{"id":13558482,"url":"https://github.com/OpenBankProject/OBP-API","last_synced_at":"2025-04-03T13:31:25.693Z","repository":{"id":37431209,"uuid":"6776281","full_name":"OpenBankProject/OBP-API","owner":"OpenBankProject","description":"An open source RESTful API platform for banks that supports Open Banking, XS2A, PSD2 and Open Finance through access to accounts, transactions, counterparties, payments, entitlements and metadata - plus a host of internal banking and management APIs.","archived":false,"fork":false,"pushed_at":"2025-03-27T13:36:37.000Z","size":45097,"stargazers_count":1587,"open_issues_count":195,"forks_count":439,"subscribers_count":121,"default_branch":"develop","last_synced_at":"2025-03-27T14:32:28.478Z","etag":null,"topics":["openbanking","openbanking-api","psd2","psd2-xs2a-interface","xs2a","xs2a-connector","xs2a-interface"],"latest_commit_sha":null,"homepage":"https://www.openbankproject.com/","language":"Scala","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OpenBankProject.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":"roadmap.md","authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2012-11-20T10:45:14.000Z","updated_at":"2025-03-27T13:36:42.000Z","dependencies_parsed_at":"2023-09-26T19:03:54.026Z","dependency_job_id":"4312ce27-2ae6-4da2-b4e4-91dfa076ca6d","html_url":"https://github.com/OpenBankProject/OBP-API","commit_stats":{"total_commits":9630,"total_committers":40,"mean_commits":240.75,"dds":0.6739356178608515,"last_synced_commit":"234a893ea180ae6cad21dddf311556e4cba66340"},"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenBankProject%2FOBP-API","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenBankProject%2FOBP-API/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenBankProject%2FOBP-API/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenBankProject%2FOBP-API/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OpenBankProject","download_url":"https://codeload.github.com/OpenBankProject/OBP-API/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247009586,"owners_count":20868574,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["openbanking","openbanking-api","psd2","psd2-xs2a-interface","xs2a","xs2a-connector","xs2a-interface"],"created_at":"2024-08-01T12:04:58.676Z","updated_at":"2025-04-03T13:31:25.686Z","avatar_url":"https://github.com/OpenBankProject.png","language":"Scala","funding_links":[],"categories":["Scala","others","Specifications","Payments and Banking"],"sub_categories":[],"readme":"# ReadMe\n\nThe Open Bank Project API\n\n## About\n\nThe Open Bank Project is an open-source API for banks that enables account holders to interact with their bank using a wider range of applications and services.\n\nThe OBP API supports transparency options (enabling account holders to share configurable views of their transaction data with trusted individuals and even the public), data blurring (to preserve sensitive information) and data enrichment (enabling users to add tags, comments and images to transactions).\n\nThe OBP API abstracts away the peculiarities of each core banking system so that a wide range of apps can interact with  multiple banks on behalf of the account holder. We want to raise the bar of financial transparency and enable a rich ecosystem of innovative financial applications and services.\n\nOur tagline is: \"Bank as a Platform. Transparency as an Asset\".\n\nThe API supports [OAuth 1.0a](https://apiexplorer-ii-sandbox.openbankproject.com/glossary#OAuth%201.0a), [OAuth 2](https://apiexplorer-ii-sandbox.openbankproject.com/glossary#OAuth%202), [OpenID Connect OIDC](https://apiexplorer-ii-sandbox.openbankproject.com/glossary#OAuth%202%20with%20Google) and other authentication methods including [Direct Login](https://apiexplorer-ii-sandbox.openbankproject.com/glossary#Direct%20Login).\n\n## Documentation \n\nThe API documentation is best viewed using the [OBP API Explorer](https://apiexplorer-ii-sandbox.openbankproject.com) or a third-party tool that has imported the OBP Swagger definitions.\n\nIf you want to run your own copy of API Explorer II, see [here](https://github.com/OpenBankProject/API-Explorer-II)\n\n## Status of API Versions\n\nOBP instances support multiple versions of the API simultaneously (unless they are deactivated in config)\nTo see the status (DRAFT, STABLE or BLEEDING-EDGE) of an API version, look at the root endpoint. For example, `/obp/v2.0.0/root` or `/obp/v3.0.0/root`.\n\n```log\n24.01.2017, [V1.2.1](https://apisandbox.openbankproject.com/obp/v1.2.1/root) was marked as stable. \n24.01.2017, [V1.3.0](https://apisandbox.openbankproject.com/obp/v1.3.0/root) was marked as stable. \n08.06.2017, [V2.0.0](https://apisandbox.openbankproject.com/obp/v2.0.0/root) was marked as stable. \n27.10.2018, [V2.1.0](https://apisandbox.openbankproject.com/obp/v2.1.0/root) was marked as stable. \n27.10.2018, [V2.2.0](https://apisandbox.openbankproject.com/obp/v2.2.0/root) was marked as stable. \n18.11.2020, [V3.0.0](https://apisandbox.openbankproject.com/obp/v3.0.0/root) was marked as stable. \n18.11.2020, [V3.1.0](https://apisandbox.openbankproject.com/obp/v3.1.0/root) was marked as stable. \n16.12.2022, [V4.0.0](https://apisandbox.openbankproject.com/obp/v4.0.0/root) was marked as stable. \n16.12.2022, [V5.0.0](https://apisandbox.openbankproject.com/obp/v5.0.0/root) was marked as stable. \n```\n\n## License\n\nThis project is dual licensed under the AGPL V3 (see NOTICE) and commercial licenses from TESOBE GmbH.\n\n## Setup\n\nThe project uses Maven 3 as its build tool.\n\nTo compile and run Jetty, install Maven 3, create your configuration in `obp-api/src/main/resources/props/default.props` and execute:\n\n```sh\nmvn install -pl .,obp-commons \u0026\u0026 mvn jetty:run -pl obp-api\n```\n\nIn case the above command fails try the next one:\n\n```sh\nexport MAVEN_OPTS=\"-Xss128m\" \u0026\u0026 mvn install -pl .,obp-commons \u0026\u0026 mvn jetty:run -pl obp-api\n```\n\n[Note: How to run via IntelliJ IDEA](obp-api/src/main/docs/glossary/Run_via_IntelliJ_IDEA.md)\n\n## Run some tests\n  \n* In `obp-api/src/main/resources/props` create a `test.default.props` for tests. Set `connector=mapped`.\n\n* Run a single test. For instance, right-click on `obp-api/test/scala/code/branches/MappedBranchProviderTest` and select \"Run Mapp\"...\n\n* Run multiple tests: Right-click on `obp-api/test/scala/code` and select Run. If need be:\n\n    Goto Run / Debug configurations\n    Test Kind: Select All in Package\n    Package: Select code\n    Add the absolute /path-to-your-OBP-API in the \"working directory\" field\n    You might need to assign more memory via VM Options. For example:\n\n    ```\n    -Xmx1512M -XX:MaxPermSize=512M\n    ```\n\n    or\n\n    ```\n    -Xmx2048m -Xms1024m -Xss2048k -XX:MaxPermSize=1024m\n    ```\n    \n    Ensure your `test.default.props` has the minimum settings (see `test.default.props.template`).\n\n    \n    Right-click `obp-api/test/scala/code` and select the Scala Tests in the code to run them all.\n    \n    Note: You may want to disable some tests not relevant to your setup e.g.:\n    set `bank_account_creation_listener=false` in `test.default.props`.\n\n\n## Other ways to run tests\n\n* See `pom.xml` for test configuration.\n* See http://www.scalatest.org/user_guide.\n\n\n## From the command line\n\nSet memory options:\n\n```sh\nexport MAVEN_OPTS=\"-Xmx3000m -Xss2m\"\n```\n\nRun one test:\n\n```sh\nmvn -DwildcardSuites=code.api.directloginTest test\n```\n\nRun all tests and save the output to a file:\n\n```sh\nexport MAVEN_OPTS=\"-Xss128m\" \u0026\u0026 mvn clean test | tee obp-api-test-results.txt\n```\n\n## Ubuntu\n\nIf you use Ubuntu (or a derivate) and encrypted home directories (e.g. you have ~/.Private), you might run into the following error when the project is built:\n\n```log\nuncaught exception during compilation: java.io.IOException\n[ERROR] File name too long\n[ERROR] two errors found\n[DEBUG] Compilation failed (CompilerInterface)\n```\n\nThe current workaround is to move the project directory onto a different partition, e.g. under `/opt/`.\n\n## Running the docker image\n\nDocker images of OBP API can be found on Dockerhub: https://hub.docker.com/r/openbankproject/obp-api - pull with `docker pull openbankproject/obp-api`.\n\nProps values can be set as environment variables. Props need to be prefixed with `OBP_`, `.` replaced with `_`, and all upper-case, e.g.:\n\n`openid_connect.enabled=true` becomes `OBP_OPENID_CONNECT_ENABLED=true`.\n\n## Databases\n\nThe default database for testing etc is H2. PostgreSQL is used for the sandboxes (user accounts, metadata, transaction cache). The list of databases fully tested is: PostgreSQL, MS SQL and H2. \n\n### Notes on using H2 web console in Dev and Test mode:\n\nSet DB options in the props file:\n\n```\ndb.driver=org.h2.Driver\ndb.url=jdbc:h2:./obp_api.db;DB_CLOSE_ON_EXIT=FALSE\n```\n    \nIn order to start H2 web console go to [http://127.0.0.1:8080/console](http://127.0.0.1:8080/console) and you will see a login screen.\nPlease use the following values:\nNote: make sure the JDBC URL used matches your Props value!\n\n```\nDriver Class: org.h2.Driver\nJDBC URL: jdbc:h2:./obp_api.db;AUTO_SERVER=FALSE\nUser Name:\nPassword:\n```\n\n### Notes on the basic usage of Postgres\n\nOnce Postgres is installed (On macOS, use `brew`):\n\n1.   ```sh\n     psql postgres\n     ```\n\n1.   Create database `obpdb`; (or any other name of your choosing).\n     \n1.   Create user `obp`; (this is the user that OBP-API will use to create and access tables etc).\n     \n1.   Alter user obp with password `daniel.says`; (put this password in the OBP-API Props).\n     \n1.   Grant all on database `obpdb` to `obp`; (So OBP-API can create tables etc.)\n     \n1.   Then, set the `db.url` in your Props:\n     \n     ```\n     db.driver=org.postgresql.Driver\n     db.url=jdbc:postgresql://localhost:5432/obpdb?user=obp\u0026password=daniel.says\n     ```\n     \n1.   Then, restart OBP-API.\n\n### Notes on using Postgres with SSL\n\nPostgres needs to be compiled with SSL support.\n\nUse OpenSSL to create the files you need.\n\nFor the steps, see [https://www.howtoforge.com/postgresql-ssl-certificates](https://www.howtoforge.com/postgresql-ssl-certificates).\n\nIn short, edit `postgresql.conf`:\n\n```\nssl = on\n```\n\n```\nssl_cert_file = '/etc/YOUR-DIR/server.crt'\n```\n\n```\nssl_key_file = '/etc/YOUR-DIR/server.key'\n```\n\nAnd restart Postgres.\n\nNow, this should enable SSL (on the same port that Postgres normally listens on) - but it doesn't force it.\nTo force SSL, edit pg_hba.conf replacing the host entries with `hostssl`.\n\nNow in OBP-API Props, edit your `db.url` and add `\u0026ssl=true`. For example:\n\n```\ndb.url=jdbc:postgresql://localhost:5432/my_obp_database?user=my_obp_user\u0026password=the_password\u0026ssl=true\n```\n\nNote: Your Java environment may need to be set up correctly to use SSL.\n\nRestart OBP-API, if you get an error, check your Java environment can connect to the host over SSL.\n\nNote: You can copy the following example files to prepare your own configurations:\n\n - `/obp-api/src/main/resources/logback.xml.example` -\u003e `/obp-api/src/main/resources/logback.xml` (try TRACE or DEBUG).\n - `/obp-api/src/main/resources/logback-test.xml.example` -\u003e `/obp-api/src/main/resources/logback-test.xml` (try TRACE or DEBUG).\n\nThere is a gist/tool which is useful for this. Search the web for SSLPoke. Note this is an external repository.\n\nFor example:\n\n*   [https://gist.github.com/4ndrej/4547029](https://gist.github.com/4ndrej/4547029/84d3bff7bba262b3f77baa32a43873ea95993e45#file-sslpoke-java-L1-L40)\n\n    or\n\n*   ```sh\n    git clone https://github.com/MichalHecko/SSLPoke.git .\n\n    gradle jar\n    cd ./build/libs/\n\n    java -jar SSLPoke-1.0.jar www.github.com 443\n    ```\n     \n    \u003e Successfully connected\n\n    ```sh\n    java -jar SSLPoke-1.0.jar YOUR-POSTGRES-DATABASE-HOST PORT\n    ```\n\nYou can add switches. For example, for debugging:\n\n```sh\njava -jar -Dhttps.protocols=TLSv1.1,TLSv1.2 -Djavax.net.debug=all SSLPoke-1.0.jar localhost 5432\n```\n\nTo import a certificate:\n\n```sh\nkeytool -import -storepass changeit -noprompt -alias localhost_postgres_cert -keystore /Library/Java/JavaVirtualMachines/jdk1.8.0_73.jdk/Contents/Home/jre/lib/security/cacerts -trustcacerts -file /etc/postgres_ssl_certs/server/server.crt\n```\n\nTo get a certificate from the server / get further debug information:\n\n```sh\nopenssl s_client -connect ip:port\n```\n\nThe above section is work in progress.\n\n## Administrator role / SuperUser\n\nIn the API's props file, add the ID of your user account to `super_admin_user_ids=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx`. User Id can be retrieved via the \"Get User (Current)\" endpoint (e.g. /obp/v4.0.0/users/current) after login or via API Explorer (https://github.com/OpenBankProject/API-Explorer) at `/#OBPv3_0_0-getCurrentUser`.\n\nSuper users can give themselves any entitlement, but it is recommended to use this props only for bootstrapping (creating the first admin user). Use this admin user to create further privileged users by granting them the \"CanCreateEntitlementAtAnyBank\" role. This, again, can be done via API Explorer (`/#OBPv2_0_0-addEntitlement`, leave `bank_id` empty) or, more conveniently, via API Manager (https://github.com/OpenBankProject/API-Manager).\n\n## Sandbox data\n\nTo populate the OBP database with sandbox data:\n\n1. In the API's props file, set `allow_sandbox_data_import=true`.\n2. Grant your user the role `CanCreateSandbox`. See the previous section on how to do this.\n3. Now, post the JSON data using the payload field at `/#2_1_0-sandboxDataImport`. An example of an import set of data (JSON) can be found [here](https://raw.githubusercontent.com/OpenBankProject/OBP-API/develop/obp-api/src/main/scala/code/api/sandbox/example_data/2016-04-28/example_import.json).\n4. If successful you should see this result `{ \"success\": \"Success\" }` and no error message.\n\n## Production Options\n\n* set the status of HttpOnly and Secure cookie flags for production, uncomment the following lines of `webapp/WEB-INF/web.xml`:\n\n```XML\n   \u003csession-config\u003e\n     \u003ccookie-config\u003e\n       \u003csecure\u003etrue\u003c/secure\u003e\n       \u003chttp-only\u003etrue\u003c/http-only\u003e\n     \u003c/cookie-config\u003e\n   \u003c/session-config\u003e\n```\n\n## Running the API in Production Mode\n\nWe use 9 to run the API in production mode.\n\n1. Install java and jetty9.\n\n2. jetty configuration\n\n* Edit the `/etc/default/jetty9` file so that it contains the following settings:\n\n  ```\n  NO_START=0\n  JETTY_HOST=127.0.0.1 #If you want your application to be accessed from other hosts, change this to your IP address\n  JAVA_OPTIONS=\"-Drun.mode=production -XX:PermSize=256M -XX:MaxPermSize=512M -Xmx768m -verbose -Dobp.resource.dir=$JETTY_HOME/resources -Dprops.resource.dir=$JETTY_HOME/resources\"\n  ```\n\n* In obp-api/src/main/resources/props create a `test.default.props` file for tests. Set `connector=mapped`.\n\n* In obp-api/src/main/resources/props create a `default.props file` for development. Set `connector=mapped`.\n\n* In obp-api/src/main/resources/props create a `production.default.props` file for production. Set `connector=mapped`.\n\n* This file could be similar to the `default.props` file created above, or it could include production settings, such as information about the Postgresql server if you are using one. For example, it could have the following line for Postgresql configuration.\n\n  ```\n  db.driver=org.postgresql.Driver\n  db.url=jdbc:postgresql://localhost:5432/yourdbname?user=yourdbusername\u0026password=yourpassword\n  ```\n\n* Now, build the application to generate `.war` file which will be deployed on the jetty server:\n\n   ```sh\n   cd OBP-API/\n   mvn package\n   ```\n\n* This will generate OBP-API-1.0.war under `OBP-API/target/`.\n\n* Copy OBP-API-1.0.war to `/usr/share/jetty9/webapps/` directory and rename it to root.war\n\n* Edit the `/etc/jetty9/jetty.conf` file and comment out the lines:\n\n   ```\n   etc/jetty-logging.xml\n   etc/jetty-started.xml\n   ```\n\n* Now restart jetty9:\n\n   ```sh\n   sudo service jetty9 restart\n   ```\n\n* You should now be able to browse to `localhost:8080` (or `yourIPaddress:8080`).\n\n## Using OBP-API in different app modes\n\n1) `portal` =\u003e OBP-API as a portal i.e. without REST API.\n2) `apis` =\u003e OBP-API as an *APIs* app i.e. only REST APIs.\n3) `apis,portal`=\u003e OBP-API as portal and apis i.e. REST APIs and web portal.\n\n* Edit your props file(s) to contain one of the next cases:\n\n   1. `server_mode=portal`\n   2. `server_mode=apis`\n   3. `server_mode=apis,portal`\n  \n   In case it is not defined, the default case is the 3rd one. For example, `server_mode=apis,portal`.\n\n## Using Akka remote storage\n\nMost internal OBP model data access now occurs over Akka. This is so the machine that has JDBC access to the OBP database can be physically separated from the OBP API layer. In this configuration we run two instances of OBP-API on two different machines and they communicate over Akka. Please see README.Akka.md for instructions.\n\n\n## Using SSL Encryption with RabbitMq\n\nFor SSL encryption we use JKS keystores. Note that both the keystore and the truststore (and all keys within) must have the same password for unlocking, for which the API will stop at boot up and ask for. \n\n* Edit your props file(s) to contain:\n\n   ```\n    rabbitmq.use.ssl=true\n    keystore.path=/path/to/api.keystore.jks\n    keystore.password=123456\n    truststore.path=/path/to/api.truststore.jks\n   ```\n\n## Using SSL Encryption with props file\n\nFor SSL encryption we use jks keystores.\nNote that keystore (and all keys within) must have the same password for unlocking, for which the API will stop at boot up and ask for. \n\n* Edit your props file(s) to contain:\n\n   ```\n   jwt.use.ssl=true\n   keystore.path=/path/to/api.keystore.jks\n   keystore.alias=SOME_KEYSTORE_ALIAS\n   ```\n        \nA props key value, XXX, is considered encrypted if has an encryption property (XXX.is_encrypted) in addition to the regular props key name in the props file e.g:\n\n   *  db.url.is_encrypted=true\n   *  db.url=BASE64URL(SOME_ENCRYPTED_VALUE)\n   \nThe Encrypt/Decrypt workflow is :\n1. Encrypt: Array[Byte]\n2. Helpers.base64Encode(encrypted)\n3. Props file: String\n4. Helpers.base64Decode(encryptedValue)\n5. Decrypt: Array[Byte]\n\n1st, 2nd and 3rd step can be done using an external tool\n\n### Encrypting props values with OpenSSL on the command line\n\n1. Export the public certificate from the keystone:\n\n    ```sh\n    keytool -export -keystore /PATH/TO/KEYSTORE.jks -alias CERTIFICATE_ALIAS -rfc -file apipub.cert\n    ```\n   \n3. Extract the public key from the public certificate:\n\n    ```sh\n    openssl x509 -pubkey -noout -in apipub.cert \u003e PUBKEY.pub`\n    ```\n   \n4. Get the encrypted `propsvalue` like in the following bash script (usage `./scriptname.sh /PATH/TO/PUBKEY.pub propsvalue`):\n\n   ```\n   #!/bin/bash\n   echo -n $2 |openssl pkeyutl -pkeyopt rsa_padding_mode:pkcs1 -encrypt  -pubin -inkey $1 -out \u003e(base64)\n   ```\n\n## Using jetty password obfuscation with props file\n\nYou can obfuscate passwords in the props file the same way as for jetty:\n\n1. Create the obfuscated value as described here: [https://www.eclipse.org/jetty/documentation/9.3.x/configuring-security-secure-passwords.html](https://www.eclipse.org/jetty/documentation/9.3.x/configuring-security-secure-passwords.html).\n\n2. A props key value, XXX, is considered obfuscated if has an obfuscation property (`XXX.is_obfuscated`) in addition to the regular props key name in the props file e.g:\n\n   *  `db.url.is_obfuscated=true`\n   *  `db.url=OBF:fdsafdsakwaetcetcetc`\n\n## Code Generation\n\nPlease refer to the [Code Generation](https://github.com/OpenBankProject/OBP-API/blob/develop/CONTRIBUTING.md##code-generation) for links.\n\n## Customize Portal WebPage\n\nPlease refer to the [Custom Webapp](obp-api/src/main/resources/custom_webapp/README.md) for links.\n\n## Using jetty password obfuscation with props file\n\nYou can obfuscate passwords in the props file the same way as for jetty:\n\n1. Create the obfuscated value as described here: [https://www.eclipse.org/jetty/documentation/9.3.x/configuring-security-secure-passwords.html](https://www.eclipse.org/jetty/documentation/9.3.x/configuring-security-secure-passwords.html).\n\n2. A props key value, XXX, is considered obfuscated if has an obfuscation property (XXX.is_obfuscated) in addition to the regular props key name in the props file e.g:\n\n   *  db.url.is_obfuscated=true\n   *  db.url=OBF:fdsafdsakwaetcetcetc\n\n## Rate Limiting\n\nWe support rate limiting i.e functionality to limit calls per consumer key (App). Only `New Style Endpoins` support it. The list of they can be found at this file: [https://github.com/OpenBankProject/OBP-API/blob/develop/obp-api/src/main/scala/code/api/util/NewStyle.scala](https://github.com/OpenBankProject/OBP-API/blob/develop/obp-api/src/main/scala/code/api/util/NewStyle.scala). \n\nThere are two supported modes:\n\n   *  In-Memory\n   *  Redis\n   \nIt is assumed that you have some Redis instances if you want to use the functionality in multi-node architecture.\n\nWe apply Rate Limiting for two types of access:\n\n   *  Authorized\n   *  Anonymous\n\nTo set up Rate Limiting in case of anonymous access edit your props file in the following way:\n\n```\nuser_consumer_limit_anonymous_access=100, In case isn't defined default value is 60\n```\n   \nTe set up Rate Limiting in case of the authorized access use these endpoints:\n\n1. `GET ../management/consumers/CONSUMER_ID/consumer/call-limits` - Get Call Limits for a Consumer\n2. `PUT ../management/consumers/CONSUMER_ID/consumer/call-limits` - Set Call Limits for a Consumer\n\nIn order to make it work edit your props file in next way:\n\n```\nuse_consumer_limits=false, In case isn't defined default value is \"false\"\nredis_address=YOUR_REDIS_URL_ADDRESS, In case isn't defined default value is 127.0.0.1\nredis_port=YOUR_REDIS_PORT, In case isn't defined default value is 6379\n```\n\nThe next types are supported:\n\n1. per second\n2. per minute\n3. per hour\n4. per day\n5. per week\n6. per month\n\nIf you exceed the rate limit per minute for instance you will get the response:\n\n```JSON\n{\n    \"error\": \"OBP-10018: Too Many Requests.We only allow 3 requests per minute for this Consumer.\"\n}\n```\n\nand response headers:\n\n```\nX-Rate-Limit-Limit → 3\nX-Rate-Limit-Remaining → 0\nX-Rate-Limit-Reset → 22\n```\n\nDescription of the headers above:\n\n1. `X-Rate-Limit-Limit` - The number of allowed requests in the current period.\n2. `X-Rate-Limit-Remaining` - The number of remaining requests in the current period.\n3. `X-Rate-Limit-Reset` - The number of seconds left in the current period.\n\nPlease note that first will be checked `per second` call limit then `per minute`, etc.\n\nInfo about rate limiting availability at some instance can be found over next API endpoint: https://apisandbox.openbankproject.com/obp/v3.1.0/rate-limiting. The response we are interested in looks like this:\n\n```JSON\n{\n  \"enabled\": false,\n  \"technology\": \"REDIS\",\n  \"service_available\": false,\n  \"is_active\": false\n}\n```\n\n## Webhooks\n\nWebhooks are used to call external URLs when certain events happen. Account Webhooks focus on events around accounts. For instance, a webhook could be used to notify an external service if a balance changes on an account. This functionality is a work in progress!\n\nThere are 3 API endpoints related to webhooks:\n\n1. `POST ../banks/BANK_ID/account-web-hooks` - Create an Account Webhook\n2. `PUT ../banks/BANK_ID/account-web-hooks` - Enable/Disable an Account Webhook\n3. `GET ../management/banks/BANK_ID/account-web-hooks` - Get Account Webhooks\n\n---\n\n## OpenID Connect\n\nIn order to enable an OIDC workflow at an instance of OBP-API portal app(login functionality) you need to set up the following props:\n\n```props\n## Google as an identity provider\n# openid_connect_1.client_secret=OYdWujJl******_NXzPlDI4T\n# openid_connect_1.client_id=883**3244***-s4hi72j0rble0iiivq1gn09k7***tdci.apps.googleusercontent.com\n# openid_connect_1.callback_url=http://127.0.0.1:8080/auth/openid-connect/callback\n# openid_connect_1.endpoint.authorization=https://accounts.google.com/o/oauth2/v2/auth\n# openid_connect_1.endpoint.userinfo=https://openidconnect.googleapis.com/v1/userinfo\n# openid_connect_1.endpoint.token=https://oauth2.googleapis.com/token\n# openid_connect_1.endpoint.jwks_uri=https://www.googleapis.com/oauth2/v3/certs\n# openid_connect_1.access_type_offline=false\n# openid_connect_1.button_text = Yahoo\n\n## Yahoo as an identity provider\n# openid_connect_2.client_secret=685d47412efd8b74891ad711876558189793e957\n# openid_connect_2.client_id=zg0yJmk9WUEzaERzd1RtMU02JmQ9WVdrOU9FOHpTbXN5TkhNbWNHbzlNQS0tJnM9Y38uc3VtZXJzZWNyZXQmc3Y9MCZ4PWjW\n# openid_connect_2.callback_url=https://1aaac045.ngrok.io/auth/openid-connect/callback-2\n# openid_connect_2.endpoint.authorization=https://api.login.yahoo.com/oauth2/request_auth\n# openid_connect_2.endpoint.userinfo=https://api.login.yahoo.com/openid/v1/userinfo\n# openid_connect_2.endpoint.token=https://api.login.yahoo.com/oauth2/get_token\n# openid_connect_2.endpoint.jwks_uri=https://api.login.yahoo.com/openid/v1/certs\n# openid_connect_2.access_type_offline=true\n# openid_connect_2.button_text = Yahoo\n```\n\nPlease note in the example above you MUST run OBP-API portal at the URL: http://127.0.0.1:8080\n\n## OAuth 2.0 Authentication\n\nIn order to enable an OAuth2 workflow at an instance of OBP-API backend app you need to set up the following props:\n\n```\n# -- OAuth 2 ---------------------------------------------------------------------------------\n# Enable/Disable OAuth 2 workflow at a server instance\n# In case isn't defined default value is false\n# allow_oauth2_login=false\n# URL of Public server JWK set used for validating bearer JWT access tokens\n# It can contain more than one URL i.e. list of uris. Values are comma separated.\n# If MITREId URL is present it must be at 1st place in the list\n# because MITREId URL can be an appropirate value and we cannot rely on it.\n# oauth2.jwk_set.url=http://localhost:8080/jwk.json,https://www.googleapis.com/oauth2/v3/certs\n# ------------------------------------------------------------------------------ OAuth 2 ------\n\nOpenID Connect is supported.\nTested Identity providers: Google, MITREId.\n```\n\n### Example for Google's OAuth 2.0 implementation for authentication, which conforms to the OpenID Connect specification\n\n```\nallow_oauth2_login=true\noauth2.jwk_set.url=https://www.googleapis.com/oauth2/v3/certs\n```\n---\n\n## Frozen APIs\n\nAPI versions may be marked as \"STABLE\", if changes are made to an API which has been marked as \"STABLE\", then unit test `FrozenClassTest`  will fail.\n\n### Changes to \"STABLE\" API cause the tests to fail: \n\n* modify request or response body structure of APIs\n* add or delete APIs\n* change the APIS' `versionStatus` from or to \"STABLE\"\n\nIf it is required for a \"STABLE\" api to be changed, then the class metadata must be regenerated using the FrozenClassUtil (see how to freeze an API)\n\n### Steps to freeze an API\n\n* Run the FrozenClassUtil to regenerate persist file of frozen apis information, the file is `PROJECT_ROOT_PATH/obp-api/src/test/resources/frozen_type_meta_data`\n* push the file `frozen_type_meta_data` to github\n\nThere is a video about the detail: [demonstrate the detail of the feature](https://www.youtube.com/watch?v=m9iYCSM0bKA)\n\n## Frozen Connector InBound OutBound types\n\nThe same as `Frozen APIs`, if a related unit test fails, make sure whether the modification is required, if yes, run frozen util to re-generate frozen types metadata file. take `RestConnector_vMar2019` as an example, the corresponding util is `RestConnector_vMar2019_FrozenUtil`, the corresponding unit test is `RestConnector_vMar2019_FrozenTest`\n\n## Scala / Lift\n\n* We use scala and liftweb: [http://www.liftweb.net/](http://www.liftweb.net/).\n\n* Advanced architecture: [http://exploring.liftweb.net/master/index-9.html\n](http://exploring.liftweb.net/master/index-9.html).\n\n* A good book on Lift: \"Lift in Action\" by Timothy Perrett published by Manning.\n\n## Supported JDK Versions\n\n* OracleJDK: 1.8, 13\n* OpenJdk: 11\n\nOpenJDK 11 is available for download here: [https://jdk.java.net/archive/](https://jdk.java.net/archive/).\n\n## Endpoint Request and Response Example\n\n```log\nResourceDoc#exampleRequestBody and ResourceDoc#successResponseBody can be the follow type\n```\n    \n* Any Case class\n* JObject\n* Wrapper JArray: JArrayBody(jArray)\n* Wrapper String: StringBody(\"Hello\")\n* Wrapper primary type: IntBody(1), BooleanBody(true), FloatBody(1.2F)...\n* Empty: EmptyBody\n\nExample:\n\n```\nresourceDocs += ResourceDoc(\n      exampleRequestBody= EmptyBody,\n      successResponseBody= BooleanBody(true),\n      ...\n)\n```\n\n## Language support\n### Add a new language\nAn additional language can be added via props `supported_locales`\n\nSteps to add Spanish language:\n* tweak the property supported_locales = en_GB to `supported_locales = en_GB,es_ES`\n* add file `lift-core_es_ES.properties` at the folder `/resources/i18n`\n\nPlease note that default translation file is `lift-core.properties` ","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FOpenBankProject%2FOBP-API","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FOpenBankProject%2FOBP-API","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FOpenBankProject%2FOBP-API/lists"}