Guides
Dashboard Bridge
Start typing to search…

Strong Customer Authentication

For some bank accounts, the user will need to go through a multi-factor authentication to add a new item or to refresh it. This kind of security is called a Strong Customer Authentication (SCA).

Each time you need to refresh an item with a Strong Customer Authentication you should call Connect Sessions with the item id in the body..

This endpoint returns an URL pointing to the Connect funnel to refresh an item. If needed, the User will be able to fill the OTP he received from the bank or to validate the connection through his banking application.

👍

The SCA (Strong Customer Authentication) is valid for 180 days after the initial synchronization. The authentication_expires_at field can be used to prevent service disruption. This field is available in List Items and sent through our Webhooks.

How to know if the bank account needs a refresh with Strong Customer Authentication ?

  • The Item concerned will have a specific status : 1010.
  • Or the field status_code_info of the item's will be otp_requiredand the field status_code_infoof the item's will bePlease enter the strong authentication (SMS, notifications, etc.) provided by your bank.

How anticipate the end of the Strong Customer Authentification ?

The field authentication_expires_at can be used to prevent service disruption. Indeed, this field gives you the timestamp when the SCA will expire. You can then create a communication based on this timestamp with a new Connect Sessions link(with the item id in the body of the call) to renew the Strong Customer Authentification (SCA) before expiration.

This field is available in List Items and sent through our Webhooks.

Example how to handle the SCA after expiration (status_code 1010)

curl --request POST \
     --url https://api.bridgeapi.io/v3/aggregation/connect-sessions \
     --header 'Bridge-Version: 2025-01-15' \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '
{
  "item_id": 9587421,
  "user_email": "[email protected]"
}
'
{
  "id": "bf8f3e2a-6b04-412a-b2a3-be7fef470b4a",
  "url": "https://connect.bridgeapi.io/session/09486392-9e19-4045-a758-65daea24aes9"
}

Example how to handle the SCA by anticipation

curl --request POST \
     --url https://api.bridgeapi.io/v3/aggregation/connect-sessions \
     --header 'Bridge-Version: 2025-01-15' \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '
{
  "item_id": 9587421,
  "user_email": "[email protected]",
  "force_reauthentication": true
}
'
{
  "id": "bf8f3e2a-6b04-412a-b2a3-be7fef470b4a",
  "url": "https://connect.bridgeapi.io/session/09486392-9e19-4045-a758-65daea24aes9"
}

Updated about 21 hours ago