Impact Summary
- Rapid Ecosystem Growth: Launched a full-scale developer portal to accelerate third-party fintech onboarding.
- Robust Security Framework: Implemented a centralized Identity and Access Management solution using RedHat SSO.
- Standardized Compliance: Achieved 100% alignment with JoPAAC Open Banking standards.
- Architectural Agility: Decoupled digital brand services from legacy systems using an API-led middleware layer.
- Scalable Infrastructure: Supported horizontal scalability to manage high-volume transaction peaks.
Client Overview
A premier financial group and leading investment bank in the Middle East, managing over JOD 8.6 billion in assets. They provide comprehensive commercial and investment banking services across Jordan, Iraq, and the UAE.
Regulatory mandates around Open Banking required the financial institution to securely expose core banking capabilities through standardized APIs. While the bank held a dominant market position, compliance with these regulations was essential to ensure that emerging third-party applications and fintech innovators could continue to serve the bank’s customers within the expanding API economy. Consequently, we partnered with their digital subsidiary to architect a modern Open Banking foundation. By leveraging MuleSoft and Salesforce, we built a sophisticated developer ecosystem that bridges the gap between core banking functions and external innovation. The bank now operates on a secure, platform-driven architecture that not only meets regulatory requirements but also positions it to participate in the expanding API economy and unlock future monetization opportunities through its API ecosystem
Project Details Table
| Category | Details |
| Sector | Banking & Financial Services |
| Tech Stack | MuleSoft Anypoint Platform, Salesforce, RedHat SSO (Keycloak), Java Springboot |
| Approach | API-Led Connectivity & Open Banking Standard Alignment |
Technical Challenges in Open Banking Architecture
- Compliance with Emerging Standards: The bank needed to implement Open Banking functionalities that strictly adhered to JoPAAC standards. This required a balance between open accessibility for developers and the rigorous security protocols required by central regulators.
- Identity and Access Complexity: Integrating a seamless yet secure login experience across various third-party applications presented a significant hurdle. The bank required a customized solution that could handle complex authentication flows without compromising the user experience.
- Legacy System Exposure: Directly connecting digital channels to the core banking system posed stability risks. The architecture needed to shield the system of record from external traffic while providing real-time data access.
The Solution: API-Driven Financial Ecosystem
- Anypoint Experience Hub Integration: We designed a professional-grade developer portal using Anypoint Experience Hub with a Salesforce backend. This created a single interface where fintech partners can discover, test, and consume banking APIs in a self-service model.
- Customized IAM Architecture: To ensure secure data exchange, our team developed a bespoke Identity and Access Management solution using Java Spring Boot integrated with RedHat SSO (Keycloak). The solution leveraged user federation with the bank’s existing IAM system, enabling secure authentication for bank customers while preserving their existing identity infrastructure. This architecture provided robust OAuth2 authorization and mutual TLS security for every transaction, ensuring compliant and highly secure access to Open Banking APIs.
- Domain-Driven API Design: We created a suite of middleware mulesoft API services organized by business domains such as Customer Management, Account Services, and Payments. These services translate complex core banking logic into simplified, reusable APIs.
Business Results of the Digital Platform
- Accelerated Digital Transformation: By standardizing how APIs are built and consumed, the bank reduced the time-to-market for new digital features significantly. The middleware now acts as a reusable asset library rather than a series of point-to-point connections.
- Enhanced Security and Trust: The implementation of a centralized SSO ensures that every external interaction is audited and authorized. This has reduced the operational risk associated with opening banking data to third-party providers.
- Operational Efficiency: The introduction of reusable middleware services eliminated technical duplication. This allowed the bank to onboard new channels and partners without increasing the workload on core banking teams.
Looking Ahead: Scaling the Fintech Ecosystem
As the Open Banking landscape matures, the bank is positioned to explore AI-driven financial insights and personalized banking experiences. This scalable foundation ensures they can integrate with global fintech aggregators and evolve into a true regional financial hub.