Access Token Acquisition Methods
In this section, the main methods for obtaining an access token and a user token will be outlined.
Backend Access Token Generation
The Backend Access Token Generation process involves obtaining an access token from the API, which is essential for authenticating requests. To generate an access token, you need to Application ID (username) and Application Secret (password). Upon successful authentication, the API returns an access token, its expiration time, and a refresh token. The access token must be included in the Authorization header of subsequent API requests to access protected resources. This method allows obtaining an access token in two ways. The first way is by using the Application ID and Application Secret. The second way is by using the refresh token.
URL https://api.infocus.company
POST /sdk/auth/getToken
Headers
Content-Type
application/json
Body
grant_typeString
The type of data parameter from which the access token will be generated. The valid values are 'password' and 'refresh_token'
username
String
Use the credentials provided to you for access to the SDK as the username. This field is filled when the grant_type is set to 'password'
password
String
Use the credentials provided to you for access to the SDK as the password. This field is filled when the grant_type is set to 'password'
refresh_tokenString
In this field, the refresh token is passed. The value must be specified when the grant_type is set to refresh_token.
Response
The method returns a JSON object containing the generated Backend Access Token.
{
"access_token": "eyJqdGkiOiJhNmE4ZmQ3Ny02MGE1LTQzOWEtOWRkMC1lMTdjOTY1NzA3YjUiLCJleHAiOjE1NTQzNjc3MDksIm5iZiI6MCwiaWF0IjoxNTU0MzY3NDA5LCJpc3MiOiJodHRwczovL2tleWNsb2FrLmluZm9jdXMuY29tcGFueS9hdXRoL3JlYWxtcy9tYXN0ZXIiLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiZWQ4ZTk0M2EtMGRjZC00YTg0LThmZWUtZjZiMzlhYTE2MmI1IiwidHlwIjoiQmVhcmVyIiwiYXpwIjoiQVBJIiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiYjQzMTIzOTctYmZmMi00YjU1LTk2OTYtNjgyM2M5MWU1OGE2IiwiYWNyIjoiMSIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJ1c2VyQVBJIiwib2ZmbGluZV9hY2Nlc3MiLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwiZ3JvdXBzIjpbIlRlc3RNb2RlbDFib3QiXSwicHJlZmVycmVkX3VzZXJuYW1lIjoidHNhcmV2In0",
"expires_in": "30",
"refresh_expires_in": "180",
"refresh_token": "eyJqdGkiOiIzNDk0YTA3Yy0xNDVhLTQwNGItYmFkYS1mOWJiODY3N2JhMmEiLCJleHAiOjE1NTQzNjkyMDksIm5iZiI6MCwiaWF0IjoxNTU0MzY3NDA5LCJpc3MiOiJodHRwczovL2tleWNsb2FrLmluZm9jdXMuY29tcGFueS9hdXRoL3JlYWxtcy9tYXN0ZXIiLCJhdWQiOiJodHRwczovL2tleWNsb2FrLmluZm9jdXMuY29tcGFueS9hdXRoL3JlYWxtcy9tYXN0ZXIiLCJzdWIiOiJlZDhlOTQzYS0wZGNkLTRhODQtOGZlZS1mNmIzOWFhMTYyYjUiLCJ0eXAiOiJSZWZyZXNoIiwiYXpwIjoiQVBJIiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiYjQzMTIzOTctYmZmMi00YjU1LTk2OTYtNjgyM2M5MWU1OGE2IiwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbInVzZXJBUEkiLCJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJlbWFpbCBwcm9maWxlIn0",
"token_type": "bearer"
}{
"timestamp": "2024-04-24T17:20:39.545Z",
"status": "BAD_REQUEST"
}{
"timestamp": "2024-04-24T17:20:39.545Z",
"status": "INTERNAL_SERVER_ERROR"
}Example
curl --location --request POST 'https://api.infocus.company/sdk/auth/getToken'
--header 'Content-Type: application/json'
--data '{ "grant_type": "password", "username": "sdk_test", "password": "L4aM34ff554" }'Response body
{
"access_token": "eyJhbGciOiJS....kMLPFLR9CRhQ",
"expires_in": 1800,
"refresh_expires_in": 86400,
"refresh_token": "eyJhbGciOiJI.....sQPjKJysiCU",
"token_type": "Bearer"
}Client Access Token Generation
A client token is essential for secure and personalized interactions between banks and their customers when utilizing the Concierge Service SDK. Banks integrating this SDK into their mobile applications must generate a client token to enable its functionality. This token contains crucial information about both the bank generating it and the customer using the mobile app.
There are two types of client tokens available for implementation:
Phone Number Hash-Based Token – This token is generated from the hash of the client’s financial phone number. It is expected that these phone numbers have been preloaded into the Concierge Service system via web services and identified as belonging to the bank’s clients.
Internal Client ID-Based Token – Alternatively, the token can be generated using the bank’s internal client identifier, which must be unique within the bank’s system.
All users authenticated with a client token are automatically recognized as bank clients and gain access to banking services through the Concierge Service SDK within the mobile application.
Method for retrieving a user token based on the hash of the phone number.
This method generates a Client Access Token, which is required for performing operations with user-specific data. To generate the token, a Backend Access Token is needed. The Backend Access Token is generated by a separate method and must be passed in the Authorization header of the request.
URL https://api.infocus.company
POST /sdk/v1/user/getToken
Headers
Authorization
Bearer <BackendAccessToken>
Content-Type
application/json
Body
The request body must contain an array of objects. Each object should include the following fields:
durationInteger
The duration in minutes for which the Client Access Token will remain valid. The value must be between 1 and 518,400 minutes.
phone_hash_listArrayObject
A list of objects containing information about
the client's phone numbers.
phone_hash_list (Object)hashString
Phone number hash.
is_primaryBoolean
Determines whether the phone number is primary or not. Only one phone number can be designated as primary.
Response
[
{
"user_token_id": "519a0a97-a6e3-48af-83c8-012e7fc72407",
"phone_hash_list": [
{
"hash": "fcc7d370c6e07aaf0c584907471f2a32d60295613d549e0470730149d6a53732",
"is_primary": true
},
{
"hash": "49c601228ae29610f6cf1c91b4327cb539fe8ce813787839485d5affbba44430",
"is_primary": false
}
],
"user_token": "eyJhbGciOiJSUzI1NiIs...OWsXUQ",
"status_code": "000",
"status_desc": "The request was completed successfully",
"error_message": "string"
}
]{
"timestamp": "2024-04-24T17:20:39.545Z",
"status": "BAD_REQUEST"
}{
"timestamp": "2024-04-24T17:20:39.545Z",
"status": "INTERNAL_SERVER_ERROR"
}Example
curl --location --request POST '/sdk/v1/user/getToken' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIs...OWsXUQ' \
--data '[
{
"duration": 180,
"phone_hash_list": [
{
"hash": "fcc7d370c6e07aaf0c584907471f2a32d60295613d549e0470730149d6a53732",
"is_primary": true
},
{
"hash": "49c601228ae29610f6cf1c91b4327cb539fe8ce813787839485d5affbba44430",
"is_primary": false
}
]
}
]'
Response body
[
{
"user_token_id": "519a0a97-a6e3-48af-83c8-012e7fc72407",
"phone_hash_list": [
{
"hash": "fcc7d370c6e07aaf0c584907471f2a32d60295613d549e0470730149d6a53732",
"is_primary": true
},
{
"hash": "49c601228ae29610f6cf1c91b4327cb539fe8ce813787839485d5affbba44430",
"is_primary": false
}
],
"user_token": "eyJhbGciOiJSUzI1NiIs...OWsXUQ",
"status_code": "000",
"status_desc": "The request was completed successfully",
"error_message": null
}
]Method for retrieving a user token based on customer ID.
Method for Independent Service Activation by the Client This method is used in scenarios where the bank does not perform pre-activation and does not provide prior client information. In this case, the client independently connects and activates the concierge service using the provided token type.
Process Description:
Application Scenario
This method is suitable for independent client service activation when:
The bank has not pre-activated the service.
Client information is not available in the system.
Service Activation Steps
The client initiates the activation process via the SDK, providing the necessary data for identification and service activation.
URL https://api.infocus.company
POST /sdk/v1/user/getTokenById
Headers
Authorization
Bearer <BackendAccessToken>
Content-Type
application/json
Body
The request body must contain an array of objects. Each object should include the following fields:
durationInteger
The duration in minutes for which the Client Access Token will remain valid. The value must be between 1 and 518400 minutes.
customer_id
String
The unique identifier for the customer
card_product_idInteger
This is a required parameter that defines the customer service level associated with the card product. Possible values are:
2 – Visa Platinum,
3 – Visa Signature,
4 – Visa Infinite,
5 – Visa Platinum Business,
6 – Visa Business,
7 – Visa Signature Business,
8 – Visa Infinite Business.
Response
[
{
"user_token_id": "519a0a97-a6e3-48af-83c8-012e7fc72407",
"customer_id": "f6cf1c91b4327cb53",
"user_token": "eyJhbGciOiJSUzI1NiIs...OWsXUQ",
"status_code": "000",
"status_desc": "The request was completed successfully",
"error_message": "string"
}
]{
"timestamp": "2024-04-24T17:20:39.545Z",
"status": "BAD_REQUEST"
}{
"timestamp": "2024-04-24T17:20:39.545Z",
"status": "INTERNAL_SERVER_ERROR"
}Example
curl --location --request POST 'https://api.infocus.company/sdk/v1/user/getTokenById' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIs...OWsXUQ' \
--data '[
{
"customer_id": "test-1234-456-789",
"duration":518400,
"card_product_id":4
},
{
"customer_id": "test-2234-456-722",
"duration":180,
"card_product_id":2
}
]'
Response body
[ { "user_token_id": "46e7822a-2f94-4eeb-90ea-8c7c838ba420",
"customer_id": "test-1234-456-789",
"user_token": "eyJhbGciO...WzINEtWvtlMTTWuHUQ",
"status_code": "000",
"status_desc": "The request was completed successfully",
"error_message": null },
{ "user_token_id": "4817d183-9129-4a56-98b6-a14a5f23ea22",
"customer_id": "test-2234-456-722",
"user_token": "eyJhbGciOi...R6gF0Q",
"status_code": "000",
"status_desc": "The request was completed successfully",
"error_message": null } ]Last updated