-
Notifications
You must be signed in to change notification settings - Fork 1
Home
Milos Sontak edited this page Aug 9, 2023
·
37 revisions
The Account Direct Access API (ADAA) service provides secure access to information about:
- Client’s transaction history
- Bank account balance
- Information about transaction history is provided in connection with current accounts of a client of Komerční banka.
more details is on website Direct Account Access API
- For testing requests we recommend the application Postman
- Postman Sandbox collection
- Register on Sandbox API Portal
- Postman Production collection
- Register on production API portal
- User - Client KB - User who give access to his account via API in Komercni banka
- Developer - Developer who create app
- KB - Komercni banka
1. Developer registers on production API portal
- create application
- subcribe to API (Client Registration, OAuth2, Adaa API)
- create API key (x-api-key)
how create API key (x-api-key)
- Software Statement with qualified certificate issued by a trusted certification authority (I.CA, PostSignum)
3. Developer calls Application Registration OAuth2 in browser
- browser shows this page and gives control to KB
- Client KB continue to login to bank
- Authorize app
- Client KB choose accounts to API
- Bank transfer control back to app
- decrypt on redirect_uri, you registered in Software Statement, we give you link to decrypt client_id, client_secret, application registration
6. Developer calls - Authorization code Tokens
- Client KB continue to login to bank
- Client KB confirms scopes
- Bank transfer control back to app
- change authorization code to refresh token and access token
- Accounts for account id to next step
- Account Balances
- Transactions
- Notification of changes to your account (webhook)
- Account Statements - PDF
- support for flow registration of the application by the user (each user needs only 1 application)
- support for token acquisition and renewal (once every 12 months or sooner)
- our demo app