Compatible Standards
Clients integrating to the Interac Hub for identity verification follow a simple API that conforms with the OAuth 2.0 authorization code flow with OIDC 1.0 extensions based on industry best practices defined in OpenID Connect iGov Profile and Financial API Profile.
Key standards include:
- RFC 6749: The OAuth 2.0 Authorization Framework
- RFC 9101: The OAuth 2.0 Authorization Framework: JWT-Secured Authorization Request (JAR)
- RFC 9126: OAuth 2.0 Pushed Authorization Requests
- OpenID Connect Core 1.0
- OpenID Connect Dynamic Client Registration 1.0
- OpenID Connect Discovery 1.0
Supporting features:
- JSON Web Tokens
- Signed Request Objects per the JWT-Secured Authorization Request
- Proof Key for Code Exchange (PKCE) extension to OAuth 2.0
No prior knowledge of these standards is required, as the Hub API is a simple HTTP API. However, for those knowledgeable about these standards, a listing of them are available below.
Updated about 1 year ago