d11wtq
commented
3 years ago Hi @drnic! OAuth is on the cards but at this point we can't give a firm timeframe on when it will be implemented. It will almost certainly be before any other Australian bank offers it outside of the CDR (Open Banking) though. We're using this period as an opportunity to better understand the potential use cases, take feedback and have the breathing space to innovate without being slowed down by the complexities of managing third-party access too early. The current phase is really a beta for enthusiasts to prove out the high level design of the API before we move into the next phase (being third party access).
In parallel with running this beta phase of our public API we are also working heavily on implementing the CDR (Open Banking), though obviously the audience for that and the style of the API is considerably different.
Currently users of an application must provide their singular private personal token to allow admin access to their account.
Is there a timeline for oauth2 to provide more granular permissions for granting 3rd party apps accsss to user's API data?