Enduser API authentication
LinkCy offer you to embed financial services to your own customers (both consumer and corporate).
So, as a partner, you will act on behalf of your Customers. Indeed, financial instruments such as cards, accounts, funds, belongs to your Endusers, not to you.
To perform this, we need to be sur that actions directly comes from your Enduser, not you or someone pretending to be you.
Log In
Once credentials are configured, Endusers (either Consumer or Corporate) can login using the "Log into the application". Following information have to be provided :
| Request | Type |
|---|---|
| consumerPhone | string ^[0-9]{2,17}$ (required). The complete consumer's phone, including country code. Must not contain +. |
| partnerName | string (required) |
| password | string (required) |
For Corporates :
| Request | Type |
|---|---|
| accountOwnerPhone | string ^[0-9]{2,17}$ (required). The complete accountOwnerPhone's phone, including country code. Must not contain +. |
| partnerName | string (required) |
| password | string (required) |
If login is OK, Response from API cointains "token" (the JWT) and a "refreshToken"
| Response | Type |
|---|---|
| token | string (required) |
| refreshToken | string (required) |
| endUserId | string uuid (If you are logging in as consumer or corporate, return the end-user ID.) |
User can then use this JWT token for the other API requests.
JWT token has to be send in the Header as an "Authorization bearer". lke below :
Authorization: Bearer <YOUR_JWT_HERE>Refresh Authentication Token.
The JWT Token expires after a defined time since creation. By decoding the JWT you will know the time remaining for the token validity
Once it is expired, partner has to use the "refresh login token" and provide the refreshToken which was received along the previous JWT token.
The API will respond with a new JWT token to use from now on to be authenticated.
| Request | Type |
|---|---|
| refreshToken | string (required) |
The API will respond with a new JWT token to use from now on to be authenticated.
| Response | Type |
|---|---|
| token | string (required) |
| refreshToken | string (required) |
| endUserId | string uuid (If you are logging in as consumer or corporate, return the end-user ID.) |
Otherwise, partner can still Log In again to get a new JWT Token.