Strong Customer Authentication
Presentation
For some bank accounts, the user will need to go through a multi-factor authentication to add a new item or to refresh it. This kind of security is called a Strong Customer Authentication (SCA).
Each time you need to refresh an item with a Strong Customer Authentication you should call Manage SCA and Sync.
This endpoint returns an URL pointing to the Connect funnel to refresh an item. If needed, the User will be able to fill the OTP he received from the bank or to validate the connection through his banking application.
How to know if the bank account needs a refresh with Strong Customer Authentication ?
- The Item concerned will have a specific status : 1010.
- Or the field
automatic_refresh
of the item's bank isfalse
.
Example
curl "https://sync.bankin.com/v2/connect/items/sync?item_id=ITEM_ID" \
-X GET \
-H 'Bankin-Version: 2019-02-18' \
-H 'Client-Id: MY_CLIENT_ID' \
-H 'Client-Secret: MY_CLIENT_SECRET' \
-H 'Authorization: Bearer TOP_SECRET_ACCESS_TOKEN'
{
"redirect_url": "https://connect.bridgeapi.io/?feature=sync&item=ITEM_ID&token_uuid=SECURE_ACCESS_TOKEN"
}
Updated over 4 years ago