We're working on exposing our PSD2 Banking API via Spring OAuth2 to handle 3-legged OAuth flow. Part of our PSD2 approach is that we will present a consent UI where the customer can select which bank accounts are exposed and what type of scope is allowed such as payment, account-info, statement etc.
We want to store the customer consent choices when allowing 3rd parties accessing their account information and/or doing payments on their behalf.
Looking for any reference or recommendation to address this type of consent management requirement by leveraging Spring Security OAuth2. Can anybody suggest any approach to address or any reference implementation similar to this requirement.