Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In this section, we'll guide you through the process of obtaining customer authorization via the Leatherback platform. This process involves redirecting your customers to the Leatherback Authorization App (Web, Android and iOS), where they will log in and grant the necessary permissions, followed by receiving the authorization response. Whether you are developing a web or mobile application, these steps will ensure a smooth and secure customer authorization experience.

Panel
bgColor#4C9AFF

Redirect to the Leatherback Authorization App

To initiate the authorization process, you need to redirect the user to the Leatherback Authorization App. This can be done via a web redirect from your end.

Web Redirect:

  • Construct the authorization URL with the required query parameters.

  • Redirect the user to this URL.

  • Sample URL format:

    Code Block
    https://app-leatherback-openbanking-dev.azurewebsites.net?request=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRfaWQiOiJENDY0QzlENzg2Mjc0NDgzOUE1ODM4MjEzNzlERjI2MCIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vZGV2ZWxvcGVyLnJldm9sdXQuY29tIiwic2NvcGUiOiJhY2NvdW50IiwicmVzcG9uc2VfdHlwZSI6ImNvZGUgaWRfdG9rZW4iLCJjYWxsYmFja191cmwiOiJodHRwczovL2RldmVsb3Blci5yZXZvbHV0LmNvbS8iLCJvcGVuYmFua2luZ19pbnRlbnRfaWQiOiI1OTE4OTA5MS01NDViLTQwZGUtOTNhMy00MTY2YzlhZTJkOTAiLCJuYmYiOjIwMjkyNzY4NTcsImV4cCI6MjAyOTI4MDQ1NywiaWF0IjoyMDI5Mjc2ODU3fQ.stK_t2vLV4PAejjjpRmy39a3wKAXVpyINadmGABTPAU
    &state=example_state

Mobile Redirect:

  • Use the device's web view to open the authorization URL (same as above).

  • Handle the redirect within the mobile application.

Panel
panelIconIdatlassian-note
panelIcon:note:
bgColor#B3F5FF

We handle the redirect to the customer’s web or mobile apps (Android or iOS) on our end so you do not have to worry about that. This is useful in cases where you mistakenly redirect from a mobile device to another browser and not the mobile app’s web view.

Panel
bgColor#4C9AFF

Login and Authorization

Once the user is redirected to the Leatherback Authorization App, they will be prompted to log in and authorize their application to access their account information.

  • Login Page:

    • Users enter their credentials to log in.

    • They may be asked to complete additional security steps (e.g., two-factor authentication).

  • Authorization Page:

    • Users review the permissions requested by your application.

    • Users grant or deny access by clicking the appropriate button.

Panel
bgColor#4C9AFF

Receive Authorization Response

After the user has logged in and granted authorization, you will receive an authorization response. This can be handled via a webhook AND a direct redirect. You can decide to receive the response however you choose.

Webhook Scenario:

  • Leatherback sends a POST request to your webhook endpoint with the authorization details.

  • The webhook response will be in this format:

Code Block
languagejson
{
  "authorizationCode": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdGF0ZSI6ImV4cGVjdF9zdGF0ZV92YWx1ZSJ9.FFm-dVtZkHsZSNGvH1K9li1DbMD1t8Cm0YW5ZEsOa_o",
  "state": "random_state_value"
}

Redirect Scenario:

  • The user is redirected back to your application with the authorization code and state as query parameters.

  • The redirect URL looks like this

Code Block
https://openbanking.tpp.com/open-banking-page?authorizationCode=<authorizationCode>&state=<state>

Filter by label (Content by label)
showLabelsfalse
max5
spacescom.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@23bd11
sortmodified
showSpacefalse
reversetrue
typepage
labelskb-how-to-article
cqllabel = "kb-how-to-article" and type = "page" and space = "LOBP"