NBOAuth 1.1.2

No votes yet

Description

This version of the API has the implementation to refresh the internal jwt.

Contact information

Service Desk

ServiceDesk@openbanking.org.uk

Support

Discuss this API in the forum

Endpoints

production

https://api.nedbank.co.za/apimarket/sandbox

Paths

/oauth20/authorize

Summary

Endpoint for Authorization Code and Implicit grant

Security

clientID

client_id

(apiKey located in query)

application's client_id

Parameters

response_type

Required in query

string

request an authorization code or or access token (implicit)

{
    "enum": [
        "code",
        "token"
    ]
}

scope

Required in query

string

Scope being requested

redirect_uri

Required in query

string

URI where user is redirected to after authorization

state

Optional in query

string

This string will be echoed back to application when user is redirected

intentid

Required in query

string

This string will be the intent id received in intent creation step

type

Required in query

string

This string will be type of intent like payments, rewards, redemptions, accounts, customers

Optional in header

string

text/html

Responses

200

An HTML form for authentication or authorization of this request.

302

Redirect to the clients redirect_uri containing one of the following

authorization code for Authorization code grant
access token for Implicity grant
error in case of errors, such as the user has denied the request

Example Request

Example Response

Definition

GET https://api.nedbank.co.za/apimarket/sandbox/nboauth/oauth20/authorize

Response

Try this operation

https://api.nedbank.co.za/apimarket/sandbox/nboauth/oauth20/authorize

Headers

Parameters

response_type

scope

redirect_uri

state

intentid

type

Request

Response

/oauth20/token

Summary

Request Access Tokens

Description

This endpoint allows requesting an access token following one of the flows below:

Authorization Code (exchange code for access token)
Client Credentials (2-legged, there isnt resource owner information)
Resource Owner Password Credentials (2-legged, client provides resource owner name and password)
Refresh Token (exchange refresh token for a new access code)

The table below indicates the required parameters for each specific grant_type options. Empty cells indicate a parameter is ignored for that specific grant type.

Client authentication:

Confidential clients should authenticate using HTTP Basic Authentication. Alternatively, they may post their client_id and client_secret information as a formData parameter.
Public clients should send their client_id as formData parameter.

grant_type	code	client_credentials	password	refresh_token
client_id	required \| required	required \| required
client_secret	required \| required	required \| required
code	required
redirect_uri	required
username			required
password			required
scope		optional	optional
refresh_token				required

The implicit grant requests, see /oauth2/authorize.

Security

Parameters

grant_type

Required in formData

string

Type of grant

{
    "enum": [
        "authorization_code",
        "password",
        "client_credentials",
        "refresh_token"
    ]
}

client_id

Required in formData

string

Application client ID, can be provided in formData or using HTTP Basic Authentication

client_secret

Required in formData

string

Application secret, must be provided in formData or using HTTP Basic Authentication

code

Optional in formData

string

Authorization code provided by the /oauth20/authorize endpoint

redirect_uri

Optional in formData

string

Required only if the redirect_uri parameter was included in the authorization request /oauth2/authorize; their values MUST be identical.

scope

Optional in formData

string

Scope being requested

refresh_token

Optional in formData

string

The refresh token that the client wants to exchange for a new access token (refresh_token grant_type)

Content-Type

Optional in header

string

application/x-www-form-urlencoded

Optional in header

string

application/json

Responses

200

json document containing token, etc.

access_token_response

400

json document that may contain additional details about the failure

Example Request

Example Response

Definition

POST https://api.nedbank.co.za/apimarket/sandbox/nboauth/oauth20/token

Response

Try this operation

https://api.nedbank.co.za/apimarket/sandbox/nboauth/oauth20/token

Headers

content-type

Parameters

grant_type

client_id

client_secret

code

redirect_uri

scope

refresh_token

Request

Response

Definitions

access_token_response

{
    "type": "object",
    "additionalProperties": false,
    "required": [
        "token_type",
        "access_token",
        "expires_in"
    ],
    "properties": {
        "token_type": {
            "enum": [
                "bearer"
            ]
        },
        "access_token": {
            "type": "string"
        },
        "expires_in": {
            "type": "integer"
        },
        "scope": {
            "type": "string"
        },
        "refresh_token": {
            "type": "string"
        }
    }
}