Versions Compared

Version Old Version 9 New Version 10
Changes made by

Michal Gregor

Michal Gregor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Before you get started, make sure you have already created Everifin user account. More details on how to create an user account are here: API Access Prerequisites. Afterwards, you can Connect Bank Account With Everifin UI.

...

Identity Provider base URL: {{everifin_idp_url}}/auth/realms/{{your_realm_value}}/protocol/openid-connect/auth

Query Parameter

Value

Note

client_id

client ID you received from Everifin

the client_id identifies you as a consumer of this API, not the end user

redirect_uri

http://localhost

this redirect URI can be used for initial testing.

Contact us if you want to use your own custom redirect URIs, we will configure it for you

response_type

code

state

A value that will be passed to the redirect URL as a Query parameter. This value can be used to remember the state of your application at the time of the authentication call

code_challenge

Optional, only necessary for PKCE. A challenge for PKCE. The challenge is verified in step2: /token request.

code_challenge_method

Optional, only necessary for PKCE. Method used to derive the code challenge for PKCE. We accept the followig value: S256

scope

ais

scope specific to your case. E.g. ais

Info

PKCE is not enabled by default. If you want to use PKCE, Contact Us

Example URL: {{everifin_idp_url}}/auth/realms/{{your_realm_value}}/protocol/openid-connect/auth?client_id={{your_client_id}}&&redirect_uri={{client_redirect_uri}}&response_type=code&state=MY_STATE1&scope={{scope}}

...

Following parameter should be included in request body, formatted as application/x-www-form-urlencoded. Don't forget to include Content-Type: application/x-www-form-urlencoded in request headers.

Parameter

Value

Note

grant_type

authorization_code

code

obtained from redirect uri query parameter from step 1

client_id

same value as client_id query parameter from step 1

redirect_uri

same value as redirect_uri query parameter from step 1

code_verifier

Optional, only necessary for PKCE. We use it to recompute the code_challenge and verify if it matches the original code_challenge in the authorization request.

Response:

JSON object containing access_token and refresh_token.

...

The following parameters should be included in the request body (application/x-www-form-urlencoded):

Parameter

Value

Note

grant_type

refresh_token

client_id

same value as client_id query parameter from step 1

refresh_token

value from “refresh_token” field on JSON response from step2

Info

Don't forget to include Content-Type: application/x-www-form-urlencoded in request headers.

...

{{everifin_idp_url}}/auth/realms/{your_realm_value}/protocol/openid-connect/logout

Query Parameter

Value

Note

redirect_uri

Optional, an URL the user should be redirected to after the logout action succeeded

Following parameters should be included in request body (as application/x-www-form-urlencoded).

Parameter

Value

Note

client_id

same value as client_id query parameter from step 1

refresh_token

value from “refresh_token” field on JSON response from step2

Info

Don't forget to include Content-Type: application/x-www-form-urlencoded in request headers.

...