Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

In order to access Everifin services via API two account types are required:

  • Client service account - the service account generated by Everifin and dedicated to specific client; It is required to access identity provider’s authentication API

  • Everifin user account - user account in Everifin representing particular bank account(s) owner; It can be physical person or representative of some business entity (it can be your customer or you in case you need to access your own bank accounts); This user will connect bank account(s) to Everifin system; Consequently, the Everifin services related to these bank accounts can be accessed via API by using this user’s access token (obtained after successful login).

Client Service Account

The following details of client service account will be delivered by Everifin:

  • your_realm_value

  • your_app_value

  • client_id

  • client_secret

  • scope

Everifin User Account

Before you can start using the API, you need to create a user account (This user will then connect bank accounts). This is done by using the Everifin Identity provider.

Identity provider host-name

The following table provides the values for identity provider host-name in testing and production environments.

Host-name wildcard

Testing environment

Production environment

{{everifin_idp_url}}

https://app.stage.everifin.com

https://app.everifin.com

User account registration and login process

More details on authentication API can be found here: Authentication

  1. Redirect your customer to {{everifin_idp_url}}/auth/realms/{{your_realm_value}}/protocol/openid-connect/auth/?client_id={{your_client_id}}&&redirect_uri={{client_redirect_uri}}&response_type=code&scope={{scope}}

  2. Click "Create new Account" and enter your details, make sure to use a valid email address

  3. You will receive an email asking you to confirm your email address. Open the email and click "Verify Email"

  4. After successful email verification the user is redirected back to your URL (specified in redirect_uri query parameter). The authorization code is provided in code query parameter.

  5. This code needs to be provided as input parameter in the request to token endpoint in order to obtain the access token and refresh token: Token Request . The access token should be stored in your system as it needs to be provided in authorization header in every API request accessing Everifin services (for details follow the API documentation: https://documenter.getpostman.com/view/19811544/2s935itRL2).

  6. After this you can redirect the user to log in page of the Everifin Application where she/he can connect the bank accounts (Connecting Bank Account With Everifin UI).:
    - Staging app URL: Everifin App - Stage
    - Production app URL: Everifin App - PROD

  7. Once the bank accounts are successfully connected under Everifin user account and the user comes back to your application, you can obtain bank account(s) data.

In case the access token expires, you can use refresh token endpoint to refresh it: Refresh Token Request.

When the refresh token expires, you need to redirect your customer to same page as in the step 1. This way you obtain new access token and long-lasting refresh token.

In case of test environment, you are welcome to create as many test users as you need

  • No labels