Friday, March 30, 2018

Forty Seven Bank Project API (Open Project Bank API)

This API provides a testing environment for developers who want build banking related apps. Here we have to create a Developer account in Sandbox for accessing all the functionalities like accounts access, ATM access, Transaction details, Payments Transaction requests and many more.

For Access, all services use SDK provided by open project API. This SDK helps to connect App to banking services and also need a developer key which was provided when you created a developer account.

For Testing the App with sandbox test customers only.

To get APIs use following URL Click Here

The latest version is 3.0.0 and older versions are from 1.2.1 to 2.2.0.

Here we have different APIs available:

  1. Accounts
  2. Branches, ATM
  3. Transactions
  4. Payments & Transaction requests and many more. 

Accounts: Access user accounts, Balances information about different accounts.
          
The following services can avail in API:
          
          A) Create an account: Create a new Account in the specified Branch
          B) Create view: To balance view use OAuth authentication.
          C) Delete view: Delete access
          D) Get an account by id: Returns information against an account id and many more.

          Click Here to explore more about this API

Branches, ATM: Here we can create new branches and ATMs in specified geolocations.


The following services can avail in API:

          A) Create Bank: Create a new branch
          B) Get Bank: Get bank details
          C) Get Banks: Get all bank names and many more.

          Click Here to explore more about this API


Transactions: Access the transaction info and metadata also.

The following services can avail in API:

          A) Get other accounts of transaction: Returns the details about which party involved.
          B) Get transaction by id: Returns transaction details and many more.

          Click Here to explore more about this API

Payments & Transaction Requests: Initiate transfers, view charges etc.

The following services can avail in API:

         A) Create transaction request: In which we can initiate a transaction followed by account details.
         B) Get Transaction Requests: Get transaction requests given account number in a specified branch and many more
Click Here to explore more about this API

Wednesday, March 21, 2018

Troubleshoot: SAP HANA SAML integration

When SAP HANA enabled for external authentication with SAML mechanism you might get "Assertion did not contain a valid MessageID."  error message when trying to log in.

Solution:

Adding SAML parameter, assertion_timeout and set the value to 30 in SAP solves the issue.

Ref: https://blogs.sap.com/2014/07/03/troubleshooting-issues-when-implementing-saml-sso-in-hana-xs-engine/

Thanks

Tuesday, March 13, 2018

Oracle Identity Manager(OIM) 12c New Features

                          Oracle Identity Manager(OIM) 12c New Features


In this blog we are going to see some new features introduced in Oracle Identity manager 12C.

From my search, I found there is not much major changes from UI level.

End user experience will be same for access request catalog and approval/ certification.

1. Oracle Identity Governance 12c infrastructure requires below components.
    Oracle database (11.2.0.4, any 12c)
    jdk1.8
    WebLogic 12.2.1.3.0
    SOA 12.2.1.3.0
    OIG 12.1.2.3.0
           
2. RCU (Repository Creation Utility) is in-built and can be run from /u03/oracle_common/bin.

3. OIM 12c finally support encryption of database. During creation of OIM users in database,
    RCU can encrypt database table-space.
    TDE (Transparent Data Encryption) option must be enabled in Oracle 12c database.
    TDE allow application to encrypt the table-space using secret key.
    Data is transparently decrypted for database users and applications that access this data.
    Database users and applications do not need to be aware that the data they are accessing
     is stored  in encrypted form.
    If the TDE is enabled in Oracle 12c database, RCU will automatically provide you an 
    option to make OIM table-space encrypted.

4. If you do not have DBA privilege, then you can create a script for DBA to run.
    Once DBA completed running the RCU generated scripts, you can run the
    post process configuration.
    This is very helpful where Database is managed by different administrative team.
5. OIM 12c is now having Application Onboarding capability through GUI.
    It will allow you to create and manage applications, templates, and instances of applications
    , and clone applications.
   This will faster the on-boarding process of applications into OIM.
6.Access Policy can be created and managed from the Manage tab in Identity Self Service
  In OIM12C By enabling and by setting XL.AllowRoleHierarchicalPolicyEval system property to TRUE
  You can achieve Inheriting the access granted via access policies from the parent role to child role 
7.In OIM 11gR2 PS3, single certifier was supported in the certification workflow
   From OIM 12c supports group of certifiers for Application Instance, Entitlement,
   Role and User certification.
8. In above screenshot as we can able to see OIM 12c introduces custom reviewer
    option in certification.

    It is applicable for Identity certification. Custom reviewer for certifications can 
    be specified by  defining certification rules in the 
    CERT_CUSTOM_ACCESS_REVIEWERS table.

    The advantage of above feature is, we can now assign certification request based on a rule
    defined for custom reviewer.

9. OIM 12c can Limit the entitlement-assignments, Role-assignment and Application-assignment
     to certify for each user option for creating a user certification definition.
     For example, while identity certification assigned to reviewer, only the selected roles,
     selected entitlements and selected Application instances will be visible for certification.
     In this way we can remove the birth rights for being certified.

9.We can publish multiple sandboxes in bulk and in a specified sequence using CSV file.


10.In OIM 12c, From Mange Connector you can define your new connectors from 
      all the available components.
      Below images shows, which allow you to choose components and create your 
      new connector inside OIM.
11. Below is new interface for deployment manager for import and export any new
     Development,Testing or Migration.


Feel free to drop your comments.
Regards, 
Aditya.