Authorize is our implementation of the OAuth 2.0 framework. It enables secure authorization using standard methods that can easily be integrated in your app. PCF EMEA - AUTH-O-PartyAuth-Partner-DGL-EM

End to end encryption of sensitive data like passwords and OTP is a security mandate in some countries. The /security resource allows you to exchange keys which are used for encryption and decryption. Key exchange methods differ depending on whether you already have a registered key or whether you need Citi to send you a key which can be used for encryption. You will receive eventID in the API response header, which should be used to encrypt the sensitive data. All encrypted data sent to Citi will give you an additional eventID in response header, this new eventID should be used for further encryptions.

This API is used to check the In Priniciple Approval eligiblity for the Customer.

API Category description

E2E Key Submission This API is used by Native applications to set the session level key. Key is generated on the device and sent to this API encrypted with the Public key embedded inside the application. Returns the encrypted eventID and in the header