!!! Overview
[{$pagename}] is a [draft|Draft Standard] by the [OpenID Foundation] as part of the [Financial API]


[{$pagename}] specifies a profile of [OAuth 2.0] [Grant Type] that is suitable to be used in write access to [Financial Data] (also known as [transaction] access) and other similar higher risk access. This document specifies the controls against [attacks] such as: 
* authorization request tampering
* authorization response tampering including code injection
* [state] injection, 
* token request [phishing]. 
Additional details are available in the security considerations section.

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Financial-grade API - Part 2: Read and Write API Security Profile|https://openid.net/specs/openid-financial-api-part-2.html|target='_blank'] - based on information obtained 2019-09-03