RAR vs. PAR

[michschl]

Check wether or not RAR is needed or if the Swiss standard should only allow PAR

[michschl]

Started on 23.06.24 with documentation research.

[michschl]

• [x] Documentation research
• [ ] Attach relevant documents to wiki pages
• [ ] Document decision

[mibrand]

For the regular consent flow RAR should not be allowed. Instead it should be used only in those cases where fine-granular authorization is required, e.g. authorization of a payment or a trade. The business API owner shall decide in which cases RAR shall or may be used.