Use Cases

  • Creates the bearer token for authorization

    • Get Token (Client credentials, password grant, refresh access token, authorization code grant)

      POST /digitalbanking/oauth2/v1/token

      Request:

      • Headers:

        • Authorization: Standard HTTP Basic Authentication based on the ‘consumer key’ and ‘consumer secret’ provided during the application registration process. A string composed of ‘Basic’+ ‘(space)’ + ‘base64encode(consumer_key + “:” + consumer_secret)’; example ‘Basic ODU4S0pRczVXwGdMRkhUUUhtSGhNdTRYHlpRa3N1ZGY6STA0UThtMFJZZEF1dUlwY’
        • Content-Type: application/x-www-form-urlencoded
        • TransactionId: A UUID string used as unique identifier for this token request
        • InstitutionId: Unique identifier for the FI
      • Body:

        • grant_type: Essentially defines what type of token to be generated (client_credentials, password, refresh_token).
        • scopes : They are needed to access certain APIs. E.g.: For accessing accounts API, scope accounts:read is needed.
        • username: If the grant_type is password, then username is required, otherwise it is not needed.
        • password: If the grant_type is password, the only password is required

  • Creates legacy token for authorization

    • Create Token (Client credentials, password grant, refresh access token, authorization code grant)

      POST /digitalbanking/v1/oauth/token

      Request:

      • Headers:

        • Authorization: Standard HTTP Basic Authentication based on the ‘consumer key’ and ‘consumer secret’ provided during the application registration process. A string composed of ‘Basic’+ ‘(space)’ + ‘base64encode(consumer_key + “:” + consumer_secret)’; example ‘Basic ODU4S0pRczVXwGdMRkhUUUhtSGhNdTRYHlpRa3N1ZGY6STA0UThtMFJZZEF1dUlwY’
        • Content-Type: application/x-www-form-urlencoded
        • di_tid: A UUID string used as unique identifier for this token request
        • di_fiid: Unique identifier for the FI
        • offering_id: Uniquely identifies the name of the client app making the request
      • Body:

        • grant_type: essentially defines what type of token to be generated (client_credentials, password, refresh_token). In this case, it will be client_credentials only.

Example Code


Here’s an excerpt from the authentication service:

  • Creates the bearer token for authorization

Sample Response:

{
    "access_token": "SA8m28eBKdCz6anuDzvADEr8qO0i",
    "expires_in": "86399",
    "refresh_token": "t3DI6jyojop9zKAnLCaVW2yHfGWWDDp9",
    "refresh_token_expires_in": "86399",
    "token_type": "Bearer"
}

Creates legacy token for authorization

Sample Response:

<?xml version="1.0" encoding="UTF-8"?>
<token>
    <di_fiid>11111</di_fiid>
    <access_token>h2OxuFCNlxjrmvuyAv0ANBV3mnAR</access_token>
    <expires_in>2591999</expires_in>
</token>
close

Sign in now!

Please sign up or sign in to add to watchlist

Sign in

Don’t have an account? 

Sign up
close

Added to watchlist!

Your interest has been noted. An NCR Voyix Rep
will contact you with further details soon.