Banking Activity

API - V 2.5

Download Swagger Spec

Introduction

The service uses v2 authentication token and requires the token to be generated with scopes as banking-activites:read and account:read in the body.

Generating timely and accurate reports of user activity in banking systems is mission-critical. The Banking Activity API provides robust query capabilities against the Candescent Digital Banking activity logging data stores.

Everything from troubleshooting and fraud detection to customer service and marketing relies on the ability to query the system's activity history and return meaningful results. The Banking Activity API provides an API access point for your activity data, allowing you to automate the consumption of that data in any way you see fit.

Based on your needs, we will support you daily, hourly or near real time. Powerful queries are made easy with a clearly defined set of parameters that can be mixed and matched for a variety of use cases.

What is supported?

The technical documentation in the API specs sectionfully describes the endpoints, header values, parameters and responses. The APIuses th method for activity record retrieval. 

Overview of APIcapabilities: 

Build reporting tools for financial institution administrators, customer support teams and others authorized to have such access.

Retrieve all events for a single user at a financial institution over a given date range.

  • Specify a single user and date range.
  • Retrieve all activity by that user within the dates queried.

Query multiple events for a user at a financial institution for a given date range.

  • Specify a single user and one or more event types.
  • Retrieve all records matching the specified event types within the dates queried.

Query one event for a user at a financial institution for a given date range.

  • Specify a single user and one event type.
  • Retrieve all instances of that one event type for the specified user within the dates queried.

Query all events for a financial institution for a given range.

  • Specify all events, regardless of user, type, etc. and the date range.
  • Retrieve all customer or member events for the specified financial institution within the dates queried.

Query multiple events for a financial institution for a given date range.

  • Specify one or more event types and the date range.
  • Retrieve all instances of the specified event types within the dates queried.

Query one event for a financial institution for a given date range.

  • Specify a single event type and the date range.
  • Retrieve all instances of the event type within the dates queried.

Additional Details

Control descriptions include:

(1-2) Start and end date for date range.
(3) Individual user ID or list of several users.
(4) Limit search to retail or business banking.
(5) For business banking, limit query to one or more companies.
(6) Selector for event types (event types are predefined by Candescent).
(7) Selector for query operators (e.g., and or not )
(8) Multiple switches/selectors for filter attribute (account type, event type,etc.).

Getting Started

Candescent’s APIs support financial institutions worldwide. They can empower financial institutions and their partners to build valuable digital banking experiences.

It’s important to work with your Candescent representative to get officially onboarded to DevX for access to these APIs. Once onboarded, you’ll be able to implement your application, access shared and secret keys and begin testing the APIs.

After all the legal and compliance partnership agreements are in place, we'll set you up with your Authentication API client account. This will grant you access to a unique secret key that will be your ticket to the authentication API and staging and production environments.

The service available through the Candescent Digital Banking Developer Portal provides a token for the grant type:

Client Credentials

  • Used for trusted server-side applications
  • Sending a request passes a key-and-secret pair assigned to your application
  • Since the token is issued in the context of a Financial Institution (FI) rather than a user, no end-user login is required
  • Response provides the Bearer Token to be used to call other DevEx APIs

Steps to getting started:

  • Sign up and/or Login in for authentication

    To make your first API request, you'll need toself-register by clicking the Sign Up button. Then, click the link in your welcomeemail to verify your emailaddress.

  • Review API documentation and request postman collections

    Your Candescent representative will be able to email you the Postman collection for an API you are interested in. You may reach out directly or add the specific API to your favorites to alert your representative.
  • Test APIs in Postman

    In addition to the sample apps, a test drive environment is available to help you visualize the APIs. Using the JSONcollection and Postman, you’ll be able to see API requests working in action and view the information required to make them.

    This will also allow you to experience actual API behavior prior to beginning your integration. For a deeper dive into Postman, view additional reference material here.

Authentication

Authentication proves that you are who you say you are. Authentication tokens identify a user (the person using the app or site).

You‘ll need the following items to set up basic authentication:

Info Alert
Note
          Visit our guide on authentication to learn more.
  • Developer Experience account
  • Sandbox environment with an organization
  • Shared Key
  • Secret Key

Generating your Secret Key

You’ll need a bearer token or an API security key to authenticate API calls. A secret key serves as a secure token to authenticate and authorize requests. Unauthorized use of a secret key could potentially cause a security breach. Thes ecret key holds the error token used to access real data through the API.

Visit our guide on authentication  to learn more.

Before you begin, you‘ll require a unique client_id and client_secret for your app. Notify your implementation manager or PossibleNOW Support atsupport@possiblenow.com to request an OAuth client_id and client_secret. Include your My Preferences Client ID and the environment (staging (sandbox) or production) for which you want to generate the credentials in your request.

These credentials must be treated securely. 

    Getting Started

    While the technical documentation in the API Specs section describes the endpoints (or ways to call the API with different parameters to execute different actions), the following provides a simplified list of use cases for Authentication:

    The service available through the Candescent Digital Banking Developer Portal (providestokens for two different grant types:

    Client Credentials

    • Used for trusted server-side applications
    • Sending a request passes a key-and-secret pair assigned to your application
    • Since the token is issued in the context of a Financial Institution (FI) rather than a user, no end-user login is required
    • Response provides the Bearer Token to be used to call other DevEx APIs

    Password

    • Best for first-party native applications (such as the FI’s own mobile application)
    • Request is sent with key-and-secret pair plus the customer’s username and password
    • Response provides Bearer Token to be used to call other DevEx APIs
    Info Alert
    Note
    NOTE: As of March 2020, the Authentication Service contains two proxies: one to retrieve the Bearer Token for DevEx V1 APIs and another for DevEx V2 APIs. Please see the last section of this documentation for a list of V1 and V2 APIs currently exposed in the Developer Portal.
    close

    Sign in now!

    Please sign up or sign in to add to watchlist

    Sign in

    Don’t have an account? 

    Sign up
    close

    Added to watchlist!

    Your interest has been noted. An NCR Voyix Rep
    will contact you with further details soon.