Authorisation Domains and Role Concept

authorisation domain an authorisation domain is highest level of authorisation categorisation available in the platform and an ecosystem must have at least one authorisation domain and as many as is necessary to accurately model an authorisation domain , is a free text string it is recommended that an authorisation domain not include a region or country identifier these attributes should be conveyed by the i ssuing authorities country of registration or a domain role authorisation which can be used to assign a domain role to a specific geographic boundary examples authorisation domain description psd2 the second payments service directive authorisation domain open insurance open insuranace retail banking commercial banking private banking open energy authorisation domain roles an authorisation domain role is an string associated to an authorisation domain which an authorisation domain , is a free text string it is recommended that an authorisation domain roles do not include a region or country identifier these attributes should be conveyed by the issuing authorities country of registration or a domain role authorisation which can be used to assign a domain role to a specific geographic area examples authorisation domain authorisation domain role description psd2 pisp payment initiation service provider psd2 aisp account information service provider open banking dados data provider or data consumer retail banking data provider commercial banking data receiver authorisation domain roles metadata ecosystem administrators can associate specific authorisation roles to application technical authorisations for example, an ecosystem administrator may define the authorisation domain of ' openbanking ' and authorisation domain role of ' pisp ' this role can then be associated with the technical oauth scopes of ' openid ' and ' payments ' and oauth grant of ' authorisation code ' examples authorisation domain authorisation domain role technical metadata type technical metadata value psd2 pisp scope openid payments psd2 pisp grant type authorisation code open banking dados response type code id token retail banking data provider scope make\ payments commercial banking data receiver grant type authorisation code