Airlock IAM supports the following authentication types for tech-clients:
- Client Certificate:
- Uses X.509 certificates.
- Registration is currently only supported "on-the-fly" as documented on NextGenPSD2 (Berlin Group) with Airlock Secure Access Hub.
- Other registration means may be provided in future
- OAuth 2.0:
- Uses OAuth 2.0 Client Credential Flow
- Registration is done using DCR (dynamic client registration, see IETF RFC 7591)
- This is ideally suited to support STET PSD2 clients (TPPs).
- More types (e.g. API Keys) are planned
This page gives examples on how to use the technical client REST API.
The API specification of the Adminapp REST API can be found here: