Add a first user and connection
Last updated
Was this helpful?
Last updated
Was this helpful?
To start interacting with our API, make sure you have setup a domain and a client application in the administration console.
Users of your application exist in our API. All data collected and exposed through our services is organized and scoped by users. We enforce isolated access to user data by issuing user-scoped access tokens, shared secrets that let you both authorize with our API and identify the relevant user you want to interact with.
You are responsible for keeping these tokens safe, and maintain the association with your own user registry.
User data arise from connections. A connection materializes the link between a user and one of the connectors (banks or billing providers) we support. Creating a connection requires the end-user to authenticate with the connector. As long as the connection is active, we take care of synchronizing user data and expose it.
You will need to let your users add a first connection before you can access its banking or billing data.
The steps include:
generating a permanent user access token;
before opening the Webview, generating a temporary code from the permanent user access token;
redirecting the user to the Webview, providing the temporary code as parameter, to let him pick up a connector and add a connection;
handling redirection after the web steps.
You need to generate a permanent user access token for your new user which will create a new user on Powens side:
This step involves sending your client secret (a sensitive data), you must perform it from a secure environment.
Then before redirecting to the Webview generate a temporary code that you will provide to the Webview URL. This is so you're not opening the Webview using the permanent access token directly.
Authenticate this request using the permanent access token you previously generated.
For the most simple configuration, present the following URL to your user (new lines are only added for clarity):
You will need to provide the client_id of the client application created in the administration console, and a redirect_uri to use as a callback that must match the white-list defined in the console.
After the user has completed all steps in the webview, he will be redirected to your callback URL:
Congratulations, you have been provided an access token that you must save, and that you can use to interact with all our products!
The simplest way to perform a connection setup is to use our , a set of web-based endpoints that complement your domain API. It will take care of letting the user choose his bank or provider, gather credentials for later sync and manage consent to the individual bank accounts or document subscriptions he wants to share with your service, enforcing GDPR requirements.
To optimize user experience, we encourage you to open the webview in a standalone fully-capable browser following . The webview appearance can be customized in the Administration console, and its behavior can be configured using .
The connection flow can also lead to errors, reported with the error and error_description parameters, your implementation must .
If eligible, you can instead of using our webview.
As soon as a connection is created, it gets synchronized (in background). If you have configured , data will be pushed as soon as the synchronization complete.
After creation, you should provide your users a way to manage their connections (add/delete, or manage consent to accounts). You can use our for this or create your own implementation. Also, you need to properly that may occur afterwards.