Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This section will guide you through the essential steps to integrate your third-party platform with our APIs. Following these steps, you can register as a Third Party Provider (TPP), generate necessary tokens, and establish secure communication with our services.

Panel
bgColor#4C9AFF

Register as a Third Party Provider (TPP)

To begin integrating with Leatherback, you must register as a Third Party Provider (TPP). This registration process involves making an API call to our registration endpoint.

API Endpoint: https://api-openbanking.leatherback.co/api/account/registration

Method: POST

Request Headers:

  • Content-Type: application/json

  • signature-certificate: <Set your signature certificate here. This is a password-like text>

Panel
bgColor#4C9AFF

Request Body:

Code Block
languagejson
{
  "countryISO": "GB",
  "address": "1 Roada Way, Calculta",
  "name": "Cway Bottle Company",
  "email": "cway-bottle@finance.co",
  "certificateType": "account",
  "callbackUrl": "https://webhook.site/0994061c-ba69-40cb-99a8-94c54e692eab"
}
Panel
bgColor#4C9AFF

Sample Request:

Code Block
curl -X POST "https://api-openbanking.leatherback.co/api/account/registration" \
-H "Content-Type: application/json" \
-d '{
  "countryISO": "GB",
  "address": "1 Roada Way, Calculta",
  "name": "Cway Bottle Company",
  "email": "cway-bottle@finance.co",
  "certificateType": "account",
  "callbackUrl": "https://webhook.site/0994061c-ba69-40cb-99a8-94c54e692eab"
}'
Panel
bgColor#4C9AFF

Response

Code Block
languagejson
{
    "Certificate": "Adaobi@",
    "ClientId": "74EB610C710938923806817AD4631EB3",
    "Message": "OK"
}
Panel
bgColor#4C9AFF

Generate a Client Token

Once registered as a TPP, the next step is to generate a client token. This token is necessary for authenticating subsequent API calls.

API Endpoint: https://api-openbanking.leatherback.co/auth/token

Method: POST

Request Headers:

  • Content-Type: application/x-www-form-urlencoded

Panel
bgColor#4C9AFF

Sample Request

Code Block
curl -X POST "https://api-openbanking.leatherback.co/auth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "password=your-certificate&client_id=your-client-id&scope=account&grant_type=client_credentials"
Panel
bgColor#4C9AFF

Response

Code Block
languagejson
{
    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IjVEODhEQjBDMDMyMzRENjQ5NEM1NDI0ODEzRkFBQTkxIiwiY2VydGlmaWNhdGUiOiJBZGFvYmk5M0AiLCJuYmYiOjE3MTk4NTU2MTksImV4cCI6MTcxOTg1NTkxOSwiaWF0IjoxNzE5ODU1NjE5fQ.d6PLd8n06fLTx98vbOSSMJSo5AVFZ-lnMmjZuZsuO3c",
    "token_type": "Bearer",
    "expires_in": 63919
}
Panel
bgColor#4C9AFF

Create Client Consent

After generating a client token, the next step is to create client consent. This step involves generating a consentId in our systems so we can tie consent requests to you as a TPP.

In this tutorial, you create a consent for any of the following available permissions:

Permissions

Dependencies

ReadAccountsBasic

None

ReadAccountsDetail

None

API Endpoint: https://api-openbanking.leatherback.co/account-access-consents

Method: POST

Request Headers:

  • Content-Type: application/json

  • Authorization: Bearer {access_token}

Panel
bgColor#4C9AFF

Request Body

Code Block
languagejson
{
  "Data": {
    "Permissions": [
      "ReadAccountsBasic",
      "ReadBeneficiariesBasic",
      "ReadBeneficiariesDetail"
    ],
    "ExpirationDateTime": "2024-06-30T08:38:43.527Z",
    "TransactionFromDateTime": "2024-06-29T08:38:43.527Z",
    "TransactionToDateTime": "2024-06-30T08:38:43.527Z"
  },
  "Risk": {}
}
Panel
bgColor#4C9AFF

Sample Request

Code Block
curl -X POST "https://api-openbanking.leatherback.co/account-access-consents" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer your-access-token" \
-d '{
  "Data": {
    "Permissions": [
      "ReadAccountsBasic",
      "ReadBeneficiariesBasic",
      "ReadBeneficiariesDetail"
    ],
    "ExpirationDateTime": "2024-06-30T08:38:43.527Z",
    "TransactionFromDateTime": "2024-06-29T08:38:43.527Z",
    "TransactionToDateTime": "2024-06-30T08:38:43.527Z"
  },
  "Risk": {}
}'
Panel
bgColor#4C9AFF

Response

Code Block
{
    "Data": {
        "Status": "AwaitingAuthorisation",
        "StatusUpdateDateTime": "2024-07-01T17:46:17.6950484Z",
        "CreationDateTime": "2024-07-01T17:46:17.6950483Z",
        "TransactionToDateTime": "2024-06-30T08:38:43.527Z",
        "ExpirationDateTime": "2024-06-30T08:38:43.527Z",
        "Permissions": [
            "ReadAccountsBasic",
            "ReadBeneficiariesBasic",
            "ReadBeneficiariesDetail"
        ],
        "ConsentId": "9584b369-44dc-450e-8403-d04945e623bd",
        "TransactionFromDateTime": "2024-06-29T08:38:43.527Z"
    },
    "Risk": {},
    "Links": {
        "Self": "https://app-leatherbackwebsite-stg.azurewebsites.net/create-consent?consentId=b23b4a2f-0c10-4d74-a05a-80ca3d0f6963&callbackUrl=https://app.mono.co/"
    },
    "Meta": {
        "TotalPages": 1
    }
}
Panel
bgColor#4C9AFF

Create JWT URL Parameters Token

After you create a consent, you need the user to authorize the consent so that you can access the data on their behalf. To facilitate this, you must create a JWT request parameter.

Panel
bgColor#4C9AFF

JWT Header

Code Block
{
  "alg": "PS256",
  "kid": "<insert kid>"
}
Panel
bgColor#4C9AFF

JWT Body

Code Block
{
  "response_type": "code id_token",
  "client_id": "<insert client_id>",
  "redirect_uri": "<insert redirect_uri>",
  "scope": "accounts",
  "claims": {
    "id_token": {
      "openbanking_intent_id": {
        "value": "<insert ConsentId>"
      }
    }
  }
}

Steps to Create JWT URL Parameters Token:

  1. Prepare the JWT Header:

    • Set the alg (algorithm) to PS256.

    • Insert your key ID (kid) into the header.

  2. Prepare the JWT Body:

    • Set the response_type to code id_token.

    • Insert your client_id which you received during registration.

    • Specify your redirect_uri.

      • This is a page on your platform where the authorized customer will be redirected back to continue the open banking process. The authorization code or token and some other parameters like state will be sent alongside the redirect.

    • Set the scope to accounts.

    • Include the openbanking_intent_id with the value of the generated ConsentId.

  3. Sign the JWT:

    • Sign the JWT using the private key of your signing certificate.

    • Ensure that the signature can be validated using the JWKs endpoint you specified during registration.

Filter by label (Content by label)
showLabelsfalse
max5
spacescom.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@23bd11
sortmodified
showSpacefalse
reversetrue
typepage
labelskb-how-to-article
cqllabel = "kb-how-to-article" and type = "page" and space = "LOBP"