Legacy Authentication

API - V 2.5

Download Swagger Spec

Introduction

The Legacy Authentication API provides the means to access all other APIs on the Developer Portal. For example, when calling an API to retrieve a list of a customer’s accounts, your request must provide a valid OAuth Token. The Authentication service provides that token.

The service available through the Candescent Developer Experience Portal (DevEx) provides tokens for two different grant types:

Client Credentials

  • Used for trusted server-side applications
  • Sending a request passes a key-and-secret pair assigned to your application
  • Since the token is issued in the context of a Financial Institution (FI) rather than a user, no end-user login is required
  • Response provides the Bearer Token to be used to call other DevEx APIs

Password

  • Best for first-party native applications (such as the FI’s own mobile application)
  • Request is sent with key-and-secret pair plus the customer’s username and password
  • Response provides Bearer Token to be used to call other DevEx APIs

Getting Started

Candescent APIs support Financial Institutions across the globe. They can empower customers and vendors to build valuable Digital Banking experiences for users.It’s important to work with your Candescent account representative to get officially onboarded to the Developer Portal for access to these APIs. Once onboarded you’ll be able to implement your application, access shared and secret keys and begin testing the APIs.

Two unique PrimaryBid Connect API client accounts will be created and granted upon sign-off on all legal and compliance Partnership agreements.

The API client accounts include a set of credential strings (ID and secret) used to authenticate requests to the PrimaryBid Connect API on our Staging and Production environments.

The service available through the Candescent Digital Banking Developer Portal (provides a token for the grant type:

Client Credentials

  • Used for trusted server-side applications
  • Sending a request passes a key-and-secret pair assigned to your application
  • Since the token is issued in the context of a Financial Institution (FI) rather than a user, no end-user login is required
  • Response provides the Bearer Token to be used to call other DevEx APIs

Steps to getting started:

  • Sign up and/or Login in for authentication

    In order to make your first API request, you'llneed to self-register by clicking on the Sign Up button and then clicking on the link in the Welcome email to verify your email address.

  • Review API documentation and request postman collections

    Your Candescent rep will be able to email you the Postman Collection for an API you are interested in. Either reach out directly or add the specific API to your favorites to alert your rep
  • Test APIs in Postman

    In addition to the sample apps, there is also a Test Drive environment available to help you visualize Candescent's APIs. Using the JSON collection and Postman, you will be able to see API requests working in action, as well as view the information required to make them.

    This will also allow you to experience actual API behavior prior beginning your integration.

    For a deeper dive into Postman, view additional reference material at www.postman.com.

Authentication

Authentication proves that you are who you say you are.  Authentication tokens identify a user — the person — that is using the app or site.

You willl need the following items to set up Basic Authentication:

Info Alert
Note
          Visit our guide on authentication to learn more.
  • Developer Experience account
  • Sandbox environment with an organization
  • Shared Key
  • Secret Key

Generating your Secret Key

To authenticate API calls, you need a bearer token or an APIsecret key. A secret key serves as a secure token to authenticate and authorizerequests. Unauthorized use of a secret key could potentially cause a securitybreach. The Secret Key holds the error token used to access real data throughthe API. Visit our guide on authentication to learn more.

Before you begin, you will require a unique client_id and client_secret for your app. Notify your Implementation Manager or PossibleNOW Support at support@possiblenow.com requesting an OAuth client_id and client_secret.

Include your MyPreferences Client ID and the environment (Staging (Sandbox )/ Production) for which you want to generate the credentials in your request.

These credentials must be treated securely.

    Use Cases & Examples

    The end user wants to get the list of accounts from the bill pay system, or the user wants to get a specific account from the bill pay system.The user in this case is the customer of financial institution (FI).

    Gets the accounts for the given institution customer

    • Get list of accounts GET /db-accounts/v1/accounts
    • Request -> Query Parameters:
      hostUserId: The specific identifier for that customer
    • Headers:
      Authorization: The bearer access token from the Authentication API
      TransactionId: A UUID string used as unique identifier for this token request

    Get the specified account for the given user

      • Get the accounts GET /db-accounts/v1/accounts/{accountId}
      • Request:
        Headers:
        Authorization: The access token from the Authentication APITransactionId: A UUID string used as unique identifier for this token request
        close

        Sign in now!

        Please sign up or sign in to add to watchlist

        Sign in

        Don’t have an account? 

        Sign up
        close

        Added to watchlist!

        Your interest has been noted. An NCR Voyix Rep
        will contact you with further details soon.