This document describes how to use Airlock Gateway and IAM to protect a bank's PSD2 APIs using the NextGenPSD2 framework.
Scope of the feature
- Airlock IAM only supports the "redirect approach" (also referred to as "redirect authorization protocol" in NextGENPSD2).
- The feature stores information about technical clients in the IAM database. LDAP directories are not supported.
- IAM provides technical features that allow to meet selected NextGenPSD2 requirements defined at the time the feature was built. It does not provide out-of-the-box configuration templates.
Outline of this documentation
The documentation is split into several sub-pages. It first explains in what way Airlock components are used to protect PSD2 APIs ("Interaction Models") and then describes how the Airlock components must be configured to do so.