JoPACC Rafiki APIs

Project Overview

The project is about leveraging Jordan Open Banking APIs with Rafiki solution by creating a Rafiki middleware that will handle processing and connect with JoPACC by utilizing JOFS APIs with some enhancements.

​

In this presentation, we will explain the APIs and basic flows.

Create OTP (payment plan)

• Single
• Recurring
• Web Monetization

Verify OTP

Block

Initiate

Release

Resolve

Resolve API

• The resolve API generally distinguishes an account for a specific person using their address (ALIAS).

​

Resolve API

• The Ecommerce Platform will provide the customer's wallet address to Rafiki.
• Rafiki can have the customer wallet address pre-saved if previously resolved.
• If not, Rafiki will notify Rafiki Middleware to resolve the address by sending a POST request using the Resolve API by JoPACC API GW to get the Resolve Details about the customer using the ALIAS and the ProxyService.
• JoPACC API GW Resolve API will process the request and find the Financial Institution associated with the ALIAS using the pointer.
• JoPACC API GW will forward the request to the specified FI.
• FI will resolve the ALIAS and send JoPACC the resolved ALIAS details.
• JoPACC will send the response to Rafiki Middleware containing the received data from the FI.
• Rafiki Middleware will store the required data in Rafiki.

Route: /Papc/resolve

Method: POST

Payment Plans APIs (OTP)�

There are 3 types of payment plans:�

1. Single
2. Recurring (subscription)
3. Web Monetization

​

Each payment plan is designed for a specific scenario.

​

• The Single payment type has 1 block with 1 payment only.
• The Recurring payment type has multiple blocks with multiple payments.
• The Web monetization payment type has 1 block with multiple payments.

​

When creating a payment plan (OTP), the plan is registered with its details but not yet verified. Upon verifying the OTP, an automatic block will occur with an amount depending on the plan details.

• These are considered as the Authorization APIs.
• These APIs include granting access by requesting an OTP and verifying it.

• The customer will try to checkout on the Ecommerce store.
• The Ecommerce store will request a grant on behalf of the customer to Rafiki.
• Rafiki will redirect the request to the IDP where it will check the creditor details and will Initiate the OTP request (payment plan) to Rafiki Middleware.
• Rafiki Middleware will send a POST request to JoPACC API GW on the OTP service.
• The request should include the payment details depending on its type.
• JoPACC will forward the request to the right FI.
• The FI will send a response to JoPACC GW which will also be forwarded back to Rafiki Middleware and should include the payment plan that was created.
• Also the FI will send an OTP challenge to the customer at the same time.

​

Route: /OTP

Method: POST

Create Payment Plan API (OTP)

Verify OTP API

Route: /OTP/{paymentPlanId}/verify

Method: POST

• The customer will submit the OTP code received from the FI on the IDP.
• The IDP will send the Verify OTP challenge on Rafiki Middleware.
• Rafiki Middleware will send the verification details to JoPACC API GW on the OTP service using the paymentPlanId.
• JoPACC GW will forward the request to the FI.
• If the challenge is correct, the FI will block a payment automatically and respond to the request with the verification details and a blockId referring to the blocked payment.
• JoPACC GW will forward the response to Rafiki Middleware.
• Rafiki Middleware will make the request to accept the grant to Rafiki.
• The Middleware will forward the response to the IDP.
• The IDP will notify Rafiki that the interaction is finished.
• Rafiki will redirect the customer back to the Ecommerce store.

Verify OTP API

Route: /OTP/{paymentPlanId}/verify

Method: POST

Payments APIs

• Block
• Initiate
• Release

​

These APIs will block, initiate, and release a payment for a payment plan.

Each of these actions has specific requirements according to specific scenarios depending on the payment plan type associated with it.

The Block API will only be used when a payment plan type is Recurring.�

• A block payment will be requested after a payment plan is created and verified.
• The Ecommerce will create a payment request to Rafiki when a new block is requested.
• Rafiki will notify Rafiki Middleware about this request.
• Rafiki Middleware will send a POST request to JoPACC API GW on the payments service to block a payment on a specific verified payment plan.
• JoPACC GW will forward the request to the right FI.
• The FI will process the request; if it is a successful request, then a certain amount will be blocked depending on the payment plan.
• The FI will send the response to JoPACC GW, which will, in return, forward the response to Rafiki Middleware containing the details along with a blockId referring to the blocked payment.

Route: /PIS/block

Method: POST

Block API

• Once the payment is completed in Rafiki, it will notify Rafiki Middleware about the completion.
• Rafiki Middleware will send a POST request to JoPACC API GW on the payments service, requesting to initiate the payment.
• JoPACC GW will forward the request to the right FI.
• The FI will process the request, and send a response to JoPACC GW which will be forwarded back to Rafiki Middleware with a status of Technically Accepted and a MSG Id.
• After the completion of the payment request, JoPACC GW will send a webhook to Rafiki Middleware mentioning that the Payment is Completed.

Route: /PIS/initiation

Method: POST

Initiate API

• The Customer can request the Ecommerce to release a payment plan (unsubscribe).
• The Ecommerce sends this request to Rafiki.
• Rafiki will notify Rafiki Middleware about this request.
• Rafiki Middleware will send a DELETE request to JoPACC API GW on the payments service stating that a release payment plan is requested.
• JoPACC API GW will forward the request to the right FI.
• If all the boxes check, the FI will send a response to JoPACC GW which will forward the request to Rafiki Middleware containing the status of the request.

​

• The customer can also request a release payment from the FI directly.
• If all the boxes check as well, the FI will notify Rafiki Middleware through JoPACC API GW about the release along with the paymentPlanId for to recognize which plan it is.

Route: /PIS/release/{paymentPlanId}

Method: POST

Release API

Future Development

THANK YOU