Skip to content
/
Authorization
Last updated

Authorization

The Banking API uses role-based access control (RBAC) for regulating access to API resources.

Access is managed through the IAM service.

RBAC

A client or user can be assigned access to any of the following resources. Child resources inherit all permissions assigned to parent resources.

The flowchart below describes the resource hierarchy of Banking resources:

Note

A tenant may have multiple subscriptions.

SubscriptionResource GroupBank AccountOther Aritma Resources

Roles

Roles describe what actions a client or user can execute on a resource.

Example

If a client has banking.ais.read access to an account or the parent resource group or subscription, the client or user will be able to GET requests to retrieve the account and transactions/balances for that account.

NameParentTitle
banking.manageownerBanking manage
banking.channels.allAll channels
banking.channels.psd2banking.channels.allPSD2 services
banking.channels.openbankingbanking.channels.allOpen-banking services
banking.consents.managebanking.manageManage consents
banking.consents.createbanking.consents.manageCreate consents
banking.consents.readbanking.consents.manageRead consents
banking.consents.updatebanking.consents.manageUpdate consents
banking.consents.deletebanking.consents.manageDelete consents
banking.ais.managebanking.manageManage accounts
banking.ais.createbanking.ais.manageCreate accounts
banking.ais.readbanking.ais.manageRead accounts
banking.pis.managebanking.manageManage payments
banking.pis.createbanking.pis.manageCreate payments
banking.pis.readbanking.pis.manageRead payments
banking.pis.authorizebanking.pis.manageAuthorize payments
banking.pis.cancelbanking.pis.manageCancel payments
banking.mandates.managebanking.manageManage Mandates
banking.mandates.writebanking.mandates.manageCreate mandates
banking.mandates.readbanking.mandates.manageRead mandates
banking.mandates.deletebanking.mandates.manageDelete mandates
Previous page
Next page