Versions Compared

Old Version 1

changes.mady.by.user Leatherback

Saved on

compared with

New Version 2

changes.mady.by.user Leatherback

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

InfoHighlight important information in a panel like this one. To edit this panel's color or style, select one of the options in the menu.In this section, we'll guide you through the process of obtaining customer authorization via the Leatherback platform. This process involves redirecting your customers to the Leatherback Authorization App (Web, Android and iOS), where they will log in and grant the necessary permissions, followed by receiving the authorization response. Whether you are developing a web or mobile application, these steps will ensure a smooth and secure customer authorization experience.

Redirect to Leatherback Authorization App

To initiate the authorization process, you need to redirect the user to the Leatherback Authorization App. This can be done via a web redirect from your end.

Web Redirect:

  • Construct the authorization URL with the required query parameters.

  • Redirect the user to this URL.

  • Sample URL format:

    Code Block
    https://app-leatherback-openbanking-dev.azurewebsites.net?request=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRfaWQiOiJENDY0QzlENzg2Mjc0NDgzOUE1ODM4MjEzNzlERjI2MCIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vZGV2ZWxvcGVyLnJldm9sdXQuY29tIiwic2NvcGUiOiJhY2NvdW50IiwicmVzcG9uc2VfdHlwZSI6ImNvZGUgaWRfdG9rZW4iLCJjYWxsYmFja191cmwiOiJodHRwczovL2RldmVsb3Blci5yZXZvbHV0LmNvbS8iLCJvcGVuYmFua2luZ19pbnRlbnRfaWQiOiI1OTE4OTA5MS01NDViLTQwZGUtOTNhMy00MTY2YzlhZTJkOTAiLCJuYmYiOjIwMjkyNzY4NTcsImV4cCI6MjAyOTI4MDQ1NywiaWF0IjoyMDI5Mjc2ODU3fQ.stK_t2vLV4PAejjjpRmy39a3wKAXVpyINadmGABTPAU
&state=example_state

Mobile Redirect:

  • Use the device's web view to open the authorization URL (same as above).

  • Handle the redirect within the mobile application.

Info

We handle the redirect to the customer’s web or mobile apps (Android or iOS) on our end so you do not have to worry about that. This useful in cases where you mistakenly redirect from a mobile device to another browser and not the mobile app’s web view.

Login and Authorization

Once the user is redirected to the Leatherback Authorization App, they will be prompted to log in and authorize your application to access their account information.

  • Login Page:

    • Users enter their credentials to log in.

    • They may be asked to complete additional security steps (e.g., two-factor authentication).

  • Authorization Page:

    • Users review the permissions requested by your application.

    • Users grant or deny access by clicking the appropriate button.

Receive Authorization Response

After the user has logged in and granted authorization, you will receive an authorization response. This can be handled via a webhook AND a direct redirect. You can decide to receive the response however you choose.

Webhook Scenario:

  • Leatherback sends a POST request to your webhook endpoint with the authorization details.

  • The webhook response will be in this format:

Code Block
languagejson
{
  "authorizationCode": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdGF0ZSI6ImV4cGVjdF9zdGF0ZV92YWx1ZSJ9.FFm-dVtZkHsZSNGvH1K9li1DbMD1t8Cm0YW5ZEsOa_o",
  "state": "random_state_value"
}

Redirect Scenario:

  • The user is redirected back to your application with the authorization code and state as query parameters.

  • The redirect url looks like this

Code Block
https://openbanking.tpp.com/open-banking-page?authorizationCode=<authorizationCode>&state=<state>

...