Achieving Financial-grade API (FAPI) conformance with IBM Security Verify Access
The Financial-grade API aims to provide specific implementation guidelines for online financial services.
The Financial-grade API security profile can be applied to online services in any market area that requires a higher level of security than provided by standard OAuth or OpenID Connect.
Verify Access supports the OpenID Connect protocol, ISAM can act both as an OpenID Provider and as a Relying Party. This topic provides additional information that is mentioned in the OpenID Connect Provider Conformance chapter.
Most of the scenarios are FAPI-conformant out-of-the-box. However there are some scenarios that
require changes to be done to the mapping rules and transformation rules. To achieve FAPI
conformance on an existing Verify Access setup, follow the procedures mentioned in this chapter.
Note: The steps mentioned in this
document are additional procedures to perform in OpenID Connect
Provider Conformance. Ensure that the procedures in the OpenID Connect Provider Conformance are completed before the procedures for FAPI conformance
are performed.