to see the field to be updated...
      Localtab Group
      Localtab
      titleOracle
      Databaseopenbank_apimgtdb
      TableAM_APPLICATION_REGISTRATION
      FieldINPUTS
      Data typeCLOB
      Localtab
      titlePostgreSQL
      Databaseopenbank_apimgtdb
      TableAM_APPLICATION_REGISTRATION
      FieldINPUTS
      Data type
  • Run the <WSO2_OB_KM_HOME>/repository/resources/finance/scripts/configure-km.sh file according to your specification:

    Localtab Group
    Localtab
    titleUK
    Code Block
    ./configure-km.sh
    Localtab
    titleBerlin
    Code Block
    ./configure-km.sh BERLIN
    Localtab
    titleAU
    Code Block
    ./configure-km.sh AU
  • Go to the <WSO2_OB_APIM_HOME>/repository/resources/finance/scripts directory and configure the database properties in the startup.properties file, similar to Step 1.

  • Run the <WSO2_OB_APIM_HOME>/repository/resources/finance/scripts/configure-am.sh file.

    Localtab Group
    Localtab
    titleUK
    Code Block
    ./configure-am.sh
    Localtab
    titleBerlin
    Code Block
    ./configure-am.sh BERLIN
    Localtab
    titleAU
    Code Block
    ./configure-am.sh AU

    You have configured databases in step 1. By running the configure.sh files, you set the database credentials with reference to the configuration files.  

    Expand
    titleClick here for more information

    The configure.sh scripts configure the solution according to the given specification:

    Note

    By default, values are set for the UK specification. Other supported specifications include:

    The <DeployedSpecification> value in the following files are updated according to your specification at runtime. Possible values for the DeployedSpecification tag are UK, BERLIN, AU, and STET

    • <WSO2_OB_APIM_HOME>/repository/conf/finance/open-banking.xml 
    • <WSO2_OB_APIM_HOME>/repository/deployment/server/jaggeryapps/store/site/conf/site.json
    • <WSO2_OB_KM_HOME>/repository/conf/finance/open-banking.xml
    • <WSO2_OB_KM_HOME>/repository/deployment/server/jaggeryapps/ccportal/configs/conf.json
    • <WSO2_OB_KM_HOME>/repository/deployment/server/jaggeryapps/consentmgt/configs/conf.json
  • This step is required only if you're setting up Open Banking for AU:
    1. According to Consumer Data Standards , an access token must expire between 2 minutes to 10 minutes after issuing it.  To configure the validity period of the access token in seconds, update the following configurations in the  <WSO2_OB_KM_HOME>/repository/conf/identity/identity.xml file. 

      Code Block
      languagexml
      <UserAccessTokenDefaultValidityPeriod>120</UserAccessTokenDefaultValidityPeriod>
    2. To enable Request-URI validation during the account retrieval process; validate the account ID against the account ID in the consent, open the <WSO2_OB_KM_HOME>/repository/conf/finance/open-banking.xml file and set <ValidateAccountIdOnRetrieval> to true: 

      Code Block
      languagexml
      <ValidateAccountIdOnRetrieval>true</ValidateAccountIdOnRetrieval>
    3. To revoke the consent with the access token, open <WSO2_OB_KM_HOME>/repository/conf/identity/identity.xml and add the following under the <EventListener> tag:

      Code Block
      languagexml
      <EventListener enable="true" name="com.wso2.finance.open.banking.identity.extensions.listeners.TokenRevocationListener" orderId="100" type="org.wso2.carbon.identity.core.handler.AbstractIdentityHandler"/>
    4. To obtain a Mutual Transport Layer Security (MTLS) certificate bound access token, open the <WSO2_OB_KM_HOME>/repository/conf/finance/open-banking.xml file and configure the following: 

      Multiexcerpt include
      MultiExcerptNameTLSCertBindingToAccessToken
      PageWithExcerptAPI Security for AU

    5. To use Identifier-first as the primary authenticator:
      1. Open the <WSO2_OB_APIM_HOME>/repository/conf/finance/open-banking.xml file and add the following under the <Server> <SCA> tags: 

        Code Block
        languagexml
        <!--Configure the primary authenticator / 1st step authenticator-->
        <PrimaryAuthenticator>
        	<Name>IdentifierExecutor</Name>
        	<DisplayName>identifier-first</DisplayName>
        </PrimaryAuthenticator>
      2. Anchor
        SMSOTP
        SMSOTP
        To configure SMS OTP as an identity provider for Identifier-first, update the <WSO2_OB_KM_HOME>/repository/conf/identity/application-authentication.xml file by adding the following. 

        Code Block
        languagexml
        <AuthenticatorConfig name="SMSOTP" enabled="true">
            <Parameter name="usecase">subjectUri</Parameter>
            <Parameter name="secondaryUserstore">primary</Parameter>
      3. Open the <WSO2_OB_APIM_HOME>/repository/conf/finance/open-banking.xml file. Update the value of the <IdpName> parameter with the name of your identity provider. See Configuring consumer authentication, for more information. 

        Code Block
        languagexml
        <SCA>
            <IdpName>SMSAuthentication</IdpName>
  • You are now ready to start the servers. In the command line, navigate to the <WSO2_OB_KM_HOME>/bin directory, and run the following command to start the Key Manager server:

    Code Block
    ./wso2server.sh -Dsetup
  • Run the following command from the <WSO2_OB_APIM_HOME>/bin directory to start the API Manager server:

    Code Block
    ./wso2server.sh -Dsetup
  • ...