Use Cases

  • Creates the bearer token for authorization

    • Get Token (Client credentials, password grant, refresh access token, authorization code grant) POST /digitalbanking/oauth2/v1/token

      Request:

      • Headers:
        • Authorization: Standard HTTP Basic Authentication based on the ‘consumer key’ and ‘consumer secret’ provided during the application registration process. A string composed of ‘Basic’+ ‘(space)’ + ‘base64encode(consumer_key + “:” + consumer_secret)’; example ‘Basic ODU4S0pRczVXwGdMRkhUUUhtSGhNdTRYHlpRa3N1ZGY6STA0UThtMFJZZEF1dUlwY’
        • Content-Type: application/x-www-form-urlencoded
        • TransactionId: A UUID string used as unique identifier for this token request
        • InstitutionId: Unique identifier for the FI
      • Body:
        • grant_type: Essentially defines what type of token to be generated (client_credentials, password, refresh_token).
        • scopes : They are needed to access certain APIs. E.g.: For accessing accounts API, scope accounts:read is needed.
        • username: If the grant_type is password, then username is required, otherwise it is not needed.
        • password: If the grant_type is password, the only password is required

  • Creates legacy token for authorization

    • Create Token (Client credentials, password grant, refresh access token, authorization code grant) POST /digitalbanking/v1/oauth/token

      Request:

      • Headers:
        • Authorization: Standard HTTP Basic Authentication based on the ‘consumer key’ and ‘consumer secret’ provided during the application registration process. A string composed of ‘Basic’+ ‘(space)’ + ‘base64encode(consumer_key + “:” + consumer_secret)’; example ‘Basic ODU4S0pRczVXwGdMRkhUUUhtSGhNdTRYHlpRa3N1ZGY6STA0UThtMFJZZEF1dUlwY’
        • Content-Type: application/x-www-form-urlencoded
        • di_tid: A UUID string used as unique identifier for this token request
        • di_fiid: Unique identifier for the FI
        • offering_id: Uniquely identifies the name of the client app making the request
      • Body:
        • grant_type: essentially defines what type of token to be generated (client_credentials, password, refresh_token). In this case, it will be client_credentials only.

    • Example Code

    Here’s an excerpt from the authentication service:

    • Creates the bearer token for authorization

    Sample Response:

    {
    "access_token": "SA8m28eBKdCz6anuDzvADEr8qO0i",
    "expires_in": "86399",
    "refresh_token": "t3DI6jyojop9zKAnLCaVW2yHfGWWDDp9",
    "refresh_token_expires_in": "86399",
    "token_type": "Bearer"
}

    Creates legacy token for authorization

    Sample Response:

    <?xml version="1.0" encoding="UTF-8"?>
<token>
    <di_fiid>11111</di_fiid>
    <access_token>h2OxuFCNlxjrmvuyAv0ANBV3mnAR</access_token>
    <expires_in>2591999</expires_in>
</token>
    close

    Sign in now!

    Please sign up or sign in to add to watchlist

    Sign in

    Don’t have an account? 

    Sign up
    close

    Added to watchlist!

    Your interest has been noted. An NCR Voyix Rep
    will contact you with further details soon.