Versions Compared

Version Old Version 19 New Version 20
Changes made by

Michal Gregor

Michal Gregor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The following details of client service account will be delivered by Everifin:

  • your_realm_value (“everifin_app” if not specified otherwise)

  • client_id

  • client_secret

  • scope (“ais” - balances and transactions, “pis” - payment initiation or “ais pis” - both services)

Everifin Multibanking user account and its connection to your system

...

  1. Everifin Multibanking user account registration - The person/company needs to create a user account in Everifin Multibanking web application. Please, instruct your customer to go to web app URL https://app.everifin.com to do so (you may provide clickable link or button in you SW). The user registration process is described in detail here: Everifin User Registration

  2. Bank Account(s) connection - The person/company needs to connect the bank account(s) in Everifin Multibanking web application. This process is described in detail here: Connecting Bank Account

  3. Connecting Everifin Multibanking user account to your system - The connection between the two systems is arranged by Oauth authorization code flow initiated by your user from your system against our identity provider (Authentication ). The details of the connection process are described further below (https://everifin.atlassian.net/wiki/spaces/EFMBAPI/pages/edit-v2/2515730433#Connecting-Everifin-user-account-to-your-system ). Result of this step is session between your system and Everifin represented by pair of tokens (access and refresh token). Valid access token needs to be provided in every API request.

...

Info

More details on authentication API can be found here: Authentication

  1. Redirect your customer to Once the user decides to connect his existing Everifin user account (registered as pre-step on https://app.everifin.com ) to your system (e.g. clicks on button in your system) redirect her/him to web address {{everifin_idp_url}}/auth/realms/{{your_realm_value}}/protocol/openid-connect/auth/?client_id={{your_client_id}}&&redirect_uri={{clientyour_redirect_uri}}&response_type=code&scope={{scope}}

  2. Now the user can login to Everifin (or re-login in case the connection has been already established and it only needs to be renewed after the token has expired) and give consent to access the bank account data by your system.

  3. Then the user is redirected back to your URL (specified in redirect_uri query parameter in step #1). The authorization code is provided in code query parameter.

  4. Use the code value as input parameter in the request to token endpoint to obtain the access token and refresh token: Token Request .
    The obtained access token should be stored in your system as it needs to be provided in authorization header in every API request accessing Everifin services (for details follow the API documentation: https://documenter.getpostman.com/view/19811544/2s935itRL2).
    Refresh token should also by stored as you will need it to refresh access token once it expires. Be aware that refresh token string changes every time you do refresh. You need to store the value from the response every time for next usage.

  5. After this your system can access Everifin BankConnect API to get bank account(s) data of your customer.

...