In order to access Everifin services via API two account types are required:
Client service account - the service account generated by Everifin and dedicated to specific client; It is required to access identity provider’s authentication API
Everifin user account - user account in Everifin representing particular bank account(s) owner; It can be physical person or representative of some business entity (it can be your customer or you in case you need to access your own bank accounts); This user will connect bank account(s) to Everifin system; Consequently, the Everifin services related to these bank accounts can be accessed via API by using this user’s access token (obtained after successful login).
Client Service Account
The following details of client service account will be delivered by Everifin:
your_realm_value
client_id
client_secret
scope
Everifin User Account
Before you can start using the API, you need to create a user account (This user will then connect bank accounts). This is done by using the Everifin Identity provider.
Identity provider host-name
The following table provides the values for identity provider host-name in testing and production environments.
Host-name wildcard | Testing environment | Production environment |
---|---|---|
|
|
|
User account registration and login process
More details on authentication API can be found here: Authentication
Redirect your customer to
{{everifin_idp_url}}/auth/realms/{{your_realm_value}}/protocol/openid-connect/auth/?client_id={{your_client_id}}&&redirect_uri={{client_redirect_uri}}&response_type=code&scope={{scope}}
Now the user can register (or re-login in case the access token expired). The user registration process is described here: Everifin User Registration
After successful email verification (part of the user registration process) the user is redirected back to your URL (specified in
redirect_uri
query parameter). The authorization code is provided incode
query parameter.This code needs to be provided as input parameter in the request to token endpoint in order to obtain the access token and refresh token: Token Request . The access token should be stored in your system as it needs to be provided in authorization header in every API request accessing Everifin services (for details follow the API documentation: https://documenter.getpostman.com/view/19811544/2s935itRL2).
After this you can redirect the user to log in page of the Everifin Application where she/he can connect the bank accounts (Connecting Bank Account):
- Staging app URL: Everifin App - Stage
- Production app URL: Everifin App - PRODOnce the bank accounts are successfully connected under Everifin user account and the user comes back to your application, you can obtain bank account(s) data.
In case the access token expires, you can use refresh token endpoint to refresh it: Refresh Token Request.
When the refresh token expires, you need to redirect your customer to same page as in the step 1. This way you obtain new access token and long-lasting refresh token.
In case of test environment, you are welcome to create as many test users as you need