-
Notifications
You must be signed in to change notification settings - Fork 442
Direct Login
Marko Milić edited this page Sep 16, 2019
·
16 revisions
On the OBP API portal click the Get App Key button. You may need to register/login first. Copy and paste the consumer key for step two below.
Using your favorite http client:
POST OBP-HOST/my/logins/direct
Body
Leave Empty!
Headers:
Content-Type: application/json
Authorization: DirectLogin username=janeburel,
password=the-password-of-jane,
consumer_key=your-consumer-key-from-step-one
Here is it all together:
POST /my/logins/direct HTTP/1.1
Authorization: DirectLogin username="janeburel", password="686876", consumer_key="GET-YOUR-OWN-API-KEY-FROM-THE-OBP"
Content-Type: application/json
Cookie: JSESSIONID=7h1ssu6d7j151u08p37a6tsx1
Host: 127.0.0.1:8080
Connection: close
User-Agent: Paw/2.3.3 (Macintosh; OS X/10.11.3) GCDHTTPRequest
Content-Length: 0
You should receive a token:
{"token":"a-long-token-string"}
In subsequent calls you can use the token received in step 2
e.g.
Action:
PUT /obp/v2.0.0/banks/obp-bankx-n/accounts/my-new-account-id
Body:
{ "type":"CURRENT", "balance":{ "currency":"USD", "amount":"0" }}
Headers:
Content-Type: application/json
Authorization: DirectLogin token=your-token-from-step-2
Here is another example:
PUT /obp/v2.0.0/banks/enbd-egy--p3/accounts/newaccount1 HTTP/1.1
Authorization: DirectLogin token="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyIiOiIifQ.C8hJZNPDI59OOu78pYs4BWp0YY_21C6r4A9VbgfZLMA"
Content-Type: application/json
Cookie: JSESSIONID=7h1ssu6d7j151u08p37a6tsx1
Host: 127.0.0.1:8080
Connection: close
User-Agent: Paw/2.3.3 (Macintosh; OS X/10.11.3) GCDHTTPRequest
Content-Length: 60
{"type":"CURRENT","balance":{"currency":"USD","amount":"0"}}
Parameter names and values are case sensitive.
The following parameters must be sent by the client to the server:
username
The name of the user to authenticate.
password
The password used to authenticate user. Alphanumeric string.
consumer_key
The application identifier. Generated on OBP side via
/consumer-registration endpoint.
Each parameter MUST NOT appear more than once per request.