Banking Images

API - V 2.5

Download Swagger Spec

Introduction

The service uses a v2 authentication token and requires the token to be generated with scopes as images:read in the body.

It’s vital to allow consumers and businesses to access images of paper documents within digital banking. The Banking Images API makes it possible to retrieve a specific scanned document image and a list of available scanned document images. Despite the growing trend of going paperless, checks are still very prominent, especially in B2B.

Deposit slips are still widely used, as merchants and consumers often make physical deposits. Monthly statements are available in physical or digital format. For purposes of security, record-keeping and funds verification, having the ability to access digital versions of documents is paramount.

The Banking Images API enables endusers to:

  • Confirm a physical check, deposit slip or statement in just a few clicks.

Enables a financial institution to:

  • Build trust and enhance customer satisfaction and loyalty by maintaining accurate and easily referenced digital copies of important documents.

Enables developers to:

  • Provide the end user with a quick review of any physical document related to their finances.

What is supported?

While the technical documentation in the API specs section describes the endpoints (or ways to call the API with different parameters to execute different actions), the following provides a simplified list of use cases for the Banking Images API.

Get (retrieve) image list: Data is returned for a set of available images based on query parameters, including:

  • Account: Checking, savings, etc.
  • Type: Check, deposit slip, statement
  • Date range:
            Transaction date: Check, deposit slip
        Statement date: Statement
  • Statement preview (if supported by image vendor)

Get (retrieve) individual image: This will call and retrieve the display of a specific image (e.g., check, deposit slip or statement).

Note: The returned list contains individual image IDs and other information to allow for the retrieval, viewing and printing of individual images. The data could be used to build a UI component for the customer/member, listing available images and providing hyperlinks to select and view images.

Getting Started

Candescent’s APIs support financial institutions worldwide. They can empower financial institutions and their partners to build valuable digital banking experiences.

It’s important to work with your Candescent representative to get officially onboarded to DevX for access to these APIs. Once onboarded, you’ll be able to implement your application, access shared and secret keys and begin testing the APIs.

After all the legal and compliance partnership agreements are in place, we'll set you up with your Authentication API client account. This will grant you access to a unique secret key that will be your ticket to the authentication API and staging and production environments.

The service available through the Candescent Digital Banking Developer Portal provides a token for the grant type:

Client Credentials

  • Used for trusted server-side applications
  • Sending a request passes a key-and-secret pair assigned to your application
  • Since the token is issued in the context of a Financial Institution (FI) rather than a user, no end-user login is required
  • Response provides the Bearer Token to be used to call other DevEx APIs

Steps to getting started:

  • Sign up and/or Login in for authentication

    To make your first API request, you'll need toself-register by clicking the Sign Up button. Then, click the link in your welcomeemail to verify your emailaddress.

  • Review API documentation and request postman collections

    Your Candescent representative will be able to email you the Postman collection for an API you are interested in. You may reach out directly or add the specific API to your favorites to alert your representative.
  • Test APIs in Postman

    In addition to the sample apps, a test drive environment is available to help you visualize the APIs. Using the JSONcollection and Postman, you’ll be able to see API requests working in action and view the information required to make them.

    This will also allow you to experience actual API behavior prior to beginning your integration. For a deeper dive into Postman, view additional reference material here.

Authentication

Authentication proves that you are who you say you are. Authentication tokens identify a user (the person using the app or site).

You‘ll need the following items to set up basic authentication:

Info Alert
Note
          Visit our guide on authentication to learn more.
  • Developer Experience account
  • Sandbox environment with an organization
  • Shared Key
  • Secret Key

Generating your Secret Key

You’ll need a bearer token or an API security key to authenticate API calls. A secret key serves as a secure token to authenticate and authorize requests. Unauthorized use of a secret key could potentially cause a security breach. Thes ecret key holds the error token used to access real data through the API.

Visit our guide on authentication  to learn more.

Before you begin, you‘ll require a unique client_id and client_secret for your app. Notify your implementation manager or PossibleNOW Support atsupport@possiblenow.com to request an OAuth client_id and client_secret. Include your My Preferences Client ID and the environment (staging (sandbox) or production) for which you want to generate the credentials in your request.

These credentials must be treated securely. 

    Getting Started

    While the technical documentation in the API Specs section describes the endpoints (or ways to call the API with different parameters to execute different actions), the following provides a simplified list of use cases for Authentication:

    The service available through the Candescent Digital Banking Developer Portal (providestokens for two different grant types:

    Client Credentials

    • Used for trusted server-side applications
    • Sending a request passes a key-and-secret pair assigned to your application
    • Since the token is issued in the context of a Financial Institution (FI) rather than a user, no end-user login is required
    • Response provides the Bearer Token to be used to call other DevEx APIs

    Password

    • Best for first-party native applications (such as the FI’s own mobile application)
    • Request is sent with key-and-secret pair plus the customer’s username and password
    • Response provides Bearer Token to be used to call other DevEx APIs
    Info Alert
    Note
    NOTE: As of March 2020, the Authentication Service contains two proxies: one to retrieve the Bearer Token for DevEx V1 APIs and another for DevEx V2 APIs. Please see the last section of this documentation for a list of V1 and V2 APIs currently exposed in the Developer Portal.
    close

    Sign in now!

    Please sign up or sign in to add to watchlist

    Sign in

    Don’t have an account? 

    Sign up
    close

    Added to watchlist!

    Your interest has been noted. An NCR Voyix Rep
    will contact you with further details soon.