WSO2 Open Banking now supports CIBA

WSO2 Open Banking introduces support for CIBA — Client Initiated Back Channel Authentication

This blog assumes that you are familiar with the WSO2 open banking solution and i suggest having a look at https://wso2.com/solutions/financial/open-banking/ if you are not.

What is CIBA ?

Lets get started with an intro to CIBA. CIBA is an abbreviation for Client Initiated Back Channel Authentication is a new authentication flow introduced by OpenID . But it is a bit different from the usual authentication flows because it includes a “Back channel” authentication mechanism. Let’s see what happens in a normal OIDC authentication flow in WSO2 Open Banking Solution. Let’s say you are trying to check your account information,

1. First you create a token call and get a client credential access token
2. You create account consent initiation call — This call includes information about which account information you want to recieve
3. You authorize the above call by making an authorization request and logging in with your account credentials
4. You get a user access token using the authorization code received from the above call
5. You retrieve account information using the obtained user access token