This section will guide you through the essential steps to integrate your third-party platform with our APIs. By following these steps, you will be able to register as a Third Party Provider (TPP), generate necessary tokens, and establish secure communication with our services.
Register as a Third Party Provider (TPP)
To begin integrating with Leatherback, you need to register as a Third Party Provider (TPP). This registration process involves making an API call to our registration endpoint.
API Endpoint: https://api-openbanking.leatherback.co/api/account/registration
Method: POST
Request Headers:
Content-Type: application/jsonsignature-certificate: <Set your signature certificate here. This is a password like text>
Request Body:
{
"countryISO": "GB",
"address": "1 Roada Way, Calculta",
"name": "Cway Bottle Company",
"email": "cway-bottle@finance.co",
"certificateType": "account",
"callbackUrl": "https://webhook.site/0994061c-ba69-40cb-99a8-94c54e692eab"
}
Sample Request:
curl -X POST "https://api-openbanking.leatherback.co/api/account/registration" \
-H "Content-Type: application/json" \
-d '{
"countryISO": "GB",
"address": "1 Roada Way, Calculta",
"name": "Cway Bottle Company",
"email": "cway-bottle@finance.co",
"certificateType": "account",
"callbackUrl": "https://webhook.site/0994061c-ba69-40cb-99a8-94c54e692eab"
}'
Response:
{
"Certificate": "Adaobi@",
"ClientId": "74EB610C710938923806817AD4631EB3",
"Message": "OK"
}
Generate a Client Token
Once registered as a TPP, the next step is to generate a client token. This token is necessary for authenticating subsequent API calls.
API Endpoint: https://api-openbanking.leatherback.co/auth/token
Method: POST
Request Headers:
Content-Type: application/x-www-form-urlencoded
Sample Request:
curl -X POST "https://api-openbanking.leatherback.co/auth/token" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "password=your-certificate&client_id=your-client-id&scope=account&grant_type=client_credentials"
Response:
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IjVEODhEQjBDMDMyMzRENjQ5NEM1NDI0ODEzRkFBQTkxIiwiY2VydGlmaWNhdGUiOiJBZGFvYmk5M0AiLCJuYmYiOjE3MTk4NTU2MTksImV4cCI6MTcxOTg1NTkxOSwiaWF0IjoxNzE5ODU1NjE5fQ.d6PLd8n06fLTx98vbOSSMJSo5AVFZ-lnMmjZuZsuO3c",
"token_type": "Bearer",
"expires_in": 63919
}
Create Client Consent
After generating a client token, the next step is to create client consent. This step involves generating a consentId in our systems so we can tie consent requests to you as a TPP.
In this tutorial, you create a consent for any of the following available permissions:
Permissions | Dependencies |
|---|---|
ReadAccountsBasic | None |
ReadAccountsDetail | None |
API Endpoint: https://api-openbanking.leatherback.co/account-access-consents
Method: POST
Request Headers:
Content-Type: application/jsonAuthorization: Bearer {access_token}
Request Body:
{
"Data": {
"Permissions": [
"ReadAccountsBasic",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail"
],
"ExpirationDateTime": "2024-06-30T08:38:43.527Z",
"TransactionFromDateTime": "2024-06-29T08:38:43.527Z",
"TransactionToDateTime": "2024-06-30T08:38:43.527Z"
},
"Risk": {}
}
Sample Request:
curl -X POST "https://api-openbanking.leatherback.co/account-access-consents" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer your-access-token" \
-d '{
"Data": {
"Permissions": [
"ReadAccountsBasic",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail"
],
"ExpirationDateTime": "2024-06-30T08:38:43.527Z",
"TransactionFromDateTime": "2024-06-29T08:38:43.527Z",
"TransactionToDateTime": "2024-06-30T08:38:43.527Z"
},
"Risk": {}
}'
Response:
{
"Data": {
"Status": "AwaitingAuthorisation",
"StatusUpdateDateTime": "2024-07-01T17:46:17.6950484Z",
"CreationDateTime": "2024-07-01T17:46:17.6950483Z",
"TransactionToDateTime": "2024-06-30T08:38:43.527Z",
"ExpirationDateTime": "2024-06-30T08:38:43.527Z",
"Permissions": [
"ReadAccountsBasic",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail"
],
"ConsentId": "9584b369-44dc-450e-8403-d04945e623bd",
"TransactionFromDateTime": "2024-06-29T08:38:43.527Z"
},
"Risk": {},
"Links": {
"Self": "https://app-leatherbackwebsite-stg.azurewebsites.net/create-consent?consentId=b23b4a2f-0c10-4d74-a05a-80ca3d0f6963&callbackUrl=https://app.mono.co/"
},
"Meta": {
"TotalPages": 1
}
}
Create JWT URL Parameters Token
After you create a consent, you need the user to authorize the consent so that you can access the data on their behalf. To facilitate this, you must create a JWT request parameter.
JWT Header:
{
"alg": "PS256",
"kid": "<insert kid>"
}
JWT Body:
{
"response_type": "code id_token",
"client_id": "<insert client_id>",
"redirect_uri": "<insert redirect_uri>",
"scope": "accounts",
"claims": {
"id_token": {
"openbanking_intent_id": {
"value": "<insert ConsentId>"
}
}
}
}
Steps to Create JWT URL Parameters Token:
Prepare the JWT Header:
Set the
alg(algorithm) toPS256.Insert your key ID (
kid) into the header.
Prepare the JWT Body:
Set the
response_typetocode id_token.Insert your
client_idwhich you received during registration.Specify your
redirect_uri.This is a page on your platform where the authorized customer will be redirected back to continue the open banking process. The authorization code or token and some other parameters like state will be sent alongside the redirect.
Set the
scopetoaccounts.Include the
openbanking_intent_idwith the value of the generatedConsentId.
Sign the JWT:
Sign the JWT using the private key of your signing certificate.
Ensure that the signature can be validated using the JWKs endpoint you specified during registration.
Highlight important information in a panel like this one. To edit this panel's color or style, select one of the options in the menu.
Add Comment