Integrate the bank adapter with the issuer switch
This page explains how you can develop and deploy the bank adapter and integrate it with the issuer switch. The bank adapter is a service that you set up to provide an API endpoint for the issuer switch to communicate with the bank's core banking services.
The bank adapter server that the bank builds must implement the API contract defined and published as part of the Payment Gateway issuer switch service. For details about the bank adapter API specifications, see Bank adapter APIs.
When you build your bank adapter service, note that:
- You can expose the bank adapter endpoint over either gRPC or REST.
- If you want to expose the bank adapter endpoint over gRPC, the proto files for the bank adapter specification are published and available on GitHub.
- If you want to expose the bank adapter endpoint over REST, you can take the proto files from GitHub and use any open-source proto-to-OAS tool to generate the open-API specification. A Postman collection for testing the endpoint is published also available on GitHub.
- The bank adapter specification specifies the request and response formats, along with the error codes that you can use for various scenarios.
Ensure that your bank adapter implementation adheres to the specifications in terms of methods, resource URLs, HTTP methods, and request and response parameters and payloads.
You can host the bank adapter in any of the following ways:
- As a service in a Google Cloud project.
- On-premises in your bank's data center, with an endpoint that can be used by the issuer switch to invoke the bank adapter.
- Somewhere else, with a publicly accessible endpoint.
Here's a high-level overview of how the bank adapter enables communication between the issuer switch and the bank's backend systems:
- All calls to the bank's backend systems originate from the issuer switch.
- A Private Service Connect (PSC) connects the issuer switch virtual private cloud (VPC) to the bank adapter VPC.
- The issuer switch uses the PSC endpoint to make calls to the bank's backend systems.
If the bank adapter is hosted in the bank's data centre, the network connectivity from Google Cloud to the bank's data centre is over a private leased line network.
- In your Google Cloud project, set up an L7 internal load balancer (ILB) with a Hybrid NEG backend to route traffic over the leased line.
- Create a service attachment for this L7 ILB to accept a private service connection only from the tenant project associated with the consumer project.
If the bank adapter is hosted in your Google Cloud project, you don't need a private leased line network to connect to the bank's backend systems.
- In your Google Cloud project, set up an L4 ILB to route traffic to the bank's backend systems.
- Create a service attachment for this L4 ILB to accept a private service connection only from the tenant project associated with the consumer project.
If the bank adapter is hosted somewhere else with an endpoint that is publicly accessible, then the issuer switch can directly make https calls to it. No additional network configuration is needed.