Security and Authentication Overview

Learn about security and authentication for Raidiam API access. Check required specifications, client authentication methods, and more.

---

The Raidiam Authorisation Server adheres to the stringent requirements of the Financial Grade API (FAPI) 2.0 Security Profile, ensuring robust data protection and safeguarding against unauthorized API access. Below, you’ll find a comprehensive list of specifications related to the integration process for obtaining access tokens issued by the Raidiam Authorisation Server:

• Proof Key for Code Exchange RFC7636

• OAuth 2.0 Pushed Authorization Requests (PAR) RFC9126

• JWT-Secured Authorization Request (JAR) RFC9101 and connected:

  • JSON Web Token RFC7519
  • JSON Web Signature (JWS) RFC7515
  • JSON Web Encryption (JWE) RFC7516

• OAuth 2.0 Authorization Framework RFC6749 -- Authorization Code Grant Type section 1.3.1

• OAuth 2.0 Authorization Framework RFC6749 -- Client Credentials Grant section #4.4

• Client authentication:

  • tls_client_auth -- Mutual-TLS Client Authentication and Certificate-Bound Access Tokens RFC8705
  • private_key_jwt - Assertion Framework for OAuth 2.0 Client Authentication RFC7521

Access Scopes

Request correct access scopes enabling your client application to access Raidiam APIs.

Cheatsheet

See the cheatsheet aimed at helping you authenticate client applications and access Raidiam APIs.

Client Credentials Flow

Obtain access tokens using OAuth Client Credentials Flow.

Authorization Code Flow

Obtain access tokens using OAuth Authorization Code Flow.