Skip to content
GitHub

Open Payments

Rafiki follows the Open Payments standard to enable third-party clients to securely retrieve account information and initiate payments from your customers’ accounts with their consent. The standard describes a uniform way to create and manage grants and resources for incoming payments, quotes, and outgoing payments.

Example use case - retrieve account information

Some of your customers use a third-party application that allows them to create budgets and monitor their spending. The application can call the Open Payments APIs, enabling it to communicate with any account servicing entity that implements the Open Payments standard. When your customers give the app permission to retrieve their transaction history, the app communicates with your Rafiki instance via the Open Payments APIs to obtain grants from your authorization server and transaction history from your resource server.

Further reading

We strongly encourage you to familiarize yourself with the Open Payments standard. Extensive documentation can be found on the Open Payments website. We recommend you start by reviewing all the pages within the Intro to Open Payments section. Here are a few links to get you started.

Rafiki’s backend service

Rafiki’s backend service is the main service for handling business logic and external communication. The service is responsible for, among other things, exposing the endpoints of the Open Payments APIs for clients to perform account management tasks. Every request and response is validated against the Open Payments specification.

Rafiki’s auth service

Rafiki’s auth service is a reference implementation of an opinionated Open Payments authorization server. The authorization server is responsible for delegating authorization (via grants) to clients to use the Open Payments APIs, resolving clients’ public keys to authenticate and authorize incoming requests, and creating payments and quotes on the backend. Open Payments leverages the Grant Negotiation and Authorization Protocol (GNAP) for delegating authorization. You can learn more about the protocol by reviewing its specification.