Introduction
The "TPP management - User guide" document provides a detailed description and step-by-step instructions for users regarding the operation of the TPP management product, covering the following key functions:
- Digital certificate management
Guidelines
Account registration
Purpose: Users create a new account to access TPP management services.
Steps:
- Access consent management using a web browser on your computer.
- The login screen will appear, allowing users to log in to the system or register a new account.
- Select "REGISTER HERE" if you do not yet have a login account
- Step 1: Enter personal information such as full name, email, phone number, and address to proceed.
- Step 2: Enter the username, password, and re-enter the password to proceed. The password must be at least 8 characters long, including numbers, uppercase and lowercase letters, and special characters. The username must not duplicate previously created accounts.
- Step 3: Enter the 6-digit OTP code sent to the email registered in step 2, then select Continue. Upon successful authentication, click the login button to log in to the system.
Log in
Purpose: To log in to the TPP management system.
Steps:
- Step 1: Enter your registered email and password, then click the Login button
- Step 2: Log in and access to the TPP management system's home page
Home page
Purpose: Overview of the steps to register for onboarding and API testing within the sandbox environment. Displays the most frequently utilized API products and the API performance for the current month.
Open Banking onboarding profile management
Purpose: Enables third-party service providers (TPPs) to register for the utilization of Open Banking APIs. Facilitates the verification of TPP information to commence Open API usage.
Steps:
-
- Click on the "TPP" menu and select the participation registration submenu
-
- If registration has not yet been completed, click on register to proceed
- Step 2: Insert the USB Token to select the organizational digital certificate for business verification (KYB). Click continue to verify the digital certificate
- Step 3: The system displays available digital certificates within the USB Token; select a certificate with a minimum remaining validity of 2 months (showing valid status). Subsequently, click continue to verify the selected digital certificate
- Step 4: The selected digital certificate information screen appears, presenting basic certificate details; a different certificate may be selected here if necessary. Click continue after re-verifying the digital certificate information.
- Step 5: The general information screen for the registering organization is displayed; populate all mandatory fields marked with a red asterisk (*). Do not remove the USB Token during the registration process. Click continue to verify the entered information.
- Step 6: The screen for uploading organization verification documents is displayed
- Select 1 of the 3 document types: business documents, data privacy policy, or service-level agreement
- Only PDF file formats are permitted for upload
- Step 7: The onboarding application signing screen is displayed
- Review the information on the application form
- Click on the signature area to apply the default signature, which corresponds to the login account name
- To modify, click again and select change signature
- Enter the full name to change it, select a signature template, draw the signature directly, or upload a pre-existing signature sample
- Upon completion, click the complete registration button
- Step 8: The screen displays application information, organization details, and attached documents. Registered information may be reviewed here
Contract management
Purpose: Manage contracts following registration and approval
Steps:
- Click on the “CONTRACT MANAGENENET” tab in the left navigation bar
API products
Purpose: Users can access the list, view details, and view the Swagger format and API packages provided by the bank within TPP management.
Steps:
-
- Click on “API products” in the menu
-
- The system displays the list of API products including basic information
- Step 2:
-
- Click on a product record to view details
-
- The system displays detailed product information
-
- Click download the user guide and swagger documentation
- Click view to display API details
- The system displays the Swagger UI and detailed API information
Application management
Purpose: Registering applications and generating API keys (including Client Key and Secret Key) is a critical step for the TPP application to interact with APIs provided by banks. View application details and register APIs for that application.
Steps:
-
- Click on “Application” in the menu
-
- The system displays the list of registered applications along with their status
- Step 2:
- Click the register application button to navigate to the registration screen
- The information verification form for the application displays
- Fill all the mandatory fields marked with a red asterisk *
- Click continue after completion and successful verification of the entered fields
- The system displays the verification information for the applications including ClientID and SecretID
- Click finish to finalize the application set up
- Upon success, the system redirects to the application list page
- Step 3:
- Click on application on the menu
- The system displays the registered applications along with their status
Digital certificate management
Purpose: Enables TPPs to manage digital certificates following registration and upload certificates for both TPPs and banks.
Steps:
-
- Click “DIGITAL CERTIFICATES” on the menu
-
- The system displays the digital certificate list and upload digital certificate tabs
- Register digital certificate tabs:
-
- The system displays the digital certificate list registered along with their status: pending approval, approved
-
- Click the download bank digital certificate button to download the compliant digital certificate template and view the file format
-
- Enter keywords to search for digital certificates in the list and filter by status
-
- Displays the digital certificate registration screen
-
- Fill all the mandatory information marked with a red asterisk *
-
- Click the submit request to complete the verification of the digital certificate form
-
- Upon success, the system redirects to the digital certificate list page
- Upload digital certificate tab:
-
- Displays the list of registered digital certificates along with statuses including: pending approval, approved
-
- Click the download bank digital certificate button to download the compliant digital certificate template and view the file format
-
- The upload digital certificate popup is displayed
-
- Select the type to upload: QWAC – QSEAL
-
- Click on the digital certificate upload area
-
- Select digital certificate files that adhere to the correct format and requirements
-
- Select save after completing selection and upload
-
- Upon success, the uploaded digital certificate record is displayed in the list
Consent management
Purpose: Enables TPPs to monitor consent sessions
Steps:
-
- Click “APPROVE” on the menu
-
- The consent management list is displayed
-
- Enter keywords to search by name, account
-
- Filter by service and status
-
- Click the export excel button to download the list records in Excel format
Statistics
Purpose: Provides statistics and an overview of successful API call volumes, annual API response time statistics, and peak hour user usage overviews
Steps:
-
- Click “Statistics” on the menu
-
- The following charts are displayed:
-
-
- Volume of successful API calls made by third-party providers using the Bank's APIs
-
-
- API response time statistics
-
-
- Overview of peak hour user usage
