Sandbox Data Holder
What Data Holders can be discovered within the CDR Sandbox ecosystem?
The CDR Sandbox contains two mock Data Holders created and managed by the ACCC. These are known by the Data Holder Brand names Sandbox Data Holder - Banking
and Sandbox Data Holder - Energy
. For documentation purposes they are collectively referred to as the Sandbox Data Holders. Data Holders, within the CDR Sandbox, created by Sandbox Participants are referred to as Participant Data Holders. Participant Data Holders will have unique a Data Holder Brand name.
What is the difference between the Sandbox Data Holders and Participant Data Holders within the CDR Sandbox?
The term Sandbox Data Holder is used to group two Data Holder Brands, Sandbox Data Holder - Banking
and Sandbox Data Holder - Energy
, hosted within the CDR Sandbox. These are managed by the ACCC and provided as ready to go test components of the CDR Sandbox. They can be identified in the Sandbox Register and Sandbox Data Recipient by their Data Holder Brand names, Sandbox Data Holder - Banking
and Sandbox Data Holder - Energy
. The Sandbox Data Holders are available for all Sandbox Participants to use. For more information on the underlying architecture and code of the Sandbox Data Holders visit the GitHub Repositories here.
The term Participant Data Holder describes a Data Holder registered within CDR Sandbox by a Sandbox Participant. These are hosted and managed outside of the CDR Sandbox by the Sandbox Participant. Participant Data Holders can only be accessed by Sandbox Participants when the Participant Data Holder has made their URIs available for other Sandbox Participants to discover and connect to. In other words, they can be discovered in the Sandbox Register and have APIs available to facilitate Dynamic Client Registration and data sharing.
What APIs are supported by the Sandbox Data Holder - Banking and the Sandbox Data Holder - Energy?
The Sandbox Data Holder - Banking supports all APIs that are required to initiate data sharing. These are the APIs that provide Dynamic Client Registration and Consents and Authorisations. Once data sharing is established the Sandbox Data Holders provide a subset of resource APIs that provide mock customer data. The Sandbox Data Holders provide just enough resource APIs to demonstrate retrieving data for a consented customer and demonstrating Id permanence eg using the Account Id
returned from Get Accounts
to construct a request for Get Transactions
that requires an Account Id
.
The Sandbox Data Holder - Banking
provides these resource APIs:
Get Customer
Get Accounts
Get Transactions
For more information on the underlying architecture and code of the Sandbox Data Holder - Banking visit the GitHub Repository here
The Sandbox Data Holder - Energy
provides these resource APIs:
Get Customer
Get Accounts
Get Concessions
For more information on the underlying architecture and code of the Sandbox Data Holder - Banking visit the GitHub Repository here
What Data and Test Accounts are available in the Sandbox Data Holder - Banking and Sandbox Data Holder - Energy?
Both of the Sandbox Data Holders include mock customers and mock data belonging to those customers. Both of Sandbox Data Holders contain a consents page that will display available mock customer accounts and one time passwords.
Sandbox Data Recipient
Where do the Data Holders displayed within the Sandbox Data Recipient come from?
The Sandbox Data Recipient has been setup to simulate how an Accredited Data Recipient would interact within the CDR Ecosystem. The Sandbox Data Recipient will periodically call the Sandbox Register’s Get Data Holder Brands
API. Any new or updated Data Holder Brands will be added to the Sandbox Data Recipient's database. The available Data Holder Brands in the Sandbox Register are a combination of all Data Holder Brands created by Sandbox participants and two Data Holder Brands created by ACCC.
For each Data Holder Brand that the Sandbox Data Recipient has discovered, the Sandbox Data Recipient will attempt to call the Register
API of that Data Holder Brand.
If Dynamic Client Registration is successful, then a record will be visible in the Sandbox Data Recipient's Dynamic Client Registrations screen with the status DCR Complete
and data sharing will now be possible.
If Dynamic Client Registration is unsuccessful then a record will be visible in the Sandbox Data Recipient's Dynamic Client Registrations screen with the status DCR Failed
and data sharing will not be possible.
The Sandbox Data Recipient's Dynamic Client Registrations screen displays the same data for all Sandbox Participants using the CDR Sandbox. The Dynamic Client Registration status is stored within the Sandbox Data Recipient.
How the Sandbox Data Recipients background functions operate and the code behind the Dynamic Client Registrations screen can be seen here
What is the Consent Sharing Duration used for in the Sandbox Data Recipient?
The Sharing Duration is the maximum amount of time that a created consent will be valid. After the Sharing Duration has ended, the consent will no longer be valid. Any access tokens or refresh tokens created for the consent will no longer be accepted. The maximum value for the sharing duration in seconds is 31536000 (one year). To see how the sharing duration is used by the Sandbox Data Recipient view the ConsentController.cs
here