Nexent Bank Developer Portal | How to setup the interconnection on the production APIs

The communication between the TPP and the Bank is always secured by using a TLS-connection Mutual authentication using TLS version 1.2.
This TLS-connection is initiated by the TPP.
The TLS-connection has to be established always including client (i.e. TPP) authentication.
For this authentication the TPP has to use a qualified certificate for website authentication (QWAC).
This qualified certificate has to be issued by a qualified trust service provider according to the eIDAS regulation.
The content of the certificate has to be compliant with the requirements of the EBA-RTS.
The certificate of the TPP has to indicate all the roles the TPP is authorised to use.
During the first connection setup, the TPP will be automatically onboarded and registered (enrolled) in the bank database. However, for security purpose, the bank requires the client certificate to be presented within each request.