Frank2OpenBanking is a Frank Configuration that allows users to request their bank account information from their bank and share it with a third party, and request payment links. This is done by using the Open Banking API.
- Clone the repository.
- Clone the FrankRunner repository to the same directory as the repository. The directory should look like this:
.
├── frank2openbanking
├── frank-runner
- Run the application with the restart.bat file.
IMPORTANT: The proof of concept is built with a restriction in the sandbox environment that only allows redirect URLs to be https://example.com. After the user has logged in, the user will be redirected to https://example.com. The user will have to manually point www.example.com to the token endpoint (/api/token) in the hosts file. Custom certificates are also required to be installed in the browser to allow the application to run due to the restrictions of the sandbox environment.
NOTE: The application can also be run using the FrankFramework using docker. The docker-compose file is included in the frankframework repository. Follow the mounting instructions in the FrankFramework repository.
The application supports two application flows:
- Account information requests
- Payment link requests
- Open a browser and navigate to the endpoint /api/ing
- The user will be redirected to the bank's login page.
- After logging in, the user will be redirected to the bank's consent page with a token.
- The token will be used to request the user's account information within the scope of the token.
- Open a browser and navigate to the endpoint /api/pay
- The user will be redirected to the bank's login page.
- After logging in, the user will be redirected to the bank's consent page with a token.
NOTE: The sandbox environment does not support the complete payment link request flow. The user will be redirected to the bank's login page where no further action can be taken due to the restrictions of the sandbox environment. The assumption is made that the payment link request flow will work in a production environment.
Pull requests are currently not being accepted for this repository, as it is a proof of concept. If a custom implementation is built with this proof of concept as base, these are some guidelines to follow:
- Configurations should contain Adapters that are bound to a specific bank.
- Configurations should implement their own logic for obtaining an application token, these tokens can be reused within the expiration time.
- The structure of the application should look like this:
.
├── frank2openbanking
├──── Bank1 Configuration
├──── Payment Adapter
├──── Account Adapter
├──── etc..
├──── Bank2 Configuration
├──── Payment Adapter
├──── Account Adapter
├──── etc..
├──── etc..
The application can be converted to a production environment by following the steps below:
- Proper certificates must be obtained from a certificate authority. For PSD2 compliance eIDAS certificates are required. These can be obtained from a local certificate authority.
- URLs must be changed to the production URLs of the bank.
- The keyID has to be changed to the serial number of the certificate. Format: SN=XXX where XXX is the hexadecimal serial number of the certificate.
- The tracing id has to match in between requests.
- The redirect URL has to be changed to the production URL.
- The application has to be hosted on a secure server with the proper certificates installed.
- The application has to be registered with the bank's developer portal.
NOTE: When working with live data, the application has to take proper security measures to protect the data. The application has to be GDPR compliant.