Introduction
We are describing here the Gateway mode. See this page for explanations.
How to get started
Company website: https://www.exthand.com
You'll find the API description in this doc or a Swagger file available in your instance of Docker URL of your Docker/swagger/index.html
The steps to get started are describe in the top sections.
- Create an account on our developer portal: Getting Started with BankingSDK
- Configure and run the Docker image: Docker configuration
- Call your docker with our a Postman collection and environment. That can help you building the calls.
- Will it be for account access or payment initiation, banks have different behaviors. If you handle the options, you will be ready for every banks. See section Connector options for more informations.
Commonly used terms
See the definitions and the contexts explanations first.
Dev/test redirect URL
In, each flow with the bank, you'll have to provide a callback URL. You can use our URL https://developer.bankingsdk.com/callback. It simply displays the query string and has a button to copy it to the clipboard.
Endpoints
In this section we will document the available endpoints and their use, in a typical usage order, with examples on how to use them. Each endpoint has a link to their reference in our official documentation, which has more information.
Headers
Several endpoints require and return these unique headers. These are necessary for us to identify the request in case of an issue. Be sure to save it in you logs to clearly identify the requests.
- X-Request-ID: Request identifier, unique for each call, as determined by the client. Maximum length of 50 characters.
- X-Correlation-ID: Unique identifier for all the calls of the same flow. Set in the request by the client in Private mode, supplied by us in response in Gateway mode. Maximum length of 50 characters. Required for customer support.
- X-Operation-ID: Unique identifier of the request, supplied by us in response in Gateway mode only. Empty in Private mode. Required for customer support.
Common Properties
In most of the endpoints, these properties will be required. They are omitted in the examples for each endpoint in order to simplify them but they can be seen in the full object examples.
- tppContext: additional TPP data for logging purposes, see this article.
"tppContext": {
"tppId": "string",
"app": "string",
"flow": "string",
"transaction": "string",
"unit": "string"
}
- bankSettings: used only in Private mode. Settings to be used for connection with the bank. Use them only if they differ from default settings and if they apply to the specific connector.
- ncaId – TPP NCA id / legal id
- settingsId - a simple string that could contain your internal id of the bank credentials set used for this operation. Allows you to memorize which bank settings you have used to establish a consent. This could be used when you have multiple certificates or bank credentials, e.g. switching to a new certificate.
- appClientId – client Id of the application for specific bank,
- appClientSecret – client secret of the application for specific bank,
- appApiKey – client API key of the application for specific bank,
- tlsCertificateName – PKCS12 QWAC (TLS) certificate file name with extension,
- tlsCertificatePassword – QWAC (TLS) certificate password,
- tlsCertificateKeyId – a key for QWAC (TLS) used by some banks (see bank's specific dev portal),
- signingCertificateName – PKCS12 QSEAL (signing) certificate file name with extension,
- signingCertificatePassword – QSEAL (signing) certificate password,
- signingCertificateKeyId – a key for QSEAL (signing) used by some banks (see bank's specific dev portal),
- pemFileUrl - URL to the QSEAL (signing) public key or JWSK
The TLS and signing certificates files are expected to be a PKCS12 file containing X509 and key.
Updated 5 months ago