# Authorization

Accountholder authorizing scope requests on AP channel<br>

![](https://2731199641-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTz8sqbLAbcVcLFekmZd9%2Fuploads%2FfCNj9By8Yo8KNQSw7LO6%2Fimage.png?alt=media\&token=879b1ee3-886d-437b-ba1e-befbc6f3d099)

\
Consumer Experience Checklist

| SN | Category          | Requirement                                                                                                                                                                                                             | Required           |   |
| -- | ----------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | - |
| 1  | Design            | <ul><li>Design mockup of application flows.<br></li><li>Confirm through sampling and surveys that users resonate with OBN design principles: simple, transparent, consistent experience, and user in control.</li></ul> | <p><br><br>TPP</p> |   |
| 2  | Consent Framework | <ul><li>Ensure users have at least two (2) non-primary self-service channels for revoking consent<br></li><li>Ensure that application interfaces allow users to manage TPP permissions (authorization)</li></ul>        | <p><br>AP, TPP</p> |   |
| 3  | Registration      | <ul><li>Implement registration data-stores and audit trails<br></li><li>Ensure policies for required retention are implemented</li></ul>                                                                                | TPP                |   |
| 4  | Authentication    | <ul><li>Agree on authentication methods supported considering user experience, level of users' sophistication, available technologies.<br></li><li>Implement supported authentication flows</li></ul>                   | AP, TPP            |   |
| 5  | Authorization     | <ul><li>Ensure users have recommended access channels for managing permissions<br></li><li>Design permission prompts and management screens according to consent framework and user experience guidelines</li></ul>     | <p><br>AP, TPP</p> |   |

\
\
\ <br>