Achieving Financial-grade API (FAPI) conformance with IBM Security Verify Access

The Financial-grade API aims to provide specific implementation guidelines for online financial services.

The Financial-grade API security profile can be applied to online services in any market area that requires a higher level of security than provided by standard OAuth or OpenID Connect.

Verify Access supports the OpenID Connect protocol, ISAM can act both as an OpenID Provider and as a Relying Party. This topic provides additional information that is mentioned in the OpenID Connect Provider Conformance chapter. Most of the scenarios are FAPI-conformant out-of-the-box. However there are some scenarios that require changes to be done to the mapping rules and transformation rules. To achieve FAPI conformance on an existing Verify Access setup, follow the procedures mentioned in this chapter. The steps mentioned in this document are additional procedures to perform in OpenID Connect Provider Conformance. Ensure the procedures in the OpenID Connect Provider Conformance are completed before the procedures for FAPI conformance are performed.


Parent topic: Conformance