You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 17 Next »

The PSD2 service provides support for a set of non-standard scopes and claims that are associated with various use-cases under PSD2, including both PISP-scenarios and AISP-scenarios. The set of PSD2-specific scopes and claims is described in the following section, followed by a description of consent handling for each of the supported use-cases. The corresponding set of tailored access tokens is then described.


The following table summarizes how the PSD2 service impacts relevant functions of the OIDC Provider from BankID:

FunctionImpact
IDP optionsAvailable options for the OIDC Client are determined by the PSD2 service itself
Authorize endpointSupport for a larger set of additional non-standard scopes and claims
Token endpointSupport for a variety of both by-reference and by-value access tokens
Resource endpoint(s)NA (beyond scope)

Please note the following important characteristics of the PSD2 service:

  • It restricts the set of IDP options that are available to the OIDC client for each of the supported use-cases.
  • It does not include the implementation of any resource endpoint

The PSD2 service is meant for integration by ASPSP, which under PSD2 can dictate which IDP options to make avilable for each of the supported use-case. Each ASPSP must in turn implement the relevant resource endpoints as part of the specific data API that the ASPSP offers to the market under PDS2.

Scopes and claims

TBC

Consent handling

TBD

Characteristics of Access Tokens

TBC

  • No labels