Quickstart
Summary
This quick start guide explains you how to set up and use the API in order to retrieve the accounts and transactions from the user's banks.
To get your user's accounts and transactions, you first need to create a new Linxo Connect user and set up his bank connection. The following steps show you how to do this easily:
- Client authentication to retrieve a token allowing you to create the user (in 'client' mode).
- Create a user if he doesn’t already exist. The user is at the center of the API resources. It will be used to group connections to banking providers and store the accounts and transactions.
- User Authentication to retrieve a token allowing you to access user resources.
- Initiate the widget: When using widgets, you need to create a user session to work with. The data created in the widgets will be attached to the user provided in the session.
- Select a bank or the Linxo test bank. The widgets are available in a browser by using its URL and the user session. The user will follow the UI flow to perform actions before going back to the provided callback URL for you to handle the results.
- Retrieve connections established from the widget
- Get accounts and transactions. Once the data is made available, thanks to the connection, you will be able to collect accounts and transactions to manage your business needs.
- How to continue provides you with additional links to access more information
Security: The secure connections are set up according to the OAuth2 protocol:
- You retrieve an OAuth2 client token with your client identifier & client secret and according to the client credential flow. This allows you to create a user.
- You retrieve an OAuth2 user token, according to the ROPC flow, needed to create the widget user session.
- With the widget, you can therefore create a connection using this user session.
1. Client authentication
You will need a Client OAuth2 access token that identifies your application so that you can create an Linxo Connect user.
To do so, you have to implement the OAuth2 client credentials flow. Go to the Advanced authentication page for more information.
To use this flow, you will have to perform a HTTP basic authentication with a POST request on the
/token endpoint of the Linxo Connect authentication server.
Execute the following to generate a token. You can modify the body parameters if you want to test with your own credentials and parameters:
2. Create your Linxo Connect user
Let's assume you want to create a new Linxo Connect user: You just need to provide an email and password. No email will be sent, it is only used as a unique key.
Use the Client OAuth2 access token you just created, which identifies your application, to create
your user in a secure way. Request the /users
API endpoint to do so.
You must give a valid user email
You may also edit the email and password parameters in the body of the request:
curl -sk -X POST {baseUrl}/users
-H 'authorization: Bearer {access_token}'
-d email={email}
-d password={password}
The response header location contains the user identifier that can be used as a reference
for the requests
3. User authentication
To identify your Linxo Connect user over the system, You have to ask for a User Access Token following the OAuth2 Resource owner password credentials (ROPC) authentication flow. Refer to the Advanced authentication page for more information.
Widgets services are relying on Accounts API endpoints and therefore you need to use the accurate list of scopes depending on the widget action you want to deal with for your Linxo Connect user. Refer to the list of scopes for detailed information.
Request the /token API endpoint to get the user access token.
curl -sk -X POST {anvilUrl}/token
-d grant_type=password
-d username={username}
-d password={password}
-d client_id={client_id} \
-d client_secret={client_secret} \
-d scope=openid%20profile%20accounts_read \
-d provider=connect
4. Initiate widget
Linxo Connect widgets provide an easy way to integrate with our solutions. Thanks to a responsive UI, you can easily integrate this solution into your ecosystem.
You now own everything you need to negociate a Widgets Service session for your Linxo Connect user.
The Widget service provides the endpoint
/widget_session
to create a session containing the user credentials and returning the session ID.
The Quick Start shows you in a simple and interactive way how the widget works.
Execute the following to create a user session with your client credentials: {widgetUrl}/widget/widget_session
curl -sk -X POST {widgetUrl}/widget/widget_session
-d client_id={client_id}
-d client_secret={client_secret}
-d access_token={access_token}
5. Select bank or test bank
Once you have your widget session you can call the add connection entrypoint allowing a user to select his bank(s) from among all offered by Linxo Connect. In this quickstart, this is done by clicking on the link below to display this list of banks.
A connection with each provider will be created. The service will try to reach the provider to validate the user credentials.
In this bank list you have the Linxo test bank which emulates the behavior of a real world provider. An HowTo is also dedicated to this test tool. if you select it, a first page allows you to choose the type of account to recover:
Connect my current accountsallows you to retrieve the checking and card accounts via the PSD2 API.I do not have a current accountallows you to recover all the accounts via scraping.
A configuration file makes it possible to configure this bank and supply it with different types of accounts and transactions. This is useful to test your implementation. The default file also available at https://linxo-test-bank.s3.amazonaws.com/stettestbank/test-bank.txt has the following credentials: login: dev - password: dev
The client can provide some parameters to customize the screen flow and he is notified of the results by a callback URL. This is also done by calling the endpoint /add_connection.
6. Retrieve connection
Connections contain the list of information required to connect to a provider's website. This endpoint allows you to retrieve the list of all connections. You can filter them and paginate them according to different criteria.
To do so, you call the /connections endpoint.
curl -sk -X GET {baseUrl}/connections/{connection_id}
-H 'authorization: Bearer {access_token}'
7. Get accounts and transactions
Once you have your connection defined, you can now retrieve the list of accounts and the list of transactions.
The structure of an account can change depending on the type of account (LOAN, CHECKING, etc.).
Accounts can be filtered with several criterias and can be sorted by name and/or creation_date. It is possible to archive or unarchive an account by using its status. A closed account will not be synchronized and activate an account will schedule a synchronization.
You therefore use the following endpoints /accounts and /transactions to retrieve all the accounts and transactions of a user.
This example below allows you to retrieve transactions from all accounts.
curl -sk -X GET {baseUrl}/accounts/{account_id}
-H 'authorization: Bearer {access_token}'
curl -sk -X GET {baseUrl}/transactions/{transaction_id}
-H 'authorization: Bearer {access_token}'
8. How to continue
These few examples have allowed you to authenticate yourself, create a new user and initiate a widget to create a connection. With this connection you are able to retrieve all your accounts and transactions.
The next chapter gives you the main concepts and useful information to be able to use our API.
You can also implement more elaborate examples described in the 'HowTo' chapter.
And finally you may handle your users' data in a much specific way by using the endpoints described in the reference documentation. You will also have to take into account the credential lifecycle.
This Postman file contains the main
endpoints describe in this Quickstart and may help you to quickly and easily send the REST requests.
You just have to import this file and parametrize the client_id, client_secret, user_email
and user_password variables.