Skip to content

Register a FAPI-compliant application

Financial-Grade API (FAPI) specification is an extension to the OAuth and OIDC frameworks that defines additional technical requirements to enhance API security. This guide explains how you can create a FAPI-compliant application in Asgardeo.

Create a FAPI-compliant application

Follow the guides below to create a FAPI-compliant application either using the Console or using Dynamic Client Registration (DCR).

Use the Console

If you wish to register your application manually using the Console, follow the steps below to make it FAPI-compliant.

  1. On the Asgardeo Console, go to Applications.

  2. Click New Application and select Standard-Based Application.

  3. Provide an application name.

  4. Select OAuth2.0 OpenID Connect as the protocol and select FAPI Compliant Application.

    Note

    When an application is made FAPI-compliant, Asgardeo restricts several configurations to only allow FAPI-compliant options.

    Register a standard-based application

  5. Click Register to complete the registration.

  6. Enable the application when it is ready for users to log in.

Use Dynamic Client Registration (DCR)

If you have applications that need to dynamically register with Asgardeo during runtime, follow the steps below to make them FAPI-compliant.

  1. Configure DCR properties in Asgardeo. To do so,

    1. On the Asgardeo Console, go to Applications.

    2. Click the gear icon at the top to open Dynamic Client Registration settings.

    3. Configure the following properties:

      DCR settings

      • Require Authentication is enabled by default. You may deselect the option to not require authentication to create an application with DCR.
      • Select Mandate SSA Validation to require a valid Software Statement Assertion (SSA) during creation. Provide the necessary JWKS to validate the SSA. If authentication is not required by the endpoint, this is made mandatory.
      • Select Enforce FAPI Conformance to make the created application FAPI compliant.
    4. Click Update to save the changes.

  2. Refer to the Dynamic Client Registration (DCR) API documentation to learn how to register an application with DCR.

What's next?

Refer to the Financial-grade API documentation to learn about the FAPI-compliant configurations available in Asgardeo and how to configure them.