2. 2
Key Indicators of Growth in API Economy
Source: ProgrammableWeb (https://www.programmableweb.com/news/financial-apis-continue-to-see-big-growth/research/2020/08/26),
Postman (https://blog.postman.com/api-growth-rate/)
3. 3
API Ecosystem is Multi-Layered and Specialized
API Client
API Client
API Client
API Client
API Provider
API Provider
API Provider
API
API
API
Backend
Provider
Backend
Provider
API
API
4. Authlete is Specialized to “API Authorization”
API Provider
API Client
4
API Provider
API Client
API Provider
API Client
Backend
Provider
API
API
API
Backend
Provider
API
API
API Client
API
5. 5
• It is how End Users
grant what access
of API Providers to
which API Clients
• OAuth 2.0 is the
industry standard
What is API Authorization?
End User
API Provider
API Client
API Request Using
“Access Token”
User Authentication
& Access Grant
Starting Authorization
Process
6. DPoP
6
• ”There’re a lot of (complicated) standards for that!”
Implementing API Authorization is not Easy
‘12 ‘13 ‘14 ‘15 ‘16 ‘17 ‘18 ‘19 ’20+
RFC6750
RFC6749 RFC7636
RFC6819 Security BCP
OIDCDiscovery RFC7592
RFC8414
OIDC Core
Session Mgmt
RFC8252
FAPI1
FAPI2
JARM
CIBA
RFC8628
RAR
PAR
IDA
RFC7009 RFC7662
Multiple Response
Type Enc. Practice
Form Post
Response Mode
RFC7523
RFC7591
RFC8707
FAPI-CIBA
RFC8705
7. 7
Offloading API Authorization to Authlete
Mobile Apps
& Websites
Fintechs
Partners
OAuth 2.0 &
OpenID Connect
Protocol
Operations
Access Token
Life Cycle
Management
API Authorization
& ID Federation
Open Financial
APIs
KYC Information
Sharing Identity
Assurance
Financial-
grade API
OAuth 2.0
& OpenID
Connect
API Providers
Providing the Latest Industry-standard APIs No Vendor Lock-in for Designing UX
Offloading the Hardest Part of OAuth 2.0 & OpenID Connect Deployment
8. 8
Proven by Customers and Awards
Financial
PersonalData
Integration Partners
HR Entertainment
Healthcare
Rakuten Bank
Awards
Education
Media
9. 9
• Seven Bank
– Background and challenges
• They needed advanced API
authorization capabilities for new
open banking APIs
– Solution and Benefit
• They integrated Authlete with their
Azure-based service in just 3 months
• Authlete has brought flexibility to
adopt Financial-grade API in future
Authlete Enables Open Banking APIs
https://www.isid.co.jp/news/release/2018/0919.html
Azure PaaS
API Management
Web Apps Jobs
Push
Notification
Hub
App Services
HTTPS/JSON
Online
Banking
System
Ledger
System
Other Banks
SOAP/SFTP
on cloud
10. 10
About Us
Name Authlete, Inc.
Location FINOLAB, Otemachi Bldg 4F, Otemachi 16-1 Chiyoda-ku, Tokyo 100-0004 Japan
Representative Takahiko Kawasaki, Representative Director / Co-Founder
Business Activities Planning, development and operation of Authlete BaaS (Backend as a Service)
Consulting service related to Authlete BaaS
Capital 223 Million Japanese Yen
Date Founded September 18, 2015
Tokyo Office UK Office