The identity product is used to for API consumer identification, and for the initiation of the authorisation of a consent, as per the Open Banking standards.
We have implemented our identity functions according to the UK Open Banking OIDC Security Profile. These standards can be used to securely identify yourself as well as verify the contents of the authorisation received through our APIs as issued by Investec.
Note: These APIs (apart from our well-known openid configuration end point and associated keystore) are protected by MTLS and require that you present an Open Banking issued certificate as a part of your request.
The sandbox environment will require an Open Banking sandbox issued certificate (OBTransport).
Why use it?
Our Identity Product allows you to securely identify yourself, and that the authorisation code acquired using OAuth2 is issued by Investec by verifying the associated JWT included in the your callback URL.
The Identity Product is required in order to gain access to our Accounts and Payments APIs.
You need to be enrolled with Open Banking in order to be able access our sandbox and APIs, and present an Open Banking certificate to be able to access our end points.