This document describes how to use Airlock Gateway (WAF) and IAM to protect a bank's PSD2 APIs using the STET framework.
Scope of the feature
- The feature stores information about technical clients in the IAM database. LDAP directories are not supported.
- IAM provides technical features that allow to meet selected STET requirements defined at the time the feature was built. It does not provide out-of-the-box configuration templates.
- STET is based on the OAuth 2 framework. The way STET is supported with Airlock IAM makes it necessary for TPPs to pre-register their OAuth Client(s) using Airlock IAM's Dynamic Client Registration interface. There is no "on-the-fly" registration with the first bank API calls.
Outline of this documentation
The documentation is split into several sub-pages. It first explains in what way Airlock components are used to protect PSD2 APIs ("Interaction Models") and then describes how the Airlock components must be configured to do so.