Skip to content
Frame 23909

Secure, Scale, and Manage Your API Data Sharing Ecosystem

Raidiam Connect is a powerful platform that combines a directory of organisations and their applications with robust PKI (Public Key Infrastructure) capabilities.

Talk to an expert
  • Ministry of Defence
  • Open Banking UK
  • Commonwealth Bank
  • Foreign & Commonwealth Office
  • Lloyds Banking Group
  • Open Insurance Brasil
  • thredd
  • Westpac
  • UAE-central-bank
  • central bank of brasil
  • ConnectID
  • Open finance brasil

The Ultimate Resource Directory and PKI Solution for Sensitive APIs 

Raidiam Connect is a powerful platform that combines a directory of organisations and their applications with robust PKI capabilities, enabling certificate-based authentication and authorisation for controlling access to sensitive APIs. This comprehensive solution facilitates secure data sharing and interoperability across various sectors, powering some of the world’s largest financial data ecosystems, underpinning 2,000+ banks globally. 

Centralised Platform for Trust and Access

A single solution for participant registration, application creation, credential management, resource control, and ecosystem discovery. Developers can easily register applications, automate API credential management, and gain visibility over API resources while facilitating seamless ecosystem discovery.

Financial-Grade Security

Protect sensitive data with a layered security approach using certificate-based access, replacing traditional API keys with asymmetric authentication to eliminate vulnerabilities. Enhance security posture with a unified solution and mitigate risk instantly using centralized API controls, including a ‘kill switch’ for rapid response.

Self-Service Technical Onboarding

Enable seamless API adoption with a customer-facing portal, allowing partners and customers to onboard themselves using intuitive self-service tools. Automate credential lifecycle management and integrate effortlessly with existing infrastructure to accelerate time-to-value.

Regulatory Compliance

Keep up with changing regulations by ensuring your platform meets strict standards like PCI-DSS 4.0, FAPI 2.0, and CPFB 1033. Safeguard your business and strengthen customer trust in a dynamic compliance environment.

Why Raidiam?

  • Pioneers in data-sharing
    With deep expertise in trust frameworks and secure infrastructure, we enable your success
  • Financial-grade security
    Technology built to the highest standards, including FAPI and ISO 27001, ensuring secure API protection
  • Proven track record
    Trusted by banks, regulators and enterprises worldwide to power secure ecosystems
  • 24/7 global support
    Always-on assistance to keep your ecosystem running smoothly, minimising downtime and risk

FAQs

Need to know more?
Speak to one of our consultants

What is Raidiam Connect?
  • Raidiam Connect provides Identity Access Management (IAM) for Services.
  • More specifically, Connect is a developed Certificate authority that facilitates certificate based authentication of applications calling services.
  • In the same way a traditional IAM service controls application / data access for users, so Raidiam Connect controls access for application / services.
What role does Raidiam play in a clients architecture? What does it do and doesn’t it do?

It does:

  • give organisations a self-service portal to register their company, their applications and their APIs.
  • give organisations the opportunity to define policy related metadata (roles and scopes).
  • issue transport and encryption certs which are used by client applications for the purposes of authentication, non-repudiation and data security.

It does not:

  • enforce policy (this can be done via auth server or API gateway).
  • handle user authentication.
  • form a part of runtime access of APIs/ services (i.e. every time you call an API there is no need to call Raidiam Connect).
Would using Raidiam allow me to remove other services such as API gateways?
  • They complement each other. Raidiam Connect is used to define policy and API gateways can enforce that policy. Think of it like a security guard (API Gateway) and security clearance database (Raidiam Connect).
  • However, in a user-not-present communication, Raidiam can act as the auth server (for example, a Core banking system needs to talk to issuer processor on an ongoing basis).
  • API gateways are effectively on prem / part of your local architecture.
Where does Raidiam Connect sit alongside other capabilities such as Sandboxes and Dev Portals?

If you look at bank's developer portal, you'll typically find similar elements:

  1. Discovering APIs – Developers can explore what APIs are available, including information on products, data schemas, and interaction guidelines. This is essentially API definitions, documentation, and a public-facing site to showcase the APIs.
  2. Sign-up, registration, and consumption – This is where Raidiam Connect comes into play.

Raidiam Connect isn't a "rip and replace" solution for a developer portal. Instead, it complements the existing content that developers use to explore API catalogues and documentation. Once developers are ready to register, sign up, declare their software application/client, and obtain credentials, that's where Raidiam Connect fits.
Beyond that, organisations will still need:

  • An Authorisation Server/OpenID Provider (OP) to handle third-party provider (TPP) authorisation and authentication, which includes customer authentication and consent management. Well recognised names in the space are Ping/Forgerock & Okta
  • An API Gateway to surface and secure their APIs, e. Apigee, Kong, etc.
Would a Bank use Raidiam to control access to a Sandbox/ Dev Portal?
  • We expect Raidiam to fit into an intuitive user journey for Bank clients. Once developers are ready to register, sign up, declare their software application/client, and obtain credentials (even in sandbox) we’d expect a hand-off to Raidiam to complete this activity. If Bank has their own interface, they can maintain this and complete this activity via Raidiams APIs. We also have a GUI if required too.
  • There is flexibility around the implementation and resultant customer journey, which we could explore in more detail if you’d like.
How does Raidiam Connect compare with...

IAM tools (e.g. Ping, Auth0, Okta):

  • IAM tools allow you to define policy for User Access. Raidiam Connect allows you to define policy for Organisation and Application access. Raidiam Connect also includes a Certificate Authority, whilst IAM tools don’t.

 

API Gateways (e.g. Kong, APIgee, Mulesoft):

  • Raidiam Connect and API gateways are complementary. Raidiam Connect is used to define policy and API gateways can enforce that policy. Think of it like a security guard (API Gateway) and security clearance database (Raidiam Connect).
  • More broadly, an API gateway is a presentation layer and provides a front to internal architecture.

Generic CA’s (e.g.AWS CM, Digicert):

  • Raidiam Connect is delivered as an out-of-the-box managed service. It includes a developed directory capability (Orgs, Apps, APIs) against which certificates are issued. Raidiam Connect therefore mitigates against the need for significant complex build to implement a Certificate Authority in use cases where access is differentiated.
  • Radiam connect layers the ability to define client application oauth metadata.
How does Raidiam help me remove operational complexity in generating credentials?

Raidiam Connect enables your customers to self-serve when rotating application credentials, either via an easy to use GUI or via a highly functional API. Our APIs allow our customers and their clients to implement automated credential rotation.

What different security protocols / solutions do you offer?
  • authn - client_secret_basic, client_secret_post, private_key_jwt, mTLS client authentication
  • authz - OAuth 2.0, FAPI parts 1&2
How does Raidiam help me remove operational complexity in rotating credentials?

Raidiam Connect enables your customers to self-serve when rotating application credentials, either via an easy to use GUI or via a highly functional API. Our APIs allow our customers and their clients to implement automated credential rotation.

Building ecosystems is hard. Talk to the experts.

Talk to our experts and discover how Raidiam can simplify your open banking and enterprise data needs.

Contact Us