Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

In order to access Everifin services via API two account types are required:

  • Client service account - the service account generated by Everifin and dedicated to specific client; It is required to access identity provider’s authentication API

  • Everifin user account - user account in Everifin representing particular bank account(s) owner; It can be physical person or representative of some business entity (it can be your customer or you in case you need to access your own bank accounts); This user will connect bank account(s) to Everifin system; Consequently, the Everifin services related to these bank accounts can be accessed via API by using this user’s access token (obtained after successful login).

Client Service Account

The following details of client service account will be delivered by Everifin:

  • your_realm_value

  • your_app_value

  • client_id

  • client_secret

Everifin user account

Before you can start using the API, you need to create a user account (This user will then connect bank accounts). This is done by using the Everifin Identity provider.

Identity provider host-name

The following table provides the values for identity provider host-name in testing and production environments.

Host-name wildcard

Testing environment

Production environment

{{everifin_idp_url}}

https://app.stage.everifin.com

https://app.everifin.com

User account registration and login process

  1. Redirect your customer to {{everifin_idp_url}}/auth/realms/{{your_realm_value}}/protocol/openid-connect/auth/?client_id={{your_client_id}}&&redirect_uri={{client_redirect_uri}}&response_type=code

  2. Click "Create new Account" and enter your details, make sure to use a valid email address

  3. You will receive an email asking you to confirm your email address. Open the email and click "Verify Email"

  4. After successful email verification the user is redirected back to your URL (specified in redirect_uri query parameter). The authorization code is provided in code query parameter.

  5. This code needs to be provided as input parameter in the request to token endpoint in order to obtain the access token and refresh token: Token Request . The access token should be stored in your system as it needs to be provided in authorization header in every API request accessing Everifin services (for details follow the API documentation: https://documenter.getpostman.com/view/19811544/2s935itRL2).

  6. After this the user can log in on page https://app.stage.everifin.com/ and connect bank accounts.

  7. Once the bank accounts are successfully connected under Everifin user account, you can obtain bank account(s) data and use other related services (e.g. initiate payments) via API.

In case the access token expires, you can use refresh token endpoint to refresh it: Refresh Token Request.

When the refresh token expires, you need to redirect your customer to same page as in the step 1. This way you obtain new access token and long-lasting refresh token.

In case of test environment, you are welcome to create as many test users as you need

  • No labels