Glossary

Access Token

The definition of this term is taken from RFC 6749 as credentials to access protected resources in the form of a string representing an authorization issued to the client.

On FusionFabric.cloud the access tokens are issued by the Authorization Server in the JSON Web Token format.

The tokens expire after a duration that ranges from one hour to five minutes, depending on the type of the tenant - development, UAT, or production.

For more information, see:

• B2B Authorization
• B2C/B2E Authorization

API

To the largest extent, an Application Program Interface (API) is a set of definitions and communication protocols that facilitates the communication between different components of a system.

On FusionFabric.cloud, the term refers to open APIs that use HTTP as the communication protocol and comply to the REST architectural constraints. FusionFabric.cloud APIs adhere to the OpenAPI Specification, versions 2.0 and 3.0.x.

FusionFabric.cloud APIs are implemented as collections of REST endpoints, available through HTTP calls, that map to data resources maintained by banks or other financial institutions, and also by Finastra.

For a selection of APIs, a messaging service is enabled that allows you to subscribe to push-notifications when you register them to an application.

During the development, you have access to APIs hosted on Sandbox, a development tenant maintained by Finastra, where the APIs are backed by live core systems to give you the interaction with real environments.

For more information, see API Models.

API Call

The authorized request of a resource that is exposed by an API.

API Channel

In API Catalog, the APIs and SPIs are organized in channels that correspond to the type of transaction an API is addressing to. The supported channels are B2B, B2C, B2E, Service and Platform.

For more information see API Channel.

App (Client Application)

The software application that you develop, manage and own by yourself. It has the same meaning as the term client, defined in RFC 6749 as an application making protected resource requests on behalf of the resource owner and with its authorization. The resources are available through a FusionCreator application.

Authentication

The verification of a user identity.

On FusionFabric.cloud, the user authentication is performed by the Authorization Server through an OIDC identity layer.

Authorization

The term is defined in RFC 6749 as limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.

On FusionFabric.cloud the authorization process is orchestrated by the FusionCreator Authorization Server through one of the following OAuth2 flows: Client Credentials Grant flow and Authorization Code Grant flow.

Category

In the FusionCreator catalogs, the APIs, SPIs, and Datasets are organized in categories according to the five largest segments of the financial industry and map to Finastra solutions. Next level - sub-categories, lead to specific functional capabilities.

For more information, see API Catalog.

Core System

A Finastra product, deployed on the premises of a financial institution, or maintained by Finastra in the cloud, that stores the resources exposed through the APIs.

In extenso, any system owned by a financial institution, that is ready to expose its functionality through open APIs.

For more information, see FusionCreator Offer.

Dataset

Using a dataset in your application allows you to access the large data a Financial Institution shares through Azure Data Share.

For more information, see Datasets.

Developer

The developer of a client application that consumes APIs from FusionFabric.cloud. Developers are FusionCreator users.

For more information, see User Entitlements.

Endpoint

The indication about how you access a resource. As all the interactions with an API are performed through HTTP, the endpoints are URLs that you use to issue HTTP requests for that specific resource.

For more information, see Make a Call with Postman.

FusionCreator Application

The custom collection of APIs, SPIs and/or Datasets that you register through the Application Wizard on FusionCreator.

An application is uniquely identified by an ID and it follows a lifecycle that is related to the platform multitenancy. Find out more about this from Application Lifecycle and Multitenancy.

For each of the applications that you register, you generate client secrets that allow you to make authorized calls to the APIs.

Do not confuse it with app (client application).

Reply URL

A reply URL, as defined in RFC 6479 is the endpoint that your client application is redirected to, after it was successfully authorized by the FusionCreator Authorization Server.

For more information, see Authorization Code Grant Flow.

Resource

The information asset that is transferred over HTTP during as response to an API call. On FusionFabric.cloud the resources are maintained by banks, other financial institutions, or Finastra. They are made available, after authentication, at dedicated endpoints.

For more information, see Make a Call with Postman.

Solution

FusionFabric.cloud APIs are logically organized in business solutions that enable you to consume related services, such as trade booking, position keeping, middle office risk, regulations and post-trade processing, in Treasury and Capital Markets, or retrieving the status of payment requests and decide whether to pay or reject them, in Payments.

For more information, see Solution Catalog.

SPI

A Service Provider Interface (SPI) is an API that is published on FusionFabric.cloud with the purpose of being implemented by you. In this way, you extend the functionality provided by a core system in an openly manner, as the interface - the contract, is publicly available on FusionCreator.

For more information, see SPI Implementation Workflow.

Secret Value

A variable length character string, uniquely issued by FusionCreator for your application that allows you to authenticate your client application with the Authorization Server, during the authorization process.

For more information, see Secret Key.

User

The end-user of a client application that is consuming FusionFabric.cloud APIs. In the authorization context, the user has the role of the resource owner, if it is a person, as defined in RFC 6749.

Tag

In the FusionCreator catalogs, the APIs, SPIs, and Datasets are labeled with tags relevant from the business perspective. The tags may point to (the list is not exhaustive):

• Finastra core systems, such as Fusion Digital or Fusion Cash Management.
• Geographic indications, such as North America, or Excluding North America.
• Business processes, such as Account, Customer, Exchange Rates, or Trade Capture.

For more information, see API Catalog.

Tenant

An isolation layer that allows for data separation between legal entities, such as banks or other financial institution. While the tenants are implemented at the FusionFabric.cloud platform level, the data resides in the institution’s core systems. This data represents the resources that are exposed through the endpoints of the APIs.

There are three types of tenants, corresponding to the stage in the application lifecycle: Development, Test (UAT), and Production.

A special case is Finastra Sandbox - the default development tenant that you get access to work with APIs.

For more information, see Application Lifecycle and Multitenancy.