STET PSD2 with Airlock components

This document describes how to use Airlock Gateway (WAF) and IAM to protect a bank's PSD2 APIs using the STET framework.

Scope of the feature

  • The feature stores information about technical clients in the IAM database. LDAP directories are not supported.
  • IAM provides technical features that allow to meet selected STET requirements defined at the time the feature was built. It does not provide out-of-the-box configuration templates.
  • STET is based on the OAuth 2 framework. The way STET is supported with Airlock IAM makes it necessary for TPPs to pre-register their OAuth Client(s) using Airlock IAM's Dynamic Client Registration interface. There is no "on-the-fly" registration with the first bank API calls.

Outline of this documentation

The documentation is split into several sub-pages. It first explains in what way Airlock components are used to protect PSD2 APIs ("Interaction Models") and then describes how the Airlock components must be configured to do so.